Webhook JWT application authentication

Charlie_Hauser · March 11, 2020, 6:49pm

I have a client app working with the custom JWT authentication. I am setting up a webhook and not able to make valid requests. The webhook will accept GET requests and currently I have it set up returning 200 just to make sure things work. The problem is you are not allowed to add a body with a GET request where it seems Stitch is expecting the credentials.

I am using the documentation here: https://docs.mongodb.com/stitch/services/create-a-service-webhook/#configure-user-authentication.

Is there a way I can use the credentials (“jwtTokenString”: “<User’s JWT Token>”) in the header of the requests?

Drew_DiPalma · March 15, 2020, 12:21pm

Hi Charlie – You should be able to send the credentials in the same format (“jwtTokenString”: “<User’s JWT Token>”) as part of the header. Let me know if you run into any issues!

Charlie_Hauser · March 17, 2020, 6:01pm

I should also mention I am using the fetch API. I get a CORS preflight error when I do a GET request. I am able to do it using postman.
My fetch request is formatted as shown:
fetch( “webhookurl”, {method:“GET”, headers: { jwtTokenString: “userJwtString”} } )