Missing headers from Webhooks Notification Payload

Follow

New post

JasonDev

• July 27, 2017 04:07

Hi,

 

We developed an internal solution which was successfully using webhooks around a month ago however this has recently started to fail because of missing headers within the webhook notification payload we receive.

 

As per the documentation our app looks for the following headers

• BOX-DELIVERY-ID
• BOX-DELIVERY-TIMESTAMP
• BOX-SIGNATURE-PRIMARY
• BOX-SIGNATURE-SECONDARY
• BOX-SIGNATURE-VERSION
• BOX-SIGNATURE-ALGORITHM

However out of that group of headers we are only receiving the following two now

• BOX-DELIVERY-ID
• BOX-DELIVERY-TIMESTAMP

In reference to the webhook itself it’s just one that targets a folder with the following triggers.

• "FILE.DOWNLOADED",
• "FILE.TRASHED",
• "FILE.DELETED",
• "FILE.UPLOADED"

And this is an example of the actual payload we receive

 

POST /api/webhooks HTTP/1.1
box-delivery-timestamp: 2017-07-27T03:22:09-07:00
box-delivery-id: *-*-*-*-*
Content-Length: 348
Content-Type: application/json; charset=UTF-8
Host: *****.com
User-Agent: Box-WH-Client/0.1
Surrogate-Capability: web-proxy1006.ve.box.net="Surrogate/1.0 ESI/1.0"
Cache-Control: max-age=259200
X-Forwarded-Proto: https
X-Forwarded-For: *.*.*.*

Has anybody else experienced this before? I am pretty sure it’s going to end up being something really simple.

 

Thanks

 

0

• 

  fkonishi

  • August 09, 2017 06:36

  Did you manage to solve this? I'm having the same issue trying to verify signature

  0

  Comment actions Permalink
• 

  JohannesMaria

  • August 09, 2017 11:24

  Hi,

  both the primary and the secondary key are only send, if the tokens were actually created. Go to your developer console on the left side under Configuration you find webhooks. Go there and create your tokens.

   

  Once created, they will be send out.

   

  Hope it helps.

  0

  Comment actions Permalink

Please sign in to leave a comment.