diff --git a/application-server/ruby/Gemfile b/application-server/ruby/Gemfile
index bffa57f2..0b4be15b 100644
--- a/application-server/ruby/Gemfile
+++ b/application-server/ruby/Gemfile
@@ -2,5 +2,6 @@ source 'https://rubygems.org'
 
 gem 'sinatra'
 gem 'sinatra-cors'
+gem "rackup", "~> 2.1"
 gem 'puma'
 gem 'livekit-server-sdk'
\ No newline at end of file
diff --git a/application-server/ruby/app.rb b/application-server/ruby/app.rb
index e2c24fa0..ca8c4ad9 100644
--- a/application-server/ruby/app.rb
+++ b/application-server/ruby/app.rb
@@ -1,29 +1,28 @@
-require "sinatra"
-require "sinatra/cors"
-require "livekit"
-require "./env.rb"
+require 'sinatra'
+require 'sinatra/cors'
+require 'livekit'
+require './env.rb'
 
-SERVER_PORT = ENV["SERVER_PORT"] || 6080
-LIVEKIT_API_KEY = ENV["LIVEKIT_API_KEY"] || "devkey"
-LIVEKIT_API_SECRET = ENV["LIVEKIT_API_SECRET"] || "secret"
+SERVER_PORT = ENV['SERVER_PORT'] || 6080
+LIVEKIT_API_KEY = ENV['LIVEKIT_API_KEY'] || 'devkey'
+LIVEKIT_API_SECRET = ENV['LIVEKIT_API_SECRET'] || 'secret'
 
 set :port, SERVER_PORT
 
 register Sinatra::Cors
-set :allow_origin, "*"
-set :allow_methods, "POST,OPTIONS"
-set :allow_headers, "content-type"
-
-post "/token" do
-  content_type :json
+set :allow_origin, '*'
+set :allow_methods, 'POST,OPTIONS'
+set :allow_headers, 'content-type'
+set :bind, '0.0.0.0'
 
+post '/token' do
   body = JSON.parse(request.body.read)
-  room_name = body["roomName"]
-  participant_name = body["participantName"]
+  room_name = body['roomName']
+  participant_name = body['participantName']
 
   if room_name.nil? || participant_name.nil?
     status 400
-    return JSON.generate("roomName and participantName are required")
+    return JSON.generate('roomName and participantName are required')
   end
 
   token = LiveKit::AccessToken.new(api_key: LIVEKIT_API_KEY, api_secret: LIVEKIT_API_SECRET)
@@ -32,3 +31,16 @@ post "/token" do
 
   return JSON.generate(token.to_jwt)
 end
+
+post '/webhook' do
+  auth_header = request.env['HTTP_AUTHORIZATION']
+  body = JSON.parse(request.body.read)
+  token_verifier = LiveKit::TokenVerifier.new(api_key: LIVEKIT_API_KEY, api_secret: LIVEKIT_API_SECRET)
+  begin
+    token_verifier.verify(auth_header)
+    puts "LiveKit Webhook: #{body}"
+    return JSON.generate('ok')
+  rescue => e
+    puts "Authorization header is not valid: #{e}"
+  end
+end
\ No newline at end of file