Verification of Stripe webhook signatures

Version on this page:
LTS Haskell 22.17:
Stackage Nightly 2023-12-26:
Latest on Hackage:

See all snapshots stripe-signature appears in

MIT licensed by Chris Martin
Maintained by Chris Martin, Julie Moronuki
This version can be pinned in stack with:stripe-signature-,1346

Module documentation for

When Stripe sends an event to your webhook, it includes an HTTP header named Stripe-Signature. You should use this to verify the authenticity of the request to ensure that you are not acting upon forged events originating from some source other than Stripe.


Changelog - 2018-12-20

  • Initial release - 2019-05-18

  • Replace hex-text package dependency with slightly smaller base16-bytestring dependency