Webhook control plane for production systems

Name: Duerelay
Brand: Duerelay

Govern every webhook from ingress to execution

Deterministic execution, policy enforcement, agent control, and full audit trail — for Stripe, GitHub, Shopify, and every revenue-critical event pipeline.

Policy gates — budget, rate, content enforcement

Agent SDKs with per-agent credentials

Inspect payloads, replay failures, prevent duplicates

OTEL traces, audit trails, compliance export

Four Layers of Webhook Governance

Duerelay enforces correctness from ingestion to execution — preventing duplicate processing, enforcing policies, and recording every decision.

01 · Ingress

Authenticate & admit

Only authorized webhook sources are accepted. Ingress policies validate authenticity before events enter the pipeline.

02 · Policy Enforcement

Enforce budget, rate & content gates

Policy gates enforce spend limits, throughput caps, and payload rules before any action executes.

03 · Execution

Execute deterministically

Idempotent delivery prevents duplicates. Agent SDKs and bundles execute actions atomically with rollback on failure.

04 · Observe & Audit

Trace, export & audit

OTEL traces record every execution. Immutable audit trails and compliance export provide full accountability.

Agent SDKs

Typed execute endpoint

Agent SDKs provide a typed execute endpoint with per-agent credentials. Each agent operates under its own identity and policy scope.

Policy Gates

Budget, rate & content rules

Enforce spend limits, throughput caps, and payload validation before any agent action executes. Non-conforming requests are blocked with a clear reason.

Bundles

Atomic multi-action execution

Group multiple agent actions into a single bundle. If any step fails, preceding steps are rolled back automatically.

Approval & Traces

Human-in-the-loop & OTEL

Require human approval before sensitive actions proceed. Every execution is recorded as an OTEL trace for full auditability.

Connected in minutes

Point your source at Duerelay, set a policy, and govern every event before it reaches your application.

Route webhooks through Duerelay

Replace your endpoint URL with a Duerelay ingest URL. Works with Stripe, GitHub, Shopify, or any HTTP source.

# Stripe Dashboard → Webhooks → Add endpoint
Endpoint URL: https://ingest.duerelay.com/s/{your-token}

# Or register a source via API
curl https://api.duerelay.com/v1/sources \
  -H "Authorization: Bearer dr_live_..." \
  -d '{"name":"stripe","type":"stripe"}'

Define a policy gate

Set budget limits, rate caps, and required fields. Non-conforming events are blocked before they reach your app.

{
  "budget_eur_day": 500,
  "rate_per_minute": 100,
  "require_fields": ["customer_id", "amount"],
  "block_on_violation": true
}

Execute with the Agent SDK

Act on governed events from your app or an AI agent. Every call is idempotent, policy-gated, and OTEL-traced.

from duerelay.agent import Client

client = Client(agent_key="dar_live_...")
result = client.execute("process-payment", {
    "order_id": event["data"]["id"],
    "amount": event["data"]["amount"],
})
# idempotent · policy-gated · OTEL-traced

Webhook Control Plane for Revenue-Critical Systems

When webhooks control billing, subscriptions, or access, failures cost money and erode trust.

Duerelay authenticates, enforces policies, executes deterministically, and audits every decision — before errors reach your application.

Agent SDKs, policy gates, bundle execution, and OTEL traces give engineering teams full control and observability over their event pipelines.

Governance by design.

Common questions

Billing, governance, and how Duerelay fits alongside other webhook tools.

How is Duerelay different from Hookdeck or Svix?

Hookdeck and Svix focus on webhook delivery. Duerelay adds a governance layer on top: pre-execution policy gates (budget, rate, content), agent SDKs with per-agent credentials, atomic multi-action bundles with rollback, and OTEL traces — all enforced before any action runs against your application.

What counts as an event for billing?

Every inbound webhook admitted through Duerelay counts as one event. Policy-blocked requests and sandbox traffic do not count. Overage above the plan quota is billed at €12 per block of 25,000 events. See pricing for plan quotas.

Do I need the Agent Control Plane to use Duerelay?

No. Gateway plans (Starter €19, Core €49, Scale €89) give you webhook delivery, replay, policy gates, and observability. The Agent Control Plane is included only on Agent (AI) plans and Enterprise, when you need typed agent SDKs, bundle execution with rollback, and approval workflows.

Can I replay failed webhook deliveries?

Yes. Every event retains its full payload and delivery history. Replays are instant, idempotent, and recorded in the audit trail — the deterministic execution layer prevents duplicate side effects even when the same event is replayed multiple times.

Which webhook sources does Duerelay support?

Any HTTP source. First-class integrations exist for Stripe, GitHub, and Shopify (including signature verification). Custom sources connect via a standard ingest URL with HMAC or Bearer authentication. See the quickstart for setup.

Govern every webhook from ingress to execution

Agent Control Plane

Four Layers of Webhook Governance

Authenticate & admit

Enforce budget, rate & content gates

Execute deterministically

Trace, export & audit

Control What Agents Can Do — Before They Do It

Typed execute endpoint

Budget, rate & content rules

Atomic multi-action execution

Human-in-the-loop & OTEL

Developer Tools

Webhook Inspector

Replay Failed Webhooks

Delivery Timeline

Endpoint Health Monitor

Test Webhook Reliability in the Sandbox