I’m integrating Stripe webhooks into my API, which is built with Django Rest Framework (DRF). Here’s my webhook view:
class StripeWebhookView(APIView):
permission_classes = [AllowAny] # Public webhook
def post(self, request, *args, **kwargs):
payload = request.body
sig_header = request.headers.get('stripe-signature')
try:
event = stripe.Webhook.construct_event(
payload=payload,
sig_header=sig_header,
secret=settings.STRIPE_SIGNING_SECRET
)
except ValueError as e:
print(f"Invalid payload: {e}")
return Response(status=status.HTTP_400_BAD_REQUEST)
except stripe.error.SignatureVerificationError as e:
print(f"Invalid signature: {e}")
return Response(status=status.HTTP_400_BAD_REQUEST)
# ... webhook logic ...
return Response(status=200)
I get:
[…] “POST /webhooks/stripe-webhook/ HTTP/1.1” 200 0
[…] “POST /webhooks/stripe-webhook/ HTTP/1.1” 200 0
[…] “POST /webhooks/stripe-webhook/ HTTP/1.1” 200 0
[…] “POST /webhooks/stripe-webhook/ HTTP/1.1” 200 0
[…] “POST /webhooks/stripe-webhook/ HTTP/1.1” 200 0
[…] “POST /webhooks/stripe-webhook/ HTTP/1.1” 200 0
Invalid signature: No signatures found matching the expected signature for payload
Bad Request: /webhooks/stripe-webhook/
[…] “POST /webhooks/stripe-webhook/ HTTP/1.1” 400 0
I’ve already double-checked that my STRIPE_SIGNING_SECRET is correct, and my endpoint is set up correctly in the Stripe dashboard.
I am using request.body directly (not request.data), as suggested in other answers, but the error persists.
Has anyone successfully used Stripe webhooks with Django Rest Framework and managed to pass signature verification?
I have carefully read and tried all the solutions mentioned in this post I am using request.body (not request.data) to get the raw payload
- My webhook URL is public and accessible via ngrok, HTTPS, no firewalls
- The Stripe signing secret is copied directly from the dashboard/CLI
- I tested with Stripe CLI and Dashboard, both in test and live mode