#bungee_best-practices

👋 Welcome to your new thread!

⏲️ We'll be here soon! Typically we respond in a few minutes, but sometimes we might take a bit longer if the server is busy or if you have a particularly tricky question.

⏱️ We close idle threads, which makes them read-only. Once a thread is closed it won't be reopened, but you can always start a new thread if you have another question.

🔗 This thread will always be available, even after it's closed. You can find it again using Discord's search, or you can save this link: https://discord.com/channels/841573134531821608/1499076765040119970

📝 Have more to share? Add more details, code, screenshots, videos, etc. below.

👋 morning, taking a look

So I believe the best practice here is to have separate endpoint urls. example.com/webhook/test, example.com/webhook/sandbox, (you can use your own convention, just examples) The Webhook endpoint configured in your Sandbox, and the endpoint configured in your test mode, will have unique signing keys. Then you can more or less copy/paste the logic and just swap out the signing secret.

The other option would be to essentially test both signing secrets on the same endpoint url and identifying the account by which secret succeeds.

We do have an account field but that's really only populated when it's a Connect event.

Got it, so in other environments, different from webflows, where I won't have different URLs, I'd need to basically just test both keys?

Yeah, unfortunately we don't surface the accounts it's coming from by any other means. The account property on the event object only populates when it's an event coming from a Connect account on a Connect configured endpoint. (which really isn't applicable here)

Interesting

Ok cool, thank you for your help on this one! 💪