Overview
Add allowed origins (e.g., https://www.example.com) to prevent unauthorized usage from other domains.Best practices
- Add production and sandbox origins separately
- Use exact origins (scheme + host + optional port)
Related
- Webhook Signatures: /h2h/cpanel/security/webhook-signatures
- Callbacks reference: /h2h/ipg/callbacks