I am following this guide https://docs.microsoft.com/en-us/samples/officedev/msteams-samples-outgoing-webhook-nodejs/microsoft-teams-outgoing-webhook-sample/ where i create an outgoing webhook that msteams reaches.
Instead of exposing it to the whole internet, I would like only to expose to the msteams servers. Is there a whitelist available anywhere?
There is an alternate to achieve the same functionality. While creating outgoing webhook, it generates a HMAC security token that will be used to authenticate calls between Teams and the designated outside service.
If the URL is valid and the server and client authentication tokens are equal (i.e., an HMAC handshake), the outgoing webhook will be available to the team's users.
