Hi, @Warren1. I’ve discussed this with our engineering team and they saw there’s an open issue about this for the http-signature library used to verify the request.
The root cause is that the express Router is changing the requestUrl and http-signature uses that value instead of the located in originalUrl.
It seems it won’t be corrected based on the lack of activity there, so, they suggested applying the workaround provided there adapted to your case, eg.
router.post('/smartthings', (req, res, next) => {
req.url = req.originalUrl
smartApp.handleHttpCallback(req, res);
})
Let me know your results. 