Hook0

Open-source Webhooks-as-a-Service: deliver events to your users with auto-retry, signed payloads, and a real-time subscriber dashboard — all without building the infrastructure yourself.

1.5Kstars
100forks
Custom / Unknown
Rust

Hook0 is an open-source Webhooks-as-a-Service (WaaS) platform built in Rust that enables SaaS developers to offer robust, production-grade webhooks to their users without managing delivery infrastructure from scratch. It handles the hardest parts of webhook delivery — retries, HMAC signing, persistence, subscription management, and real-time monitoring — through a unified REST API and a modern no-code dashboard.

The platform is built around a clean separation between the API server (Actix-Web, Rust), an async output worker that processes delivery attempts from Apache Pulsar, and a Vue 3 frontend that non-technical users can operate without training. Hook0 also ships a webhook inspection server called Play (similar to webhook.site) and a native MCP server so AI agents can interact with webhooks programmatically.

Hook0 supports self-hosting via Docker Compose, Kubernetes with official Helm charts, or on-premises bare-metal. PostgreSQL 18 is the only database dependency. The free Cloud tier at hook0.com provisions a project in approximately 90 seconds with no credit card required, storing all data in European infrastructure for GDPR compliance.

The project is licensed under the Server Side Public License (SSPL v1) — the same license MongoDB uses — which means you can freely use, modify, and self-host Hook0, but you cannot offer it as a managed service to others. Active development is reflected in a commit cadence exceeding 70 commits per month, with multiple tagged releases per service across the monorepo.

What You Get

  • JSON REST API - A fully documented, versioned REST API (OpenAPI/Swagger) for sending events, managing subscriptions, listing delivery logs, and administering organizations with consistent error codes and structured problem responses.
  • Fine-grained subscriptions - Users subscribe to specific named event types (e.g., ‘payment.success’, ‘user.created’) and can filter by scope such as user ID or organization, ensuring each subscriber receives only the events relevant to them.
  • Automatic retry with signed delivery - The output worker retries failed deliveries with configurable backoff intervals, includes HMAC-SHA256 signatures on every request, and validates target IP addresses against private network ranges to prevent SSRF attacks.
  • Event and response persistence - Every event ingested and every delivery attempt (successful or failed) is stored in PostgreSQL with full payload, request headers, HTTP status codes, and elapsed time for debugging and auditing.
  • Embeddable subscriber portal - End-users get a branded, white-labeled dashboard with real-time delivery logs, event filtering, and subscription management — operable by non-technical users without any training required.
  • Hook0 Play — webhook inspector - A standalone relay server similar to webhook.site that lets developers inspect incoming webhooks locally in real time, with optional Redis-backed persistent storage and encrypted payload support.
  • Biscuit-based decentralized authorization - Access tokens embed permissions as Datalog-style facts and rules, enabling stateless cross-service validation without per-request database lookups, with role-based (Viewer/Editor) and service-token access models.
  • MCP Server for AI agents - A native Model Context Protocol server (built on rmcp in Rust) that exposes Hook0 operations to AI assistants and LLM-based automation tools via stdin/stdout transport.
  • Multi-tenancy and event scoping - Events are scoped to organizations, applications, and users within a multi-tenant PostgreSQL schema using soft-deletes and organization-level quota enforcement, supporting B2B SaaS architectures natively.
  • Kubernetes and Helm deployment - Official Helm charts and Kubernetes manifests are included for production-grade orchestrated deployments alongside the Docker Compose quickstart.

Common Use Cases

  • Exposing webhooks from a B2B SaaS product - A team building a project management tool uses Hook0 to let enterprise customers subscribe to events like ‘task.assigned’ and ‘sprint.completed’, routing them to internal systems like Slack or custom ERPs without building retry, signing, or logging infrastructure.
  • Debugging webhook delivery failures - A fintech startup uses Hook0’s event persistence and delivery log viewer to inspect failed webhook attempts, identify malformed response codes from third-party endpoints, and replay specific events without re-triggering the original business action.
  • Local webhook development with Hook0 Play - A backend developer runs the Play inspection server locally to capture and inspect incoming webhook payloads from external services during development, avoiding the need to expose a public endpoint or use a separate tunneling service.
  • GDPR-compliant webhook infrastructure in the EU - A European healthcare SaaS self-hosts Hook0 on-premises using the Helm charts, ensuring all webhook payloads and delivery logs remain within EU data centers and under the organization’s full control.
  • Enabling AI agent workflows over webhooks - A developer uses Hook0’s MCP server to let an AI assistant monitor webhook delivery status, inspect failed events, and trigger manual retries as part of an automated incident response workflow.

