You can manage the REST route for inbound events in the Web API menu:
It shows a single predefined REST route to receive inbound events:
Don’t touch it except for the
Authenticated check box. This defines whether access to this route requires authentication or not. Default is no authentication.
If you want an authenticated route, click on the check box and switch to tab
Then click on the right button to generate an API key:
Click on the key to copy it to the clip board and use it to perform
POST requests to this route with Bearer authentication.