Does anyone have experience dealing with webhooks in cfwheels? Any post requests from an external server fails the csrf checks because there is no authenticity token, so my workaround was to create an additional isWebhook function to verify the signature. This is working for now, but it feels weird modifying the backend wheels code. Is there a better way to do this?

You can just disable it on a per controller basis via protectsfromforgery(false)

Thanks! That sounds much simpler