PayPal Webhook Testing — Debug PayPal Events Instantly

To test PayPal webhooks, you need a public HTTPS endpoint that PayPal can POST to. WebhookWhisper gives you one instantly — no CLI, no deployment, no ngrok required. Paste the URL into your PayPal dashboard, trigger a test event, and inspect the full payload in real time.

Why Test PayPal Webhooks with WebhookWhisper?

PayPal webhooks cover the full e-commerce lifecycle — payments, subscriptions, disputes, and payouts. Events use a structured notification format with signature verification.

WebhookWhisper captures every incoming PayPal event with full headers, body, and timing data — so you can debug integration issues without deploying to a public server.

PayPal Webhook Events

The following events are commonly sent by PayPal:

  • PAYMENT.CAPTURE.COMPLETED
  • PAYMENT.CAPTURE.DENIED
  • CHECKOUT.ORDER.APPROVED
  • BILLING.SUBSCRIPTION.CREATED
  • BILLING.SUBSCRIPTION.CANCELLED

How to Test PayPal Webhooks Locally

  1. Create your endpoint — Sign up free and get a permanent HTTPS URL in seconds.
  2. Add the URL to PayPal — Paste your WebhookWhisper URL into your PayPal webhook settings.
  3. Enable forwarding (optional) — Add a forwarding rule to relay events to localhost:3000 or any local port.
  4. Trigger a test event — Use PayPal's dashboard or the one-click test sender to fire a PAYMENT.CAPTURE.COMPLETED event.
  5. Inspect in real time — See the full payload, headers, and response in your WebhookWhisper dashboard.

PayPal Webhook Signature Verification

PayPal signs every webhook request using the PAYPAL-TRANSMISSION-SIG header. Always verify this signature in production to prevent spoofed requests.

// Node.js — Verify PayPal webhook signature
const crypto = require('crypto');

function verifyPayPalSignature(payload, signature, secret) {
  const expected = crypto
    .createHmac('sha256', secret)
    .update(payload)
    .digest('hex');
  return crypto.timingSafeEqual(
    Buffer.from(expected),
    Buffer.from(signature)
  );
}

Common PayPal Webhook Errors

  • 401 Unauthorized — Signature mismatch. Check that you are using the raw request body (not parsed JSON) for HMAC verification.
  • Webhook not received — Verify the URL is publicly accessible. WebhookWhisper endpoints are always public — no tunneling needed.
  • Timeout errors — PayPal expects a 2xx response within a few seconds. Respond immediately and process the event asynchronously.
  • Duplicate events — PayPal retries webhook notifications up to 10 times over 3 days if your endpoint fails. Always use the event ID for idempotency checks.

Frequently Asked Questions

How do I test PayPal webhooks for free?

Sign up for a free WebhookWhisper account and get a permanent HTTPS endpoint. Add it to your PayPal webhook settings and trigger a test event from the PayPal dashboard.

Can I test PayPal webhooks without deploying?

Yes. WebhookWhisper gives you a public HTTPS URL that requires no deployment. Use the built-in forwarding rules to relay events to your local development server.

How do I receive PayPal webhooks on localhost?

Create a forwarding rule in WebhookWhisper pointing to your local port (e.g. http://localhost:3000/webhook). Every incoming event is relayed to your local server with retry logic.

What is the PayPal webhook retry policy?

PayPal retries webhook notifications up to 10 times over 3 days if your endpoint fails.

Try it right now — no signup

Get a live webhook URL in one click and see requests arrive in real time, right here.

Live demo — no signup required

See it work in real time

Click below to get a live webhook URL instantly. Paste it anywhere — Stripe, GitHub, Postman — and watch events arrive right here.

Expires in 1 hour · No account needed

Ready to test your webhooks?

Get a free HTTPS endpoint in under 5 seconds — no signup required.

Create Free Account

Explore More

Webhook Provider Directory Webhook Developer Blog webhook.site Alternative API Documentation
PayPal Webhook Testing — Free Tool (2026) | WebhookWhisper