Is there a way to validate a webhook event really came from Sensible?

A couple of other services that we integrate with send a signature in the header that we validate.
(cross posted from Slack by admin)

We recommend using the payload functionality to accomplish a similar goal to sending a signature in the headers (we don’t send signatures). For example by putting a UUID in the payload and then cross-checking that ID when handling the webhook call. For details, expand the webhook param in for example Extract doc at your URL