GitHub Webhooks
How to Test GitHub Webhooks Locally (2026)
GitHub webhooks notify your application about repository events like pushes, pull requests, issues, and deployments. GitHub signs webhooks with HMAC-SHA256 using a secret you configure.
With HookSense, point GitHub at a callback endpoint and let an AI agent await the result over MCP: create_callback_endpoint → wait_for_callback → verify_signature. Run npx @hooksense/mcp in Claude Desktop, Cursor, or any MCP client. No polling.
Signature Header
X-Hub-Signature-256
Algorithm
HMAC-SHA256
Setup Guide
- 1Create a free HookSense endpoint at hooksense.com
- 2Copy your unique webhook URL
- 3In GitHub → Repository Settings → Webhooks → Add webhook
- 4Paste your HookSense URL as the Payload URL
- 5Set Content type to application/json
- 6Enter a secret and save it — add the same secret to HookSense for HMAC verification
- 7Select events or choose 'Send me everything'
- 8Push a commit or open a PR to trigger a webhook
Common GitHub Webhook Events
pushpull_requestissuesissue_commentcreatedeletedeploymentworkflow_runForward to Localhost
Use HookSense CLI to forward GitHub webhooks directly to your local development server:
npx hooksense listen -p 3000 --path /api/integrations/githubNo ngrok or tunnel setup required. Install with npm i -g hooksense or use npx.
Tips & Best Practices
- GitHub sends a ping event when you first set up a webhook — use HookSense to verify it arrives
- Use the X-GitHub-Event header to determine the event type
- GitHub retries failed deliveries — use HookSense replay to test your retry handling
- Filter events in HookSense to focus on specific event types during debugging
Related
Give your agent a GitHub callback
Create a free callback endpoint and have an agent await its first verified GitHub webhook over MCP. Paid plans are early-access.
Get Started Free