I have a verification endpoint that correctly responds with the verification request as per the Twitch CLI:
$ twitch event verify-subscription channel.follow -F https://[redacted]/ -s dfsion43jdghjyt5mry
✔ Valid response. Received challenge 26bb188c-3cd8-de37-05f6-4c57f4dc848f in body
✔ Valid content-type header. Received type text/plain
✔ Valid status code. Received status 200
But when I use that same endpoint with the API it doesn’t work:
$ curl -X POST 'https://api.twitch.tv/helix/eventsub/subscriptions' \
-H 'Authorization: Bearer [redacted] \
-H 'Client-Id: [redacted]' \
-H 'Content-Type: application/json' \
-d '{"type":"channel.follow","version":"1","condition":{"broadcaster_user_id":"468236963"},"transport":{"method":"webhook","callback":"https://[redacted]/","secret":"dfsuh437yfuhi438fgh9"}}'
That responds with:
{"data":[{"id":"1402eb0d-799f-4d1a-9674-4363c3a3bf2d","status":"webhook_callback_verification_pending","type":"channel.follow","version":"1","condition":{"broadcaster_user_id":"468236963"},"created_at":"2022-01-03T04:21:51.269457833Z","transport":{"method":"webhook","callback":"https://[redacted]/"},"cost":1}],"total":1,"max_total_cost":10000,"total_cost":1}
Then if I list out my subs:
$ curl -X GET 'https://api.twitch.tv/helix/eventsub/subscriptions' \
-H 'Authorization: Bearer [redacted]' \
-H 'Client-Id: [redacted]'
It comes back failed:
{"total":1,"data":[{"id":"1402eb0d-799f-4d1a-9674-4363c3a3bf2d","status":"webhook_callback_verification_failed","type":"channel.follow","version":"1","condition":{"broadcaster_user_id":"468236963"},"created_at":"2022-01-03T04:21:51.269457833Z","transport":{"method":"webhook","callback":"https://[redacted]/"},"cost":0}],"max_total_cost":10000,"total_cost":0,"pagination":{}}
So far as I understand the webhook verification should only fail if something is sufficiently wrong to cause the Twitch CLI to not pass, but the Twitch CLI is passing every time.
That’s my broadcaster id, and the OAuth token and Client ID match and are from my account.
I don’t understand what’s wrong.