Webhook Receive Endpoint - Capture Incoming Webhooks
This is the URL you paste into Stripe, GitHub, Shopify, or any webhook provider. Any POST request sent here is stored for 24 hours and retrievable via GET /v1/webhook/inbox/{id}/payloads. The inbox must already exist (created via /v1/webhook/inbox/create).
Code examples
curl -X POST https://api.botoi.com/v1/webhook/inbox/:id/receive \
-H "Content-Type: application/json" \
-d '{"id":"a1b2c3d4"}'When to use this API
Test a Stripe webhook without deploying a server
Create an inbox, copy the receive URL into your Stripe webhook endpoint settings, then trigger a test event from the Stripe dashboard. Retrieve the captured payload via the payloads endpoint.
Inspect GitHub webhook delivery headers and body
Add the receive URL as a GitHub webhook on any repository. Every push, pull request, or issue event will be captured with full request body so you can build your handler against real data.
Frequently asked questions
Does the receive endpoint accept non-JSON payloads?
The endpoint stores JSON bodies. If the provider sends a non-JSON body, the body field in the captured payload will be null. The request is still acknowledged with received: true.
What happens if I send to an expired or unknown inbox?
You get a 404 with code INBOX_NOT_FOUND. Create a new inbox and update your webhook provider settings with the fresh URL.
Is there a payload size limit?
Yes. Cloudflare Workers enforce a 100 MB request body limit, but KV values are capped at 25 MB. Keep payloads under 1 MB for best performance.
Does the receive endpoint validate webhook signatures?
No. Signature verification is the consumer's job. The inbox captures the raw payload exactly as sent. Use the captured data to build your verification logic before going to production.
Get your API key
Free tier includes 5 requests per minute with no credit card required. Upgrade for higher limits.