This website uses Cookies. Click Accept to agree to our website's cookie use as described in our Privacy Policy. Click Preferences to customize your cookie settings.
Accept
Reject
Preferences
Community Hub Help
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 

Webhook event from when user rekoves access for an app

slilian
Shkhara

‎02-01-2024 03:39 PM

Hi,

I was looking in the documentation, but I couldn't find any info about events for when an user revokes access for an app.

Is there any communication about this event?

Thank you,

Simone

0 Kudos
6 REPLIES 6

slilian
Shkhara

‎09-18-2024 12:21 AM - edited ‎09-18-2024 12:21 AM

After having a lot of trouble trying to find the problem, I noticed that our firewall was blocking the Strava webhook events. Strava also added new IPs that needed to be whitelisted (https://communityhub.strava.com/t5/developer-discussions/whitelist-ip-address-webhook/m-p/33492).

It's pity Strava doens't notify when changes like this happen.

blasbike
Shkhara

‎08-20-2024 12:02 AM

Yes, I know how deauthorization works.

I have two strava apps with webhooks, different implementation not the copy paste code.

In both apps sometimes I receive deauthorization webhook event and a user confirms they did not click revoke in Strava, any ideas?

https://goodtrail.run
https://www.bikestats.pl
0 Kudos

blasbike
Shkhara

‎07-27-2024 10:19 AM

I have related question. Is it possible that Strava sends authorize:false event several days AFTER revoking? Or maybe is repeating that webhook event? I had a case I revoked on my test user, then connected again. All worked as expected and then after a week I am receiving authorize:false again and my user is deauthorized!

Is it possible? That case happened for two users and both events was send in the same batch from Strava and processed together within my 2 minutes interval.

I have checked my security flow and I am sure there is no way for someone else to push such event to my app.

https://goodtrail.run
https://www.bikestats.pl
0 Kudos

slilian
Shkhara
In response to blasbike

‎09-18-2024 12:18 AM

Hi @blasbike I haven't noticed this behaviour. 

0 Kudos

slilian
Shkhara

‎02-04-2024 05:44 PM

I'm trying to test this, but it doesn't look like a notification is sent when the user revoke access to an app.

I can't seen to find any more info, would anyone be able to help?

Thanks

slilian
Shkhara

‎02-01-2024 08:30 PM

I think I found something here: https://developers.strava.com/docs/webhooks/

 "For app deauthorization events, there is always an "authorized" : "false" key-value pair."

 

Ready, Get Set, Go!

Welcome to the Community - here is your guide to help you get started!


Know how to use Community


Understand Community Settings

Copyright © 2024 Khoros, LLC