Convoy

Open-source webhook infrastructure, honestly reviewed. What you actually get when you run your own webhook delivery pipeline.

TL;DR

• What it is: A self-hosted webhook gateway that handles sending webhooks to your customers and receiving webhooks from third-party providers — retries, signatures, rate limiting, fan-out, and debugging dashboards included [README].
• Who it’s for: Engineering teams at SaaS companies who need reliable outgoing webhook delivery to their API customers, and platform teams receiving high-volume events from payment providers, messaging platforms, or data sources [README][homepage].
• Cost savings: The alternative is building your own retry-and-delivery layer, which typically takes a mid-level engineer 2–6 months to build properly and indefinitely to maintain. Managed services like Svix or Hookdeck charge per delivery volume. Convoy self-hosted costs infrastructure only [README].
• Key strength: Horizontally scalable architecture with independent components (api server, workers, scheduler, socket server), plus a customer-facing dashboard you can embed via iframe directly into your product [README].
• Key weakness: Elastic License v2.0 — not OSI-certified open source. You can self-host it freely, but commercial redistribution and SaaS use require a commercial agreement [README]. The GitHub star count (2,777) is low relative to comparable infrastructure projects, and third-party independent reviews are sparse, which makes community-sourced knowledge about production edge cases hard to find.

---

What is Convoy

Convoy is a webhook gateway. It sits between your services and the outside world — either routing outgoing webhooks from your application to your customers’ endpoints, or ingesting incoming webhooks from external providers (Stripe, GitHub, Twilio) and routing them to your internal services.

The pitch from the README is precise: “an open source high-performance webhooks gateway used to securely ingest, persist, debug, deliver and manage millions of events reliably” [README]. The homepage description is blunter: it’s the thing that ensures event delivery when your customer’s endpoint is down at 3am and your app shouldn’t care [homepage].

What separates Convoy from a simple HTTP client with retry logic is infrastructure-grade behavior: it acts as a dedicated message queue for webhooks, designed to be horizontally scaled component-by-component. Each subsystem (api server, workers, scheduler, socket server) scales independently so you’re not over-provisioning the whole stack when only your delivery workers are under load [README].

The company behind it is frain-dev, based on the GitHub organization. The project has 2,777 GitHub stars — small for the infrastructure category, which suggests it hasn’t crossed the mainstream awareness threshold yet, though the customer list on the homepage includes Neynar (CTO is ex-Coinbase), Maple (CTO is ex-Airbnb), and Spruce Health (Principal Engineer is ex-AWS) [homepage], which suggests the product is past the “toy project” stage in production environments.

---

Why people choose it

Independent third-party reviews of Convoy are not available in this research pass — the project is niche enough that it hasn’t attracted the kind of “10 best webhook solutions” roundup coverage that Zapier or n8n attract. What we have are five production customer quotes on the homepage [homepage] that are more informative than most review articles because they reflect real production decisions.

The pattern across the quotes is consistent: teams evaluated Convoy against building in-house and chose Convoy because the in-house path was expensive:

“We considered building a webhooks system internally but quickly realised that reaching the quality and robustness our customers deserve would be highly time-consuming. Convoy offered this out-of-the-box.” — Michael Raines, Principal Engineer at Spruce Health, ex-AWS [homepage]

“Convoy had everything we needed from a webhook gateway—retries, signatures, and SDKs. This allowed our engineering team to focus on building our core product.” — Aravindkumar Rajendiran, CTO at Maple, ex-Airbnb [homepage]

“Convoy provides all the features that we are looking for at a fair price, and we were able to integrate and offer a webhook solution in a matter of days.” — Jonathan Wiemer, Lead Software Engineer, Source.ag [homepage]

The consistent throughline: the build-vs-buy calculation favored Convoy. Webhooks sound simple — send a POST request, if it fails try again. In practice, production webhook systems need idempotency, signing, per-endpoint rate limiting, circuit breaking for consistently-failing endpoints, customer-visible debugging dashboards, and enough observability to answer “why didn’t my customer get this event?” The gap between “working prototype” and “production-grade” on this is wider than most teams expect.

The other recurring signal: time-to-integration. The Neynar CTO notes they “had test webhooks sent within the hour” [homepage]. This matters for evaluating self-hosted tools — fast initial integration is a proxy for whether the documentation and defaults are sane.

