Making your API connection secure
HTTP VS HTTPS
Use https:// when making the API calls, never http://
This makes sure that connection is encrypted and eavesdropping communication between your server and Messente is impossible.
Whitelisting IP addresses
Make sure that the IP addresses are whitelisted and not to disable the IP address validation by global whitelist 0.0.0.0/0 if possible.
Validating Omnichannel API callbacks
Messente provides every request with signature calculated using HMAC.
For Delivery Reports (DLR), the signature is calculated using the Password of the HTTP API Key used to deliver the message.
For Inbound Messages, the signature is calculated using the Shared Secret, available in the Inbound Numbers section of the Developers view.
Calculated signature is provided in the HTTP headers called X-Messente-Signature.
Signature calculation formula: