OpenFence's AI reads the raw diagnostic facts of a real delivery — signatures, timestamps, retry history, dead-letters — and explains, in plain English, exactly what went wrong and what to change. 25 explanations every month, included on Standard.
$0 today · 14-day free trial · explanations included.
The four failure modes behind almost every broken webhook — each one cross-referenced to the troubleshooting catalog.
A wrong or rotated signing secret — the receiver verifies against a key we're no longer signing with, so every delivery 401s.
A middleware like express.json() reparses and re-emits the body before you verify, so the bytes you sign differ from the bytes we signed.
A delivery arrives — or is retried — outside the ±5-minute freshness window, or a clock-skewed receiver rejects a valid one.
A receiver returns 4xx/5xx until retries run out and the delivery lands in the dead-letter store — the AI surfaces the pattern and the first failing attempt.
This is the actual output format — a plain-English narrative plus structured findings, each severity · code — summary. Toggle a failure type:
All 14 deliveries to your orders subscription returned HTTP 401 in the last 24 hours. The signature headers are well-formed and the timestamps are fresh, so the secret itself is fine — the body is being altered between receipt and verification.
body_reparsed
— your receiver re-serializes the JSON body (e.g. express.json()) before computing the HMAC, so the signed bytes never match ours. Verify against the raw request body.
Deliveries to your inventory subscription started failing at 14:02 UTC — 0 of 9 verified since, after a clean morning. That points at a credential change rather than your code.
signature_mismatch
— the signing secret was rotated at 14:02 UTC; your receiver is still verifying with the previous key. Roll the new secret into your verifier.
Your alerts receiver rejected 6 of the last 20 deliveries even though their signatures are valid — all six landed within a few minutes of the freshness boundary.
timestamp_stale
— deliveries are landing just outside the ±5-minute window; the receiver host clock is roughly 7 minutes behind. Sync it with NTP before widening any tolerance.
Real output format. In your dashboard this runs on your own deliveries — and the raw diagnostic facts are shown even when the AI is unavailable.
It runs in your dashboard, against your own subscriptions and delivery history — your tenant data only, never anyone else's.
The raw diagnostic facts are always shown — signatures, timestamps, retries, dead-letters. The AI explanation is a layer on top, never the source of truth, so you're covered even when it's unavailable.
Nothing to install or configure. The moment you have deliveries, you can ask for an explanation — 25 a month included.
Every Standard plan ($49/mo) includes 25 AI explanations a month. Need more? The Standard AI add-on bumps you to 250/month — add or remove it anytime, prorated, from your dashboard.
See full pricing →+$30/mo → 250
Start a tenant, send a few pings, and ask the AI to explain your first webhook. $0 for 14 days.
$0 today · 14-day free trial. On a trial? Upgrade →