Learn how to handle the verification request in ChatBot and secure your data.
What is a verification request?
A verification request provides security for your bot and data by providing a secret token upon configuration. When you try to add a new webhook, the verification request is sent to your backend. You should answer this request by returning the required parameters and confirming that the request comes from a trusted source and it’s configured properly.
How does verification work in ChatBot?
A verification request is sent by ChatBot, which uses the GET request when you add a new webhook. It contains two parameters:
-
challenge — a unique string of characters associated with your request.
-
token — a verification token which you can set when you create a new webhook in ChatBot.
How to handle the verification request
To pass the verification process successfully, you should return the value of the challenge parameter and verify the token entered in ChatBot with the one set in your backend.
While configuring a new webhook, ChatBot sends a verification request to ensure that your webhook is up and running.
Example code to handle verification request
app.get('/', (req, res) => {
// check if verification token is correct
if (req.query.token !== 'your-token-here') {
res.writeHead(401);
return res.end();
}
// return challenge to ChatBot
return res.end(req.query.challenge);
});Once the verification request is handled, you’ll be able to add your webhook to ChatBot. If you want to learn more about setting up your first webhook, check out this article.
Troubleshooting
During the configuration process, you may encounter some problems with adding the webhook to your ChatBot account. The most popular ones, along with their possible origins, are listed in this article.
