Stripe Says Webhook Signature Verification Failed
Quick Answer
How do I fix Stripe Says Webhook Signature Verification Failed?
The raw request body must be used for signature verification, not the parsed JSON body. Start with "Use raw body for verification" before making broader code changes.
Fix signals
- What this answers
- Why stripe says webhook signature verification failed happens and what to change first.
- Fastest move
- Use raw body for verification
- Use this page if
- Error: webhook signature verification failed
If this keeps happening
Open the next decision, not just the patch
Use these when the current fix is helpful, but the real answer is a better tool choice, a cleaner workflow layer, or a more trustworthy launch path.
Tool picker
Open this when the payment problem is really making you question the app stack and workflow choice behind it.
Open this next →
Lovable reviews
Open this when repeated billing drift makes you question whether the current generated full-stack path is still worth the cleanup cost.
Open this next →
Cursor review
Open this when the next move is owning more of the billing and entitlement logic directly in code.
Open this next →
Deploy hub
Open this when the payment bug is really part of a bigger production handoff and environment problem.
Open this next →
Firecrawl review
Open this when the app also needs live data or richer infra decisions and the stack question is getting broader than Stripe itself.
Open this next →
Quick Fix Summary
| Most likely cause | The raw request body must be used for signature verification, not the parsed JSON body. |
| Fastest fix | Use raw body for verification |
| Use this page if | Error: webhook signature verification failed |
Exact errors people search for
If one of these matches what you are seeing, you are likely on the right fix page.
Stripe says webhook signature verification failed Webhook requests arrive but every event gets rejected 400 errors appear on the Stripe webhook endpoint
You're in the right place if...
- !Error: webhook signature verification failed
- !Webhooks received but rejected
- !400 errors on webhook endpoint
Why this happens
The raw request body must be used for signature verification, not the parsed JSON body.
Fix
Use raw body for verification
The most common mistake — using parsed JSON instead of raw text:
// WRONG — body is already parsed:
const body = await req.json()
// CORRECT — use raw text:
const body = await req.text()
const event = stripe.webhooks.constructEvent(
body,
req.headers.get('stripe-signature'),
process.env.STRIPE_WEBHOOK_SECRET
)Prevent this next time
Always use req.text() (not req.json()) for the body in webhook handlers. This preserves the exact bytes Stripe signed.
Frequently Asked Questions
Stripe signs the raw bytes. JSON parsing and re-stringifying changes formatting (whitespace, key order), breaking the signature.
Stripe Dashboard → Developers → Webhooks → your endpoint → Signing secret (starts with whsec_).
Related fixes
How to Test Stripe Webhooks Locally
Stripe Payment Succeeds but the User Never Leaves Checkout
Stripe Payment Succeeds but Subscription Status Never Updates
Accidentally Charged Real Money in Stripe
Stripe Customer Portal Link Returns an Error or 404
Stripe Payment Form Shows an Error or the Card Keeps Failing