Possibility to validate the origin of requests via webhook

As of today, at least I have not found a way for the webhooks sent by rebill to be authenticated with any signature or hash.

As equivalent comparisons, MercadoPago includes an x-signature header which allows to validate that the incoming request is officially from MercadoPago. It would improve a little more the security of webhooks that are usually unprotected.

Another alternative would be to be able to configure headers from the Dashboard and have Rebill resend them when sending notifications via webhook. This way, each user could include an x-api-key header, for example, and keep the endpoints protected.

Nowadays, the only alternative I found was to include a signature in the "metadata" attribute of the body of some endpoints, for example, to create a payment link for a subscription. Maybe there is something that I did not see in the documentation, so I would be grateful if you could share this information with me.