Skip to main content

We successfully created a webhook subscription using our development site (dev.xxxx.com), but we have been unsuccessful subscribing using our production site after we switched the app’s Authorization Callback Domain to production (xxxx.com).

When we view the app’s subscriptions, it returns empty.

Attempting to create a new subscription from production returns “GET to callback URL does not return 200” which many people have reported here.

However, even though we have not changed our Authorization Callback Domain back to dev.xxxx.com, we can still create a subscription from development even though the app settings on the Strava website shows the production url as the callback domain.

It seems like the initial URL we created a subscription with is still the one being used for some reason even though the production $callback_url is what we send to Strava..

Has anyone else had this issue before? 

Perhaps there is another place where the URL needs to be updated that I am overlooking?

I’m wondering if there is a stored Authorization Callback Domain value Strava is checking…

Perhaps if the sent $callback_url doesn’t match the stored Authorization Callback Domain value, they it doesn’t even try to access the $callback_url?

In doing additional testing, when we send a Create Subscription request from production using the production $callback_url, there is no activity in the access logs from Strava.

However, when we send Create Subscription request from development, we see activity coming from Strava servers to the webhook $callback_url.

All of this is while the Authorization Callback Domain value in https://www.strava.com/settings/api is our production url.

Another follow-up…

We use WP Engine as web host and the production domain was using Cloudflare while the development server was not.

This was the only settings difference I could identify so after switching to the standard DNS settings for the production domain, we have been able to successfully create a webhook subscription on production.

It is still unclear to me what was specifically being filtered out / blocked by Cloudflare, so all I can say is that it wasn’t working before, but is now.

 

Terms & ConditionsCookie settingsAccessibility statement