diff --git a/app/Http/Controllers/BrevoController.php b/app/Http/Controllers/BrevoController.php
index 25c3284843..e1dce175f4 100644
--- a/app/Http/Controllers/BrevoController.php
+++ b/app/Http/Controllers/BrevoController.php
@@ -61,8 +61,12 @@ class BrevoController extends BaseController
      */
     public function webhook(Request $request)
     {
-        ProcessBrevoWebhook::dispatch($request->all())->delay(10);
+        if ($request->has('token') && $request->get('token') == config('services.brevo.key')) {
+            ProcessBrevoWebhook::dispatch($request->all())->delay(10);
 
-        return response()->json(['message' => 'Success'], 200);
+            return response()->json(['message' => 'Success'], 200);
+        }
+
+        return response()->json(['message' => 'Unauthorized'], 403);
     }
 }