Debug webhooks in CI and production
Capture, inspect, chaos-test.
Flytrap captures every webhook, verifies HMAC signatures, and simulates failure so you can test how senders behave.
The problem
Third-party webhooks are opaque. The payload shape changes quietly. Retries fire twice. You don’t find out until something downstream breaks.
Our answer
Point the webhook URL at Flytrap. It captures every request, pretty-prints the body, verifies signatures, and can return configurable errors on demand to chaos-test the sender.
Outcomes
- Live tail of incoming webhooks during integration
- HMAC signature verification with decode logs
- Rejection mode returns random 4xx/5xx to test resilience
- No database — just Redis, deploy in minutes
The pipeline
- 1
Run Flytrap on a public URL
Expose it behind your ingress. Point any webhook at any path — Flytrap catches it.
- 2
Inspect the payload
Live view shows the latest request. History pages through every past capture with filtering.
- 3
Verify signatures
Configure the HMAC secret and header. Flytrap shows whether each request passes verification and why.
- 4
Turn on rejection mode
Return random or fixed errors. Watch how the sender retries, backs off, or gives up.
Products in this pattern
The products that make the pattern work. Each is a Docker image; each slots into the same contract.
Flytrap
Observability
A web catch-all for incoming webhooks with live display, paginated history, HMAC verification, and rejection-mode chaos testing.
Stash
Storage
A web GUI for Redis / Valkey — browse keys by namespace, edit values, delete patterns, and view server stats without admin credentials.
Related industries
Ship the blocks. Focus on the product.
Docker-ready microservices you can deploy in an afternoon. Learn one, use them all.