#dhaari-api-key

Hello! Is this from your webhook handler? Can you share the code?

yes

Can you share the code?

var stripeEvent = EventUtility.ConstructEvent(json, Request.Headers["Stripe-Signature"], CommonDependencies.webHookSecret);
var charge = stripeEvent.Data.Object as Charge;

Where are you initialising the Stripe client?

It has been working good. the same code is used in test environment as well. works good.

I see resend button in webhook response. IF we click on that will the response be sent again to the end point?

My guess is you don't have the API key variable set in your production environment

Yes, it will re-attempt delivery

ok..Actually we log the response content json object . it is done. also the following logged under exception

Message:
No API key provided. Set your API key using StripeConfiguration.ApiKey = "<API-KEY>". You can generate API keys from the Stripe Dashboard. See https://stripe.com/docs/api/authentication for details or contact support at https://support.stripe.com/email if you have any questions.

The error is pretty self explanatory. Somewhere where you're initialising StripeClient (using stripe-dotnet I assume) you're not passing an API key. I can't really provide any further details as you've only shared a small snippet of your webhook code

How come the same code works good in test environemnt

How are you providing your Stripe API key to your code? Via an environment variable?

For processing webhook response in our end point url code, we only use stripe signature not the api key. APi key we have coded and used for transaction submit and refund via our application. this is for web hook consumption

You need the to provide your Stripe secret key when initialising StripeClient

var stripeEvent = EventUtility.ConstructEvent(json, Request.Headers["Stripe-Signature"], CommonDependencies.webHookSecret);
var charge = stripeEvent.Data.Object as Charge;

I shall do couple of refunds again in the stripe portal and let you know the event id..

That's not the StripeClient, you must be initialising that above that block of code. Something like:

StripeConfiguration.StripeClient = new StripeClient(apiKey)

we do such kind of initialisation only for payment /refund from our app , not for webhook consumption code

public static string MakePayment(ChargeCard chargeCard)
{
StripeConfiguration.ApiKey = CommonDependencies.stripePaymentKey;

So do we need to such initialization for webhook cosumption (before webhook secret code, i shared earlier )

You will, yes. See the example here: https://stripe.com/docs/webhooks/quickstart

ok. I shall check. I wonder how the same code works good for test account

Also i see 200 ok response even if i get that api key error . Any reason?

Can you check this event evt_3KEqIGJ4kWyAupIq0xb1pQt1

It shows 200 response code . also shows that api key missing error along with the valid response

Your webhook handler has sent a 2xx response despite the error

ok. Any idea on why the test account doesnt expect apikey while the live account expects as we use the same code for both?

That wouldn't be the case. As I said, there's likely something missing from your production/live environment. Perhaps the API key variable isn't set or it has a different name

Thanks @royal oxide. But it is same code.. same variable name.. anyways i shall add this and check?

You need to verify that your stripePaymentKey variable is set to the correct value in your live environment

ok. It is correct because it works good for other page functionality .. Shall check..In webhook code we dont even refer key only use secret code.. Thanks .

we dont even refer key
That's likely the issue! You need to initialise StripeClient with your API secret key (sk_live_xxx) not the webhook signing secret

ok.. can you check this event

evt_3KET9pG3TTUTiolt0ZaelaOJ

same code . same kind of action i triggered from stripe portal (refund ). no issues. works good

There is some critical difference between your test and live environments that is resulting in the different responses you're seeing. I'd recommend double (triple!) checking your environment variables to ensure you're using the correct values

There should be no different behaviour between a test and live event from our perspective

Your handler is throwing an error, so it's most definitely an implementation issue

ok. The reason why i ask multiple times s that we use same copy of code in handler .. We have the secret key set in another file . only that webhook secret key is different for 2 environments. May be is there something related to api key while configuring the end point urls in the stripe portal ?

The secret API key is account wide, it's not configured differently per webhook. That's the signing secret (which is unique per webhook)