Validate incoming API token and return access decision

Your webhooks sometimes arrive without validated tokens, causing unauthorized triggers and wasted engineering time. It enforces token checks so only authorized requests proceed before processing.

Overview

Stop unauthorized webhook executions from consuming engineering time and triggering downstream jobs. This reusable sub-zap validates tokens and returns a clear allow/deny flag so platform owners and security teams only run workflows for authorized calls, immediately.