Currently event API uses strict payload integrity check based on the key generated at the event source registration in admin api.
However, this is an overkill if the event api is not exposing to outside networks/applications, but rather using only by internal services/applications.
Therefore, it is better to allow enabling/disabling this integrity check at deployment level using a configuration, so that it will be easier to use by internal apps.
Currently event API uses strict payload integrity check based on the key generated at the event source registration in admin api. However, this is an overkill if the event api is not exposing to outside networks/applications, but rather using only by internal services/applications. Therefore, it is better to allow enabling/disabling this integrity check at deployment level using a configuration, so that it will be easier to use by internal apps.