stripe-webhook-signature-verification
CommunityVerify Stripe webhooks before processing
Software Engineering#node.js#stripe#idempotency#webhook security#hmac sha256#nextjs app router#replay protection
Authorjacob-balslev
Version1.0.0
Installs0
System Documentation
What problem does it solve?
Prevents unauthenticated or tampered Stripe webhook requests from triggering payment processing by verifying the request’s HMAC signature and rejecting stale/replayed deliveries.
Core Features & Use Cases
- Stripe HMAC-SHA256 signature verification: Confirms the
stripe-signatureheader matchesSTRIPE_WEBHOOK_SECRETusing Stripe’sconstructEventflow. - Replay attack protection: Enforces Stripe’s timestamp tolerance window so old events are rejected.
- Idempotency-friendly processing: Supports the
event.idpattern to avoid double-processing retries safely.
Quick Start
Use this skill to authenticate incoming Stripe webhook requests in your Node.js or Next.js backend by verifying the raw request body against the stripe-signature header with STRIPE_WEBHOOK_SECRET before handling the payment event.
Dependency Matrix
Required Modules
None requiredComponents
Standard package💻 Claude Code Installation
Recommended: Let Claude install automatically. Simply copy and paste the text below to Claude Code.
Please help me install this Skill: Name: stripe-webhook-signature-verification Download link: https://github.com/jacob-balslev/skill-graph/archive/main.zip#stripe-webhook-signature-verification Please download this .zip file, extract it, and install it in the .claude/skills/ directory.
Agent Skills Search Helper
Install a tiny helper to your Agent, search and equip skill from 471,000+ vetted skills library on demand.