2 followers Follow

Verify that Podio is calling my API hooks

So, my first question on this new Podio developers forum. Is there a way to determine if the API hooks which can be called by Podio to an external system are actually from Podio itself?

The hooks I mean are item.update, file.change e.g. I could not find this information. Now anyone could 'post' that data to a given URL which might not always be what you want.

Is there a set of IP addresses from which you can determine that the request is actually coming from Podio?

Kind regards

pluscloud Answered

Please sign in to leave a comment.

1 comment


I would not recommend verifying the requests from Podio by looking at the IP address. While  the IP addresses of the API servers will probably not change in a foreseeable future, it is a cluster of servers - each with its own IP address - and as we add more servers to that cluster you would need to update your IP check.

Instead you should implement security using a secret key in the url you supply to Podio, either as a query string or as an actual part of the URL. E.g. you could enter and then check that the secret matches when you get an incoming request from Podio.

Casper Fabricius 0 votes