Custom Trigger tutorial wrong?

I was following all the steps in the “Build Custom Triggers” tutorial: https://monday.com/developers/apps/custom-trigger.

I followed all the steps in that tutorial, but in the “Call an action” part, it says to do a POST request to the subscriptionURL that is returned from the subscription for example in my case it would be:

https://api-gw.monday.com/automations/apps-events/-a_number]

However, I am getting a 401 unauthorized on that endpoint. The tutorial does not say to add an authorization header.

If I add an authorization token to the header, the same error shows.

How does that subscription endpoint should be called?

Page 1 / 1

Hey @xap5xap.

AFAIK endpoints should be on your own server where you perform the OAuth process, not on monday.com one.

Or am I missing something?

Hi @rob thanks for replying. The documentation says that you need 2 endpoints: 1 for subscribing and one for unsubscribing.

When the user adds your recipe, it will call your subscript endpoint. With some parameters one of them is the subscriptionUrl. (however, in reality it returns a webhookUrl, I think the documentation is incorrect.)

When something happens in your platform, the documentation says that you have to call that webhookUrl. But, it always returns a 401unauthorized. I am sending the auth other, but it is always returning a 401 unauthorized.

Now, that’s what I understand from the documentation, but I am not sure what I am doing wrong, or if the documentation is wrong, since I am a newbie in monday app dev platform

Hey @xap5xap! Can you share the snippet of code that calls the webhook URL? (please remove any auth tokens or signing secrets).

Would love to see how you’re structuring your request so we can troubleshoot.

Hi @dipro, I am just using postman to test.

In postman I do a POST request to the webhookURL.

The documentation doesn’t say to add an authentication token on that call.

The response says 401 unauthorized

Attached is the postman image

Hey! Let me check with the team and I’ll get back to you.

Hey @xap5xap – you need to add your app’s shared secret to the Authorization header.

This is how you get your app’s shared secret:

Can you try it and let me know if that helps?

Hi @dipro, thanks for replying. Could you please explain more? To the Authorization header do you mean as a key value pair? If so, what is the key name to send the client secret?**

Hi @dipro, can you please help me with this? I am trying to create an app for the challenge, but the custom trigger tutorial doesn’t say anything about sending a secret. Can you guys please update the tutorial? 🙏

Hi @xap5xap,

I believe you will need to enter the authorization token in Postman here:

Is this what you’re looking for?

Hi @Helen and @xap5xap,

I believe the type should also be ‘basic auth’ for postman in this case.

Hey everyone, wanted to close the loop on this.

Last week we did indeed find an error in our documentation about custom triggers and fixed it. Specifically, the documentation had the wrong JSON response body and did not include any information about authorization.

Here’s the section we updated, if you’re interested:

Hi @dipro, @xap5xap

As Xavier is stating correctly there is another glitch in the documentation as it says that the subscriptionUrl is passed in the subscribe request, it is actually called webhookUrl.

The other question Xavier is asking (an now also from myself 🙂) is where / how to put the client secret in the authorization header. Is that as a key / value pair?

From the last webinair I understand to put the client secret as API key. Unfortunately it still throws a 401

Hey @basdebruin – good catch; I just updated the docs.

For the header, can you make sure you’re using the Signing Secret (not client secret)?

Hi @dipro

That really helps (using the signing secret in stead of client secret). Works on Postman, next step is to figure out how to do this in code.

A little puzzled whether to include the values of the output fields in the body of the request. Aren’t those values passed from the custom trigger?

You should include the output field values in the body of the request. Your request represents the custom trigger being invoked, and the trigger’s output fields will be passed through the recipe to the action, as input fields.

Does that make sense?

Makes sense, I was just wondering what the purpose of the trigger output fields are. Can I only supply values to the action part (from my backend) that are defined in the output fields of the trigger?

The trigger output fields supply data about the actual trigger. If your trigger was invoked when a lead was created in your CRM, you might include data about the lead (lead name, ID, phone number, favourite color).

You can also supply values to the action based on the recipe context and the recipe sentence (like in the quickstart guide).

Hi @dipro my question is similar to @basdebruin,

I don’t want to define any output fields for my custom trigger…I want to supply values to the action from my backend without defining, how is that possible any suggestion would be helpful.

Thanks

Hi @krishna

I struggled a little bit with the same. I helps me enormously when thinking of a custom trigger like this.

The subscribe / unscubcribe is just used for houskeeping. During the subscribe you get the subscriptionId that you need store it somewhere. This subscriptionId can be used in the unsubscribe request. Mind you in the unsubscribe request the subscriptionId is called “webhook”.

In the subscribe event I create a webhook in the board and in that post request I specify the URL (let’s call this endpoint ACTION) which needs to be called when the webhook triggers. So, this results in a request to my endpoint ACTION when the webhook I inserted fires.

In the ACTION endpoint I do some checks and if needed I post to the subscriptionId I got from the subscribe event. This post needs an authorization header and a body. The body needs to contain the output (!!) fields specified in the custom trigger.

When you configure the action part of your recipes the output fields of the trigger are available in the action builder (trigger output / fieldname).

It gets a little more complicated when your action is a custom action. The URL specified in the builder will be called with the output fields of your trigger available in the post body (inputFields).

Hope this makes it a little more clear, kind of hard to get your head around this.

@basdebruin Thanks very much for this explanation…

One doubt is you said “we need to send output fields specified in the custom trigger.”

Do you mean we should send the fields which we defined while creating a recipe or we need not to define any output fields…all fields which ever we want can be sent to the action from our trigger.

Hi @krishna

The action part of the trigger has a number of fields configured. These fields comes either from the recipe sentence or from the trigger output. The example below gets its field boardIdMaster from the Trigger output field key with the same name.

Remember your code act as the trigger, so when you post to the action (by posting to the subscriptionId in the subscribe event) you need to supply the output fields of the trigger so the action get those as input fields.

If you don’t specify the output fields in the trigger builder, the action builder would not be able to populate the dropdown box indicated by the arrow. It looks kind of redundant but:

you need to specify the field in the output of the trigger, so the action configuration can find it in the dropdown box “Trigger output field key”

you need to put them in the post request to the action (by subscriptionId) so the action gets the value your code supplied to the field

Does that makes sense?

Makes sense @basdebruin Thanks for explaining things clearly 😊

This topic was automatically closed 7 days after the last reply. New replies are no longer allowed.

Sign up

Login to monday.com

Scanning file for viruses.

This file cannot be downloaded