Launch special — let's split the check with SPLITCHECK for 50% off
Share feedback →

Glossary

Webhook Payload

The body of a webhook request — the JSON (or form/XML) describing what happened. The signature is computed over these exact bytes, so they matter twice.

The payload is what's in the request body: usually JSON, sometimes form-encoded or XML. It carries the event type and the resource that changed — e.g. Stripe's checkout.session.completed payload includes the session object with amount, currency, and customer.

Providers choose thin or fat payloads. Thin payloads send just an ID and event type, expecting you to call the API for full data (avoids stale/oversized bodies); fat payloads include the whole resource (fewer round-trips, but data can be stale by the time you read it).

Because the signature is computed over the exact payload bytes, you must verify against the raw body before any parsing or re-serialization — JSON.parse then JSON.stringify reorders keys and breaks the signature.

How HookSense helps

HookSense pretty-prints every captured payload, lets you full-text search across all of them, and can diff two payloads byte-by-byte to spot the field that quietly changed.

Get a free webhook URL

Related terms

Raw Body →Webhook Signature →Webhook →