WEBHOOKS

Webhooks for Better Auth

Secure, signed, and retryable webhooks that integrate directly with Better Auth events.

Quickstart

# Start the delivery worker
npm run worker

# Open admin panel
npm run admin

Run both commands. The worker delivers events. The admin lets you add, test, and manage webhooks.

Events & Payload

user.created
{
  "type": "user.created",
  "data": {
    "user": {
      "id": "usr_123",
      "email": "user@example.com",
      "name": "John Doe"
    }
  },
  "id": "evt_abc123",
  "timestamp": 1731840000000
}

Security & Signing

X-Signature: sha256=9f86d081...
X-Id: evt_abc123
X-Timestamp: 1731840000000
  • • HMAC-SHA256 signature using per-webhook secret
  • • Unique event ID prevents duplicate processing
  • • Timestamp prevents replay attacks
  • • 3 automatic retries with exponential backoff