Hi There ,
We have standalone product which has tight JIRA integration. We are using webhook calls for issue create, update and delete events. So if any issue related event happens on JIRA, then we get notification about it and make necessary change on our side.
Right now issue is, this REST end point which we have used in webhook is not secure. Any one from outside can also call it.
How do we make sure that request is coming from JIRA not from any other source?
FYI - We have customers on Cloud and Server both. ANd whitelisting IPs is not an option for us.
Can anyone provide resolution for this?