Use case · API Integrations
Ship webhook integrations in a day, not a week.
Every new provider integration starts with the same questions: what does the payload look like, how do I verify signatures, what events fire when? HookSense answers all three in 30 seconds.
What's painful today
- Provider docs describe payloads in the abstract — the actual bytes (header order, field names, encoding) only show up in real events.
- Signature verification is the #1 webhook bug: wrong algorithm, wrong header, wrong body encoding. Catching it after deploy is expensive.
- Integrations with 5+ providers mean 5+ different signing schemes, payload shapes, and retry behaviors to learn from scratch.
How HookSense solves it
Auto-detect provider and event
HookSense identifies Stripe, GitHub, Shopify, Slack, Twilio, SendGrid, and more from headers alone — and tags every request with the event type (`checkout.session.completed`, `push`, `orders/create`).
Verify signatures with one click
Drop in the signing secret; HookSense verifies every signature in real time — Stripe, GitHub, Shopify, custom HMAC. Failed verifications are highlighted so you can debug encoding, not crypto.
One UI for every provider
Stop context-switching between Stripe Dashboard, GitHub Webhooks page, and Shopify admin. Every captured request looks the same in HookSense, so you build pattern matching once.
See it in code
Verify a Stripe signature in your handler
// HookSense already verifies signatures in the UI for live debugging.
// In production, mirror the same verification logic in your handler:
import { createHmac, timingSafeEqual } from "crypto";
function verifyStripe(body: string, header: string, secret: string) {
const [t, v1] = header.split(",").map(p => p.split("=")[1]);
const expected = createHmac("sha256", secret)
.update(`${t}.${body}`)
.digest("hex");
return timingSafeEqual(Buffer.from(v1), Buffer.from(expected));
}FAQ
Which providers does HookSense support out of the box?
Auto-detection and signature verification ship for Stripe, GitHub, Shopify, Slack, Twilio, SendGrid, Clerk, and LemonSqueezy. Any other provider works — you just configure the signature scheme manually.
Can I use HookSense for outbound webhooks too?
HookSense is focused on inbound webhook inspection. For outbound delivery (you're the sender), look at Hookdeck or Svix. The Replay feature lets you re-send captured webhooks, which covers most retry/forwarding use cases.
How do I document the integration after it's working?
Export any captured request as cURL, JSON, or a code snippet. Drop these into your integration docs as canonical examples — they'll always reflect real provider behavior.