Is there a way to verify that Branch is sending the Webhook?
Most other platforms have a way for you to verify on the server that the sender is who they say they are- using a Signature in the header with SHA-1 for example. Maybe I missed it in the documentation, but does branch offer anything like this?
Yes – we do have a way to do that. You can whitelist our Webhook servers. Please write to our integrations team here to get a list of the latest IP addresses that you can verify. Thanks!