Failure to create a webhook with a JSON request

joramjoram Member Posts: 4
edited November 2018 in Development
Creating a webhook through a JSON request fails, while the same request with form parameters works.

For example, the following request (with key, secret and url replaced with relevant values):
curl -u key:secret -H Content-Type\:\ application/json -XPOST https\:// -d \{\"webhook\"\:\{\"isActive\"\:true\,\"itemGroup\"\:\"orders\"\,\"itemAction\"\:\"created\"\,\"language\"\:\"en\"\,\"format\"\:\"json\"\,\"address\"\:\"url\"\}\}
Returns a 403 Forbidden with the following body:
{"error":{"code":403,"method":"CREATE","request":"\/nl\/webhooks.json","message":"The server understood the request, but is refusing to fulfill it."}}

Creating the same webhook with form parameters works correctly:
curl -u key:secret -H Content-Type\:\ application/x-www-form-urlencoded -XPOST https\:// -d webhook\[isActive\]\=true\&webhook\[itemGroup\]\=orders\&webhook\[itemAction\]\=created\&webhook\[language\]\=en\&webhook\[format\]\=json\&webhook\[address\]\=url

Since the PHP API client uses JSON bodies for POST requests, it is also broken because of this.


  • TimBloembergenTimBloembergen Moderator, Lightspeed Staff Posts: 38 moderator
    Hi Joram,

    When the server send back the 403 error it most of the time means the key you are using does not have the right permissions set. Could you send me the API key in a private message so I can check this for you?
    Tim Bloembergen
    API Integrations Specialist
    Lightspeed HQ
  • joramjoram Member Posts: 4
    edited November 2018
    Hello Tim,

    I've sent you the key, but the key and secret I use for both requests are identical.
  • joramjoram Member Posts: 4
    Just to finish this thread:

    Apparently none of the relevant permissions were enabled for my API key. Quite an odd thing, considering requests with form parameters were working fine and all other requests I tried did as well, but it's fixed now.
Sign In or Register to comment.