Guides

Securing Webhook Endpoint

Suggest Edits

Verification Token

We recommend that your application verifies the source of incoming webhook requests before processing events. This is optional but recommended to prevent bad actors from engaging in unauthorized activities on your server.

When you subscribe to a webhook in Vagaro, we will provide you with a verification token. This verification token will be included in the X-Vagaro-Signature request header.

Whitelist Outbound IP Address Range

Additionally, you can whitelist the following outbound IP address range to prevent bad actors from engaging in unauthorized activities on your server.

  • 20.220.12.83
  • 13.67.143.68
  • 13.70.105.4
  • 20.62.123.184
  • 51.140.65.108
  • 51.143.95.2

Updated about 2 months ago