Welcome to the RingCentral Community

Make sure to review our Terms of Use and Community Guidelines.

Please note the community is currently under maintenance and is read-only.

Home » Developers

C# Webhook Subscription - Validation Token not in Header - Sandbox

Tags: rest api, webhooks

Apr 27, 2023 at 5:40am • 1 replies • 0 likes

Ralf Kloth

In the Sandbox the "Validation-Token" is NOT returned in the Header (as described in the documentation) - in the RequestBody the Validation-Token is delivered:

{"validationToken":"d52ca641-1297-4784-ac69-5e04062f161b"}

In the Production environment this is different. There the token ist correctly delivered in the Header as "Validation-Token".

There seems to be a difference between Sandbox and Production environment!

Note: There must have been a change in the Sandbox lately because this also worked in the Sandbox in the past.

1 Answer

Phong Vu answered on Apr 27, 2023 at 6:47am

What is the Web framework you are running on?

Ralf Kloth on Apr 27, 2023 at 7:07am • 0 likes

We use Azure Functions and .NET 6.0.

Phong Vu on Apr 27, 2023 at 8:28am • -1 likes

Ok, so it looks like the latest change (only on sandbox for evaluation) has an impact on Azure. The change was that the validation-token is sent with the body is e.g.

{"validationToken":"f5520450-09d8-42b7-90d5-aa22282dccb8"}

And the content-length set with the length of the body. Can you show how the return of Validation-Token header is handled in your code?

Is it possible that Azure check the content-length != 0 and send the body only?

Ralf Kloth on Apr 27, 2023 at 10:50pm • 0 likes

I could see the problem now.

In our code we checked if the content length was 0 and only then checked for the Validaten-Tken in the header. Because now the validationToken ist also send in the body - this code did not work anymore. When I change this it works again.

Note: Such a change may also impact other developers who may use a similar code as me!

Thanks for your help.

Phong Vu on Apr 28, 2023 at 9:21am • 1 likes

The validation token is sent only once when the subscription is being created. So you should not check the content-length header to decide if it is a validation post or not. Instead, you can just simply check if the validation-token header exists, then echo it and don't need to read the body. We showed that in all our example codes. E.g. in Node JS

var server = http.createServer(function(req, res) {
  if (req.method == 'POST') {
    if (req.url == "/webhook") {
      if (req.headers.hasOwnProperty("validation-token")) {
        res.setHeader('Content-type', 'application/json');
        res.setHeader('Validation-Token', req.headers['validation-token']);
        res.statusCode = 200;
        res.end();
      } else {
        var body = []
        req.on('data', function(chunk) {
          body.push(chunk);
        }).on('end', function() {
          body = Buffer.concat(body).toString();
          var jsonObj = JSON.parse(body)
          console.log(jsonObj.body);
        });
      }
    }
  } else {
    console.log("IGNORE OTHER METHODS")
  }
});

A new Community is coming to RingCentral!

Posts are currently read-only as we transition into our new platform.

We thank you for your patience
during this downtime.

Try Workflow Builder

Did you know you can easily automate tasks like responding to SMS, team messages, and more? Plus it's included with RingCentral Video and RingEX plans!

Try RingCentral Workflow Builder

PRODUCTS
RingEX
Message
Video
Phone

OPEN ECOSYSTEM
Developer Platform
APIs
Integrated Apps
App Gallery
Developer support
Games and rewards

RESOURCES
Resource center
Blog
Product Releases
Accessibility

QUICK LINKS
App Download
RingCentral App login
Admin Portal Login
Contact Sales