...
- Create an Azure AD app for your Webhook.
- Create a service principal for Microsoft.EventGrid if it doesn't already exist.
- Create a role named AzureEventGridSecureWebhookSubscriber in the Azure AD app for your Webhook.
- Create a service principal for the our event subscription writer app if it doesn't already exist.
- Add service principal of event subscription writer Azure AD app to the AzureEventGridSecureWebhookSubscriber role
- Add service principal of Microsoft.EventGrid to the AzureEventGridSecureWebhookSubscriber role as well
Link to source for these steps: Secure WebHook delivery with Azure AD Application in Azure Event Grid
Note that the link also contains a Powershell script which can perform the setup. For step 4, and the eventSubscriptionWriterAppId variable, you'll need the relevant applicationID from us, which will be provided on request.
We have one app for test and one for production, so some or all of the steps will have to be duplicated depending on your setup. If you decide on creating one Azure AD App for the webhook in each environment, all but the second step will have to be duplicated. If you go for just one Azure AD App, only step 4 and 5 will have to be duplicated. appId for the two apps will be provided to you on request.
...