Ask a question
If you're getting frustrated with backend workflows in Bubble, then this video is for you. Here are my four things to check and debug when using backend workflows.
Don't forget to remove Initialise
Number one is that when you're setting up a backend workflow with a third-party service, whether that's like Stripe or Lemon Squeezy or any other service that you're intending to send data into your Bubble app from, then an easy mistake to make is that you've copied the URL here, you've provided that to the third-party service, you've tested it, you've got the data through, you've trained the fields in Bubble, but you've then not removed initialise from the end. When this is running in basically production, or when you actually want it to run on its own, you need to remove initialize. Initialize is only for this detecting request data mode. So you have to go back into the third-party service and remove it.
Different Bubble versions have different endpoints
The other part to point out here is that backend workflow endpoints, API endpoints, are version specific. So this is my dev version, and you'd need to provide a similar URL, but remove the version test. Maybe perhaps you need to replace it with version live. If anyone's sure on that, leave it in the comments below. But anyway, point is, if you've got two versions of your Bubble app, you've got your dev version, you've got your live version, then you're going to need to provide two webhooks to the third-party service. And when working with the third-party service, look out to see whether they've got different places for webhooks for the test or the live version. Stripe, for example, does, but some sort of like email service, SMS service is unlikely to split the webhooks into those two different categories. So look out for that. That's my point number one.
Make your API Workflow public
Point number two is make sure that your API Expose your public API workflow. If it's not public, it can't be seen. Now, if you're using this to trigger, you're triggering it, or you're scheduling it from within Bubble, then you don't need to make it public. But if you need data coming in from a third-party service, then it needs to be public. This workflow can be run without authentication. So I'm going to put a bit of a caveat above all the next things I'm going to say is that you need to make your own decisions about the appropriate security for your app. I cannot understate or overstate rather the importance of understanding Bubble privacy and security. It is your responsibility to keep safe the data in your app. But on many occasions a third-party service won't have a way to authenticate with Bubble, so you get an error unless you tick this box saying that it can be run without authentication.
Ignore privacy rules from running the workflow
Again, it's your responsibility, you need to be careful under which conditions you activate this, but I'll explain why on some occasions it needs to be checked. And that's because if you are taking like a webhook in from Stripe and you want to apply all the details or payment details to a user and link it to a user in your database, then Bubble doesn't know which user Stripe is acting on behalf of. If you trigger a API workflow from within Bubble, and it's run by a logged in user, then it is attached to that user. You can use the current user argument. But if it hasn't come from Bubble, if it's come straight in from a third-party service, then there is no current user. And that means that if you've got privacy rules in place to mean that only a current user can view that current user's data, then if you were to do a search, the the Stripe webhook contains an email address or a customer ID and you were to do a search for that email address, you wouldn't return anything because that's the same as like a logged out user doing a search of your users. It's not going to return anything because you've protected it with your privacy rules. Okay, going a little bit around in circles here, hopefully I'm making sense. You've got any comments, any questions, leave them down below. But you need to have that box unticked if you intend to search through your users and do actions on behalf of your users or at least find a way to do actions on behalf of your users based on the trigger of incoming data from a back-end workflow.
So those were my last three. If you have any other questions about using back-end workflows please leave a comment. Also it's great if you can hit like and subscribe that really helps us out on YouTube and if you're learning Bubble and you are just consuming all of our Bubble tutorial videos on YouTube, then we've got so many more available on our website and many are exclusive and they're amazing and you can only find them on our website planetnocode.com