Documentation
funiq docs
Everything you need to send, verify, and replay webhooks.
1. Quickstart
Create an endpoint from the dashboard. You'll get a URL like:
POST https://your-app/api/public/hooks/ingest/<slug>
Point your provider (Stripe, GitHub, etc.) at that URL. Every request is stored, verified, filtered, and forwarded to your forward_url.
2. Signature verification
funiq signs forwarded requests with HMAC-SHA256 using your endpoint's signing secret.
import { createHmac, timingSafeEqual } from "crypto";
function verify(secret, body, header) {
const expected = "sha256=" + createHmac("sha256", secret).update(body).digest("hex");
const a = Buffer.from(expected);
const b = Buffer.from(header ?? "");
return a.length === b.length && timingSafeEqual(a, b);
}3. Retries + Dead-letter queue
Non-2xx responses are retried with exponential backoff: 30s, 2m, 10m, 30m, 2h, 6h. After 6 failed attempts the event lands in the dead-letter queue.
Replay any DLQ event from the dashboard or via the API.
4. API
Every action in the dashboard is available over HTTPS. Authenticate with an API key from Settings → API Keys.
curl https://your-app/api/v1/events \ -H "authorization: Bearer hp_live_xxxxxxxxxxxxxxxxxxxx"