Verification request provides the security for your bot and data.
When you create a new webhook, you receive the verification request. You should answer to this request by returning required parameters to confirm that request comes from a trusted source and it’s configured properly.
Overview
Verification request is sent by ChatBot, which uses the GET request while adding a new webhook and contains two parameters:
-
challenge- it’s a random string -
token- verification token set in the application while setting up the webhook
How to handle vertification request?
You should return the value of the parameter challenge and verify the token entered in ChatBot.
While configuring new webhook, ChatBot sends verification request to ensure that your webhook is authentic and working.
Example code to handle verification request
app.get('/', (req, res) => {
// check if verification token is correct
if (req.query.token !== 'your-token-here') {
res.writeHead(401);
return res.end();
}
// return challenge
return res.end(req.query.challenge);
});
