How do I verify webhook signatures?

Tern provides easy webhook signature verification using HMAC algorithms. Simply import WebhookVerificationService and call verify() or verifyWithPlatformConfig() with your webhook request and secret key.

What webhook platforms does Tern support?

Tern supports Stripe, GitHub, Clerk, Shopify, Vercel, Polar, Supabase, Dodo Payments, and any custom webhook platform through configurable signature verification.

Yes, Tern is fully open source under the MIT license and available on GitHub at github.com/Hookflo/tern

Self-healingAutonomousAlgorithm-agnostic

Verify less,
build more.

Name: Tern Webhook Verification
Rating: 5.0 (100 reviews)
Author: Hookflo

Tern is the next-generation webhook verification framework that adapts, heals, and scales automatically. Zero maintenance, infinite possibilities.

>npm i@hookflo/tern

20+Platforms supported

0Deps required

∞Scale & resilience

webhook-verification.ts

import { WebhookVerificationService } from '@hookflo/tern'

const result = await WebhookVerificationService
  .verifyWithPlatformConfig(request, 'stripe', 'whsec_your_secret')

if (result.isValid) {
  console.log('Webhook verified autonomously!', result.payload)
}

Use Cases at a Glance

Tern simplifies webhook infrastructure for everyone — from indie SaaS to Enterprises. Handle, verify, and migrate events with total confidence.

Seamless Platform Migration
Switch from Stripe to Paddle or Supabase to Firebase without rewriting webhook logic. Tern normalizes payloads and keeps your integrations stable.
Payload Normalization
Extract what matters, skip the metadata noise. Define once, reuse across environments — consistent structure for every event.
Signature Verification, Simplified
No more signature-handling boilerplate. Built-in verifiers for GitHub, Stripe, Supabase, Clerk, and more.
Audit-Friendly by Design
Zero dependencies mean full visibility. Every line of code is inspectable, every event is traceable.
Self-Healing Event Handling
Detect and recover from silent webhook failures automatically. Replay or repair events without losing data integrity.
Plug & Play with Hookflo (Optional)
Instantly connect to Hookflo’s no-code dashboard for webhook event alerting, logging, and replay — no backend setup required.

Cross-runtime ready — Node, Workers, Deno — one consistent API.

From prototypes to global clusters — same event reliability.

Fully auditable source, no transitive dependencies or version drift.

Why Tern leads the future

Most verifiers break when platforms change. Tern evolves with them, automatically healing and adapting to keep your systems running.

Self-healing architecture

Automatically detects and adapts to platform signature changes. No more broken webhooks when providers update their systems.

Algorithm agnostic

Supports HMAC-SHA256, HMAC-SHA1, HMAC-SHA512, and custom algorithms. One framework for all signature types.

Platform specific

Battle-tested implementations for Stripe, GitHub, Supabase, Clerk, and more — out of the box.

Type safe

Full TypeScript support with comprehensive types. Catch errors at compile time, not runtime.

Framework agnostic

Works with Express.js, Next.js, Cloudflare Workers, Deno, and any modern JS runtime.

Zero dependencies

Lightweight core with no external deps. Keep your bundle minimal and secure.

Liked Tern? Show some love on GitHub

Your support helps shape Tern’s next updates like schema normalization, unifying webhook payloads across platforms for a smoother dev experience.

Star on GitHub Visit Hookflo

Thoughtful progress — reimagining webhooks for modern teams.

What’s next

Schema normalization
More platform presets
Single Command Setup with CLI

built with careopen & evolving

Verify less,build more.