top of page

Experienced Technology Product Manager adept at steering success throughout the entire product lifecycle, from conceptualization to market delivery. Proficient in market analysis, strategic planning, and effective team leadership, utilizing data-driven approaches for ongoing enhancements.

  • Twitter
  • LinkedIn
White Background

Adding a new webhook for git results in failure

Updated: Mar 9, 2023

Recently , worked on a case where user had challenges in creating a webhook for git

We were hitting an exception stating

400 Bad Request from POST http://identity-service-prelide-sb.cluster.local:8000/csp/gateway/am/api/auth/api-tokens/authorize

When we fill all the information needed to save / create the webhook , we hit above exception. So what's happening in the background . We will find all the information w.r.t this error in codestream logs

When an API call is made to authorize 

2022-05-24T02:13:15.501Z DEBUG codestream [host='codestream-app-74cd595686-6vxfc' thread='parallel-9' user='' org='' trace='' parent='' span=''] o.s.w.r.f.client.ExchangeFunctions.traceDebug:119 - [4baaf594] HTTP POST http://identity-service.prelude.svc.cluster.local:8000/csp/gateway/am/api/auth/api-tokens/authorize

This returns a 400 response stating invalid refresh token 

2022-05-24T02:13:15.895Z INFO identity-service [host='identity-service-app-7857cb8674-4v5nq' thread='pool-3-thread-1' user='' org='' trace='']$logRequest$1:74 - POST 
2022-05-24T02:13:15.916Z ERROR identity-service [host='identity-service-app-7857cb8674-4v5nq' thread='reactor-http-epoll-3' user='' org='' trace=''] c.v.i.c.RestResponseEntityExceptionHandler.logBriefError:213 - Handling bad request exception: java.lang.IllegalArgumentException: REST error received: { 
          "error": "invalid_grant", 
          "error_description": "Invalid refresh token: Njg3MDIxNjg2MjI0OmsuDq93TLejOHGxNc0uR5eMuskn" 
        }, status code: 400 BAD_REQUEST 
           thrown at com.vmware.identity.common.util.WebClientUtil.handleException:36 
2022-05-24T02:13:15.916Z INFO identity-service [host='identity-service-app-7857cb8674-4v5nq' thread='reactor-http-epoll-1' user='' org='' trace=''] - - - [24/May/2022:02:13:15 +0000] "POST /csp/gateway/am/api/auth/api-tokens/authorize HTTP/1.1" 400 303 8080 414 ms

After exception in identity-service, codestream throws the same exception 

2022-05-24T02:13:15.916Z DEBUG codestream [host='codestream-app-74cd595686-6vxfc' thread='reactor-http-epoll-12' user='' org='' trace='' parent='' span=''] o.s.w.r.f.client.ExchangeFunctions.traceDebug:119 - [4baaf594] [166c65f5-1] Response 400 BAD_REQUEST 
2022-05-24T02:13:15.918Z INFO codestream [host='codestream-app-74cd595686-6vxfc' thread='reactor-http-epoll-10' user='' org='' trace='' parent='' span='] - - - [24/May/2022:02:13:15 +0000] "POST /codestream/api/git-webhooks HTTP/1.1" 400 330 8000 438 ms


The reason for exception is that there is a section called API Token in WebHooks. This API token is the refresh token generated from vRA

This token has to be valid

Once this was changed and a valid token was provided , we were able to save the webhook or create it.

One more method to verify if the token is expired is through the API response

The Expires HTTP header contains the date/time after which the response is considered expired. Invalid expiration dates with value 0 represent a date in the past and mean that the resource is already expired


126 views0 comments


Rated 0 out of 5 stars.
No ratings yet

Add a rating
bottom of page