Debugging Webhooks

Monitor, troubleshoot, and optimize webhook delivery

Webhook debugging and monitoring are essential for maintaining reliable event-driven integrations. Payload provides comprehensive webhook logs that record every delivery attempt, response status, and failure reason, enabling you to quickly diagnose issues, optimize performance, and ensure your webhooks operate reliably in production.

Webhook logs provide complete audit trails of all webhook deliveries, including timestamps, HTTP status codes, retry attempts, and triggered events. Use these logs to verify delivery, debug failures, monitor performance, and ensure your webhook integrations are functioning correctly.

Prerequisites

Before debugging webhooks, it's helpful to learn about the following topics.

Learn about webhooks

Understand how webhooks work and when they're triggered by Payload events.

Learn about monitoring

Understand monitoring best practices for production integrations and APIs.

Common Webhook Issue

Endpoint Errors: Server errors (500s) preventing webhook processing
Authentication Failures: OAuth or signature verification problems
Timeouts: Slow endpoint responses exceeding timeout limits
Network Issues: Connectivity problems or DNS failures
Configuration Errors: Incorrect URLs or missing endpoints
Rate Limiting: Too many webhooks overwhelming your endpoint

Proactive Monitoring: Set up alerts for webhook failure rates, response time degradation, and sustained delivery problems. Proactive monitoring helps you catch issues before they impact your business operations or customer experience.

Accessing Webhook Logs

Retrieve webhook logs to see complete delivery history and debug issues.

webhook-logs.py

import payload
 
pl = payload.Session("secret_key_3bW9...", api_version="v2")
 
# Retrieve webhook with logs
webhook = pl.Webhook.select("*", "logs").get("wh_webhook123")
 
print(f"Webhook ID: {webhook.id}")
print(f"Trigger: {webhook.trigger}")
print(f"\nWebhook Logs ({len(webhook.logs)} entries):")
 
for log in webhook.logs:
    print(log)
    print(f"\nDate: {log.created_at}")
    print(f"Trigger: {log.trigger}")
    print(f"HTTP Status: {log.http_status}")
    print(f"Triggered on: {log.triggered_on['id']}")
    print(f"URL: {log.url}")

This example retrieves a webhook with its complete log history:

Use the fields parameter or select() method to include logs
Logs are returned in reverse chronological order (most recent first)
Each log entry includes delivery details and response status
Use logs to verify delivery and diagnose problems

Webhook Log Structure

Each webhook log entry contains:

{
  "object": "webhook_log",
  "trigger": "processed",
  "created_at": "2024-01-15T10:30:00Z",
  "triggered_on": {
    "id": "txn_ABC123",
    "object": "transaction",
    "value": "processed"
  },
  "http_status": 200,
  "url": "https://yourdomain.com/webhooks/handler"
}

object: Always webhook_log for log entries
trigger: The event type that triggered this webhook
created_at: Timestamp when webhook was delivered
triggered_on: The object that caused the trigger (transaction, etc.)
http_status: HTTP response code from your endpoint
url: The URL where the webhook was delivered

Understanding Webhook Logs

Interpret webhook logs to diagnose delivery issues and monitor performance.

Successful Delivery

{
  "http_status": 200,
  "created_at": "2024-01-15T10:30:00Z",
  "trigger": "processed"
}

Indicators of Success:

http_status: 200-299 range indicates successful processing
Quick timestamps: Low latency between trigger and delivery
No retries: Single log entry for the event

Failed Delivery

{
  "http_status": 500,
  "created_at": "2024-01-15T10:30:15Z",
  "trigger": "processed"
}

Indicators of Failure:

http_status: 400-599 range indicates errors
Multiple entries: Retry attempts for same event
Pattern of failures: Consistent failure across all webhooks

Status Code Importance: Your webhook endpoint must return appropriate HTTP status codes. Return 2xx (typically 200) for successful processing, 4xx for client errors, and 5xx for server errors. Status codes determine whether Payload retries the webhook.

Webhook Retry Behavior

Understand how Payload retries failed webhooks and configure retry counts.

Retry Configuration

webhook = pl.Webhook.create(
    trigger="processed",
    url="https://yourdomain.com/webhooks/handler",
    retries=3  # Retry up to 3 times on failure
)

When Retries Occur

Webhooks are retried when:

4xx Errors: Client errors (except 404)
5xx Errors: Server errors
Timeouts: No response within 30 seconds
Network Errors: Connection failures, DNS errors, SSL errors

Webhooks are NOT retried when:

2xx Success: Successful processing (200-299)
404 Not Found: Endpoint doesn't exist (likely configuration error)

Idempotency Required: Since webhooks may be delivered multiple times due to retries, your webhook handlers must be idempotent. Use event IDs to detect and skip duplicate processing, ensuring the same webhook doesn't trigger the same action twice.

Testing Webhook Delivery

Test webhooks to verify delivery and debug handler implementation.

Local Testing with Tunneling

Expose local development servers to receive webhooks:

# Using ngrok
ngrok http 3000
 
# Copy the HTTPS URL (e.g., https://abc123.ngrok.io)
# Use this URL when creating test webhooks

Testing Checklist

Test these scenarios:

Load Testing Webhooks

Test webhook handler performance:

# Trigger multiple events to generate webhook load
transactions = []
 
for i in range(100):
    txn = pl.Transaction.create(
        type="payment",
        amount=10.0
        # ... other transaction fields
    )
    transactions.append(txn)
 
# Monitor webhook handler performance and error rates

Test in Test Mode: Always test webhooks in test mode before production deployment. Use test transactions and test webhooks to validate your implementation without affecting production data or triggering real side effects.

Schema Reference

Webhook configuration fields relevant to debugging:

Webhook Debugging Fields

retries

integer (int64)

Number of times to retry a webhook on failure

url

string

Triggered URL

Max length: 512

Next Steps

Enhance webhook reliability and security after implementing debugging

Secure Your Webhooks

Implement Signature Verification to validate webhook authenticity and prevent unauthorized requests, configure OAuth Authentication for protected endpoints requiring enterprise-grade security, and review API Security best practices to protect webhook endpoints from attacks and abuse.

Optimize Webhook Reliability

Implement Error Handling to gracefully manage webhook failures and retries, configure Rate Limiting to prevent webhook overload and protect endpoints from abuse, and set up Monitoring strategies to track webhook performance and detect issues proactively.

Implement Webhooks

Monitor payment events with Transaction Webhooks to track payment and payout processing in real-time, review the Webhooks Overview for complete webhook setup and configuration, and consult the Webhook API Reference for detailed API documentation and schema reference.

Transaction Webhooks - Payment event monitoring
Signature Verification - Webhook security
OAuth Authentication - OAuth webhooks
Webhooks API Reference - Webhook object reference

Signature Verification