Now in beta

Webhook delivery that
just works.

Send once. We handle retries, logging, and delivery confirmation. Stop building webhook infrastructure from scratch.

Send a webhook

curl -X POST https://api.trychis.com/webhook/send \
  -H "X-API-Key: sk_live_..." \
  -d '{
    "url": "https://your-app.com/webhooks",
    "payload": { "event": "payment.completed", "amount": 4999 }
  }'

The problem

Webhooks are deceptively hard.

You think it's just an HTTP POST. Then endpoints go down, payloads get lost, and you're debugging at 2am with no logs to look at.

Silent failures

Endpoints return 500s and you never know. Your users wonder why nothing happened.

↻

Retry logic is a mess

Exponential backoff, idempotency keys, max attempts — all code you'd rather not write.

Zero visibility

No delivery logs, no status tracking. When something breaks, you're flying blind.

How it works

Three steps. That's it.

You send

Make a single API call with the event, payload, and destination URL. That's your only job.

We deliver

Chis delivers the webhook with automatic retries, exponential backoff, and signature verification.

You monitor

See every delivery attempt, response code, and latency in the dashboard. Debug in seconds.

Features

Everything you need, nothing you don't.

Automatic retries

Failed deliveries are retried with exponential backoff. Up to 5 attempts with increasing delays so transient failures resolve themselves.

Delivery logs

Full request/response logs for every delivery attempt. Status codes, response bodies, error messages, and timing — all searchable from the dashboard.

Multiple endpoints

Route events to different URLs. Fan out a single event to multiple consumers with one API call.

API-first

Everything is an API. Send events, manage API keys, rotate signing secrets, and query logs programmatically. No UI required.

HMAC-SHA256 signing

Every delivery is signed with a per-organization secret following the Standard Webhooks format. Receivers verify authenticity with X-Webhook-Signature headers. Rotate secrets from the dashboard at any time.

Multi-tenant organizations

Create separate organizations for each project or team. API keys, webhook logs, and signing secrets are fully isolated per organization.

Team invitations

Invite team members by email with admin or member roles. Manage access, accept or decline invitations, and collaborate across your organization.

Dashboard & monitoring

A real-time dashboard with delivery stats, success rates, filterable webhook logs, and per-attempt detail views. Manage API keys and secrets from one place.

Integrate

Send from your stack.

One API call to send a webhook. Pick your language, copy the snippet, and start delivering events in minutes.

const res = await fetch("https://api.trychis.com/webhook/send", {
  method: "POST",
  headers: {
    "X-API-Key": process.env.CHIS_API_KEY,
    "Content-Type": "application/json",
  },
  body: JSON.stringify({
    url: "https://your-app.com/webhooks",
    payload: { event: "payment.completed", amount: 4999 },
  }),
});

const data: Delivery = await res.json();

Receive

Verify on your end.

Every webhook is signed with HMAC-SHA256. Drop this function into your receiver to verify authenticity.

const crypto = require("crypto");

function verify(body, secret, headers) {
  const msgId = headers["x-webhook-id"];
  const ts    = headers["x-webhook-timestamp"];
  const sig   = headers["x-webhook-signature"];

  // Reject if older than 5 minutes
  if (Math.abs(Date.now() / 1000 - ts) > 300) return false;

  const signed = `${msgId}.${ts}.${body}`;
  const key = Buffer.from(secret.replace("whsec_", ""), "base64");
  const expected = crypto.createHmac("sha256", key).update(signed).digest("base64");

  return sig.split(" ").some(s =>
    s === `v1,${expected}`
  );
}