GDPR webhooks are not getting triggered by Shopify.

Highlighted
Shopify Partner
28 1 5

Hi, I have been having an issue with this for some time now. I had my webhooks configured properly at one point but ran into an issue of no longer receiving them after creating a new app on the same App URL of an old one that I had removed. This was so I can have the proper app slug and App bridge URL extension names for my app.

I have validated these routes with postman sending a hmac request to my app and they are working as expected but not getting anything from Shopify on any of the GDPR requests. 

Not sure what more I can do to debug this issue, any help is appreciated!

Best,

Dom

0 Likes
Highlighted
Shopify Staff
Shopify Staff
587 72 130

Hey @dom-linq,

Have you confirmed the webhook subscriptions still exist on these shops? If the webhook subscriptions were deleted because we didn't receive a response from your server while you were doing the changeover, they'll need to be re-registered on those shops. If you have any examples of webhook_subscription_ids or shops where a registered webhook isn't firing as expected, please send those along and we can investigate further.

JB | Developer Support @ Shopify
 - Was my reply helpful? Click Like to let me know! 
 - Was your question answered? Click Accept as Solution 

0 Likes
Highlighted
Shopify Partner
28 1 5

Thank you for the response! Just to confirm that this is only with GDPR webhooks, other webhooks registered in app work as expected and I don't believe I have access to check if these are registered or not correct? Also this is even for new shops that I create where the webhooks are not registering for GDPR.

I will send over some example shopIds to you in a direct message. 

0 Likes
Highlighted
Shopify Staff
Shopify Staff
587 72 130

Hey @dom-linq,

I misread your question originally and didn't realize we're talking about GDPR hooks, my apologies there. I just want to confirm you're aware of the expected delays with these 2 endpoints:

customers/redact If the customer hasn't placed an order in the past six months, then Shopify sends the payload 10 days after their request. Otherwise, the the request will be withheld until 6 months have passed.

shop/redact: 48 hours after a store owner uninstalls your app, Shopify sends you a shop/redact webhook

The customer/data_request webhook will fire right away (if your app has access to customers or orders).

Please confirm you've taken these delays into account, and I will proceed with testing.

 

JB | Developer Support @ Shopify
 - Was my reply helpful? Click Like to let me know! 
 - Was your question answered? Click Accept as Solution 

0 Likes
Highlighted
Shopify Partner
28 1 5

Yes I am aware of these delays. My app only requires the shop/redact hook to be called but have routes for data/request and customers/redact as well. I have tested for all of them except the customers/redact with no success.

Thank you for looking into this further.

0 Likes
Highlighted
Shopify Partner
28 1 5

Thanks to the help of @_JB  I was able to get this resolved. My server uses Nginx and I was having an issue with the TLS version that was being used. Webhooks sent for GDPR from Shopify use TLSv1.2 to send their requests. Therefore you need to ensure you support this and in my case I only had TLSv1.3.

To find if you have a similar problem run the following to your webhook endpoint and if you see this result it is most likely related to the TLS configuration -

~ curl https://${YOUR_APP_URL}/webhooks/shop/redact --verbose --data {}
*   Trying ********...
* TCP_NODELAY set
* Connected to ${YOUR_APP_URL} (********) port 443 (#0)
* ALPN, offering h2
* ALPN, offering http/1.1
* successfully set certificate verify locations:
*   CAfile: /etc/ssl/cert.pem
  CApath: none
* TLSv1.2 (OUT), TLS handshake, Client hello (1):
* TLSv1.2 (IN), TLS alert, protocol version (582):
* error:1400442E:SSL routines:CONNECT_CR_SRVR_HELLO:tlsv1 alert protocol version
* Closing connection 0
curl: (35) error:1400442E:SSL routines:CONNECT_CR_SRVR_HELLO:tlsv1 alert protocol version

In my nginx server config I set this with the following -

server {
ssl_protocols TLSv1.2 TLSv1.3;
}

Then reload Nginx and you should see this resolved.

0 Likes