All Features of HookCheck
Real-time webhook debugging for developers
HookCheck gives you full visibility into every webhook your services send or receive. From instant log capture to automated retry simulation, every feature is built to eliminate the guesswork out of integration debugging.
Whether you're connecting Stripe checkout sessions to your backend, validating GitHub push events, or debugging Twilio SMS callbacks, HookCheck provides a dedicated endpoint URL, captures the full request envelope, and lets you replay, filter, and inspect every detail — headers, signatures, raw body, and response codes.
Core Capabilities
Everything you need to debug webhooks
Real-Time Event Logs
Every incoming webhook is logged instantly with a timestamp, source IP, HTTP method, and status code. Logs persist for 30 days on the free tier and up to 12 months on Pro. Search and filter by endpoint, header, or payload content within milliseconds.
Header & Signature Inspection
View the complete request header set for every event. HookCheck automatically detects and decodes common signature schemes — Stripe's Stripe-Signature, GitHub's X-Hub-Signature-256, Shopify's X-Shopify-Hmac-Sha256 — and validates them against your configured secret keys.
Payload Filtering & Pretty-Print
Incoming JSON, XML, and form-encoded payloads are automatically parsed and rendered in a collapsible tree view. Apply filters to highlight specific fields — for example, show only events where data.object.amount > 5000 — so you can isolate edge cases without scrolling through hundreds of logs.
Custom Endpoint URLs
Each workspace includes a unique hookcheck.io subdomain. Create unlimited custom paths like /stripe/events or /github/push and assign them to different projects. Share endpoint URLs with teammates or paste them directly into your provider's webhook configuration panel.
Request Replay & Simulation
Replay any captured webhook with a single click. Modify headers, swap the payload, or change the expected response code before resending. This is the fastest way to verify that your backend handles idempotency keys, malformed JSON, or missing fields correctly.
Automated Response Testing
Configure HookCheck to return custom HTTP responses — 200, 201, 400, 500, or any status — with optional body content and headers. Simulate slow endpoints by adding configurable delays (100 ms to 30 s) so you can test how your provider handles timeouts and retry logic.
Webhook Relay & Forwarding
Forward incoming webhooks to your own production or staging server without losing the original request data. HookCheck acts as a transparent proxy, preserving the source IP in X-Forwarded-For and adding a X-HookCheck-Event-ID header for traceability across your infrastructure.
Team Workspaces & Roles
Organize endpoints into workspaces with granular access control. Assign roles — Owner, Editor, Viewer — and set per-workspace API keys for programmatic access. Invite up to 5 members on the Starter plan and unlimited members on Enterprise with SSO via SAML 2.0.
API & Webhook Export
Access all logs and event data through a RESTful API. Export individual events as raw HTTP dumps, JSON files, or cURL commands. Subscribe to HookCheck's own webhook notifications to receive alerts when an endpoint receives an error response or when event volume exceeds your defined threshold.
Go Deeper
Deep-dive guides & documentation
Each feature above has a dedicated guide with code examples, configuration walkthroughs, and troubleshooting tips. Start with the one that matches your current integration challenge.
Setting Up Your First Endpoint
Step-by-step walkthrough: create a workspace, generate a webhook URL, configure a Stripe test key, and verify your first payment_intent.succeeded event in the HookCheck dashboard. Includes screenshots and a sample cURL command.
Validating Signatures in Node.js & Python
Copy-paste code snippets for verifying Stripe, GitHub, and Shopify signatures using HookCheck's decoded header values. Covers HMAC-SHA256 verification, timestamp tolerance windows, and handling missing X-Signature headers gracefully.
Building Automated Retry Tests
Use HookCheck's response delay and status-code configuration to simulate provider retry behaviour. Learn how to set up a 3-attempt exponential-backoff scenario and assert that your idempotency middleware prevents duplicate charges or state corruption.
Integrating with CI/CD Pipelines
Call the HookCheck API from GitHub Actions, GitLab CI, or Jenkins to validate webhook handlers as part of your test suite. Includes a sample workflow YAML that creates a temporary endpoint, sends a test event, asserts the response, and cleans up the workspace.