Log in Sign up

Receive webhooks without exposing your systems

A pull-native webhook relay for AI agents and internal automation. Providers send to us, we queue events, your systems pull when ready. No public endpoints, no tunnels, no open ports.

Get started How it works
Provider sends to relay, relay stores, your system pulls when ready

How it works

Webhook sources send events to a URL we give you. We ingest and store them in a durable queue. Your agent, worker, or workflow pulls events when it runs, processes them, and reports back. Receiving is decoupled from processing—you don't need a listening server.

1

Create a source

In the dashboard you get a unique ingest URL and secret for each source.

2

Send webhooks to it

Point any provider at your URL; they POST webhooks with the secret in the header.

3

Pull when ready

Your n8n, CLI, or application fetches events, processes them, and reports back.

Provider → our relay (we store) → you pull → you process → you report back.

Everything in one dashboard

Monitor volume, track event status, inspect payloads, and manage sources—all from a single pane of glass.

AgentWebhook dashboard showing event volume, status breakdown, and recent events

Pull from the command line

The CLI fetches events, lets you process them in any script or language, and reports back. No HTTP server, no framework—just pull, process, done.

terminal 
# Pull new events (long-poll waits up to 25s for new ones)
$ agentwebhook-cli pull --source=src_XXX --wait=25

# Events arrive as JSON — pipe into jq, Python, anything
{"events":[{"event_id":"evt_abc","payload":{...}}], "count":1}

# Done processing? Report back.
$ agentwebhook-cli ack --event=evt_abc
Acknowledged 1 event

# Need more time? Extend the lease.
$ agentwebhook-cli heartbeat --event=evt_def --extend=120

# Or watch continuously — events stream as they arrive
$ agentwebhook-cli watch --source=src_XXX

Works on macOS, Linux, and Windows. Full CLI docs →

Why a pull relay

Most webhook tools are push-first: they need a public URL, a running server, or a tunnel. AgentWebhook is pull-native. Your side only makes outbound connections. That means:

No inbound ports No tunnels No reverse proxies No firewall exceptions

Events sit in our queue until you fetch them—encrypted in transit and at rest, with retention under your control. Works inside restricted enterprise networks, on laptops, and on edge devices. That's zero-trust webhook ingestion.

Works with the tools you use

n8n

Run n8n privately; fetch from the relay when your workflow runs.

AI agents

OpenClaw and other agents pull on demand for deterministic execution.

Internal workers

Cron or background jobs fetch when they run; no public routing.

Local development

Real webhooks on localhost without tunneling.

Enterprise networks

Outbound-only; works inside locked-down networks with no firewall changes.

Edge & laptops

Pull from edge devices or dev laptops—no static IP or port forwarding needed.

Reliable by design

Every event goes through a managed lifecycle: ingest, queue, lease, process, confirm. Failed events retry automatically. Nothing falls through the cracks.

Dead letter queue

Events that fail after max retries move to the DLQ. Inspect, debug, and replay them from the dashboard.

Automatic retries

NACK an event and it goes back in the queue with exponential backoff. Configurable per source.

Deduplication

Providers can send an event ID header; we reject duplicates automatically. Built-in idempotency.

Event inspection

View any event's full payload, headers, status, and attempt history in the dashboard.

Replay

Redeliver any stored webhook for debugging or reprocessing—from the dashboard or CLI.

Audit trail

Every API key action and account change is logged. See who did what and when.

Common questions

Do I need a public URL or open ports?

No. Providers send to our relay; you only make outbound requests to fetch events.

What if my system is down when a webhook arrives?

We store it. When you're back online, you pull and process. No data loss.

What happens if I don't confirm in time?

The lease expires and we may redeliver the event. You can extend the lease if you need more time.

Which providers work?

Any service that can POST to a URL with a secret header. You give them your ingest URL and secret.

Is there a free tier?

Yes. Free tier, no credit card. See pricing when you sign up.

Where is my data stored?

Events are stored encrypted at rest. You set retention in the dashboard. See our docs for details.

Get webhooks without exposing your systems

Private, secure, pull-based. Free tier, no credit card.

Start for free →