[Feature] Implement endpoint signing similar to Stripe

In order to secure endpoints to be called from untrusted sources, we should implement a signing mechanism similar to the one Stripe is using:
https://docs.stripe.com/webhooks

Basically, a timestamp+signature is provided, the endpoint should compute a signature using  an endpoint secret and calculating an HMAC with the timestamp + request body.