Webhook to API Gateway fails

To invalidate the cache of my server rendered pages, I want to use the webhook feature after publishing stories.
The URL added in the webhook settings in Storyblok points to an AWS API-Gateway where only the POST method is allowed.
However when publishing a story the webhook request fails with the response {"message":"Forbidden"}

My API seems to work fine; post requests with the same body made with e.g. curl or postman all succeed.

My guess is, that some headers from your side leads to this failure. It’s pretty hard to debug, since the API Gateway doesn’t log anything on this particular failure.

Do you have any idea what could trigger this failure?

Hi @mumenthalers,

I will ask the dev team and get back to you asap. If you need to get answer sooner, write directly to the live chat on storyblok.com. That approach can be faster as here :wink:

@mumenthalers I can confirm that we know about the users, who are using the api-gateway without any problems. Could you double check, if the issue is not in the configuration on your side. Our dev team recommend to check the AWS Security group settings. But that is just guessing from our side.

Let me know, if you find something. We keep our ears open, if there is more request like you, but from our side should all work good.

hi @Samuel

I did some more investigation an I’m pretty sure the webhook request is blocked on your side.
I tested with mock endpoints (as the screenshot shows https://snipboard.io/8TQbvx.jpg) in in different regions.
It works fine for us-east-1 but doesn’t reach the API-Gateway at all when running in eu-central-1

My guess is that you have some blocking mechanisms in place which blocks the webhook within the same region (since storyblok is probably running in eu-central-1 as well).

Thx @mumenthalers for investigation. I am raising the issue directly to the team and let you know asap. Or point one of them to answer you here. This is already out of my area of specialisation. :innocent:

What’s the state with this issue?

1 Like

As we plan to go live soon with our site we depend on this issue to be resolved. Any news on this, thanks for your effort!

Hello Michael,

I will ask the developers how the actual stand is and answer you as soon as I have an update.

Hello Hannes
Thanks for the reply, if we have no feedback by mid of next week we need to find a workaround on our side. Would be awesome if you could give an update before that. (Update like: This is not going to change in this month / Will be implemented in the next two weeks / …).

Thanks in advance.

Hello Michael,

unfortunately we can not solve the problem on our side. We suggest to use a proxy or to choose another region.

With best regards
Hannes Michaelis

We’re experiencing the same issue. It only persists with StoryBlok so I think the issue must be at StoryBlok’s end…

We solved it by configuring a custom domain name for the API-Gateway so we do not have to use the execute-api -aws url.

1 Like

I am experiencing the same issue, with the webhook not working on AWS with API Gateway & Lambda. Any way I test the webhook (Postman, curl, online testers, Zapier), it works, except Storyblok. I have not yet added a custom domain as @mumenthalers suggested, but I will soon test that option also.

We also had the same issue. From what I can say is that for us the custom domain has solved the issue.