rohidas_webhooks | Stripe Developers | Page 1

robust masonBOT Oct 30, 2024, 12:25 PM

#

👋 Welcome to your new thread!

⏲️ We'll be here soon! Typically we respond in a few minutes, but sometimes we might take a bit longer if the server is busy or if you have a particularly tricky question.

⏱️ We close idle threads, which makes them read-only. Once a thread is closed it won't be reopened, but you can always start a new thread if you have another question.

🔗 This thread will always be available, even after it's closed. You can find it again using Discord's search, or you can save this link: https://discord.com/channels/841573134531821608/1301159944502120552

📝 Have more to share? Add more details, code, screenshots, videos, etc. below.

#

long mural Oct 30, 2024, 12:26 PM

#

Yes, that is expected – we don't follow redirects on any endpoints: https://docs.stripe.com/webhooks#:~:text=The destination server attempted to redirect the request to another location. We consider redirect responses to webhook requests as failures.

You need to remove any redirects that might be active on your server/URL

Receive Stripe events in your webhook endpoint

Listen to events in your Stripe account on your webhook endpoint so your integration can automatically trigger reactions.

digital kernel Oct 30, 2024, 12:30 PM

#

but we do not have any redirection set

long mural Oct 30, 2024, 12:31 PM

#

You must do I'm afraid as that is the response your server is returning

digital kernel Oct 30, 2024, 12:32 PM

#

one thing is that i am able to hit my service using postman

#

I am passing wrong signature and its failing as expected. But its hitting

long mural Oct 30, 2024, 12:33 PM

#

I get the same error too when I try a curl, but I suspect the redirect occurs after that somehow

#

I don't know without knowing your server config/code

#

FWIW, looking at the response headers the redirect is to https://dayonework.com/non-uk-sign-up

#

Maybe that helps you diagnose things!

digital kernel Oct 30, 2024, 12:41 PM

#

i checked with devops and we have redirect only for http to https

long mural Oct 30, 2024, 12:42 PM

#

I'm not sure what else to tell you. The endpoint returns a 302 response with that URL as the redirect location

#

We don't follow redirects, so we class them as a devliery failure

digital kernel Oct 30, 2024, 12:44 PM

#

its quite frustrating as i tried curl and its hitting the endpoint

long mural Oct 30, 2024, 12:44 PM

#

Yes, because you're not providing the parameters/headers that the endpoint clearly expects

digital kernel Oct 30, 2024, 12:45 PM

#

i tried passing data and still it hitting

long mural Oct 30, 2024, 12:46 PM

#

You're likely still being redirected

digital kernel Oct 30, 2024, 12:47 PM

#

{"message":"No stripe-signature header value was provided.","statusCode":500}

i am getting this error when i am not passing signature header, so you mean header signature causing issue?

#

my question is what exactly stripe trying to do. Like if its same working for UAT in not prod. event id for your reference evt_1QFXmRFB5YF9BwLlHGoY8Ab2

long mural Oct 30, 2024, 12:48 PM

#

Your curl/Postman requests will follow the 302 redirect so you're then being forwarded to the other URL. There must be logic/code you have that errors if the Stripe-Signature header is missing

long mural Oct 30, 2024, 12:49 PM

#

digital kernel my question is what exactly stripe trying to do. Like if its same working for UA...

I've already explained this multiple times – there's a redirect on your endpoint

digital kernel Oct 30, 2024, 12:50 PM

#

Agreed i do have logic where i am throwing the error when signature is missing.

#

there's a redirect on your endpoint -> i checked with devops and we only have one redirection http-> https

long mural Oct 30, 2024, 12:51 PM

#

That doesn't map to what we're seeing returned from the endpoint I'm afraid

digital kernel Oct 30, 2024, 12:56 PM

#

OK is there anyway i can troubleshoot this 302 error?

robust masonBOT Oct 30, 2024, 1:00 PM

#

odd bridge Oct 30, 2024, 1:02 PM

#

👋 Taking over here.

Have you checked your server logs to see what route the request is trying to hit and what it is being redirected to?

#

Also, do you have a proxy server or a middleware in between?

digital kernel Oct 30, 2024, 1:10 PM

#

Is there any way that we can connect over meet?

odd bridge Oct 30, 2024, 1:11 PM

#

That's not something we offer unfortunately.

#

If the environment is identical between UAT and production, the other thing you could check is if you're using the correct webhook endpoint secret.

Wrong secret may fail signature verification

#

If so, you should see in error in your server logs

digital kernel Oct 30, 2024, 1:13 PM

#

Agreed. I should see Application error but i am seeing 302 only. I am checking with devops if we have any other ALB level configuration

odd bridge Oct 30, 2024, 1:14 PM

#

👍

digital kernel Oct 30, 2024, 1:30 PM

#

We have one alb and from that we are redirecting based on Host Header. so is it be reason?

odd bridge Oct 30, 2024, 1:30 PM

#

Yup could be

digital kernel Oct 30, 2024, 1:30 PM

#

from same alb we are redirecting to 4 different applications

#

based on host header

odd bridge Oct 30, 2024, 1:31 PM

#

You'd ideally want to add these IPs to your exception list - https://docs.stripe.com/ips#webhook-notifications

#

or configure in such a way that it doesn't get "redirected"

digital kernel Oct 30, 2024, 1:31 PM

#

because in UAT we have separate load balancer

#

ok

odd bridge Oct 30, 2024, 1:32 PM

#

Yeah I'd recommend looking into what's different between both configuration. I assume UAT one has more relaxed policies but can't say with 100% certainity

#rohidas_webhooks