Best Open-Source Webhook Tools Compared (2026)

The Svix open-source server is MIT-licensed and fully compatible with the Svix hosted SaaS, with most of the functionality available for free self-hosting. It powers the webhook infrastructure of fast growing startups and the Fortune 500, with measured 99.99999% historical uptime on the hosted side. Features include retries with exponential backoff, durable replay, payload transformations, FIFO ordering, endpoint throttling, polling endpoints, Standard Webhooks compatibility, a wide destination matrix (Kafka, SQS, RabbitMQ, Pub/Sub, ServiceBus, EventBridge, S3, GCS, Azure Storage, and more), and SDKs in nine languages plus a CLI.

Best for: Any team that wants a true open-source webhook server (MIT) it can self-host without licensing risk, with the option to migrate to or from the hosted SaaS later. Also the most direct migration target from Convoy.

Not a good fit for: Hobbyist setups where you genuinely don't care about feature depth, ecosystem, or being able to migrate to a managed service later. Any minimal toy server will do.

Source on GitHub: github.com/svix/svix-webhooks/.

The open-source server behind Hookdeck's newer Outpost product. Apache 2.0 licensed, covers retries, replay, OpenTelemetry streaming, and a small set of destinations. The hosted Outpost SaaS has measured 99.9% historical uptime and lacks HIPAA, PCI-DSS, payload transformations, FIFO, and endpoint throttling.

Best for: Small teams that want an Apache-licensed self-hostable server and can tolerate the smaller feature surface and limited production maturity.

Not a good fit for: Regulated industries, customer-facing webhook delivery at scale, or anything that needs FIFO, throttling, transformations, or a broad destination matrix.

Read the full Svix Dispatch vs. Hookdeck Outpost comparison.

Convoy is licensed under the Elastic License v2.0, which is source-available rather than true open source. It restricts hosting Convoy as a managed service. The company behind Convoy essentially wound down, so the project is now maintained as a small side project rather than as a full-time commercial effort. It still ships retries, replay, circuit breaking, and JavaScript transformations, but has measured uptime below 99.0% over the last 12 months.

Best for: Hobbyist self-hosting where you're comfortable with a source-available license and maintaining the project yourself if you hit a bug.

Not a good fit for: Production workloads of any kind. With no active company behind it, missing FIFO and endpoint throttling, sub-99.0% measured uptime, and a non-OSS license, Convoy is not a safe choice for production webhooks.

Read the full Svix Dispatch vs. Convoy comparison.

Hook0 is licensed under the Server Side Public License, which is also source-available rather than true open source. The self-hosted Hook0 server covers subscriptions, retries, signatures, and replay, but only delivers HTTPS webhooks and lacks SOC 2, HIPAA, and PCI-DSS on the hosted side.

Best for: Small EU teams running Hook0 self-hosted under SSPL terms with modest webhook volume and HTTPS-only destinations.

Not a good fit for: Anyone who needs a true open-source license, queue or object-store destinations, regulated-industry compliance, or anything beyond a few thousand events per day.

Read the full Svix Dispatch vs. Hook0 comparison.

Rolling your own webhook delivery layer on top of a queue and a worker pool. If you have genuinely custom requirements, this can be a reasonable path. Worth noting that several of the projects above (Svix included) offer self-hosted and open-source options (Svix's MIT-licensed open-source server), so before going fully in-house it's often a good idea to start from one of those and customize as needed.

Best for: Teams with very specific, non-standard requirements and the engineering bandwidth to maintain webhook infrastructure long-term.

Not a good fit for: Most teams. Self-hosting an existing open-source server (Svix's MIT-licensed open-source server, for example) usually gets you most of the way there without taking on the long tail of retries, noisy neighbor isolation, observability, replay, transformations, FIFO, throttling, and a customer-facing portal.

See our build vs. buy analysis for the tradeoffs of running webhook delivery in-house.

Whichever open-source tool you pick (or even if you build it yourself), we strongly recommend using the Standard Webhooks specification, authored by Svix, Twilio, Kong, Supabase, Mux, ngrok, and Lob. It has been adopted by OpenAI, Anthropic, Google, and many others, and is now the closest thing the industry has to a shared standard for webhook signing and delivery. Building on it means the signatures, headers, and payload conventions your customers already know from those services work out of the box, with no bespoke signing schemes to document or maintain.

If you want a true open-source webhook server you can run in production today, the MIT-licensed Svix server is the safer default by a wide margin: same codebase as the hosted SaaS, fully compatible with it, and battle-tested at the scale of fast-growing startups and the Fortune 500. Hookdeck Outpost is the only other true OSS option but is newer and narrower. Convoy and Hook0 are source-available rather than open source and come with real licensing restrictions, and the company behind Convoy in particular is no longer active.