Test webhooks locally

Call your receiver with a signed payload (recommended). Use the code in Verify webhook signatures to sign the request locally so your secret never enters the docs UI.