#matej_error

👋 Welcome to your new thread!

⏲️ We'll be here soon! Typically we respond in a few minutes, but sometimes we might take a bit longer if the server is busy or if you have a particularly tricky question.

⏱️ We close idle threads, which makes them read-only. Once a thread is closed it won't be reopened, but you can always start a new thread if you have another question.

🔗 This thread will always be available, even after it's closed. You can find it again using Discord's search, or you can save this link: https://discord.com/channels/841573134531821608/1348948927625433150

📝 Have more to share? Add more details, code, screenshots, videos, etc. below.

Hi there 👋 just trying to make sure I'm understanding correctly, you're using the CLI to test forwarding an Event to a webhook endpoint on your local machine that you're still developing?

A 401 is typically used to indicate that a request was rejected because it was unauthorized. Unfortunately, that would be your endpoint refusing the request, and I won't have any insight into why it's doing that. I'd suggest checking your security policies to ensure you aren't blocking the incoming traffic.

Hi Toby, I understand that a 401 means unauthorized although I just don't understand why

If I have Stripe under test mode, will it cause errors if I have a local listener and also a webhook endpoint which is the production webhook?

Your Stripe account isn't confined to operating in a single mode, the mode of operation (testmode vs livemode) is determined by which of your secret API keys you use to make the request that results in an Event being created.

But generally, no, using the CLI to listen to events shouldn't be impacted if you also have other webhook endpoints running in your account.

Can you the screenshot of the exact error from your terminal and the command(s) you're running?

I'm creating a customer from my app via the stripe endpoint and I'm trying to listen to the "customer.created" action, but it never comes back due to this 401 I believe

It was working in the past I remember always getting 200s

What does your webhook handler code look like?

One sec

Something in your endpoint is returning a 401. Is there code to look up API objects at Stripe or something

const stripe = new Stripe(process.env.STRIPE_SECRET_KEY, {
apiVersion: "2023-08-16",
typescript: true,
});
const webhookSecret = process.env.STRIPE_WEBHOOK_SECRET;

export const POST = apiHandler(async (req: NextRequest) => {
await connectMongo();

const body = await req.text();
const signature = headers().get("stripe-signature");

let event;

// Verify Stripe webhook
try {
event = stripe.webhooks.constructEvent(body, signature, webhookSecret);
} catch (err) {
console.error(Webhook signature verification failed. ${err.message});
throw new ApiError("Webhook signature verification failed", 400);
}

const eventType = event.type;

try {
switch (eventType) {
case "checkout.session.completed": {

and then I do my logic inside there and have moree events I check for

None of that code you shared would return a 401. What's below it

I mean I've only got cases to check for:

checkout.session.completed
customer.subscription.updated
customer.subscription.deleted

So why would the others also return 401, that makes me think it's not my webhook code

Because the code in the webhook would actually run, I have logs there to check. So it's not even being received -> causing the code to run

Is there some kind of middleware on your Next.js Route Handlers or something?

OHHHHHHH

It's really hard to debug without seeing the full code, but what you shared above shouldn't cause this issue

No you've helped me thanks so much

In my middleware I've implemented a basic password protection

Ah, yeah you'll want to exclude the webhook endpoint from that

Yeah I haven't tested stripe since implementing

Thanks so much!!

Appreciate it