Receiving webhook with "app.pipedrive.com" as host

Nicolas_Buchhalter · May 11, 2020, 12:19pm

Hi!

I just started using pipedrive integration via webhooks in production and I started receiving webhooks with the “host” field in the “meta” tag as “app.pipedrive.com”. I use this as the integration identifier so I can’t match the webhook to a user.

Is this normal? Could you please explain me what does this as host mean?
What should I be using as identifier? In case its not host, could you explain me how could I explain the user how to find this identifier in its Pipedrive platform?

Thank you very much!
Nicolás.

David · May 11, 2020, 1:48pm

Hey Nicolas,

Could you perhaps give me an example of the webhooks you’re receiving so I can investigate further (and please blur/remove any personal data)

Nicolas_Buchhalter · May 11, 2020, 2:10pm

Yes, of course!

    body: {
      current: {…}    
      event: "updated.person"    
      meta: {
          action: "updated"     
          company_id: *****     
          host: "app.pipedrive.com"     
          id: 345     
          is_bulk_update: false     
          object: "person"     
          permitted_user_ids: [1]     
          timestamp: 1589200131     
          timestamp_micro: 1589200131846418     
          trans_pending: false     
          user_id: *****     
          v: 1     
          webhook_id: "****"     
     }
     previous: {…}    
     retry: 3    
     v: 1    
    }

I added the **** to avoid using real user info and didnt include the contact information in current and previous because I guess you dont need it

David · May 12, 2020, 8:22am

Thanks for the example,

Yes, the “host” field only really has a use with the API Token as, like you have stated, it will be just app.pipedrive when using app webhooks.

For apps, you should be using the company_id and user_id to understand from which account and which user the webhook is coming from

Nicolas_Buchhalter · May 12, 2020, 8:41am

Hey David, thank you very much again for the quick response.

Ok, I get it. The thing is that we dont have an app. We just wanted to receive webhooks directly, having the user configuring them with our endpoint and a basic auth that they would give us (username and password). Is this approach not going to work then? Or is there a workaround that you can think of to authenticate the Webhook?

David · May 15, 2020, 12:24pm

Hey Nicolas,

Thanks for your patience on this (just been busy).
So the webhook isn’t going through an App? If that’s the case, it should show the company’s URL in host.
Perhaps you could fully explain the situation out to me?

Nicolas_Buchhalter · May 15, 2020, 12:42pm

Hey! Sure!

We are offering a “Pipedrive Integration” to let them sync contacts from Pipedrive with contacts in our app. We just ask them to create a webhook using our URL so that we can get this info.
There are some webhooks arriving with company URL in host and others arrive with “app.pipedrive.com” .

As we use this host as the identifier of the webhook, then we dont know how to whom the ones with this pipedrive host belong to.

Thanks!

David · May 15, 2020, 12:55pm

Is the “Pipedrive Integration” done through any sort of authorization (ei OAuth)? Basically some way in which you can retrieve the Company & User ID so that you can use it identify the source of the webhook?

Nicolas_Buchhalter · May 15, 2020, 1:14pm

Yes, I know we could do that but I would like to understand the issue with the host. If you are offering to configure webhooks to any server, we should be able to use it, right?

Nicolas_Buchhalter · May 22, 2020, 7:53am

Hi David. Its been a week and I’m still getting the webhooks from app.pipedrive.com. Is there something we could do? Could you tell me why I’m receiving this if I dont have an app?

David · May 22, 2020, 8:40am

But you are requesting the Webhooks via a POST to the webhooks endpoint right? As long as you do this you will always get the host as app.pipedrive.com.

The only way to not have it this way (for now), is through manually created webhooks.

Nicolas_Buchhalter · May 22, 2020, 9:20am

No. They are all manually created webhooks. I dont have an App so I dont have an API key. Im just receiving webhooks created manually by users.

David · May 22, 2020, 9:53am

Do the same companies always return app.pipedrive? I’m trying to find some way to replicate this on my end.

Nicolas_Buchhalter · May 22, 2020, 11:12am

I’m only receiving this webhooks from “app.pipedrive.com” by now from 2 company ids: 3549381 and 755625…

David · May 22, 2020, 12:48pm

Do you have the last number from the second ID?

Nicolas_Buchhalter · May 22, 2020, 1:00pm

Oh sorry, some copy paste error. It was 7556251