SendGrid Webhook Tester — Test & Inspect SendGrid Webhooks Online
Test and inspect SendGrid webhooks online with a free webhook tester URL — capture real SendGrid payloads, see what arrives, then forward locally.
If you are wiring up SendGrid webhooks, the first question is always the same: what does SendGrid actually send? The docs show an idealised payload, but the real request — its headers and the exact JSON shape — is what your handler has to parse. A SendGrid webhook tester gives you a public URL that captures those real requests so you can read every byte before you write any code.
Get a free SendGrid webhook tester URL
The fastest way is our free Webhook Bin — a no-code webhook tester that gives you an instant public URL and stores every request that hits it, headers and body included. No signup, no deploy:
- Open the Webhook Bin and copy the URL it generates for you.
- In SendGrid → Settings → Mail Settings → Event Webhook, add a webhook endpoint and paste that URL.
- Trigger an event (see below) and watch the request land in the bin in real time.
Because the bin keeps the full request, you can inspect the headers, the Content-Type, and the complete payload — everything you need to build and verify a handler.
What a SendGrid webhook looks like
SendGrid delivers webhooks as an HTTP POST with a application/json body. SendGrid batches events into a JSON array — one POST can carry many events. When you enable the Signed Event Webhook, each request also carries X-Twilio-Email-Event-Webhook-Signature and X-Twilio-Email-Event-Webhook-Timestamp headers.
A typical payload looks like this:
[
{
"email": "[email protected]",
"event": "delivered",
"sg_event_id": "...",
"sg_message_id": "...",
"timestamp": 1700000000
}
]
Common SendGrid events you will want to test:
deliveredopenclickbouncedroppedspamreportunsubscribe
Verifying the SendGrid signature
SendGrid's Event Webhook uses ECDSA, not HMAC. Turn on the Signed Event Webhook to get a verification key (an ECDSA public key). SendGrid signs the concatenation of the X-Twilio-Email-Event-Webhook-Timestamp header and the raw payload, and sends the base64 signature in the X-Twilio-Email-Event-Webhook-Signature header. To verify, rebuild timestamp + rawBody and check the ECDSA signature against your public verification key. Capturing a real request first lets you confirm both headers and the exact raw body the signature was computed over.
You can sanity-check an HMAC implementation with the free HMAC signature verifier; for language-specific code and the common pitfalls, read verify a webhook signature.
From inspecting to receiving on localhost
A bin is perfect for seeing the payload. When you are ready to drive your local handler with real SendGrid events — without deploying — forward them straight to localhost with the Webhook Relay agent. The full walkthrough is here: Receive SendGrid webhooks on localhost.
That gives you a stable public URL that tunnels to your machine, so SendGrid keeps delivering to the same endpoint while you iterate on localhost, no firewall changes or public IP required.
Test SendGrid webhooks online in three steps
- Capture — point SendGrid at a Webhook Bin URL and inspect the real request.
- Verify — confirm the request is authentic (see above).
- Forward — when the shape is clear, receive SendGrid webhooks on localhost and build your handler.
New to webhooks in general? Start with what is a webhook and how to test webhooks.
Ready to inspect your first SendGrid event? Open a free Webhook Bin and paste the URL into SendGrid.