I have some pretty large and messy scenarios that I intend organize better by breaking them into smaller pieces/modules using http-module and webhooks. Similar to what this guy is doing.
My questions:
Is this a good approach?
What about security? On the off chance that someone figures out the webhook-URL, they could send in garbage data I guess? How can I make it safer? IP whitelisting seems like one approach, but how do I know what IP my post request will come from in my other scenario?
Hi Nicky,
You could also secure your webhook by using an API key. Basically you would put your token in the header and use a filter between the webhook module and the next module to check if the token matches your token.