Unable to verify REST hook

API Q&A
1

Hi,

I’ve using the REST api to create a rest hook, but getting “Unverified” as it’s status.

Getting response on create rest hook

        Array
        (
            [response] => 200
            [body] => Array
                (
                    [key] => 910
                    [eventKey] => contact.add
                    [hookUrl] => https://stwebhook.example.com/ins/5b36156d1e15301948bfb7b3/dd40835fd5a76d9e062794919e577755
                    [status] => Unverified
                )
        )

and response on hook url -

{ event_key: 'contact.add',
     verification_key: '1b6eccad-af82-4c79-bac8-249b41afc598' }

this is function

this.verify_hooks = function (access_token, key, verification_key) {
        var options = {
            method: 'POST',
            url: 'https://api.infusionsoft.com/crm/rest/v1/hooks/' + key + '/verify',
            headers:
            {
                'Cache-Control': 'no-cache',
                Authorization: 'Bearer ' + access_token,
                'X-Hook-Secret': verification_key,
                'Content-Type': 'application/x-www-form-urlencoded'
            }
        };

        request(options, function (error, response, body) {
            if (error) throw new Error(error);
            console.log(body);
            return;
        });
    }

and getting response from verify
{“key”:“910”,“eventKey”:“contact.add”,“hookUrl”:“https://stwebhook.example.com/ins/5b36156d1e15301948bfb7b3/dd40835fd5a76d9e062794919e577755",“status”:"Unverified”}

Is there an extra step I need to take?

2

Hey @Brian_Brian, your listener should be returning the secret from the rest hook request. For example in express i have setup something like:

function respondHookImmediately(req, res) {
	var secret = req.header('X-Hook-Secret')
	if (secret) {
		console.log("X-Hook-Secret: " + secret)
		res.header('X-Hook-Secret', secret)
		res.send(JSON.stringify({}))
	} else {
		var timestamp = new Date()
		var hook = JSON.stringify(req.body, null, 2)
		console.log(`${timestamp}\n${hook}\n`)
		res.end()
	}
}

You will want your function to respond with the X-Hook-Secret . In your example, it seems that part may be missing?

The flow should look something like:
YourHookSubscriptionRequestToAnApplication → ApplicationOutboundRequestToListener → ListenerVerificationRespondsBackToApplication

3

hi carlos,
Thank you for your response.
X-Hook-Secret: 41312440-0e71-4482-b5c8-3fa1717e992e
This works.
thanks