My client has a Wix website and I need to send creates and updates to Retool.
Wix allows calling webhooks, but when I test sending data to Retool I get a 400. This is probably because Wix sends the data as a JWT.
So now I have to set up an AWS lambda just to undress and validate the JWT
Would be nice if Retool webhooks just allowed this kind of data to be received. I'm not asking for any kind of deep JWT support (with decoding and validation), rather just for the possibility to do it myself.
Unfortunately I can't give a sample request because Wix sends it from their back-end. I recommend you make a Wix account yourself so you can faithfully and repeatedly reproduce this. Anyway, when I routed it to an AWS Lambda I got this:
It looks like there are some docs on how Retool workflows do support webhook triggers where the incoming JSON payload can be accessed to grab data and details inside the flow here.
Can you check in your retool app's debugger tool to see if there is a more specific error message when the webhook comes in?
Given that a JWT would be in the header of a request hitting the workflow's trigger endpoint it shouldn't be getting blocked, I am guessing the issue is stemming from elsewhere.
You should be able to grab the JWT out of the incoming payload's header, then have workflow steps to decode and validate the token. Maybe the Wix url sending in the webhook isn't authorized by the app to hit the trigger endpoint.
I will make a Wix account and try to replicate the bug.
@Toon_Alfrink I was able to set up a button in Wix to trigger a Velo API function call using the getJSON method to a Retool workflow trigger API and it worked fine for me.
Workflows are able to access JSON payloads to grab and unpack data stored in the headers and body of a JSON request object such as JWTs so that you can decode and validate the tokens.
Can you share a screenshot of the Wix code that is dispatching the request to the Retool Webhook? (feel free to hide/obfuscate the Webhook URL and other sensitive data)
Reading through the docs on Webhook triggers here it says that Webhook events sent to the workflow endpoint must use Content-Type: application/json
Which could be the cause of a 400 error as the webhook needs the content type for the data to pass through to then be accessable in the then triggered Workflow.
Thank you for posting the video, however it seems that it's not playable. I can see the first frame but clicking anywhere on it doesn't seem to do anything.
Maybe try a link so I can watch and get a better idea on how to troubleshoot this bug for you!
Inside of Retool workflows there should be a 'run history' button in the bottom left that might be able to give us some more info on why the request coming in the the Retool URL isn't hitting the webhook trigger.
Normally once the trigger is hit you can access the headers, any tokens in the headers and the body of the request to handle as you like.
I have a hunch the request from Wix is erroring out before it can get to Retool, but the 'run history' can confirm or deny this.
Was your AWS redirect able to trigger the workflow? I was able to trigger a workflow from Wix with the below code snippet,