During an integration we come across the point where an external system sends an OPTIONS request to an Alumio webhook. However, this method is not supported. Can this be added?
@Alumio_support This is about the “OPTIONS” request method.
Methods other than POST are currently not supported by webhooks.
On the surface this looks like a quick fix.
Hi @c.eggebeen,
Could you please provide us with documentation of the webhook requests that use the OPTIONS method? Additionally, we would appreciate it if you could provide us with the use case for this documentation.
Hi @Gugi ,
I’m not sure how to discribe this. We are integrating with Shiphero using webhooks. Shiphero sends a webhook to Alumio. Before they send a POST with the data, they first send a OPTIONS request.
Kind regards,
Chris
Hi Chris,
It sounds like a Preflight request. As we mentioned, we need a file or link explaining this webhook behavior.
We checked Shiphero webhooks documentation and found no pages mentioning this OPTIONS request.
Hi @Gugi ,
This behavior occurs when creating an inventory snapshot:
https://developer.shiphero.com/inventory-snapshot#inventory-snapshot-mutation
when adding a post_url: “[webhook in Alumio]” to the request.
Request:
Response from SHIPhero:
More information I cannot provide.
Kind regards
Chris
Thank you for providing us with the documentation and the logs.
We checked the documentation and found a note saying:
Snapshots can also be posted to a specific URL. In order to do this, you have to include two fields:
post_url:”https://testendpoint.net/”
post_url_pre_check:false. As for post_url_pre_check, if false, a pre-check on the POST URL will not be performed. This eliminates immediate validation and feedback in the mutation response, before sending the request to the worker. Nonetheless, disabling this check can be useful if a one-time token is used to authenticate the endpoint.
Could you please send another GraphQL mutation to Shiphero with post_url_pre_check:false? We would like to know whether the pre-check means the preflight request.