Webhook Debugger - Self-Hosted Webhook Inspector for Stripe, GitHub, Shopify & More

February 17, 2026 · View on GitHub

Debug Stripe webhooks, GitHub hooks, Slack events, Shopify callbacks, and any HTTP webhook integration. Self-host on Cloudflare Workers with 90-day history and full-text search.

The webhook inspector that keeps your data in your own hands.

Capture, inspect, and replay webhooks with 90-day history. Self-host on Cloudflare Workers + D1 in 5 minutes.

🚀 Quick Deploy • 📖 Full Docs • 🌐 Live Demo

Quick Demo

# 1. Clone and install
git clone https://github.com/brancogao/webhook-debugger.git
cd webhook-debugger && npm install

# 2. Set up Cloudflare (free tier works)
npx wrangler login
npx wrangler d1 create webhook-debugger-db

# 3. Deploy
npm run deploy

# Done! Your webhook debugger is live.

Why Webhook Debugger?

✨ NEW: Signature Verification - Verify webhooks are really from Stripe, GitHub, Slack, etc.
Debug webhooks locally and in production - See exactly what's being sent
90-day history - Never lose a webhook again (free: 7 days)
One-click replay - Forward webhooks to any URL
Full-text search - Find webhooks by content instantly
Auto source detection - Automatically identifies Stripe, GitHub, Shopify, Slack, etc.
Self-hostable - Deploy to your own Cloudflare account in 5 minutes

Comparison

Feature	Webhook Debugger	Webhook.site	RequestBin	Ngrok
Self-hostable	✅ Yes	❌ No	❌ Deprecated	⚠️ Tunnel only
Data privacy	✅ Your DB	❌ Their server	❌ Public	⚠️ Local only
Signature verification	✅ Yes	❌ No	❌ No	❌ No
History retention	90 days	7 days (paid)	48 hours	Session only
Full-text search	✅ FTS5	❌ No	❌ No	❌ No
One-click replay	✅ Yes	✅ Yes	❌ No	❌ No
Edge deployment	✅ Global	❌ Single region	❌ No	❌ No
Free tier	✅ 1 endpoint	✅ 1 endpoint	❌ Gone	✅ Limited
Cost at scale	~$5/mo	$9-49/mo	-	$8-200/mo

Features

Unique Webhook URLs - Generate unique endpoints instantly
90-Day History - Pro users retain webhooks for 90 days (free: 7 days)
One-Click Replay - Replay webhooks to any target URL
Full-Text Search - Search across all webhook payloads
Auto Source Detection - Automatically identifies Stripe, GitHub, Shopify, Slack, etc.
🔐 Signature Verification (v1.1) - Verify webhook authenticity with HMAC signatures
GitHub OAuth - No passwords required

Supported Signature Formats (v1.1)

Service	Signature Format	Header
Stripe	HMAC-SHA256 + timestamp	`Stripe-Signature`
GitHub	HMAC-SHA256 (sha256=)	`X-Hub-Signature-256`
Slack	HMAC-SHA256 (v0=)	`X-Slack-Signature`
Shopify	HMAC-SHA256 (base64)	`X-Shopify-Hmac-SHA256`
Generic	HMAC-SHA256	`X-Hub-Signature` / `X-Webhook-Signature`

Tech Stack

Runtime: Cloudflare Workers (Edge)
Database: Cloudflare D1 (SQLite)
Language: TypeScript
Authentication: GitHub OAuth + HMAC-signed session tokens
Search: SQLite FTS5 full-text search

Getting Started

📖 Quick Start Guide (3 minutes)

Prerequisites

Node.js 18+
Wrangler CLI (npm install -g wrangler)

Local Development

Clone and install dependencies:
```
npm install
```
Create GitHub OAuth App:
- Go to https://github.com/settings/developers
- Create a new OAuth App
- Set Authorization callback URL to: http://localhost:8787/api/auth/callback
- Copy Client ID and Client Secret

Configure environment variables:

cp .dev.vars.example .dev.vars
# Edit .dev.vars and fill in:
# - GITHUB_CLIENT_ID
# - GITHUB_CLIENT_SECRET
# - COOKIE_SECRET (generate with: openssl rand -base64 32)

Initialize database (first time only):

wrangler d1 execute webhook-debugger-db --file=./schema.sql --local

Build frontend:
```
npm run build
```
Start dev server:
```
npm run dev
```
Open browser:
- Visit http://localhost:8787
- Click "Login with GitHub"

Frontend Development

To work on the frontend separately:

cd frontend
npm install
npm run dev

This will start a Vite dev server on port 3000 with hot reload and proxy to the backend.

API Endpoints

Authentication

GET /api/auth/github - Start GitHub OAuth flow
GET /api/auth/callback - OAuth callback
POST /api/auth/logout - Logout
GET /api/auth/me - Get current user

Endpoints

GET /api/endpoints - List user's endpoints
POST /api/endpoints - Create new endpoint
GET /api/endpoints/:id - Get endpoint details
PUT /api/endpoints/:id - Update endpoint
DELETE /api/endpoints/:id - Delete endpoint

Webhooks

GET/POST /hook/:path - Receive webhooks (public endpoint)
GET /api/endpoints/:id/webhooks - List webhooks for endpoint
GET /api/endpoints/:id/webhooks/search?q=term - Search webhooks
GET /api/webhooks/:id - Get webhook details
POST /api/webhooks/:id/replay - Replay webhook

Deployment

Quick Deploy (5 minutes)