---

Features

Based on the README and homepage [README][homepage]:

Core delivery engine:

• Outgoing webhooks: events flow from your microservices → Convoy → customer endpoints [README]
• Incoming webhooks: events from third-party providers → Convoy → your internal services [README]
• Two retry strategies: constant time interval and exponential backoff with jitter [README]
• Batch retry for endpoints that have accumulated failed events [README]
• Circuit breaking: Convoy disables endpoints after consecutive failures and sends notifications [README]
• Fan-out routing: one event delivered to multiple endpoints based on event type or payload structure [README]
• Per-endpoint configurable rate limiting (Convoy ingests fast, delivers at the endpoint’s pace) [README]

Security:

• Payload signing for message integrity verification [README]
• Bearer token authentication for authenticated webhook endpoints [README]
• Static IPs for environments with strict firewall rules [README]
• Rolling secrets: rotate signing keys without downtime [README]
• Protection against SSRF (Server-Side Request Forgery) [homepage]

Observability and debugging:

• Event persistence — events are stored, not fire-and-forget [README]
• Customer-facing dashboard embeddable via iframe: customers can view event history, retry events, manage their own endpoints, and configure subscriptions without filing support tickets [README]
• Endpoint failure notifications via Email and Slack [README]
• Convoy Playground: generate webhook URLs, inspect payloads, analyze headers for testing integrations [homepage]

Infrastructure:

• Control and data plane architecture backed by PostgreSQL [homepage]
• Horizontally scalable: each component scales independently [README]
• REST API [merged profile]
• Docker and Kubernetes/Helm deployment [README][merged profile]
• SDKs mentioned by customers [homepage]

Enterprise/compliance:

• SOC2 compliant [homepage]
• GDPR compliant [homepage]
• SSO & SAML [homepage]
• Private networking [homepage]
• Role-based access control [homepage]
• 99.999% uptime SLA (on managed cloud) [homepage]

---

Pricing: SaaS vs self-hosted math

Convoy’s cloud pricing is not publicly listed on the homepage — the CTAs are “Try for free” and “Talk to a founder” [homepage]. This is an enterprise sales motion, which means you’ll get a quote based on volume and requirements rather than a publicly posted price tier.

What this means practically: if you want a number today without a sales call, Convoy Cloud doesn’t give you one. That’s worth factoring into your evaluation timeline.

Self-hosted cost:

• Software: free to self-host (Elastic License v2.0 permits this) [README]
• Infrastructure: PostgreSQL + Redis + app containers. A realistic minimum for production: a VPS with 4GB RAM, a managed Postgres instance, a managed Redis instance. Budget $30–80/mo depending on provider and volume
• Your time: setup plus ongoing maintenance

Competitors for context (where pricing is public):

• Svix (managed): Free tier (limited), paid plans from $250/mo for meaningful volume
• Hookdeck (managed): Developer plan free, Team from $100/mo, scaling with event volume
• Build in-house: Engineering time for the initial build (conservative estimate: 1–3 months of senior engineer time) plus ongoing maintenance. At a $150k/yr engineer salary that’s $12–37k in labor, recurring maintenance not included

For a company sending more than a few thousand webhooks per day to production customers, the self-hosted math on Convoy is compelling: operational cost of a few dozen dollars per month versus $250–500+/mo on managed alternatives, or a large one-time investment in in-house engineering.

The caveat: the Elastic License v2.0 restricts commercial redistribution [README]. If you’re a hosting provider or building a product that resells Convoy as a service, you need a commercial license. If you’re running Convoy for your own product’s webhook infrastructure, self-hosting is unambiguously permitted.

---

Deployment reality check

What you need:

• A Linux server (VPS, EC2, GKE, etc.) — Convoy is Docker and Kubernetes/Helm native [README]
• PostgreSQL for persistence [homepage]
• Redis for queuing
• A reverse proxy (nginx, Caddy, Traefik) for TLS termination
• A domain and DNS for your Convoy instance

What the architecture looks like in practice:

Convoy runs as multiple services: the API server handles inbound traffic and the dashboard, workers process delivery, the scheduler handles retries and cleanup, and the socket server handles real-time event streaming. For low-volume deployments you can run all components in a single docker-compose stack. For production at scale, each component scales horizontally [README].

The PostgreSQL dependency is important — this isn’t a Redis-only system. Events are persisted, which gives you the debugging and replay capabilities, but it means you need a durable Postgres setup if you care about not losing events.

What can go sideways:

The customer-facing dashboard iframe feature requires careful thought about authentication and authorization. You’re generating customer-scoped tokens that allow your customers to view and manage their own endpoints — this is a useful feature but it adds a surface area that needs to be wired into your existing auth system correctly.

The 99.999% uptime SLA [homepage] applies to Convoy’s managed cloud, not to your self-hosted instance. Your SLA is whatever your infrastructure provides.

No pre-built integrations with specific data sources — Convoy is infrastructure, not a no-code automation tool. You wire it into your application via API. If you expected point-and-click setup to connect to “Stripe → Slack”, that’s not what this product does.

Realistic setup time: A developer familiar with Docker and Postgres: 2–4 hours to a working self-hosted instance. Add another day to integrate the SDK into your application and configure production security settings. Non-technical founders should not self-host this without a technical co-founder or external help — this is backend infrastructure, not a drag-and-drop tool.

