The bug touches “Monday workflows” feature, specifically - custom triggers.
I’ve setup triggers logic with /subscribe and /unsubscribe endpoints.
Now i want to trigger the endpoint (webhook_url) and trigger my block on monday.
Here is a link to docs:
What they say to do:
Make a POST request and create a JWT with appId in payload, sign it with signing secret and put JWT in Authorization header.
I think this is a correct way of it working, however this is not working and returns status 401 Unauthorized.
The only way I made it work is passing in Authorization header raw signing secret which made my trigger block finally execute.
Please fix this annoying issue (which is also security issue, noone wants to pass signing secret in raw format) and make your API follow the documentation provided.