Deploy your own instance to Cloudflare. You'll need:

A free Cloudflare account
A GitHub account for OAuth

Step-by-step:

Fork this repository

Clone your fork:

git clone https://github.com/YOUR_USERNAME/webhook-debugger.git
cd webhook-debugger
npm install

Login to Cloudflare:
```
npx wrangler login
```
Create D1 database:
```
npx wrangler d1 create webhook-debugger-db
```
Copy the database_id from the output.
Update wrangler.jsonc:
- Replace database_id with your database ID
- Change name to something unique (e.g., webhook-debugger-YOUR_USERNAME)

Initialize database:

npx wrangler d1 execute webhook-debugger-db --file=./schema.sql --remote

Create GitHub OAuth App:
- Go to https://github.com/settings/developers
- Click "New OAuth App"
- Set Homepage URL to: https://webhook-debugger-YOUR_USERNAME.workers.dev
- Set Callback URL to: https://webhook-debugger-YOUR_USERNAME.workers.dev/api/auth/callback
- Copy Client ID and Client Secret

Configure environment:

# Set the Client ID in wrangler.jsonc under vars.GITHUB_CLIENT_ID

# Set secrets:
echo "YOUR_GITHUB_CLIENT_SECRET" | npx wrangler secret put GITHUB_CLIENT_SECRET
openssl rand -base64 32 | npx wrangler secret put COOKIE_SECRET

Build and deploy:
```
npm run build
npm run deploy
```
Done! Visit https://webhook-debugger-YOUR_USERNAME.workers.dev

For detailed instructions, see DEPLOY.md.

Production Checklist

Create remote D1 database:

wrangler d1 create webhook-debugger-db
# Update wrangler.jsonc with the database_id

Run migrations:

wrangler d1 execute webhook-debugger-db --file=./schema.sql --remote

Set secrets:

wrangler secret put GITHUB_CLIENT_SECRET
wrangler secret put COOKIE_SECRET

Update wrangler.jsonc:
- Set GITHUB_CLIENT_ID in vars
- Update database_id from step 1
Build and deploy:
```
npm run deploy
```
This will build the frontend and deploy everything to Cloudflare Workers.

Plan Limits

Plan	Endpoints	Webhook History	Price
Free	1	7 days	$0
Pro	10	90 days	$9/mo
Team	50	90 days	$29/mo

Database Schema

users

id (TEXT, PRIMARY KEY) - CUID2
github_id (INTEGER, UNIQUE) - GitHub OAuth ID
github_login (TEXT) - GitHub username
email (TEXT) - Optional email
avatar_url (TEXT) - Profile avatar
plan (TEXT) - free | pro | team
created_at, updated_at (DATETIME)

endpoints

id (TEXT, PRIMARY KEY) - CUID2
user_id (TEXT, FK) - Reference to users
name (TEXT) - User-defined name
path (TEXT, UNIQUE) - /hook/{uuid}
is_active (BOOLEAN)
created_at (DATETIME)

webhooks

id (TEXT, PRIMARY KEY) - CUID2
endpoint_id (TEXT, FK) - Reference to endpoints
method (TEXT) - HTTP method
source (TEXT) - auto-detected: stripe, github, etc.
source_verified (BOOLEAN) - signature verification
headers (TEXT) - JSON string of headers
body (TEXT) - raw body (max 1MB)
query_params (TEXT) - JSON string of query params
content_type (TEXT) - Content-Type header
replay_count (INTEGER) - Number of replays
last_replay_at (DATETIME)
last_replay_status (INTEGER)
last_replay_response (TEXT) - Last replay response (truncated)
received_at, created_at (DATETIME)

Testing

npm test

Architecture

┌─────────────────────────────────────┐
│         Cloudflare Edge             │
│                                     │
│   Webhook Receiver (Workers)        │
│   • POST /hook/{path}              │
│   • Auto-detect source             │
│   • Store to D1                   │
│                                     │
│   Dashboard API (Workers)           │
│   • Auth (GitHub OAuth)            │
│   • Endpoints CRUD                 │
│   • Webhooks list/detail/replay    │
│   • Full-text search              │
│                                     │
│   D1 Database (SQLite)              │
│   • users / endpoints / webhooks    │
│   • FTS5 full-text search         │
│                                     │
└─────────────────────────────────────┘

Contributing

Issues and feature requests welcome! Feel free to open an issue or submit a pull request.

Support

Issues: https://github.com/brancogao/webhook-debugger/issues
Discussions: https://github.com/brancogao/webhook-debugger/discussions

License

MIT

Webhook Debugger is designed for developers who need:

Stripe webhook debugging - Test and inspect Stripe payment webhooks locally
GitHub webhook testing - Debug GitHub App and OAuth App webhooks
Shopify webhook inspector - Monitor Shopify store events and order webhooks
Slack event debugging - Test Slack bot events and slash commands
Twilio webhook testing - Debug SMS and voice call callbacks
Generic HTTP webhook inspection - Capture any POST/GET webhook payload

Alternatives compared:

webhook.site - Similar but not self-hostable, data on third-party servers
RequestBin - Deprecated, no longer maintained
ngrok - Tunnel tool, not a webhook inspector
Beeceptor - Mock API, different use case

Related searches:

self-hosted webhook inspector
webhook debugger cloudflare workers
stripe webhook testing tool
github webhook debug
webhook inspector open source
webhook viewer self-hosted

Built with ❤️ by Auto Company