Guaranteed delivery for Stripe, Paddle, and PayPal webhooks — with automatic retry, HMAC verification, and a full audit trail built in.
The HTTP webhook protocol has no persistence, no retries, and no observability — and it shows.
Your server restarts during a deployment. Stripe sends a payment.succeeded — your endpoint returns 503. Stripe retries a few times then gives up. Your billing service never learns the customer paid.
Your billing service has a 30-second database migration window. Any webhook arriving in that window is permanently lost. There is no built-in retry in the raw webhook protocol.
When your accountant asks 'why did this invoice not get marked paid?', you have no event log to point to. Without persistence, debugging payment discrepancies means cross-referencing provider dashboards manually.
From raw HTTP POST to guaranteed delivery — set up in under 10 minutes.
Pick the Stripe provider preset. GetHook auto-configures HMAC verification using the Stripe-Signature header. Paste your webhook signing secret — it's encrypted at rest with AES-256-GCM.
POST /v1/sources
{ "name": "stripe-production", "auth_mode": "hmac", "verification_config": { "header": "Stripe-Signature", "secret": "whsec_…" } }Create one Destination per service — your billing API, fraud detection engine, and analytics pipeline. Each gets its own retry policy, timeout, and auth configuration.
POST /v1/destinations
{ "name": "billing-service", "url": "https://api.yourapp.com/billing/hooks", "signing_secret": "your-hmac-secret" }Route payment.* to your billing service, charge.failed to your fraud engine, and * to your audit log. One Stripe webhook fans out to all three simultaneously.
POST /v1/routes
{ "source_id": "src_…", "destination_id": "dest_…", "event_type_pattern": "payment.*" }5-attempt exponential backoff (0s → 30s → 2m → 10m → 1h) ensures payment events survive downtime, deployments, and transient failures.
Pre-configured for Stripe-Signature, Paddle-Signature, and PayPal webhook headers. Reject forged requests before they reach your services.
Webhook signing secrets are encrypted with AES-256-GCM. API keys are SHA-256 hashed. No plaintext secrets in your database.
Every payment event is logged with payload, attempt count, response status, and timestamp. Compliance teams get a complete, immutable record.
One incoming payment event simultaneously reaches your billing service, fraud engine, and analytics pipeline — with independent retry per destination.
Replay any payment event after a bug fix or missed integration window. POST /v1/events/{id}/replay and the event re-enters the delivery queue immediately.
Route Shopify, WooCommerce, and BigCommerce order events to inventory, fulfillment, email, and analytics — simultaneously, with automatic retry.
Payment declines, suspicious logins, account lockouts — route security events to your fraud engine with guaranteed delivery, HMAC verification, and an immutable audit trail.
Failed payments, new signups, system alerts — route each event type to Slack, PagerDuty, email, and SMS simultaneously, with guaranteed delivery and automatic retry.
Up and running in minutes. No credit card required. Connect your first source and see events flowing in real time.