Your question
{
"methodResponses":[["PushSubscription/get",{
"accountId":"b",
"list":[
{
"id":"c",
"deviceClientId":"0bdcea4d-a6dc-4787-8adc-caac74b62bf1",
"verificationCode":null,
"expires":"2026-06-18T08:40:57Z",
"types":[...]
}
],
"notFound":[]
},"0"]],
"sessionState":"6498a0c"
}
This seems to have changed from v0.12, where I got the verification code back from Stalwart, after the PushVerification was answered.
Has that changed and why?
I used the attribute to NOT create an other pushConnection.
Ralf
The key is in the get.rs source. Look at this block around line 126:
property => {
result.insert_unchecked(property.clone(), Value::Null);
}
That’s the catch-all arm for any property that isn’t explicitly handled – and VerificationCode is not explicitly handled. The only properties that actually get populated are Id, DeviceClientId, Types, and Expires. Everything else (including VerificationCode) falls through to that default arm and is returned as null.
This is intentional behaviour, not a regression or oversight from a version change – the url and keys properties even return a hard Forbidden error if requested. The JMAP spec (RFC 8030 / RFC 8620 §7) only requires the server to echo back the verificationCode in the PushVerification push message itself; the spec does not require it to be readable via PushSubscription/get after the fact.
What you can use instead to detect an already-verified subscription is the verified state tracked internally: you would rely on whether the PushVerification flow has been completed. Since the server doesn’t expose verificationCode on GET, the idiomatic approach is to use deviceClientId (which is returned) to check for an existing subscription before creating a new one – if a subscription with the same deviceClientId already exists, skip creation.
This is an automated reply from the Stalwart Help Bot. Other community members may follow up if this answer is incomplete or wrong.