#Indesh Prinja-Connect

Hi, that's called live mode connection or test mode connection. If a connected account is connected to your platform through a live mode connection, you have have both test/live payments with them. But if a connected account is connected through a test mode connection, you can only have test payments with them

Great thanks!. Quite precise and helpful.

I've one more question but that is regarding 'connect' type webhooks.

I'm receiving webhook of the event happening on 'connect' account on 2 different accounts. Is that normal for 'connect' type webhooks?

Yes it is

So, it there a way to handle it? Because my other webhook endpoint (which is not expecting it) keeps throwing signature verification errors (which is anyhow correct but I want to avoid it)

Hmm you connect webhook endpoint should have only one signature, no? It should be able to receive events from different connected account. You distinguish by looking at "account" inside the payload

Yes, the connect webhook is having one signature but it is sent to 2 different endpoints.

So, the correct endpoint works perfectly but the other one fails (signature verification) for obvious reasons.

Both webhooks that receive the data are on same account (but different modes).

So you have 2 connect webhook endpoints? Sorry if I missed the context

What do you mean by one signature and 2 different endpoints? each endpoints should have its own secret, and you should handle them differently

Yes, those are handled separately.

But the webhooks are 'connect' type which listens to all matching 'events' happening on connect accounts.

yes, the way it works is all events from all your connected accounts get sent to that endpoint. They all get signed with the secret of the Connect endpoint.

It might help to share an evt_xxx event ID where it was sent to two different endpoints where one of them had the signature verification so I can understand your exact set up

Sure

evt_1KifTuLzqjfxJhTEiqaxYKeE

so is the issue that it's sent to both
https://<yourcompany>.io/webhooks/stripe
and
https://dev.<yourcomany>.io/webhooks/stripe

?

Right

why is that unexpected? You created those two endpoints on your platform and set them to listen to the same type of events. So we will send events to them.

whatever code runs at those URLs should be configured to use the secret from the corresponding endpoint as shown in the Stripe dashboard, not the same one. It would just work.

So, should I stop throwing err on signature mismatch and simply stop the code there with 200 code?

I fear I'm not able to clarify the scenario.

well I don't see why you'd get the signature mismatch in the first place. Is it the same exact code running on both those URLs I mentioned?

Yes, same code runs.

ok, and in that code, how does it get the whsec_xxx webhook signing secret value to use? Is it hard coded as a string in the code? does it read a configuration file? something else?

It reads config file

Webhook Secret Key:

Localhost has: whsec_UH0TePyyqQVBlpCqEg0sh8nqYRggCqwG

Production has: whsec_6ubAg60oZQWlAVXNkiTbocGTtK51c2i1

that's not the right secret for the production one

the right secret is the one on https://dashboard.stripe.com/webhooks/we_0HMUQVb2g6DPIN2kbcOsTsWJ

@calm latch I reopened your thread

Thanks

I had confusion about webhooks for connect accounts. Will Karllekko be available?

He is not currently available, but I can try to help you! What exactly is your question?

We're receiving webhooks on multiple accounts for connect accounts which I now came to know is a standard and expected flow.

But when we receive webhook on the endpoint which is not expected to execute it, throws signature verification error which it should.

I can try explaining with an example:

Account A is connected to an account B and account C.

Both B & C have 2 webhooks (with 'connect' type)
B's webhook is in live mode
C's webhook is in test mode

I performed 'test' payment from C (on behalf of A) by using 'test' keys.

Both B & C received the webhook:
- in webhook code, the webhook secret key is used based on 'livemode' flag

C works fine as its 'livemode' is false (test) and test keys are loaded also it was originally performed from itself

B throws an error (test keys are loaded) BECAUSE signature fails as original request was from C.

In your example B & C are platform accounts, and A is the Connected account (to both B & C)?

Yes

You made a test payment on account A, then:

• C got a test mode webhook event, which worked
• B got a live mode webhook event, which failed because of the signature

If so, this is probably due to this:

For Connect webhooks, it’s important to note that while only test webhooks will be sent to your development webhook URLs, both live and test webhooks will be sent to your production webhook URLs. This is due to the fact that you can perform both live and test transactions under a production application.** For this reason, we recommend you check the livemode value when receiving an event webhook to know what action, if any, should be taken.**
https://stripe.com/docs/connect/webhooks

Let me check

The 'test' payment performed from 'test' keys of C are also received on 'test' of production server.

The mode is same for both but keys are not .. hence throwing error

So, 'test' webhook secret key of C is (performed from localhost): whsec_UH0TePyyqQVBlpCqEg0sh8nqYRggCqwG

And, 'test' webhook secret key of B is (received on production server) whsec_6ubAg60oZQWlAVXNkiTbocGTtK51c2i1

Keys are differently used, so signature verification will, which is good.

Or I have to stop throwing signature verification error and simply stop executing the code with 200 code

Hello. Taking over for soma as they have to step out. Give me a moment to catch up

Yeah the recommended way to handle this is to inspect the livemode param on the event. If it's your production server and livemode is false, then just immediately return with a 200

But we're allowing both test and live payments on production server

You can still have separate endpoints for test and live events on the same server