id, url, created_at, and message_count fields. Supports query parameters ?limit=50&offset=0.API Reference
Мгновенная отладка веб-хуков без туннелей
REST Endpoints
Hookly exposes a versioned REST API at
https://api.hookly.dev/v1. All requests require an API key passed via the Authorization: Bearer header. Responses are JSON-encoded with standard HTTP status codes.GET
/v1/hooks
List all active webhook channels. Returns a paginated array of hook objects with
POST
/v1/hooks
Create a new webhook channel. Accepts optional JSON body with
{"name": "stripe-webhooks", "custom_domain": "hooks.myapp.io"}. Returns the generated public URL and a unique hook_id for downstream calls.GET
/v1/hooks/{id}/logs
Retrieve delivery logs for a specific hook. Each log entry contains
timestamp, method, path, status_code, headers, body, and response_time_ms. Filter with ?after=2024-11-01T00:00:00Z.GET
/v1/logs/{logId}
Fetch a single log entry by its UUID. Returns the full raw request — headers, query string, body (up to 5 MB), and the replay token. Useful for programmatic inspection and CI pipeline assertions.
POST
/v1/hooks/{id}/replay
Replay a previously captured request to a new destination URL. Body:
{"log_id": "7f3a…", "target_url": "https://staging.example.com/webhook"}. Returns a replay_id and final HTTP status of the forwarded request.DELETE
/v1/hooks/{id}
Permanently delete a webhook channel and all associated logs. Irreversible. Returns
204 No Content on success. Rate-limited to 10 deletions per minute per API key.Authentication
Every request must include a valid API key in the
Authorization header. Keys are scoped to your workspace and can be rotated from the Dashboard settings. Example:curl -X GET https://api.hookly.dev/v1/hooks \
-H "Authorization: Bearer hly_live_8xK2mP9vQr4nLw7jTf"Invalid or expired keys return
401 Unauthorized. Exceeding your plan's rate limit (e.g., 600 req/min on the Pro tier) returns 429 Too Many Requests with a Retry-After header.Code Examples
Integrate Hookly into your CI/CD pipelines, test suites, or internal tooling with a few lines of code. Below are real-world patterns used by teams at ShipFast, NeonPay, and Kiteboard.
JavaScript
Create a hook and poll for logs
const { Hookly } = require('hookly-sdk');
const client = new Hookly('hly_live_8xK2mP9vQr4nLw7jTf');
const hook = await client.hooks.create({
name: 'stripe-test-sandbox'
});
console.log('Webhook URL:', hook.url);
const logs = await client.logs.list(hook.id, { limit: 5 });
logs.forEach(l => console.log(l.method, l.path, l.status_code));Python
Assert webhook payload in tests
import hookly
client = hookly.Client(api_key="hly_live_8xK2mP9vQr4nLw7jTf")
hook = client.hooks.create(name="pytest-events")
# Trigger your Stripe checkout, then verify:
logs = client.logs.list(hook.id, limit=1)
assert logs[0].status_code == 200
assert "checkout.session.completed" in logs[0].body
The Hookly SDK mirrors the REST API surface — every endpoint has a typed client method. Responses include
request_id headers for support ticket correlation.Rate Limits & Error Handling
Free tier: 120 requests per minute. Pro: 600/min. Enterprise: configurable up to 5,000/min. When you hit the limit, Hookly returns
429 with a JSON body like {"error": "rate_limit_exceeded", "retry_after_seconds": 8}. Implement exponential backoff with jitter for resilient clients.Common errors:
400 for malformed JSON, 404 when a hook or log ID doesn't exist, 403 if the API key lacks scope for the requested workspace. All error responses include a X-Hookly-Request-Id header for traceability.