There are two ways that you could secure your HelloFax API callback url:
- Implement Basic Auth
- This would be something like https://username:email@example.com/callback
- Note that basic auth credentials are redacted on HelloFax's side
- Whitelist IPs from HelloFax
- Ask firstname.lastname@example.org for the outbound IP addresses from HelloFax's API
For more information about the callbacks, see the article Can you give me an example of a callback event?
See the article on sending a fax using the HelloFax API for more information.