Voice Call plugin and webhook security: minimum controls that matter

What this page targets

This page is not about basic voice setup.
It is about preventing abuse at webhook ingress for Voice Call workflows.

Reference:

• Voice Call Plugin

Minimum rollout checklist

1. request signature validation enabled
2. timestamp window validation enabled
3. one request ID consumed once only
4. webhook source restrictions enabled
5. rejected requests logged with reason
6. call-triggered actions permission-scoped

Implementation flow

Step 1: signature and timestamp

1. validate signature algorithm and key version
2. enforce bounded timestamp window
3. reject out-of-window requests

Step 2: replay protection

1. store unique callback request ID
2. keep processed IDs in short-term store
3. reject duplicate ID and log audit event

Step 3: permission boundary

1. allow low-risk actions from voice path
2. require extra confirmation for high-risk actions
3. separate voice ingress from admin command ingress

Pass criteria

1. forged signature requests are rejected
2. replayed request IDs are blocked
3. requests without trusted source context are rejected
4. audit logs explain every rejection

High-frequency failure mapping

1. Symptom: valid requests rejected
   Action: inspect timezone and timestamp skew policy

2. Symptom: duplicate execution
   Action: inspect request ID store TTL and cross-node sharing

3. Symptom: false rejects increase under load
   Action: inspect verification order and gateway timeout settings

Next step: WebChat and gateway auth troubleshooting.