Accepting only genuine repository notifications

The scenario verifies the signature of each incoming repository signal and lets only genuine ones through, rejecting fakes.

  • Every request's signature is verified automatically
  • Genuine GitHub signals pass through
  • Fake requests are rejected at the door
  • The endpoint is closed to outsiders
Webhook