Event sub - aws verification issue

Hey there,

I’m following this example to get a basic understanding of how Twitch API comes into play.

It is a nice guide that shows how server less elements come into play. But when implemented I’m running into an issue. So called: webhook_callback_verification_failed

This is the status response:

  "statusCode": 200,
  "body": {
    "total": 1,
    "data": [
        "id": "97d116f0-eef2-478a-9961-5928757adc4e",
        "status": "webhook_callback_verification_failed",
        "type": "channel.follow",
        "version": "1",
        "condition": {
          "broadcaster_user_id": "716733313"
        "created_at": "2021-08-25T10:48:36.180106071Z",
        "transport": {
          "method": "webhook",
          "callback": "https://isctval6s1.execute-api.eu-central-1.amazonaws.com/Dev/notifications"
        "cost": 0
    "max_total_cost": 10000,
    "total_cost": 0,
    "pagination": {}

The code is all the same as the tutorial. when triggering the callback directly, it results in the following:

    "errorType": "TypeError",
    "errorMessage": "Cannot read property 'Twitch-Eventsub-Message-Id' of undefined",
    "trace": [
        "TypeError: Cannot read property 'Twitch-Eventsub-Message-Id' of undefined",
        "    at verifySignature (/var/task/index.js:25:34)",
        "    at Runtime.exports.handler (/var/task/index.js:33:8)",
        "    at Runtime.handleOnce (/var/runtime/Runtime.js:66:25)"

I’m not sure what goes wrong exactly or if there are pieces missing.
Any help to clarify would be amazing.


That would indicate that for some reason event.headers is undefined. First thing I would suggest checking is in your AWS API Gateway, go to the POST endpoint that you created, and in the “Integration Request” section ensure that Usee Lambda Proxy integration is enabled.

Thanks for the quick response!

As you suggested Lambda proxy integration was not enabled. Doing so results in a (longer) status of webhook_callback_verification_pending and then still going to webhook_callback_verification_failed

Did you deploy the API Gateway after making the changes to enable proxy integration? Also, if you go to Cloudwatch and look at the log group for the Lambda function it should tell you what error is happening.

Yeah I did the deployment. Going in Cloudwatch I see the following:

“errorType”: “TypeError”,
“errorMessage”: “The “data” argument must be of type string or an instance of Buffer, TypedArray, or DataView. Received type number (NaN)”,
“stack”: [
“TypeError [ERR_INVALID_ARG_TYPE]: The “data” argument must be of type string or an instance of Buffer, TypedArray, or DataView. Received type number (NaN)”,
" at Hmac.update (internal/crypto/hash.js:82:11)",
" at verifySignature (/var/task/index.js:26:91)",
" at Runtime.exports.handler (/var/task/index.js:33:8)",
" at Runtime.handleOnce (/var/runtime/Runtime.js:66:25)"

For some reason the message that is being used to check the signature is NaN, so the next step to debug would be to check the headers and body you’re receiving with console.log(event.headers, event.body); which can be placed as the first thing in the verifySignature function. That way in Cloudwatch you should also see the headers being sent.

Alright, thanks for the time. Live debug learning here.

This is the info:

  'Accept-Encoding': 'gzip',
  'Content-Type': 'application/json',
  Host: 'isctval6s1.execute-api.eu-central-1.amazonaws.com',
  'Twitch-Eventsub-Message-Id': '4eb45489-93c7-483a-9738-b8afa7451073',
  'Twitch-Eventsub-Message-Retry': '3',
  'Twitch-Eventsub-Message-Signature': 'sha256=ba79c57c6fe9c63bf71db252d10263c0bc9b781d7bbd87c1ef90e60551160621',
  'Twitch-Eventsub-Message-Timestamp': '2021-08-25T13:37:04.621313954Z',
  'Twitch-Eventsub-Message-Type': 'webhook_callback_verification',
  'Twitch-Eventsub-Subscription-Is-Batching-Enabled': 'false',
  'Twitch-Eventsub-Subscription-Type': 'channel.follow',
  'Twitch-Eventsub-Subscription-Version': '1',
  'User-Agent': 'Go-http-client/1.1',
  'X-Amzn-Trace-Id': 'Root=1-612647ca-7b45789b793bddef2d12d4e7',
  'X-Forwarded-For': '',
  'X-Forwarded-Port': '443',
  'X-Forwarded-Proto': 'https'
    "subscription": {
        "id": "6e6826a3-5070-40e0-8188-a4e159076086",
        "status": "webhook_callback_verification_pending",
        "type": "channel.follow",
        "version": "1",
        "condition": {
            "broadcaster_user_id": "32168215"
        "transport": {
            "method": "webhook",
            "callback": "https://isctval6s1.execute-api.eu-central-1.amazonaws.com/Dev/notifications"
        "created_at": "2021-08-25T13:37:04.616793612Z",
        "cost": 1
    "challenge": "xf4gMJw-IyZQAr2oa_4_S-PKDlDdSjHPqnbajAAnwFs"

Looking at that I don’t see any obvious reasons why it would be erroring for you. The data being passed to the crypto function (which your error message indicates it’s being passed NaN) is just event.headers['Twitch-Eventsub-Message-Id'] + event.headers['Twitch-Eventsub-Message-Timestamp'] + event.body, so I’m not sure how that’s becoming NaN for you, as all the headers/body seems to be correct.

Fair enough, I’m not yet sure what I am looking at. What do you suggest my options are here.
Would there be any other actions for me to take from here.

If not I might just remove everything in AWS an start a clean run through. This would go considerably faster now that I have knowledge of the server less architecture.

Well as you’ve got the code successfully set up to subscribe to topics, and API Gateway to route Twitch’s notifications to your Lambda function, you could try to write your own notification handler.

The EventSub docs include how to handle notifications and process them EventSub | Twitch Developers, and while I’m not sure why the tutorial function isn’t working for you it should give you and idea of how you can handle notifications yourself as it is intended as just a starting point to show how the various services work together.

You’ve already seen how you can console.log the headers and body so you can use that information to try write a verification function yourself, or even just for testing skip that function entirely just to test responding with the challenge and successfully having a subscription enabled (although in production, please properly verify messages to ensure they are from Twitch.

This topic was automatically closed 30 days after the last reply. New replies are no longer allowed.