Help & Knowledge Hub
Everything you need to capture, inspect, mock and replay webhooks with HookLab — from your first test endpoint to failure-simulation and forwarding.
Quick start
Create a test endpoint
Try the demo on the homepage for an instant anonymous endpoint (lives 7 days), or create an account-owned one that lives 30 days: POST /api/v1/endpoints with your API key in the X-API-Key header. You get back a capture URL and an inspect URL.
Send a webhook to the capture URL
Point any provider (Stripe, GitHub, Shopify, a curl one-liner…) at the capture URL. GET, POST, PUT, PATCH and DELETE are all captured — method, query, headers and up to 64KB of body. Cookie, Authorization and X-API-Key headers are stripped before anything is stored.
Inspect the request live
Open the inspect URL: the page polls every 3 seconds and shows each capture with its headers, query and pretty-printed JSON body. Search and filter through the API with GET /api/v1/endpoints/{id}/requests?q=&method=.
Configure a mock response & failure simulation
By default the capture URL replies 200 {"ok":true}. Override it — status, body, latency — with PATCH /api/v1/endpoints/{id}, or straight from the "Mock response & failure simulation" panel on the inspect page. Turn on a failure mode (fail first N, flaky %, delay) to test your retry and backoff logic.
Forward to your real endpoint
On a paid plan, register a forwarding destination and every new capture is delivered to your real app, signed with an HMAC-SHA256 X-HookLab-Signature header and retried on failure. Or replay any single stored capture on demand with POST /api/v1/replay.
Features & API map
| Feature | Plan | API |
|---|---|---|
| Capture endpoints | All plans (free: 1,000 captures/mo) | POST /api/v1/endpoints |
| Live inspector (3s polling) | All plans | /inspect/{id} |
| Search & filter captures | All plans | GET /api/v1/endpoints/{id}/requests |
| Export JSON / CSV | All plans | GET /api/v1/endpoints/{id}/export |
| Endpoint stats | All plans | GET /api/v1/endpoints/{id}/stats |
| Mock responses | All plans (endpoint owner) | PATCH /api/v1/endpoints/{id} |
| Failure simulation (fail-first-n / flaky / timeout) | All plans (endpoint owner) | PATCH /api/v1/endpoints/{id} |
| Replay a capture to your app | All plans | POST /api/v1/replay |
| Signature verification (Stripe / GitHub / Shopify) | All plans | POST /api/v1/verify-signature |
| JSON → TypeScript types from a capture | All plans | GET /api/v1/endpoints/{id}/types |
| Request forwarding (signed, auto-retry) | Basic and up | /api/v1/endpoints/{id}/forward |
| Alert webhooks (endpoint monitoring) | Basic and up | /api/v1/endpoints/{id}/alerts |
| Public share pages & README badge | All plans | /r/{token} · /r/{token}/badge |