url_verification event

Verifies ownership of an Events API Request URL

Compatibility: Events API


This Events API-only event type has no "inner event". Instead, the complete payload you'll receive is similar to this JSON:

{
    "token": "Jhj5dZrVaK7ZwHHjRyZWjbDl",
    "challenge": "3eZbrw1aBm2rZgRNFdxV2595E9CY3gmdALWMmHkvFXO7tYXAYM8P",
    "type": "url_verification"
}

This event does not require a specific OAuth scope or subscription. You'll automatically receive it whenever configuring an Events API Request URL.

Once you receive the event, verify the request's authenticity and then respond in plaintext with the challenge attribute value. In this example, that might be:

HTTP 200 OK
Content-type: text/plain
3eZbrw1aBm2rZgRNFdxV2595E9CY3gmdALWMmHkvFXO7tYXAYM8P

If you prefer, you can respond with application/x-www-form-urlencoded:

HTTP 200 OK
Content-type: application/x-www-form-urlencoded
challenge=3eZbrw1aBm2rZgRNFdxV2595E9CY3gmdALWMmHkvFXO7tYXAYM8P

Or even JSON:

HTTP 200 OK
Content-type: application/json
{"challenge":"3eZbrw1aBm2rZgRNFdxV2595E9CY3gmdALWMmHkvFXO7tYXAYM8P"}

The important thing is to quickly validate the request's origin and respond with the challenge.

Learn more about URL verification.

Events API compatibility

Your application will automatically receive this event when first configuring your Events API request URL.

Unavailable in the RTM API

This event type is compatible only with the Events API.