Webhook Integration Called Incorrect Endpoint URL

We encountered a critical issue with the Webhook Only application named “Webhook Integration.” Between 4:10:06 PM Jun 28, 2023, and 09:37:20 AM Jun 28, 2023, the webhook was calling an incorrect endpoint URL, which resulted in failed calls. We have resolved this issue by adjusting the URL configuration on our end. However, we are still seeking clarification regarding how an unauthorized URL was present in the webhook configuration during that specific time period.

We want to emphasize that we did not make any changes to the configuration in the App settings, and the incorrect URL was not set by us. After noticing the issue, we promptly adjusted the URL to the correct one, and the problem is now resolved.

Our primary concern now is understanding how this situation occurred in the first place. It remains unclear why an URL that we never configured appeared within the webhook settings between 4:10:06 PM Jun 28, 2023, and 09:37:20 AM Jun 28, 2023. We suspect that there may have been external factors or testing performed by your developers during that specific time period, which led to the presence of the unauthorized URL.

To assist in the investigation, we would be willing to provide our correct and expected endpoint URLs privately. This will help you further analyze the issue and identify any potential vulnerabilities or misconfigurations.

Additionally, we discovered that the incorrect endpoint URL that the service was calling during the issue was associated with Ngrok. However, we did not set up or authorize any usage of Ngrok for this specific webhook app integration. Therefore, it is crucial to determine why the webhook integration started using an Ngrok-related endpoint without our knowledge or consent.

Thank you for your attention to this matter.

Hi @edenreditalia
Thanks for reaching out to the Zoom Developer Forum, I am happy to help here!
This is very interesting, so the events were being delivered to an incorrect endpoint? do you think it could be an issue where you had this endpoint set up in another internal app in your account such as a Server to Server or a JWT app, hence you were receiving those events?

I will go ahead and send you a private message so you can send me more information about this issue.