I asked around and found these steps:
- Generate a token and the public URL in the listener
- Send that token to IO using the public URL in the request body.
- Provide the JSON path from the request body in the listener so IO knows where to find the token when the webhook request comes from the source.
There is no standard format for the request body. It's whatever the source system wants to send. All you have to do is send the token to one of the fields. If you don't want to deal with adding the token to the request body, you can use the secret URL authentication type.
In this case, you just have to do step 1 and use the public URL to send the webhook request to IO. In terms of security, it's pretty much the same.
I also saw that you received a response to your community post from our CTO, Scott Henderson.
Let me know if this isn't clear or you need more assistance.
Thanks,
Kathyana