#Yankee

Hi there!

live webhook is work(handling events succeeded), but on prod app i caught error about signature
Can you share a specific event id (evt_xxx) where you saw that error?

No, currenct live webhook has no failed events, but on my prod app there are error with signature

But can you share the event that generated this error?

Is this maybe a test webhook event that arrived to your production webhook endpoint?

As mentioned in the doc:

For Connect webhooks, it’s important to note that while only test webhooks will be sent to your development webhook URLs, both live and test webhooks will be sent to your production webhook URLs.
https://stripe.com/docs/connect/webhooks

On my currenct account i has no other live webhook api.babelwin.com, but our client recently has deleted past live account

Test app works correctly withour errors

without*

And i guess, that stripe connects to current worked live webhook, but somewhere may be other same webhook

But im recently developer in company

Do webhooks delete in deleted account&

If you want me to investigate this issue, you need to share with me the exact event ID (evt_xxx) that your server received but generated an error.

Do webhooks delete in deleted account&
I don't understand your question.

evt_1MJvELF4XBPfeQubvDjudRH8

But its succeded event

But on prod app i've caught the error with signature

It's this event that generated the error you shared in the schreenshot above?

Yeah

Demo app works without errors

And i guess that some duplicate of live webhook in somewhere try to connect too

I have no other reasons

This specific event was sent to a single endpoint: https://api.***.com/api/v1/stripe/webhook
And your server returner a 201 response.

So I don't see any issue with that event

Current live webhook works correctly

But i want to check if there are duplicate of live webhook endpoint in other places

Can i do or ask to do this&

But i want to check if there are duplicate of live webhook endpoint in other places
What do you mean by "duplicate"? Your Stripe account has a single webhook endpoint.

I know, but may be in other accounts. And do webhooks delete in deleted account?

Because we have past account, that has been deleted recently

Past email account

Can you share the account ID that was deleted?

How i can get it, if it's deleted?

Don't know, you didn't save it somewhere? Anyhow if the account is deleted it won't be sending webhook events to your server, so that's not the issue.

FYI getting a SignatureVerificationError is quite common. It usually comes from two potential errors:

• You are using the wrong webhook secret. So please double check you are using the correct one. It should look like whsec_xxx and match the one displayed in your dashboard
• The payload you pass in the constructEvent function is not the raw payload. So you need to ensure that you get the raw body of the HTTP request that Stripe sent you, without any interference by your code or framework in the middle.

I didn't deleted this account, client done this

I said, that the current live webhook works correctly

It connects to my prod app

But i have signature error on prod app. I check two sames webhooks on test app, i've caught the same error, so i supposed, that the problem in that somewhere is some duplicate of endpoint of current live webhook.

You told me this event generated the error evt_1MJvELF4XBPfeQubvDjudRH8 But actually this even was processed correctly by your server since it returned a 201 status.
So you are either giving me the wrong ID, or your server is returning a 200 status even when it fails (which is not a good idea).

Can i type email instead of acct_?

Because client had not saved acct_

I faced with task of this yesterday, but client have deleted account last week

Please take a step back. You told me this specific event created the error on your server evt_1MJvELF4XBPfeQubvDjudRH8, and this event was created by acct_1MHnjkF4XBPfeQub.
So this error is completely unrelated to any other Stripe account, unless you gave me the wrong event ID. So can you double check that it's this specific event ID that generated the error you shared above?

I sended evt_ of correctly worked live webhook

But on prod app server caught the error of signature

May be i know how to get around the problem. May be it removing try catch block from there?

But its only escaping problem

Why would you remove that? It's important to check the signature of the webhook event!

I've not removed it

I know that is important

Screenshot here. Payment intent created, but it cant continue because of error of signature

So this webhook works correctly, yes?

If events is succeeded?

So does it mean that your server return a 200 response event if there is an error? You need to change your code if that if it's true.

And I'll repeat what I said earlier:

Getting a SignatureVerificationError is quite common. It usually comes from two potential errors:

• You are using the wrong webhook secret. So please double check you are using the correct one. It should look like whsec_xxx and match the one displayed in your dashboard
• The payload you pass in the constructEvent function is not the raw payload. So you need to ensure that you get the raw body of the HTTP request that Stripe sent you, without any interference by your code or framework in the middle.

So can you double check the webhook secret you are using? It should look like this: whsec_...P7wT

Yes, but server caught this error. If signature of this webhook is wrong, my events would be failed

But in current webhook events are succeeded

I tried to release this situation on test account, i've caught the same problem, when i created 2 same webhook endpoints and connected one of em to demo app

In the screenshot you just shared, it contains this event ID: evt_3MJxSQLSKx63xyyo1xdREtJ1

So i supposed, that somewhere is the same webhook endpoint as in live webhook endpoint

Yes

Is this event from other webhook?

This event ID belongs to a different accounts that the previous event ID you shared

Earlier you shared evt_1MJvELF4XBPfeQubvDjudRH8, which returned a 200 status and comes from acct_1MHnjkF4XBPfeQub
And now your screenshot is evt_3MJxSQLSKx63xyyo1xdREtJ1, which returned a 400 status and comes from acct_19aoXeLSKx63xyyo

Yes

If both events are handled by the same code, it's expected that some fail, since the webhook secret should be different.

Im stupid, thx. Can you check a webhook on account, where is failed event?

Which webhook? Can you share its ID (we_xxx)?

No, i have no access to this account acct_19aoXeLSKx63xyyo

Well it's this account sending webhook events to your endpoint.

I guess that this is deleted account eugene@softrize.com

Can you type email of this account?

This account acct_19aoXeLSKx63xyyo is not deleted

No sorry, I cannot share details about accounts here.

Ok, thanks for current info

May be any way to get email by account Id?