Documentation
Getting Started
- Create an account
- Create a webhook endpoint from the dashboard
- Copy the generated webhook URL
- Paste it into your provider’s webhook settings (e.g. Stripe Dashboard)
- Optionally add the webhook signing secret for signature verification
- Create notification rules to start receiving emails
Endpoints
An endpoint is a unique URL that receives webhook events from a third-party service. Each endpoint has:
- Name — a label for your reference
- Provider — Stripe, Paddle, or Generic (determines signature verification method)
- Webhook Secret — optional signing secret used to verify that events are authentic
- Status — active or inactive. Inactive endpoints reject incoming webhooks.
Your webhook URL follows this format:
https://hooknotify.com/api/webhooks/{endpoint-id}Signature Verification
HookNotify verifies webhook signatures to ensure events are genuinely from your provider, not spoofed.
| Provider | Header | Method |
|---|---|---|
| Stripe | stripe-signature | HMAC-SHA256 with timestamp |
| Paddle | paddle-signature | HMAC-SHA256 |
| Generic | x-signature or signature | HMAC-SHA256 |
If no webhook secret is configured, signature verification is skipped and all events are marked as unverified in the logs.
Notification Rules
Rules determine when an email notification is sent. Each rule belongs to an endpoint and contains:
Filter Condition (optional)
If no filter is set, the rule matches all incoming webhooks. To filter, specify:
- Field — the JSON path to match against (supports dot notation, e.g.
event.type) - Operator — how to compare the field value
- Value — the value to compare against
| Operator | Description | Example |
|---|---|---|
equals | Exact string match | type equals payment_intent.succeeded |
contains | Substring match | type contains payment |
greater_than | Numeric comparison | data.object.amount > 10000 |
less_than | Numeric comparison | data.object.amount < 500 |
exists | Field is present and not null | data.object.refund exists |
Email Notification
- Email Address — where the notification is sent
- Subject Template — supports
{{field}}variables. Built-in variables:{{endpoint_name}},{{provider}}. Any field from the webhook payload can also be used, e.g.{{type}}. - Body Template— HTML template with the same variable support. Use
PAYLOAD_PLACEHOLDERto insert the full JSON payload.
Example: Stripe payment alert
Rule name: Large Payment Alert
Field: data.object.amount
Operator: greater_than
Value: 50000
Email: finance@example.com
Subject: Payment of {{data.object.amount}} received
Body: <h2>New payment</h2>
<p>Amount: {{data.object.amount}}</p>
<pre>PAYLOAD_PLACEHOLDER</pre>Webhook Logs
Every webhook received is logged with:
- Timestamp
- Full request payload
- Signature verification result
- Number of rules matched
- Notification delivery status
- Processing time
- Sender IP address
Click any log entry to expand and view the full JSON payload. You can filter logs by endpoint using the “Logs” button on each endpoint card.
Plan Limits
See the pricing page for current plan limits including endpoints, rules, events per month, and log retention.