Webhook API cannot bypass security filter

I have created a webhook for adding rows to another table. It works fine when adding new rows, but the rows in the second table are not updated after editing a row.

I have already selected condition for adds and updates, and allowed bypass security filter, but when I check the audit log, it says “IgnoreSecurityFilters”: false,

This happens only for row updates. I don’t think my security filter is the issue though since I have tried updating rows with and without the security filter and it all doesn’t work.

image388×360 22.4 KB

Just for more clarity of the community.
You have mentioned the below statement.

Does it mean you are having just one bot for managing both the adds and updates to the other table?

I have tried with 2 bots, one with “Action”: “Add”, and one with “Action”: “Edit”, and it also doesn’t work. I have also tried all the combinations of the event data change type and action type but I am also only able to add a row. When adding the row, “IgnoreSecurityFilters” returns true.

Also I am not sure if it is relevant, but my key column is a virtual column generated with concatenate from other columns. Does the key column have to be included? I have excluded the key column as when I previously included it I had the opposite problem of not being able to add new rows .

Thank you. Could you elaborate what exactly is your update not configuration? Relevant screenshots, if possible, will help.

The app is for submitting a form for daily sales. When I make an edit to an existing entry, the row is only updated with the new edit in the excel table for the form, and not the second table.

I am using Appsheet API

image342×698 25 KB

image462×458 7.99 KB

Thank you.

How you are identifying the row to be updated in the second table? How does the bot know which row to update?

Hi munchi,

Have you tried adding the ID inside the Rows parameter?
You also need to include the ID column in the edit fields.

image396×223 5.96 KB

This is critical! Do NOT include the computed key column (the virtual column), but DO include ALL of the columns used to compute the key column value.

Yes it’s true that ByPass Security filter doesn’t work with the webhook and it’s an intended behavior. If the security filter is using for example USEREMAIL()=[Email] in that table, you need to set the “RunAsUserEmail” property in your json. See this article Invoke the API - AppSheet Help

I have included all the columns used to compute the key, and tried with and without including “ComputeKey”column, but I keep getting “Webhook HTTP request failed with exception {\“type\”:\“RFC 9110 - HTTP Semantics Found\”,\“status\”:404,\“detail\”:\“REST API invoke request failed: Row having key ‘test : FVH : 3/5/2026 : Closing’ not found.\”,\“traceId\”:\“00-5573f4a033f57c4036a856857002cf00-cf5152645d6c24-00\”} Status code: NotFound”

This may or may not be relevant or cause of the issue. However one thing I would do is having spaces and special characters ( except possibly an underscore) in a key. Programming languages can interpret special characters and spaces as part of commands or syntax.

I would prefer a clean, continuous key , with a simple concatenation, something like

‘testFVH352026Closing’ or even better would be a key created with a UNIQUEID() or similar other such options.

Also you please confirm if you included the necessary keys with the FILTER() or SELECT() statement as @QREW_Apps recommended and I was earlier hinting towards.

Have you tested what happens if you don’t have any security filter for that table? What is the result?

What is the entire template producing the JSON of the request? What is the entire actual JSON of the request producing the error?