Inbound webhook gateway

Never lose a webhook

One ingest URL for Stripe, GitHub, Shopify, or anything else that sends webhooks. Webhooker checks the signature, stores the event so it can't vanish, and delivers it to your services with retries, replay, and a full per-attempt history.

free plan · 10,000 events/month · no card required · hosted in the EU

live tail source: stripe-prod · SSE

How it works

Three stages. The event survives every one of them.

Ingest never delivers synchronously. Accepting an event and delivering it are separate, transactional steps, and that's the whole trick.

STAGE 01

Receive & verify

Your provider calls a unique ingest URL. The signature is checked against the source's scheme before the payload is accepted. Bad signatures get rejected at the door.

HMAC-SHA256 / SHA1

STAGE 02

Persist

The event is written durably to a PostgreSQL-backed queue and the provider gets its 200 OK in single-digit milliseconds. From here on, the event cannot be lost.

p99 < 10 ms server-side

STAGE 03

Deliver & retry

Competing workers fan the event out to your destinations with exponential backoff, status-conditional retries and a circuit breaker per destination. Failures land in a DLQ you can resend from.

at-least-once

Features

Everything between their POST and your handler.

The unglamorous plumbing every integration needs, built once and shared by all your sources and destinations.

Signature verification

Per-source HMAC-SHA256 and SHA1 schemes checked before a payload is accepted. Forged requests never enter the pipeline.

Smart retries & circuit breaker

Exponential backoff, conditional retries by HTTP status, and a per-destination circuit breaker that stops hammering a downed service.

Transformations

Declarative, per-destination payload reshaping and header injection. Send each service exactly the shape it expects.

Outbound signing

Forwarded requests are signed, so your destinations can verify every delivery really came from Webhooker.

Live tail & replay

Real-time event stream over SSE, full history, and a per-attempt delivery log with one-click resend of any event.

Alerts & metrics

Email alerts on delivery failure, per source. Prometheus metrics with a p99 ingest-to-delivery latency SLO built in.

<10 ms

p99 ingest ack

at-least-once

delivery guarantee

1 binary

Rust, SPA embedded

SSE

live event tail

EU data residency

Your events stay in Europe.

Webhooker runs on servers inside the European Union, full stop. Payloads, delivery logs and backups are never mirrored to a US cloud region. When a customer or auditor asks where your webhook data lives, the answer is one word.

Hosted in the EU

Ingest, storage, delivery workers and backups all run in EU data centers. Not "EU-first" with exceptions buried in the fine print. EU only.

GDPR by design

Retention limits are enforced, deleted means deleted, and a data processing agreement is available for every paid plan. See the privacy policy for the details.

You set the clock

Events expire after 14, 30 or 90 days depending on plan. Export what you need before then, or delete it earlier. It's your data.

Pricing

Priced by events, not by anxiety.

Every plan includes verification, retries, transformations, replay and alerts. You pay for volume and retention. Nothing is feature-gated that shouldn't be.

Free

€0 / month

Side projects and evaluation.

  • 10,000 events / month
  • 5 sources · 5 destinations
  • 14-day event retention
  • 120/min ingest rate
Start for free

hard limit, no surprise bills

Team

€99 / month

High volume, ordered delivery, static IP.

  • 1,000,000 events / month
  • 200 sources · 200 destinations
  • 90-day event retention
  • 25 workspace members
Start with Team

overage €0.12 / 1,000 events

FAQ

Common questions, short answers.

What is a webhook gateway?

A webhook gateway sits between the services that send webhooks and the services that consume them. Webhooker receives each event on a unique ingest URL, verifies its signature, writes it to durable storage, and then delivers it to your destinations with retries and a full per-attempt log.

What happens when my service is down?

Webhooker keeps the event. Delivery retries with exponential backoff, a per-destination circuit breaker stops hammering a downed service, and anything that still fails lands in a dead letter queue. From there you can resend a single event or a whole batch once your service is back.

Where is my webhook data stored?

In the European Union. Webhooker's ingest, storage, delivery workers and backups all run on EU servers, and webhook payloads are not transferred outside the EU. Events are deleted automatically when your plan's retention window ends: 14, 30 or 90 days.

Can I replay old webhooks?

Yes. Webhooker keeps every event for your plan's retention window, along with the full delivery history of each attempt. Any event can be resent to any destination with one click, and dead-lettered events can be replayed in bulk.

Which providers can send webhooks to Webhooker?

Any service that sends an HTTP POST. Webhooker verifies per-source HMAC-SHA256 and SHA1 signatures, the schemes used by Stripe, GitHub, Shopify and most other providers, and rejects payloads with bad signatures before they enter the pipeline.

Why this exists

We built Webhooker because we were tired of rebuilding the same webhook plumbing, verification, retries and replay, in every new project. It stays small and focused on purpose: one Rust binary, a PostgreSQL queue, and a bias for boring reliability.

Point your provider at us.

Create a source, paste the URL into Stripe or GitHub, and watch events arrive in the live tail. Verification, storage and delivery are already handled.

https://webhooker.eu/in/{your-token}