To validate a webhook came from mailfloss we suggest verifying the webhook payloads with the 

 header (which we pass with every webhook that has a webhook secret). If you did not add a webhook secret then this header is not included in the payload. You can add or modify the webhook secret at anytime inside of the mailfloss app by editing the corresponding webhook.

 header is a SHA1 HMAC hexdigest computed with the webhook secret and the raw body of the request.

An example in javascript with a webhook secret of "my little pony" is posted below.

Managing Webhooks

Verifying Webhooks

Event Triggers

mailfloss

mailfloss API & Webhooks

API Overview

Authentication

Rate Limits

Response Headers

Response Codes

Reference

Code Examples

Email Verification API

Webhooks Overview

Retries and Errors

Webhooks