One of my providers protects webhook calls using HMAC based authentication.
See here for details.
It requires to compute a signin string before issuing the request.
- Can it be done ? (I need an external security library to compute the signin code)
- Can we use a variable that isn't necessarily a user property ?
Note: this works great with Postman for instance.