Home Automation

How does it work?

Webhook Relay for home automation addons work exactly the same as our CLI or webhookrelayd tunneling daemon. These local agents create a reverse tunnel back to the https://my.webhookrelay.com cloud service. Any HTTP requests received by the public endpoints will be routed to your private endpoints. Webhook Relay provides end-to-end encryption, both tunnel and public endpoints use HTTPS for webhook forwarding. If you are using tunnels, HTTPS is optional (defaults to enabled) for all paid plans.

What’s the use case?

Webhook Relay addon helps to receive webhooks by popular services such as IFTTT or Zapier and relay them to your Home Assistant or Node-RED instances. It can also be used for remote access if you are using tunnels. Since webhooks are just a standard HTTP requests, any services can easily produce and consume them. Webhook Relay is particularly useful when:

You should use webhooks forwarding when:

You should use tunnels when:

Security best practices

Like with any technology, some knowledge about Webhook Relay offered features is required. First of all, applications usually set cookies or JWT tokens. It is important to keep this information secure and you should not use HTTP (non-HTTPS) tunnels for this. Make sure:

Home Assistant

Webhook Relay provides a secure, stripped down tunneling daemon webhookrelayd which can be used as a Home Assistant add-on.

Webhook Relay Home Assistant Add-on


There are several configuration options for this add-on. You can always mix and match them (Simple HTTPS, DuckDNS, Cloudflare).

Installation instructions can be found here. Most popular configuration uses DuckDNS as it provides you with your own free subdomain that can be used to retrieve TLS certificates.

Cloudflare integration

If you have your own domain name, you can follow instructions in the Cloudflare section to start using it.

Home Assistant Cloudflare

On top of it allowing you to have any domain names with TLS pass-through tunnels, you get some additional benefits:

Issue reporting & support

If you have any questions or have encountered an issue. Please check Webhook Relay addon logs and supply them here https://github.com/webhookrelay/home-assistant/issues or email us at [email protected]


Q: Does using Webhook Relay to forward webhooks makes my Home Assistant instance less secure?

A: Using our service makes your Home Assistant more secure, as webhook forwarding is one-way traffic only and no information about your Home Assistant can be retrieved.

Q: Is free plan enough for me?

A: Depends on your usage. If you just want to relay webhooks to your internal Home Assistant server then using free tier should be enough, current limit is 150 webhooks per month. If you want to access it remotely via tunnels, we would recommend to subscribe to a basic plan which is just 4.5$ per month and get secure HTTPS tunnels.

Q: Why are webhooks recorded?

A: Webhook Relay is used by engineers and developers to develop, debug and proxy various webhook requests to other services. Recording enables you to inspect the traffic. Only you or your sub-accounts can access them. Usually webhooks don’t store any sensitive information.

Q: Is tunnel traffic recorded?

A: No, you can view our GDPR policy. Tunnel traffic is not recorded. Also, please use TLS tunnels whenever possible for maximum protection.

Q: Do phone push notifications work with the tunnels?

A: Push notifications are based on HTTP2 standard that requires TLS all the way. It will work if Home Assistant has TLS enabled (you would be accessing it locally over https://192.168.*.*:8123). To do that, you can generate certificates yourself and just supply in the tunnel to not do TLS termination. Example configuration:

    "key": "[YOUR TOKEN KEY]",
    "secret": "[YOUR TOKEN SECRET]",
    "forwarding": [],
    "tunnels": [
            "name": "home-assistant", 
            "destination": "",
            "protocol": "tls",            
            "subdomain": "[YOUR SUBDOMAIN]",
    "cloudflare": {
    "email": "",
    "api_key": ""
    "duck_dns": {
        "token": "",
        "accept_terms": false
    "tunnels_enabled": true,
    "forwarding_enabled": false