GET /webhooks/ endpoint requires MANAGE_WEBHOOKS Permission to fetch an app/bot's own Webhook(s) in a Guild

[TwilightZebby]

Description

The GET /webhooks/ Endpoints are not documented as requiring any Server Permission, yet trying to fetch a Webhook owned by the App/Bot calling the endpoint, while said Bot doesn't have the MANAGE_WEBHOOKS in the Channel/Server the Webhook is in, results in a "Missing Permissions" error.

This might also affect App-owned Webhooks created via OAuth, in addition to created via the standard Bot API.

Steps to Reproduce

• If your Bot/App doesn't already have one, have it create a new App-owned Webhook in a Server Text Channel
• After creating a Webhook, or ensuring your App has one owned by itself, revoke the MANAGE_WEBHOOKS Permission from the App's Bot User
• Have your App call the GET /webhooks/ endpoint to fetch that same Webhook
• Observe the result
• For comparison, have your App call the same GET /webhooks/ endpoint after being re-granted the MANAGE_WEBHOOKS Server Permission

In my case, I was using DJS's <Client>.fetchWebhook(webhookId) method (so without specifying a Webhook Token), which calls the GET /webhooks/{webhookId} endpoint, and so not using the GET /webhooks/{webhookId}/{webhookToken}/ endpoint.

Expected Behavior

The App/Bot would be able to fetch it's own Webhooks that it has made itself without needing the MANAGE_WEBHOOKS Permission.

Current Behavior

Attempting to call the GET /webhooks/ endpoint, without the App/Bot having the MANAGE_WEBHOOKS Permission in the relevant Server/Channel, results in a "Missing Permissions" error being returned.

Screenshots/Videos

No response

Client and System Information

• Discord.JS v14.14.1
• NodeJS 20.9.0
• Tried on both with the Bot being hosted on a local Windows 10 device, and a Ubuntu/Linux VPS.