Slack sends webhooks for interactive components, slash commands, Events API subscriptions, and bot events. These webhooks power Slack apps and bots that respond to user actions and workspace events.
Slack webhooks are HTTP POST requests that Slack sends to your server when specific events occur in your account. Rather than continuously polling the Slack API for updates, webhooks deliver real-time notifications the moment something happens — a payment completes, a user signs up, a deployment finishes, or any other tracked event.
Debugging these webhooks can be challenging because they originate from Slack's servers, not your browser. You can't simply open DevTools to inspect them. That's where WebhookVault comes in — capture every Slack webhook, inspect the full payload and headers, and replay them to your local development server.
| Event | Description |
|---|---|
| message.channels | Fired when a message is posted to a public channel |
| app_mention | Fired when your app is mentioned in a conversation |
| member_joined_channel | Fired when a user joins a channel |
| reaction_added | Fired when a reaction emoji is added to a message |
Follow these steps to start capturing and debugging Slack webhooks using WebhookVault.
Sign up for a free WebhookVault API key and create an endpoint to capture Slack webhooks.
curl -X POST https://webhookvault.anethoth.com/api/v1/endpoints \
-H "Authorization: Bearer wv_your_key" \
-H "Content-Type: application/json" \
-d '{"name": "Slack Webhooks"}'
# Response:
# {"url": "https://webhookvault.anethoth.com/hook/abc123", "inspect_url": "https://webhookvault.anethoth.com/inspect/abc123"}Go to api.slack.com/apps and select your app Under Event Subscriptions, enable events and enter your WebhookVault URL Slack will send a challenge request — WebhookVault handles this automatically Subscribe to the bot events and workspace events you need
Once Slack sends a webhook, you can inspect every detail through the WebhookVault API or web inspector.
curl https://webhookvault.anethoth.com/api/v1/endpoints/abc123/requests \
-H "Authorization: Bearer wv_your_key"
# Returns all captured Slack webhook requests with full headers, body, and metadataReplay any captured Slack webhook to your local development server for testing.
curl -X POST https://webhookvault.anethoth.com/api/v1/endpoints/abc123/requests/1/replay \
-H "Authorization: Bearer wv_your_key" \
-H "Content-Type: application/json" \
-d '{"url": "http://localhost:3000/webhook"}'
# The original Slack webhook is replayed to your local serverHere is an example of a typical Slack webhook payload. Use WebhookVault to capture real payloads from your Slack account for accurate testing.
{
"token": "ZZZZZZWSxiZZZ2yIvs3peJ",
"team_id": "T061EG9R6",
"event": {
"type": "app_mention",
"user": "U061F7AUR",
"text": "<@U0LAN0Z89> Hello bot!",
"channel": "C061EG9SL",
"ts": "1706000000.000100"
},
"type": "event_callback",
"event_id": "Ev0PV52K21",
"event_time": 1706000000
}Here are the most common issues developers encounter when working with Slack webhooks, and how to resolve them.
Slack sends a challenge parameter on setup. Your endpoint must respond with the challenge value. Use WebhookVault to inspect and understand this flow.
Slack expects a 200 response within 3 seconds. Acknowledge immediately and process asynchronously for complex operations.
Slack retries events if it doesn't receive a 200 response within 3 seconds. Return 200 immediately to prevent duplicates.
Verify the token or use signed secrets (X-Slack-Signature) to ensure requests are genuinely from Slack.
Slack webhooks are HTTP callbacks that Slack sends to your server when specific events occur. Instead of polling the Slack API for changes, webhooks push real-time notifications to your application, making your integration more efficient and responsive.
Use WebhookVault to capture Slack webhooks in the cloud, then replay them to your localhost. Create a WebhookVault endpoint, configure Slack to send webhooks to it, and use the replay API to forward captured requests to http://localhost:3000/webhook (or your local port).
Most webhook providers, including Slack, sign their webhook payloads to prove authenticity. Check the Slack documentation for the specific signature header and verification algorithm. Use WebhookVault to capture and inspect the raw headers to debug signature verification issues.
Unlike ngrok, WebhookVault captures and stores every webhook request with full headers and payloads. You can replay any Slack webhook to your local server as many times as needed, inspect historical requests, and share webhook data with your team. No tunnel to maintain or port to expose.
Create a free WebhookVault endpoint in seconds. Capture, inspect, and replay Slack webhooks with zero configuration.
Get Free API Key