Under The Hood

Architecture Hook0 is a Rust workspace structured around clearly separated concerns: the api crate is an Actix-Web HTTP server responsible for event ingestion, subscription management, and organization administration; the output-worker crate is an independent async consumer that reads delivery jobs from Apache Pulsar and makes outbound HTTP calls to subscriber endpoints; the play crate implements a standalone webhook inspection and relay service built on Axum; and the clients/mcp crate exposes the entire system to AI agents via the Model Context Protocol. Apache Pulsar decouples ingestion from delivery, allowing the output-worker to scale independently of the API. Authorization is enforced at the middleware layer via Biscuit tokens, keeping handler code clean of authentication logic. PostgreSQL uses schema-qualified tables, soft-deletes, and versioned migrations (SQLx) to support multi-tenancy without data leakage across organizations.

Tech Stack The backend runs on Rust with Actix-Web 4, async SQLx 0.9 for PostgreSQL with compile-time query verification, Apache Pulsar for the event message bus, and Tokio as the async runtime across all crates. The frontend is Vue 3 with Vite, TypeScript, and Pinia for state management. The Play inspection server uses Axum with optional Redis for persistent storage. The MCP server is implemented natively in Rust using the rmcp crate with stdio transport. Docker Compose orchestrates PostgreSQL 18, Mailpit for email testing, and all services locally; official Helm charts are provided for Kubernetes deployments. GitLab CI/CD with cargo-release and cliff.toml handles conventional commit enforcement, changelog generation, and per-service container image releases.

Code Quality Testing coverage is extensive and layered: more than 30 Playwright E2E spec files exercise the full application stack including visual regression tests, dark mode, keyboard shortcuts, and mobile navigation; a dedicated API integration test suite validates REST endpoints end-to-end; and unit tests are embedded in Rust modules for core logic. Error handling is typed throughout — the Rust API uses a Hook0Problem enum backed by thiserror for structured HTTP problem responses, while the output-worker uses typed ResponseError variants with strum-derived display names. The #[instrument] macro annotates all async paths for structured distributed tracing via OpenTelemetry. A security scanner (osv-scanner) runs in CI alongside conventional commit enforcement.

What Makes It Unique Biscuit-based decentralized authorization is a technically distinctive choice: tokens carry embedded Datalog-style facts and rules that are verified locally without database round-trips, enabling stateless cross-service access control that can be attenuated and delegated without server state. The inclusion of a native MCP server — implemented in Rust using rmcp — makes Hook0 one of the few webhook platforms with first-class AI agent integration. The play crate ships a self-contained webhook inspection and relay server as part of the same monorepo, giving developers a local webhook.site equivalent without external dependencies. The SSPL license is itself a deliberate architectural decision: it preserves the open-source commons while preventing hyperscalers from wrapping Hook0 as a managed service, a pattern that has reshaped projects like MongoDB and Elasticsearch.

Self-Hosting

Hook0 is licensed under the Server Side Public License (SSPL) version 1, the same license used by MongoDB. SSPL grants broad rights to use, modify, create derivative works, and redistribute the software — including for commercial purposes inside your own organization. The key restriction is that if you offer Hook0 as a managed service to others (i.e., you run Hook0 on behalf of third parties), you must open-source the entire stack you use to provide that service. For the vast majority of self-hosting scenarios — running Hook0 inside your own infrastructure to power your own SaaS product’s webhook system — SSPL imposes no obligations beyond what a standard open-source license would require.

Running Hook0 yourself requires PostgreSQL 18 as the sole database dependency, and optionally Apache Pulsar if you want to separate the API server from the output-worker for scale or isolation (the Docker Compose setup runs the output-worker in direct database polling mode by default, which is simpler). A minimum self-hosted deployment needs the API server, the frontend, the output-worker, and a PostgreSQL instance. Official Helm charts are provided for Kubernetes, and Docker Compose handles local and small-scale deployments with health checks wired for all services. You are responsible for uptime, database backups, PostgreSQL upgrades, and scaling the output-worker horizontally as delivery volume grows.

Compared to the managed Hook0 Cloud tier, self-hosting means you forgo the automated provisioning, built-in monitoring dashboards, managed database backups, and the European-hosted GDPR infrastructure that hook0.com provides. The Cloud free tier provisions a project in approximately 90 seconds with no credit card required and includes no product limitations on users, applications, or API requests — billing is event-based for the Standard tier. Teams choosing to self-host gain full data sovereignty and avoid egress costs at the cost of operational responsibility; those opting for Cloud gain rapid provisioning and SLA-backed uptime without managing Pulsar, PostgreSQL, or container orchestration.

Join founders buildingwith open source

Opinionated takes, migration guides, cost-saving tips, and insights from the open source ecosystem.

Subscribe on Substack

No spam. Unsubscribe anytime.

Join 750+ subscribers
No spam. Unsubscribe anytime.

Search