“Passing Stripe Webhooks Through Vercel Authentication in Preview Environments”
I tried implementing this with ChatGPT’s help and ended up getting completely misled — so here’s the correct setup, as a personal memo.
Steps
Here’s the full procedure:
- Turn on Vercel Authentication
- Set the VERCEL_AUTOMATION_BYPASS_SECRET under Protection Bypass for Automation
- Add your Stripe webhook endpoint
That’s really all there is to it.
(Also, I believe this works even on the Vercel Free plan?)
Step Details
Turn on Vercel Authentication
Go to your project’s Settings → Deployment Protection, and enable Vercel Authentication.
Set VERCEL_AUTOMATION_BYPASS_SECRET under Protection Bypass for Automation
In the same screen, look for Protection Bypass for Automation, then set any random 32-character string.
You can regenerate it later if needed, and Vercel will show the value again — so you don’t even need to keep a memo.
Add Your Stripe Webhook Endpoint
Here’s what the endpoint URL should look like:
https://staging.example.com/api/stripe/webhook?x-vercel-protection-bypass=your-32-character-secret
When I asked ChatGPT about this part, it gave me a bunch of nonsense answers — seriously, come on.
For reference, this setup is also mentioned on Stack Overflow.
Life-saver, really.
That’s all there is to it.