API hosting

Deploy a Flask webhook handler on DenkOps

Signature verification only works if you can read the raw request body before Flask's parser touches it, and retries only stop hammering you once the endpoint answers fast every time. A DenkOps slot keeps your Flask process resident, so the raw body is always available and the response is instant, no cold-start window where a provider's retry queue backs up.

import hmac, hashlib
from flask import Flask, request, abort

app = Flask(__name__)
SECRET = b"whsec_..."  # env var

@app.post("/hook")
def hook():
    sig = request.headers.get("X-Signature", "")
    digest = hmac.new(SECRET, request.get_data(), hashlib.sha256).hexdigest()
    if not hmac.compare_digest(sig, digest):
        abort(401)
    # request.get_json() is safe now the signature checked out
    return {"ok": True}

Deploy it: install the plugin, say "deploy on DenkOps", and get a live SSL URL.

Start on DenkOps →

FAQ

Can I verify raw-body HMAC signatures in Flask on DenkOps?

Yes. request.get_data() gives you the untouched body before Flask parses JSON, so signature checks are exact, the same as running Flask on your own server.

Does a Flask webhook cold-start on DenkOps?

No. The slot runs your Flask app continuously, so there is no import or worker spin-up delay when a provider calls the hook.

← Deploy AI agents · API hosting