HookDeploy is a webhook testing tool that gives you a stable URL to capture, inspect, and replay HTTP callbacks from any service.
Who HookDeploy is for
HookDeploy is built for developers and small teams who integrate with webhook-based APIs — Stripe, GitHub, Shopify, Clerk, and dozens of others. If you’ve ever pasted a webhook URL into a provider dashboard, waited for an event, and then tried to reproduce it locally, HookDeploy is for you.
Common use cases:
- Local development — Capture production-like webhook payloads without deploying your app.
- Debugging integrations — Inspect full headers, body, and timing when something breaks.
- Team collaboration — Share endpoints and request history with your team instead of passing around curl commands.
- CI and automation — Manage endpoints and replay requests via the REST API at
api.hookdeploy.dev.
How it works
Every HookDeploy account belongs to an organization. When you create an endpoint, HookDeploy assigns it a unique slug and gives you a public URL:
https://hookdeploy.dev/h/{slug}When a sender POSTs (or GETs, PUTs, etc.) to that URL, HookDeploy:
- Validates the endpoint exists and isn’t paused
- Checks rate limits and plan payload size limits
- Stores the request metadata in the database and the body in Cloudflare R2
- Optionally forwards a copy to your real server if you’ve configured a forward URL
- Returns
200with arequest_idto the sender
You inspect captured requests in the dashboard at app.hookdeploy.dev or via the REST API.
Core concepts
Endpoints
An endpoint is a named webhook receiver. Each endpoint has:
- A slug — the short ID in your public URL (
k3p9xa) - A name and optional description — for your own organization
- An optional forward URL — where HookDeploy proxies incoming webhooks automatically
- A paused flag — when paused, incoming requests return
423 Locked
Requests
Every HTTP call to your endpoint becomes a request record. HookDeploy captures:
- HTTP method
- All headers (except stripped proxy headers on replay)
- Query string parameters
- Content type and body size
- Source IP address
- Timestamp
The raw body is stored in R2. Retention depends on your plan (7 days on Free, up to 90 days on Team).
Forwarding
Auto-forwarding sends a copy of every incoming webhook to a URL you configure — typically your staging server or a tunnel like ngrok. HookDeploy logs the forward attempt, status code, response time, and any error. Your sender still gets a normal 200 response from HookDeploy regardless of whether the forward succeeded.
Forwarding is fire-and-forget from the sender’s perspective. If your forward target is down, the webhook is still captured.
Replay
Replay is a manual action: you pick a captured request and re-send it to any HTTPS URL — usually http://localhost:3000/webhooks/stripe via a tunnel. Replay adds diagnostic headers:
x-hookdeploy-replay: 1
x-hookdeploy-original-request-id: {request-id}Replay is different from forwarding. Forwarding happens automatically on every incoming webhook. Replay is on-demand, targets a URL you choose per action, and is recorded in the replays table.
Architecture at a glance
| Component | URL | Purpose |
|---|---|---|
| Marketing & docs | hookdeploy.dev | This site |
| Dashboard | app.hookdeploy.dev | Authenticated UI |
| Ingestion | hookdeploy.dev/h/* | Receives webhooks |
| REST API | api.hookdeploy.dev/v1 | Programmatic access |
Next steps
- Quickstart — Capture your first webhook in under five minutes
- Your first endpoint — Deep dive into the inspector
- Endpoints — Slugs, pausing, and forward URLs