API hosting

Deploy an Express webhook handler on DenkOps

Signature verification in Express requires the exact raw bytes of the request body before any JSON parsing happens, and a provider's retry policy assumes your endpoint answers within a second or two. On a DenkOps slot the Express app is already running when the request arrives, so there's no cold-start delay pushing you past a provider's retry window.

import express from "express";
import crypto from "node:crypto";

const app = express();
app.post("/hook", express.raw({ type: "*/*" }), (req, res) => {
  const sig = req.header("x-signature") ?? "";
  const expected = crypto.createHmac("sha256", process.env.WEBHOOK_SECRET!).update(req.body).digest("hex");
  if (sig !== expected) return res.sendStatus(401);
  const payload = JSON.parse(req.body.toString());
  res.json({ ok: true });
});

app.listen(3000);

Deploy it: install the plugin, say "deploy on DenkOps", and get a live SSL URL.

Start on DenkOps →

FAQ

Can Express verify raw-body webhook signatures on DenkOps?

Yes, express.raw() gives you the untouched body buffer for HMAC verification, identical to how you'd run Express anywhere else.

Do webhook retries get dropped on a cold DenkOps deploy?

No. The slot keeps your Express server running continuously, so there is no cold start for retries to race against.

← Deploy AI agents · API hosting