I have set up a webhook to receive POST requests from the Active Campaign API in order to update my CRM data.
The problem is that Active Campaign doesn't send any token or credential information with the POST request, so I cannot be sure that the request is really coming from them.
Is there a way in Django to check where the request is coming from, in order to prevent anyone from sending POST data to this webhook?