Skip to main content

Hello,
Until recently (I can’t tell exactly the date from which it didn’t work anymore), I  had no problem calling the deauthorize URL (https://www.strava.com/oauth/deauthorize) for a given user, which in return triggered my webhook to let my backend knows that the user, from the strava pov, is disconnected from my app. I then delete the user connection with strava on my app (and thus his strava token from my DB).

But now, this webhook (containing the specific key:value ‘{"authorized" : "false"}’ ) is not called and doesn’t let me knows that the removal of my app is effectively done on the strava side.

This webhook is however effectively called if the user delete my app from his strava account.

Is it a change of behavior from the strava webhook system or is it a bug?

I don’t see any change in the documentation about it.

Thanks

 

Do you need the extra step with the webhook here? If you get a success return code from the deauthorize endpoint that should be enough confirmation that the Strava side has deauthorized the user.


Well, you’re right, I’m now thinking of checking this return code to process the deletion of strava on my side.

Thanks


Reply