Authentication

Ensuring the security and authenticity of webhook requests is of paramount importance to maintain the integrity of your integration with the MyLION system. To achieve this, MyLION employs a simple and effective method of webhook authentication that involves verifying the authenticity of incoming requests.

Authentication Header

MyLION add a specific authentication header for verification to every request which is sent out. This header, named X-API-KEY, carries the API key that has been set in your MyLION settings. The value of this header must match the API key assigned to your integration.

Verifying Webhook Requests

When you receive a webhook request, follow these steps to verify its authenticity:

1. Extract the X-API-KEY header from the incoming request.
2. Compare the value of the header with the API key you have configured in your MyLION settings.
3. If the values match, you can be confident that the request originates from MyLION and can be safely processed.