Webhook pipedream validation

I have build a S2SOAuth Zoom App which trigger webhooks when a call log or a call recording is completed. The endpoint of the webhook is hosted on pipedream but the webhook endpoint validation failed without any reason or error.

There is no error displayed except the message displayed below the URL : URL validation failed. Try again later.

How To Reproduce

  1. the S2SOAuth Zoom App pointing to the pipedream endpoint

  2. The pipedream code which validates the CRC

import crypto from "crypto";
export default defineComponent({
  async run({ steps, $ }) {
    if (steps.trigger.event.body.event === "endpoint.url_validation"){
        // Webhook endpoint validation
        const hashForValidate = crypto.createHmac("sha256", process.env.CDR_SECRET_TOKEN).update(steps.trigger.event.body.payload.plainToken).digest("hex");
        await $.respond({
          status: 200,
          body : {
            plainToken : steps.trigger.event.body.payload.plainToken,
            encryptedToken : hashForValidate
        $.flow.exit("Endpoint validated");
  1. The log displayed from pipedream side after the http response sent to Zoom

I have tried different ways to send back the HTTP response but the process always failed without any error/message. Any idea/advise on how I can solve my issue ?

Hi @nverley

Could you construct your response object the like we have in our sample code.

Let me know if this works!

Hi there Ron,
I’m having a similar problem with my integrations; could you please help me figure out what the issue is?
Take a look…
This is the code that resolves the response for the CRC:

This is my JWT Zoom app:

This is the response using Postman as a reference.

What am I doing wrong? Thanks!

Hi Ron

Finally, I have re built my Zoom application and it works now.

Thank you for your time


Hi there Nicolas,
Could you please provide some details on how you were able to do it?


I haven’t changed my code but the deleting and the re creating of my Zoom App has solved my issue…

1 Like

Hi @enrodroid,

Does your encrypted token match what is sent in the header? Also I don’t see that you’ve set that status to 200, it’s commented out.

Thank you very much for your response @rarev
The problem is that I’m not sure what Zoom CRC is expecting as a response.
As you can see in the Postman screenshot, the status of the response is 200, and the response was:
“plainToken”: “[the same i receive from zoom]”,
“encryptedToken”: “[the string generated using plainToken + secretToken in Hex format]”
That response was generated by the above C# code, but if I uncomment the commented lines, this is what I get…
“message”: {
“plainToken”: “[the same i receive from zoom]”,
“encryptedToken”: “[the string generated using plainToken + secretToken]”
“status”: 200
Either way, I still can’t validate the request, as seen in the screenshot of my JWT Zoom app.
I also tried creating a new server-to-server app, and the same thing happened.

I appreciate your response!

Hey @enrodroid,

Is there a way in C# to log the request header and request body? That might be able to help narrow down the issue.