Proxy Webhook Service

A secure webhook proxy that validates GitHub signatures and forwards requests to a target URL.

Endpoint

POST /api/webhook

Required Environment Variables

  • TARGET_URL- The URL to forward webhooks to
  • API_SECRET- Your GitHub webhook secret for signature validation

Features

  • Validates GitHub webhook signatures using HMAC SHA-256
  • Forwards requests to a target URL with original headers
  • Returns the target response status and body
  • Secure signature validation using timing-safe comparison

Setup

  1. Deploy this project to Vercel
  2. Add TARGET_URL and API_SECRET environment variables in your Vercel project settings
  3. Configure your GitHub webhook to point to: https://your-domain.vercel.app/api/webhook
  4. Set the same secret in GitHub webhook settings as your API_SECRET