diff --git a/core/__pycache__/urls.cpython-311.pyc b/core/__pycache__/urls.cpython-311.pyc
index 5ef2e2f..16bfba7 100644
Binary files a/core/__pycache__/urls.cpython-311.pyc and b/core/__pycache__/urls.cpython-311.pyc differ
diff --git a/core/__pycache__/views.cpython-311.pyc b/core/__pycache__/views.cpython-311.pyc
index 0508c2f..561d65f 100644
Binary files a/core/__pycache__/views.cpython-311.pyc and b/core/__pycache__/views.cpython-311.pyc differ
diff --git a/core/urls.py b/core/urls.py
index 28de9ee..71c48db 100644
--- a/core/urls.py
+++ b/core/urls.py
@@ -4,6 +4,7 @@ from . import views
 urlpatterns = [
     path('', views.home, name='home'),
     path('dashboard/', views.dashboard, name='dashboard'),
+    path('dashboard/webhook', views.webhook, name='webhook'),
     path('fanpages/', views.fanpage_list, name='fanpage_list'),
     path('flows/', views.flow_list, name='flow_list'),
-]
\ No newline at end of file
+]
diff --git a/core/views.py b/core/views.py
index 65ea9e7..206641c 100644
--- a/core/views.py
+++ b/core/views.py
@@ -1,5 +1,8 @@
 from django.shortcuts import render, redirect, get_object_or_404
 from django.contrib.auth.decorators import login_required
+from django.views.decorators.csrf import csrf_exempt
+from django.http import HttpResponse
+import json
 from .models import Fanpage, Flow, MessageLog, ChatSession
 
 def home(request):
@@ -30,3 +33,31 @@ def fanpage_list(request):
 def flow_list(request):
     flows = Flow.objects.all()
     return render(request, 'core/flow_list.html', {'flows': flows})
+
+@csrf_exempt
+def webhook(request):
+    if request.method == 'GET':
+        # Facebook Webhook verification
+        mode = request.GET.get('hub.mode')
+        token = request.GET.get('hub.verify_token')
+        challenge = request.GET.get('hub.challenge')
+        
+        if mode == 'subscribe' and token:
+            # Check if this token matches any Fanpage verify_token
+            # or the one specifically mentioned by the user
+            if Fanpage.objects.filter(verify_token=token).exists() or token == 'pages_messaging':
+                return HttpResponse(challenge)
+        
+        return HttpResponse('Verification failed', status=403)
+    
+    elif request.method == 'POST':
+        # Handle incoming messages
+        try:
+            data = json.loads(request.body.decode('utf-8'))
+            # Process the webhook payload here in the future
+            # For now, just return 200 OK
+            return HttpResponse('EVENT_RECEIVED')
+        except Exception as e:
+            return HttpResponse('Error processing request', status=400)
+    
+    return HttpResponse('Method not allowed', status=405)
\ No newline at end of file