#enforcedcastle

Do you have an ID of an event that failed this way?

My immediate guess would be that your webhook signature verification may now be failing

Usually the causes for that would be not having the right webhook endpoint secret, or not passing in the raw request body to our verify function

I can send an ID of the most recent event. Before I past the ID, Is it safe to share this publicly?

Yep yep, IDs are safe to share publicly

It is your secret key and any live customer info that you should keep safe

Even live stripe object IDs are fine, someone would need access to your account to view/modify anything with them

Okay great, here is the id for the last event that failed in our test env:

Because I'm paranoid I may still delete later.

Gotcha, no worries. It actually looks like I can't glean much from that even on our side anyways. I now see that that The change you wanted was rejected. Maybe you tried to change something you didn't have access to error is coming from your server so we don't really have insight in to what is happening in your server's code there.

Have you tried debugging your webhook endpoint code? Like have you tried sending it an event and seeing where it errors out?

Not quite yet, my theory is that it's coming from Rails protect_from_forgery but not quite sure the best and most safest way to resolve this. Still investing I guess. Thank you for checking on your end.

I'll test a few more thing then may come back to this thread or create a new one if that is okay. No need to babysit this thread for now though 🙂

Sounds good, let us know if you run in to anything that looks like it is happening on the Stripe side here

Will do, appreciate your help.