This is my first time posting the question so please feel to provide feedback to improve the question.

Facebook webhook mentions that the endpoint should be first verified before the webhook endpoint can receive any event notifications.

The docs for Verification Request does not provide a response structure for the API. It simply tells us to send back the hub.challenge parameter.

As I am using NodeJS, I am trying with the code below. However, it does not verify the webhook from facebook dashboard.

How should we send back the response to the verify the webhook?

 app.get('/webhook', (req, res) => {
  const challenge = req.query['hub.challenge'];
  const verify_token = req.query['hub.verify_token'];
  
  if (verify_token === process.env.FACEBOOK_VERIFICATION_TOKEN) {
    return res.status(200).send({message: "Success", challenge: challenge});
  }
  return res.status(400).send({message: "Bad request!"});
})

The verification endpoint of Facebook requires the response Content-Type to be text/html. This is not mentioned on the docs;they should have provided a structure. You can set the header to use text/html explicitly.

However, when you are using express, you can directly return just the challenge value.

app.get('/webhook', (req, res) => {
  const challenge = req.query['hub.challenge'];
  const verify_token = req.query['hub.verify_token'];
  
  if (verify_token === process.env.FACEBOOK_VERIFICATION_TOKEN) {
    return res.status(200).send(challenge);  // Just the challenge
  }
  return res.status(400).send({message: "Bad request!"});
})

If you are using fastify set:

      res.header('Content-Type', 'text/html; charset=utf-8');
      return res.send('' + challenge);