localhost whenever you’re ready. No public URL, no tunnel, no missed events.
Create a Webhooktrap inbox
Create a new inbox from the Webhooktrap dashboard, or use the API:Copy the full ingest URL from the response:Your ingest URL is
https://webhooktrap.dev/i/xK9m2pQ7nR4a. Keep it handy for the next step.Add the ingest URL as a Stripe webhook endpoint
- Open the Stripe Dashboard and navigate to Developers → Webhooks.
- Click Add endpoint.
- Paste your Webhooktrap ingest URL into the Endpoint URL field.
- Click Add endpoint to save.
Select the events to listen for
After saving the endpoint, click Add events and choose the Stripe events you want to capture. Common choices include:
checkout.session.completedpayment_intent.succeededpayment_intent.payment_failedinvoice.paidcustomer.subscription.updated
Trigger a test event
From the Stripe Dashboard, open your newly created endpoint and click Send test event. Choose an event type from the dropdown and click Send test webhook. You can also wait for a real event to fire if you have an active Stripe integration.
Inspect the captured event in Webhooktrap
Open your Webhooktrap dashboard and select the inbox you created. Click the event that just arrived to see:
- Headers — including
Stripe-Signature,Content-Type, andUser-Agent - Body — the full JSON payload sent by Stripe
- Query string — if any parameters were appended
Replay the event to your local handler
Click Replay on any captured event. Set the destination URL to your local webhook handler, for example:Webhooktrap forwards the original headers and body to that URL and shows you the full HTTP response — status code, latency, and response body — so you can confirm your handler processed the event correctly.
Stripe-Signature header is preserved
Webhooktrap preserves theStripe-Signature header on every captured request. This means you can replay a real Stripe event to your local handler and run your actual signature verification code against it — the same stripe.webhooks.constructEvent() call you use in production.
Webhooktrap redacts
Authorization and Cookie headers for security, but all other headers — including Stripe-Signature — are stored and replayed verbatim.Example captured Stripe payload
Here is an abridged example of acheckout.session.completed event as it appears in your Webhooktrap inbox:
