Skip to main content

Hello, I followed the steps given at: https://developers.strava.com/docs/webhookexample/ and https://developers.strava.com/docs/webhookexample/.

I implemented the get and post methods to address the verification and calls for the webhooks according to the documentation.

However, when I call the following URL, I keep getting the same error:

curl -X POST https://www.strava.com/api/v3/push_subscriptions -F client_id=MASKED -F client_secret=MASKED -F callback_url=MASKED -F verify_token=MASKED

I also tried calling the endpoint directly, according to the command below:

curl -X GET ‘{your-callback-url}?hub.verify_token=test&hub.challenge=15f7d1a91c1f40f8a748fd134752feb3&hub.mode=subscribe’

I'm able to see the challenge in the response.

I also enabled logging to the server, and I can't see any calls on behalf of strava when I post to push_subscriptions.

 

I also set the authorization callback URL as the same as the webhook callback.

What am I missing?

Hi @lucasdias , I'm having the exact same issue. Did you find a solution?

It seems like Strava sends an empty "Content-Length" header for the GET request which gets blocked on my server setup via AWS load balancer using "Desync mitigation mode" set to strictest.
AWS treats an empty "Content-Length" header as "Acceptable" which gets blocked by the load balancer on this mitigation mode. Setting it to "defensive" solved the issue for me.

Reply


Terms & ConditionsCookie settings