Header (Recommended)

import { Router, Request, Response } from "express";
import hash from "crypto";

const WebhookToken = "YourTokenHere";
const hashedToken: string = hash.createHash("sha256").update(WebhookToken).digest("hex");
const router = Router();

router.post("/", async (req: Request, res: Response) => {
    const { authorization } = req.headers;
    if(hashedToken != authorization) return res.status(401).json({
        error: "Unauthorized"
    });
    
    ...
});