Patreon is sending out development data to prod webhooks

Hey there!

I’ve received over 60 members:update webhooks in the past hour (they are still flooding in), seemingly for all my current (and past patreons)

The data which is being posted is obviously not meant to end up anywhere near production;

  • User emails are being set to dev-user+(patreon id)
  • Extra links are referenced as*
  • Current entitled tiers seem to be incorrect for some

and this is quite a problem for me because it ended up breaking the production data for my own integration (incorrectly revoking tiers/perks on my end, breaking data, and more)

I just wanted to check in that you guys are aware of this, and was wondering if there would be a second wave of requests to hopefully correct the data which was/is being sent out right now.
I’m sorry if this is considered spam, because I’ve also submitted a ticket through the support site, but I do hope that it’s understandable due to the importance of the situation.

I’d love to hear when this is fixed (so I can safely start accepting webhooks again), what will be done about it (if anything) and what was going on (out of interest)

Edit; some extra info

  • I have two separate apps linked with this same webhook event (one legacy, one active) and both received these webhooks. So it isn’t specific to one app/domain. Both services run on entirely different infra.
  • The inspected json is a direct dump from the received post body, nothing else touched it for both services

Thanks in advance.

All the best,

1 Like

Can you dm me the link of your site, your campaign id and page and also your client ids? Also the full dev-user+(patreon id) with patreon_id included. (do avoid posting them here)

I’ll write you a dm right away

Bumping this, I’ve just been hit by a second wave of this…

edit: I’ve received well over 600 events now, my entire production database is flooded or received broken data. C’mon guys, how does this go unchecked?..

Ill let you know soon.

1 Like

This has been addressed. You shouldnt receive such webhooks anymore.

Thanks a ton!

Just wondering, would it be possible to get an intentional “wave” this time to correct the data that has been sent out? Many of my patreons lost their perks on my site, and their email address’ have been messed with meaning that I can’t backlink to patreons through the audience tab anymore.

1 Like

Just wanted to second this. This messed up my site’s webhook history, and reset my Patron’s pledges as they appear on my site. I don’t think promising that this won’t happen again is sufficient, and I would prefer that this is overwritten/corrected by a new wave of correct data.

Also note that using real customer data in a staging or testing environment reflects extremely poorly on Patreon.

1 Like

Technically you shouldnt need to take action regarding this since this will be corrected from Patreon’s side. Are there any patrons who have lost access despite having been legitimate patrons?

I would prefer that this is overwritten/corrected by a new wave of correct data.

This should have already been the case. Or your integration did not receive correction data?

Also note that using real customer data in a staging or testing environment reflects extremely poorly on Patreon.

This affected an extremely small number of integrations. Sorry that yours was in that group though.

Can confirm that this isn’t the case. No data was correct for anyone, except new members (who signed up yesterday) or a small handful whose payment cycle was due and therefore updated.

Thanks for the info. This will be investigated. I’ll update this thread later with the info.

Update: This seems to have affected a few dozen creators for some time. A fix was issued immediately afterwards, which should have corrected the data in the remote integrations. (though integrations/apps that regularly sync their campaigns shouldnt have been affected in any case).

This thread will be left for some time so that those involved can read the updates, but it will be taken offline eventually so that it wont throw off future support requests by causing people to think that whatever issue that they have may have been something related to this and cause us to start investigating on the wrong foot.