---

Pros and cons

Pros

• Production-grade reliability by default. Circuit breaking, exponential backoff, payload signing, static IPs, rolling secrets — these are the features that take months to build correctly in-house and come configured out of the box [README].
• Customer-facing debug dashboard. The embeddable dashboard that gives your customers visibility into their own webhook history is genuinely uncommon. It eliminates a class of “why didn’t I receive X” support tickets [README].
• Fan-out and filtering. Route one event to multiple endpoints based on event type or payload structure — useful for multi-tenant platforms where different customers subscribe to different event types [README].
• Horizontally scalable architecture. Each component scales independently. You don’t need to scale the entire stack to handle a spike in delivery workers [README].
• Strong customer validation. CTO-level engineering leadership at multiple production companies (ex-Coinbase, ex-Airbnb, ex-AWS) have chosen and endorsed it publicly [homepage].
• SOC2 + GDPR + SSO on managed cloud for teams with compliance requirements [homepage].

Cons

• Elastic License v2.0 — not true open source. The license permits self-hosting but restricts commercial redistribution and sublicensing. If you want MIT-style freedom to embed, resell, or build on top of it, you need a commercial agreement [README]. This is a meaningful difference from projects like Activepieces (MIT) or Meilisearch (MIT).
• No public pricing. “Talk to a founder” for cloud pricing means you can’t evaluate cost without a sales interaction [homepage]. This is a friction point if you’re doing quick vendor comparisons.
• Sparse community and documentation ecosystem. With 2,777 GitHub stars, community-sourced knowledge (Stack Overflow answers, tutorial blog posts, war stories) is thin. When you hit an edge case, you’re more likely to be filing a GitHub issue than finding a forum post.
• Developer/infrastructure tool only. This requires engineering integration — there’s no no-code UI for connecting Convoy to your data sources. If you’re a non-technical founder looking to automate workflows, this is not that product.
• Operational overhead of PostgreSQL + Redis. Two stateful dependencies to manage, backup, and keep available. Lightweight compared to many self-hosted data stacks, but more than zero.
• No public benchmark data. The README claims “high-performance” and “millions of events reliably” [README] but there are no published throughput numbers or latency benchmarks to validate against your expected load.

---

Who should use this / who shouldn’t

Use Convoy if:

• You’re building a SaaS product that sends webhooks to your API customers, and you’ve outgrown a home-rolled delivery system or never want to build one.
• Your team is paying a managed webhook service like Svix or Hookdeck and the bill is scaling with your event volume in a way that feels wrong.
• You need to receive and route high-volume webhooks from multiple providers (payments, messaging, data platforms) into internal microservices reliably.
• You want to give your own customers a debugging dashboard for their webhook subscriptions without building that UI yourself.
• You have a developer on staff who can manage Docker/Kubernetes infrastructure.

Skip it if:

• You’re a non-technical founder looking to automate business workflows (email → CRM → Slack). Use n8n or Activepieces instead.
• You need MIT-licensed source code freedom — the Elastic License v2.0 is more restrictive.
• You want publicly listed pricing before talking to a salesperson.
• Your webhook volume is low enough that a simple queue + retry in your existing backend handles it fine.
• You have zero engineering capacity for infrastructure — this requires active ownership.

---

Alternatives worth considering

• Svix — the primary managed competitor. Fully hosted, no ops overhead, higher per-event cost at scale. Good option if you want Convoy’s feature set without running infrastructure.
• Hookdeck — developer-focused managed webhook gateway. Strong on inbound webhook routing and debugging. Also managed-only.
• Build in-house — often the default. Viable if your scale is low and your team understands the maintenance commitment. Becomes expensive at medium-to-high volume or when you need customer-facing observability.
• AWS EventBridge — if you’re already AWS-native. Different abstraction (event bus vs. webhook gateway), but overlapping use cases for internal event routing.
• Temporal — if your problem is actually long-running workflow orchestration and webhooks are just part of it. Heavier, more complex, but a better fit if webhook delivery is a subset of a larger reliability problem.
• n8n — only if your use case is automation (triggering actions in response to events) rather than reliable event delivery infrastructure. Different category.

---

Bottom line

Convoy solves one problem and solves it well: reliable webhook delivery at production scale with the observability and security features that most in-house implementations quietly skip. The customer-facing embedded dashboard is a feature that typically costs a full sprint to build from scratch. The circuit breaking, rolling secrets, and fan-out routing are features that only surface as requirements after you’ve shipped without them.

The honest caveats: the Elastic License is not open source in the OSI sense, the pricing requires a sales call, and the community is small enough that you’ll occasionally be first to hit an edge case. For engineering teams doing the build-vs-buy calculation on webhook infrastructure, Convoy is a strong “buy” if the managed-cloud alternative costs too much and you have the operational capacity to run it.

If deployment is the blocker, that’s exactly what upready.dev handles for clients.

---

Sources

1. Convoy GitHub README — frain-dev/convoy. https://github.com/frain-dev/convoy
2. Convoy homepage — getconvoy.io. https://getconvoy.io
3. Convoy homepage — Customer Stories (Neynar, Spruce Health, Marble, Source.ag, Maple quotes). https://getconvoy.io
4. Elastic License v2.0 — full license text. https://github.com/frain-dev/convoy/blob/main/LICENSE