Securing Webhooks

The endpoint you have created to accept webhooks from Wyre is unauthenticated because the webhooks do not have an authentication mechanism. You may wish to lock this endpoint down and only whitelist Wyre IPs, preventing the possibility of a DDoS attack.

Here are the IP addresses that you can whitelist:


Webhook Signatures

Wyre webhooks will come with a signature which consists of a hash of the payload data using the first API key in the partner's account.