Webhook Simulator
Generate event envelopes, local payloads, curl, MCP JSON-RPC, and platphormctl commands without sending fake external requests.
PlatPhorm Webhook Lab
Test webhooks before production breaks.
Create contracts, generate signed payloads, send test events, inspect attempts, replay safely, validate schemas, and export trace-linked evidence across the PlatPhormNews tool network.
Lifecycle Evidence
1public-safe
Define event type
eventId
2public-safe
Define event contract
contractId
3protected
Register endpoint
endpointId
4public-safe
Generate payload
payloadHash
5public-safe
Sign payload
signatureStatus
6protected
Send event
deliveryId
7protected
Receive delivery
attemptCount
What WebhookLab Does
WebhookLab is the canonical event delivery, contract validation, signature, replay, async job, and evidence surface for the PlatPhormNews network.
Signature Verification
Build timestamped HMAC-SHA256 or HMAC-SHA512 signatures with transient secrets and redacted canonical-string evidence.
Replay System
Inspect original delivery evidence, enforce idempotency, require confirmation, and gate external replay behind PLATPHORM_API_KEY.
Contract Testing
Validate pasted payloads against JSON Schema, generate samples, produce negative cases, and hand evidence to Spec or Evals.
Real-time Tracking
Show real delivery, attempt, retry, latency, and trace state when storage exists; otherwise show explicit degraded state.
MCP Integration
Expose WebhookLab tools, resources, prompts, access policy, and backward-compatible aliases through JSON-RPC 2.0.
Public vs Protected
No user-login wall is required for public-safe usage. Mutating and sensitive delivery operations require the shared platform key only.
Public-safe
- homepage, docs, FAQ, OpenAPI, llms, RSS, sitemap, robots, and well-known policy files
- Lab shell, local-only payload generation, public templates, JSON/schema validation, and transient signature utilities
- redacted event, endpoint, delivery, contract, integration, health, and route-compliance summaries when storage is available
- read-only MCP introspection and public-safe MCP tools
Protected with PLATPHORM_API_KEY
- persistent endpoint registration, update, and deletion
- persistent event creation that sends to registered endpoints
- third-party delivery attempts, replay, cancel, retry, and async delivery job mutation
- contract create, update, delete, persistent test runs, and protected handoffs to Spec, Evals, Sandbox, AgentUI, Monitor, Docs, Sheets, and Decks
- raw delivery details, raw request headers, private payloads, private traces, private audits, registry mutation, and report publishing
Toolchain Integrations
Integrations are shown as working only when WebhookLab can execute them. Unwired handoffs return explicit degraded or local-export evidence.
Spec Workbench
degradedValidate webhook contracts and generate schema reports.
Evals
degradedCreate contract suites and score retry, replay, and delivery behavior.
Sandbox
degradedGenerate receiver tests and validate sample payload handling in a safe runtime.
AgentUI
degradedGenerate payload forms, contract editors, and protected replay panels.
Monitor
degradedPublish delivery health, endpoint health, and webhook failure-rate summaries.
Trace
degradedLink events, deliveries, attempts, replays, and contract tests to trace timelines.
MCP Gateway
workingExpose WebhookLab tools, resources, prompts, schema validation, and tool status.
API Hub
degradedRegister OpenAPI, event contracts, webhook metadata, and API product descriptors.
Docs
degradedPublish delivery reports, contract remediation notes, and incident docs.
Sheets
degradedExport delivery matrices and endpoint health reports.
Decks
degradedGenerate executive delivery evidence summaries.
platphormctl
workingRun repeatable webhook tests, MCP validation, site inspection, and policy checks.