Each webhook Loop sends contains the X-Loop-Signature
header with the value that should be checked to ensure the webhook came from Loop's system.
We generate the value using the SHA256 algorithm.
Here is an example in PHP:
<?php
$encoded = base64_encode(hash_hmac('sha256', $jsonPayload, '<SECRET>', true));