Failure to create a webhook with a JSON request

joramjoram Posts: 3Member
edited November 20 in Development
Creating a webhook through a JSON request fails, while the same request with form parameters works.

For example, the following request (with key, secret and url replaced with relevant values):
curl -u key:secret -H Content-Type\:\ application/json -XPOST https\://api.webshopapp.com/nl/webhooks.json -d \{\"webhook\"\:\{\"isActive\"\:true\,\"itemGroup\"\:\"orders\"\,\"itemAction\"\:\"created\"\,\"language\"\:\"en\"\,\"format\"\:\"json\"\,\"address\"\:\"url\"\}\}
Returns a 403 Forbidden with the following body:
{"error":{"code":403,"method":"CREATE","request":"\/nl\/webhooks.json","message":"The server understood the request, but is refusing to fulfill it."}}

Creating the same webhook with form parameters works correctly:
curl -u key:secret -H Content-Type\:\ application/x-www-form-urlencoded -XPOST https\://api.webshopapp.com/nl/webhooks.json -d webhook\[isActive\]\=true\&webhook\[itemGroup\]\=orders\&webhook\[itemAction\]\=created\&webhook\[language\]\=en\&webhook\[format\]\=json\&webhook\[address\]\=url

Since the PHP API client uses JSON bodies for POST requests, it is also broken because of this.
Tags:

3 comments

  • TimBloembergenTimBloembergen Posts: 12Moderator, Lightspeed Staff moderator
    Hi Joram,

    When the server send back the 403 error it most of the time means the key you are using does not have the right permissions set. Could you send me the API key in a private message so I can check this for you?
    Tim Bloembergen
    API Integrations Specialist
    Lightspeed HQ
  • joramjoram Posts: 3Member
    edited November 22
    Hello Tim,

    I've sent you the key, but the key and secret I use for both requests are identical.
  • joramjoram Posts: 3Member
    Just to finish this thread:

    Apparently none of the relevant permissions were enabled for my API key. Quite an odd thing, considering requests with form parameters were working fine and all other requests I tried did as well, but it's fixed now.
Sign In or Register to comment.