Documentation

Complete guide to webhooks, debugging, and real-time event monitoring with HookMetry

Creating Webhook Endpoints

Hookmetry Webhook Endpoints Configuration UI
Endpoint configuration and provider integrations

Endpoints are unique URLs that receive webhook events. Each endpoint can have different validation settings, labels, and configurations.

Step-by-Step Guide

1

Navigate to Endpoints

Click "Endpoints" in the navigation menu or go to /endpoints

2

Click "Create Endpoint"

Opens the endpoint creation modal with configuration options

3

Choose Validation Type

Select how webhook signatures should be validated (see options below)

4

Configure Secret (if required)

For Stripe/GitHub/HMAC validation, paste your webhook secret from the provider

5

Add Label (Optional)

Give your endpoint a descriptive name like "Stripe Production" or "GitHub Staging"

Copy Your Webhook URL

Your unique endpoint URL is generated instantly - copy it to use in your webhook provider

Validation Types Explained

NoneBest for: Testing & development

No signature validation. Accepts all incoming webhooks without verification.

Not recommended for production - anyone can send data to your endpoint

StripeBest for: Stripe payment webhooks

Validates Stripe-Signature header using your webhook signing secret.

  • • Uses HMAC-SHA256 with timestamp protection
  • • Prevents replay attacks (5-minute tolerance)
  • • Secret format: starts with whsec_
GitHubBest for: GitHub repository webhooks

Validates X-Hub-Signature-256 header using your webhook secret.

  • • Uses HMAC-SHA256 (also supports legacy SHA-1)
  • • Secret is plain text (16+ characters recommended)
  • • Header format: sha256=hexdigest
HMAC SHA256Best for: Custom APIs & integrations

Generic HMAC-SHA256 validation for any webhook provider using standard headers.

  • • Supports common headers: X-Signature, X-Webhook-Signature, etc.
  • • Compatible with most modern webhook implementations
  • • Use 32+ character random secret for security

Example: Creating a Stripe Endpoint

1. Get your Stripe webhook secret:

  • Go to Stripe Dashboard Developers Webhooks
  • Click on your webhook endpoint
  • Click "Reveal" on Signing secret
  • Copy the secret (starts with whsec_)

2. Create endpoint in Hookmetry:

  • Validation Type: "Stripe"
  • Paste your whsec_ secret
  • Label: "Stripe Production" (optional)
  • Click "Create Endpoint"

3. Use the generated URL:

https://hookmetry.com/webhook/ep_abc123def456

Pro Tips:

  • • Create separate endpoints for development and production
  • • Use descriptive labels to identify endpoints quickly
  • • Test with validation type "None" first, then add signature validation
  • • Never share your webhook secrets publicly or commit them to Git
  • • Free plan includes up to 3 endpoints - upgrade for unlimited

Managing Endpoints

Edit Endpoint

Update validation type, secret, or label anytime from the endpoints list

Delete Endpoint

Remove endpoints you no longer need (webhook history is preserved)

Copy URL

Click the copy icon to quickly copy endpoint URL to clipboard

View Webhooks

Click endpoint to see all webhooks received by that specific endpoint