Documentation

Browse by section

Keep all guides, tool docs, automation recipes, and comparison pages in one navigable place.

Foundation docs for getting started fast, understanding key terms, and tracking what has changed.

Getting Started

Quickstart Glossary Changelog Tunneling

Start with fundamentals, then move into provider-specific webhook testing and production hardening.

Start Here

Complete Guide Local Testing Debug a Webhook Webhook Errors

Platform Guides

Stripe GitHub Slack Discord Shopify n8n Zapier

More Platform Guides

Supabase Twilio PayPal WooCommerce Vercel GitLab Netlify AWS SNS SendGrid Mailchimp HubSpot Firebase Jira Linear Notion Bitbucket

Language Guides

Node.js Python PHP Next.js Express

Error Code Guides

401 Error 403 Error 408 Timeout 429 Rate Limit 500 Errors

Core Concepts

Authentication Security Best Practices Webhook vs API Example JSON HTTP Example Payload Missing Retry Failed

These pages explain what each tool does, when to use it, and how it fits into a webhook debugging workflow.

Endpoint Setup

Generate URL Free Tester Mock Endpoint

Inspection and Debugging

Inspect Requests Capture Requests Inspector Test API Webhook

Simulation and Provider-Specific Tools

Simulator Discord Tester Stripe Tester GitHub Tester Request Catcher

Automation Docs

Use these setup guides when you want forwarding rules, custom responses, security checks, or multi-destination fanout.

Automation Guides

Shopify Notifications Stripe Pipeline Fanout Mock Responses Secure Endpoints CI/CD Testing Alerting Multi-Tenant

Use these pages to compare developer workflows, pricing tradeoffs, and feature differences between webhook tools.

Alternatives

Webhook.site RequestBin ngrok Hookdeck Pipedream

Roundups

Best Free Tools Best Testing Tools Stripe Tools Shopify Tools Node.js Tools Webhooks vs Polling Free vs Paid

Documentation

Browse by section

Keep all guides, tool docs, automation recipes, and comparison pages in one navigable place.

Foundation docs for getting started fast, understanding key terms, and tracking what has changed.

Getting Started

Quickstart Glossary Changelog Tunneling

Start with fundamentals, then move into provider-specific webhook testing and production hardening.

Start Here

Complete Guide Local Testing Debug a Webhook Webhook Errors

Platform Guides

Stripe GitHub Slack Discord Shopify n8n Zapier

More Platform Guides

Supabase Twilio PayPal WooCommerce Vercel GitLab Netlify AWS SNS SendGrid Mailchimp HubSpot Firebase Jira Linear Notion Bitbucket

Language Guides

Node.js Python PHP Next.js Express

Error Code Guides

401 Error 403 Error 408 Timeout 429 Rate Limit 500 Errors

Core Concepts

Authentication Security Best Practices Webhook vs API Example JSON HTTP Example Payload Missing Retry Failed

These pages explain what each tool does, when to use it, and how it fits into a webhook debugging workflow.

Endpoint Setup

Generate URL Free Tester Mock Endpoint

Inspection and Debugging

Inspect Requests Capture Requests Inspector Test API Webhook

Simulation and Provider-Specific Tools

Simulator Discord Tester Stripe Tester GitHub Tester Request Catcher

Automation Docs

Use these setup guides when you want forwarding rules, custom responses, security checks, or multi-destination fanout.

Automation Guides

Shopify Notifications Stripe Pipeline Fanout Mock Responses Secure Endpoints CI/CD Testing Alerting Multi-Tenant

Use these pages to compare developer workflows, pricing tradeoffs, and feature differences between webhook tools.

Alternatives

Webhook.site RequestBin ngrok Hookdeck Pipedream

Roundups

Best Free Tools Best Testing Tools Stripe Tools Shopify Tools Node.js Tools Webhooks vs Polling Free vs Paid

Secure Webhook Endpoints with Auth Validation

Add industry-standard authentication to any Requex endpoint. Reject unauthorised callers, log every attempt — including failures — and forward only valid requests downstream.

Editorially reviewed by the Requex team•7 min read•About the product

Short answer: In Requex Settings → Auth, choose your method (HMAC, Bearer, API key, Basic, or Custom), paste your secret, and save. Requex now validates every inbound request. Failed attempts are logged with the label auth_failed so you can audit them without losing the data.

Supported Auth Methods

Method	How it works	Use with
Bearer	Checks Authorization: Bearer <token> header	Internal APIs, custom services
HMAC	Computes HMAC(secret, rawBody) and compares signature header	Stripe, GitHub, Shopify
API Key	Reads a named header or query param, compares to expected value	Any service with API key auth
Basic	Decodes Authorization: Basic base64, compares username + password	Legacy services, simple setups
Custom	Reads any header, query param, or body dot-path	Non-standard auth schemes

HMAC Configuration — Stripe Example

Stripe signs every webhook with a HMAC-SHA256 signature in the Stripe-Signature header. To validate it in Requex:

Field	Value
Auth method	HMAC
Algorithm	sha256
Signature header	Stripe-Signature
Signature prefix	v1=
Secret	whsec_... (from Stripe Dashboard)

Requex captures the raw request body before JSON parsing — required for HMAC verification to work correctly. The raw bytes are used as the HMAC message, matching how Stripe computes the signature on their end.

What Happens on Auth Failure

When a request fails auth, Requex:

1. Saves the full request to your log with label auth_failed
2. Emits a real-time Socket.IO event so you see it live in the dashboard
3. Optionally adds a WWW-Authenticate header (if simulateChallenge is on)
4. Returns 401 or 403 to the caller
5. Does not trigger forwarding rules — invalid requests don't reach your downstream services

Add auth to your webhook in 2 minutes

Free, no signup. Open Requex, configure auth, and you're protected.

Open Requex →

Related use cases

Stripe Pipeline

HMAC auth + fanout for Stripe payment events.

Forward validated requests to multiple services.

Complete guide to webhook authentication methods.

Start Testing Webhooks Now

Generate your unique URL and test webhooks instantly. Free, no signup.

Open Webhook Tester →