We are currently hosting enterprise mattermost for a company with daily 800 users. There are a few incoming webhooks that are being used. I was just wondering whether or not there is a possibility to limit who can use the webhook URL. It seems that if the url is known then anyone can send a message using that webhook.
Is this by design or are there any way of restricting the possibility of using the url for within the organisation?
I have seen that there was a PR on github but it hasnt been accepted yet.