Not receiving webhook traffic for deauthorization endpoint

API and Webhooks
#1

Description
A clear and concise description of what the question is.
When we set the deauthorization endpoint URL of our app to we don’t observe any traffic to that endpoint on app uninstall. However, it works for test URLs such as https://hookbin.com/. Is it possible that zoom is blocking traffic to www.pinterest.com domain?

Error
The full error message or issue you are running into.
No traffic is observed to when our app in uninstalled.

Which App Type (OAuth / Chatbot / JWT / Webhook)?
Knowing the endpoint/s can help us to identify your issue faster. Please link the ones you need help/have a question with.
Webhook with event type “app_deauthorized”

Which Endpoint/s?
Knowing the API endpoint/s can help us to identify your issue faster. Please link the ones you need help/have a question with
Deauthorization Event URLs.

How To Reproduce (If applicable)
Steps to reproduce the behavior:

  1. Set deauthorization endpoint URL to in our App
  2. Uninstall the app using the production published URL after regenerating it

Screenshots (If applicable)
If applicable, add screenshots to help explain your problem.

Additional context
Add any other context about the problem here.
We observe traffic to webhook debug tool hookbin.com
Is it possible that traffic to pinterest.com domain is being blocked from zoom’s side? We talked to our traffic team and they said that they don’t block any traffic from the zoom IP addresses listed in https://marketplace.zoom.us/docs/api-reference/webhook-reference

#2

Hey @hsiung,

Thank you for reaching out to the Zoom Developer Forum. It sounds like you’re doing everything correctly but I just want to confirm a couple of things to get us started:

  1. You are installing the app using the production publishable URL on the Submit tab of the app (shown below)

image
image1155×571 55.6 KB

  1. You are uninstalling the production version of your app (shown below)

    image
    image2134×456 37.9 KB

  2. The Webhook endpoint returns a 200 OK status on receipt of the payload

The endpoint won’t be called if you’re uninstalling a development version of the app or if in the past the endpoint has returned anything except a 200 OK status. If you’re still encountering issues after confirming those details, please confirm if you are able to receive other Webhooks from this endpoint.

Thanks,
Max

#3

Hi @MaxM, that’s correct. We are installing using the production publishable URL and uninstalling the production version of the app. We observe traffic is received for hookbin.com and other domains but not

Screen Shot 2020-12-15 at 1.07.27 PM
Screen Shot 2020-12-15 at 1.07.27 PM1468×319 29 KB

#4

Hey @hsiung,

Thank you for providing additional information. If you’re able to receive webhooks at other endpoints, it seems like this issue is related specifically to the Pinterest endpoint. For example, if this endpoint is returning anything other than 200 (i.e 301), our webhooks could be silently failing. Can you verify that is not the case? If so, let me know if you would like us to confirm in our logs.

Thanks,
Max

#5

Hi @MaxM we’ve setup monitoring for the endpoint and don’t observe any traffic on app uninstall. We also met with our traffic team and they confirmed that they weren’t blocking any traffic from the IP addresses https://marketplace.zoom.us/docs/api-reference/webhook-reference. Is there any way you can see if the webhook request is being sent for App ID ? I uninstalled the production version of the app a few times this morning.

Also sorry there was a typo in the post above. The deauthorization endpoint URL we are using is:

#6

Hey @hsiung,

I would double check to see if your endpoint is configured to receive POST requests, and that your network or firewall or VPN allows the following IPs:

You can also test by sending POST requests to your endpoint via Postman or CURL to see if you are able to reach your deauthorization endpoint URL.

Please let me know if that helps! :slight_smile:

Thanks,
Tommy