Problem Introduction
Orders or subscription updates happen, but your app state does not change.
Why It Happens
- •Wrong endpoint URL in live mode
- •Signing secret mismatch
- •Slow handler causing retries
- •No idempotency for retried events
Step-by-Step Fix
- 1Verify live endpoint URL in Lemon Squeezy settings.
- 2Re-check signing secret loaded in production env.
- 3Validate signature against raw body bytes.
- 4Return 2xx fast and process business logic asynchronously.
- 5Replay one failed event to confirm final fix.
Common Mistakes
- •Using test secret in production
- •Synchronous DB-heavy work before response
- •Not storing provider event IDs
Debugging Workflow
Provider delivery logs -> app ingress logs -> signature check -> billing state update -> replay verification.
Preventive Best Practices
- •Track retry spikes by event type
- •Use deterministic idempotency keys for writes
- •Alert on sudden delivery failure bursts
Works with webhooks and other async event systems (including AI callbacks).
Instead of guessing, inspecting the exact payload and headers can help debug faster. Tools like Hookmetry support this workflow.
Try the free webhook testerRelated Documentation