I have an API than receive data from a webhook. Is there any way to protect the endpoint?
I receive username and password and Basic authorization, but i don’t know how i can validate that info.
Welcome to the community @robamemar 
You can secure the endpoint that receives the webhook via basic auth. The credentials for accessing this endpoint can be specified on the Pipedrive side. Every time a webhook notification is sent, the endpoint will be accessed with these credentials.
Ideally, this needs to happen on (your) server side.