Workflow automation webhook fails to trigger on cloud-hosted environment with 502 Bad Gateway

tom_956 · April 22, 2025, 10:47am

Our workflow automation webhooks stopped working after migrating to a cloud-hosted HubSpot environment. The workflows trigger correctly, but the webhook actions consistently fail with 502 Bad Gateway errors. These same webhooks worked fine in our previous on-premise setup.

Error from workflow logs:


Webhook POST failed: 502 Bad Gateway
Target: https://api.partner-system.com/webhooks/contact-update
Response: upstream connect error or disconnect/reset

The webhook endpoint is definitely accessible - I can call it successfully using Postman from my local machine. But when HubSpot’s cloud environment tries to reach it, we get 502 errors every time. I’m wondering if this is related to IP whitelisting requirements or some kind of reverse proxy timeout in the cloud setup. Has anyone successfully configured webhooks to external systems from HubSpot’s cloud environment?

rebeccaace · April 23, 2025, 6:45pm

HubSpot publishes their cloud outbound IP ranges in the developer documentation under Network Configuration. For hs-2022, the ranges are typically in the 52.x.x.x and 54.x.x.x blocks for US-hosted environments. But you should verify with your specific region since EU and APAC have different ranges.

mohitanalyst · April 22, 2025, 1:21pm

This is almost certainly an IP whitelisting issue. Cloud-hosted HubSpot uses different outbound IP ranges than on-premise installations. Your partner system’s firewall is probably blocking the webhook requests. You need to get the cloud IP ranges from HubSpot support and whitelist them on your partner system.

roberttech · April 22, 2025, 4:58pm

Carlos is right about IP whitelisting, but there’s another common issue with cloud webhooks. Check if your partner system’s webhook endpoint has a very short timeout configured. Cloud-hosted HubSpot routes through additional network layers which adds latency. If your endpoint times out in under 5 seconds, it might be cutting off the connection before the request completes, causing the 502 error.

nikhil_func · April 23, 2025, 2:32pm

I checked with our network team and we do have IP restrictions on the webhook endpoint. They’re sending me the current whitelist. Where can I find the IP ranges that HubSpot’s cloud environment uses for outbound webhooks?

nisha_dev · April 24, 2025, 8:19am

Before implementing the full solution, test the IP hypothesis by temporarily opening your webhook endpoint to all IPs for 5 minutes and triggering a test workflow. If it succeeds, you’ve confirmed it’s IP whitelisting.

shruti_admin · April 24, 2025, 11:37am

The 502 Bad Gateway error for cloud-hosted webhook automation is typically caused by network accessibility issues. Here’s how to resolve all three focus areas:

Webhook Endpoint Accessibility: First, verify your endpoint is reachable from HubSpot’s cloud infrastructure. The 502 error indicates the gateway cannot connect to your upstream server. Check that your partner system’s webhook endpoint:

Accepts HTTPS connections (HTTP-only endpoints often fail in cloud environments)
Has a valid SSL certificate (self-signed certificates will be rejected)
Returns a response within 30 seconds

Test connectivity from an external service like webhook.site to simulate cloud-to-cloud communication:


// Test webhook endpoint availability
curl -X POST https://api.partner-system.com/webhooks/contact-update \
  -H "Content-Type: application/json" \
  -d '{"test": "connectivity"}'

IP Whitelisting Configuration: This is the most common cause of 502 errors after cloud migration. HubSpot’s cloud environment uses specific outbound IP ranges that differ from on-premise installations. Contact HubSpot support to get the exact IP ranges for your region, then whitelist them in your partner system’s firewall.

For hs-2022 US-hosted environments, the typical ranges are:


52.72.0.0/16
54.88.0.0/16
34.224.0.0/16

Update your firewall rules to allow these ranges. In your partner system’s network configuration:


// Pseudocode - Firewall rule update:
1. Access firewall management console
2. Navigate to inbound rules for webhook endpoint
3. Add rule: Allow TCP port 443 from HubSpot IP ranges
4. Apply and test immediately
// Verify in firewall logs that connections are now accepted

Reverse Proxy Timeout Settings: If your partner system uses a reverse proxy (nginx, Apache, AWS ALB), ensure timeout settings accommodate the additional network latency from cloud-to-cloud communication. Update your proxy configuration:

For nginx:


upstream partner_webhook {
    server backend:8080;
    keepalive_timeout 65;
}
location /webhooks/ {
    proxy_connect_timeout 10s;
    proxy_send_timeout 30s;
    proxy_read_timeout 30s;
}

After implementing these changes, test the webhook from HubSpot’s workflow automation. Create a simple test workflow that triggers the webhook with minimal data. Monitor both HubSpot’s workflow logs and your partner system’s access logs to confirm successful delivery. The 502 errors should resolve once IP whitelisting and proxy timeouts are properly configured.

andrew_dev · April 23, 2025, 9:14am

I’d also verify that your partner system’s reverse proxy is properly configured to handle connections from HubSpot’s cloud infrastructure. We had a similar issue where our nginx reverse proxy was rejecting requests because the User-Agent header from HubSpot’s cloud webhook service wasn’t in our allowed list. Check your proxy logs for rejected connections. The 502 error could be the proxy refusing the connection rather than a timeout.

Topic		Replies	Views
Custom object sync fails in contact management after cloud migration due to webhook delivery errors HubSpot question , data-sync , contact-mgmt , hs-2023 , json , custom-objects , cloud-deploy-hosting , webhook-integration , firewall-config	2	1	May 20, 2025
HubSpot API webhook fails to trigger integration hub workflow after contact update in hs-2021 HubSpot question , api-development , rest-api , integration-hub , hs-2021 , workflow-automation , webhook , real-time-sync , hubspot-api	3	0	March 16, 2025
Opportunity pipeline sync fails after cloud deployment due to API timeouts HubSpot question , api-integration , rest-api , timeout-errors , opportunity-mgmt , hs-2022 , cloud-deploy-hosting , pipeline-sync , network-config	6	1	April 25, 2025
Opportunity webhook delivery fails after cloud migration due to firewall rules Zendesk Sell question , integration , rest-api , opportunity-mgmt , firewall , zs-2022 , network-security , webhooks , cloud-deploy-hosting	3	0	April 23, 2025
Loyalty program workflows not triggering after cloud deployment-delayed or missing automation events HubSpot question , hs-2021 , workflow-automation , loyalty-programs , cloud-deploy-hosting , trigger-timing , server-time-sync , workflow-logs , automation-reliability	4	0	June 11, 2025
Webhook events from integration hub not triggering when external inventory updates occur AgilePoint question , rest-api , data-integration , integration-hub , json , event-handling , webhook , stock-discrepancies , agilepoint-nx	7	0	September 19, 2025
Partner portal API integration options for custom CRM in hs-2021 HubSpot discussion , api-development , rest-api , data-sync , integration-strategy , hs-2021 , webhooks , partner-port , polling	3	0	May 23, 2025
Work order status update webhooks failing to deliver in ft-12.0 cloud deployment Rockwell FactoryTalk MES question , cloud-deploy , rest-api , work-order-mgmt , json , integration-failure , ft-12-0 , webhookservice , 502-gateway-error	6	0	October 13, 2025
Contract API webhook not firing on renewal event for automated workflows HubSpot question , api-development , automation , workflows , contract-mgmt , hs-2022 , hubspot-webhooks , webhook-failure , renewals	5	0	April 24, 2025

Workflow automation webhook fails to trigger on cloud-hosted environment with 502 Bad Gateway

Related topics