Showing results for 
Search instead for 
Did you mean: 

Cannot register webhook -- GET to callback URL does not return 200

Mt. Kenya

Hello, I followed the steps given at: and

I implemented the get and post methods to address the verification and calls for the webhooks according to the documentation.

However, when I call the following URL, I keep getting the same error:

curl -X POST -F client_id=MASKED -F client_secret=MASKED -F callback_url=MASKED -F verify_token=MASKED

I also tried calling the endpoint directly, according to the command below:

curl -X GET ‘{your-callback-url}?hub.verify_token=test&hub.challenge=15f7d1a91c1f40f8a748fd134752feb3&hub.mode=subscribe’

I'm able to see the challenge in the response.

I also enabled logging to the server, and I can't see any calls on behalf of strava when I post to push_subscriptions.


I also set the authorization callback URL as the same as the webhook callback.

What am I missing?


Mt. Kenya

It seems like Strava sends an empty "Content-Length" header for the GET request which gets blocked on my server setup via AWS load balancer using "Desync mitigation mode" set to strictest.
AWS treats an empty "Content-Length" header as "Acceptable" which gets blocked by the load balancer on this mitigation mode. Setting it to "defensive" solved the issue for me.

Mt. Kenya

Hi @lucasdias , I'm having the exact same issue. Did you find a solution?