Skip to content

Changelog

Web v0.23.1CLI v1.1.2SDK v1.8.0MCP v1.6.0
Web Appv0.23.1

Fix: send-webhook templates for newer providers

  • Fixed the dashboard send-webhook dialog failing with “Unsupported template "custom"” for 14 providers (HubSpot, Square, Meta, Lemon Squeezy, Coinbase Commerce, Razorpay, Cal.com, Intercom, Telegram, Mailgun, Calendly, Mux, Sentry, Bitbucket) — their template presets now derive from the SDK provider metadata so every listed provider can send a signed test webhook
Web Appv0.23.0

Agent Registration — sandbox, claim codes, SMTP email

  • Unclaimed agent credentials now work immediately in a bounded sandbox: an anonymous key can create ephemeral endpoints and read only its own captured requests, with strict cross-tenant isolation, before a human claims it
  • Anonymous registrations get a short human-friendly claim code (e.g. ABCD-EFGH) alongside the claim link — a signed-in user can claim by typing the code at /agent/claim
  • Verification emails (OTP) now send over SMTP in production (SMTP → Resend → dev fallback); local dev and tests keep using the in-process capture transport
  • Documented the ID-JAG trusted-provider config format and added an identity-provider onboarding section to the hosted /auth.md
SDKv1.8.0

Agent self-registration on-ramp

  • New static WebhooksCC.register helpers let an agent obtain its own credential before it has one: anonymous (with claim code + poll/waitForClaim), verified_email (withEmail + confirmEmailOtp), and identity_assertion (withIdJag)
  • WebhooksCC.describeRegistration() and client.describe().registration surface the auth.md on-ramp so an unauthenticated agent can discover how to register
  • Standalone exports (registerAnonymous, registerWithEmail, confirmEmailOtp, registerWithIdJag, pollClaim, waitForClaim) plus an AgentRegisterError carrying the auth.md error code
MCPv1.6.0

Agent self-registration on-ramp

  • New unauthenticated tools — how_to_register, register_agent, and check_claim — let an agent with no API key learn the auth.md flows and drive the anonymous register + claim handshake
  • The MCP server now boots without WHK_API_KEY, exposing only the registration on-ramp so an agent can obtain a credential instead of failing to start
  • describe now includes the registration on-ramp block from the SDK
Web Appv0.22.0

Agent Registration — auth.md (anonymous, verified email, ID-JAG)

  • Implements the WorkOS auth.md agent-registration protocol: agents self-register a credential anonymously, via a verified-email one-time code, or by presenting a provider-signed ID-JAG identity assertion
  • Adds RFC 9728 discovery (/.well-known/oauth-protected-resource and /.well-known/oauth-authorization-server), a hosted /auth.md, and a WWW-Authenticate hint on 401s so agents can discover how to authenticate
  • Anonymous credentials can be claimed by a signed-in user from an in-app claim page, permanently attaching the key to their account
  • Supports provider-driven revocation (logout token) for ID-JAG-issued credentials
Web Appv0.21.0

7 New Providers — Square, HubSpot, Mailgun, Calendly, Mux, Sentry, Bitbucket

  • Provider catalog grows from 21 to 28: added Square, HubSpot, Mailgun, Calendly, Mux, Sentry, and Bitbucket across templates, auto-detection, and signature verification
  • Three new signing schemes are now supported server-side: URL + body (Square), HTTP method + URI + body + timestamp (HubSpot), and body-embedded signature fields (Mailgun)
  • Endpoint settings, the send-webhook dialog, and the Signature tab list all 28 named providers; automatic server-side verification works for every one except SendGrid (IP allowlisting)
  • Refreshed provider template and signature-verification docs with payload shapes, headers, and algorithms for each new provider
Web Appv0.20.4

7 New Providers — Meta, Lemon Squeezy, Coinbase Commerce, Razorpay, Cal.com, Intercom, Telegram

  • Provider catalog grows from 14 to 21: added Meta (WhatsApp/Messenger/Instagram), Lemon Squeezy, Coinbase Commerce, Razorpay, Cal.com, Intercom, and Telegram across templates, auto-detection, and signature verification
  • Endpoint settings, the send-webhook dialog, and the Signature tab now list all new providers; server-side automatic verification works for every one
  • Refreshed provider template and signature-verification docs with payload shapes, headers, and algorithms for each new provider
SDKv1.7.0

7 New Providers — Square, HubSpot, Mailgun, Calendly, Mux, Sentry, Bitbucket

  • Added Square, HubSpot, Mailgun, Calendly, Mux, Sentry, and Bitbucket to templates, detection, and verification — the catalog now covers 28 named providers
  • New verifiers: verifySquareSignature, verifyHubSpotSignature, verifyMailgunSignature, verifyCalendlySignature, verifyMuxSignature, verifySentrySignature, verifyBitbucketSignature
  • New detection helpers: isSquareWebhook, isHubSpotWebhook, isMailgunWebhook, isCalendlyWebhook, isMuxWebhook, isSentryWebhook, isBitbucketWebhook
  • VerifySignatureOptions gains an optional method field; Square and HubSpot verification require the request url (HubSpot also uses the method and rejects timestamps older than 5 minutes)
  • Bitbucket is detected on x-event-key before Intercom to avoid the shared x-hub-signature collision (Bitbucket sha256=, Intercom sha1=)
SDKv1.6.0

7 New Providers

  • Added Meta (WhatsApp/Messenger/Instagram), Lemon Squeezy, Coinbase Commerce, Razorpay, Cal.com, Intercom, and Telegram to templates, detection, and verification
  • New verifiers: verifyMetaSignature, verifyLemonSqueezySignature, verifyCoinbaseCommerceSignature, verifyRazorpaySignature, verifyCalSignature, verifyIntercomSignature, verifyTelegramSignature
  • New detection helpers: isMetaWebhook, isLemonSqueezyWebhook, isCoinbaseCommerceWebhook, isRazorpayWebhook, isCalWebhook, isIntercomWebhook, isTelegramWebhook
  • Meta is detected by body shape (ordered before GitHub); Intercom (sha1=) is disambiguated from GitHub's x-hub-signature-256 and Bitbucket's sha256=
MCPv1.5.0

7 New Providers — Square, HubSpot, Mailgun, Calendly, Mux, Sentry, Bitbucket

  • Square, HubSpot, Mailgun, Calendly, Mux, Sentry, and Bitbucket are now available in send_webhook, send_to, preview_webhook, list_provider_templates, and verify_signature — wired automatically through the SDK provider lists, bringing the catalog to 28 named providers
MCPv1.4.2

7 New Providers

  • Meta, Lemon Squeezy, Coinbase Commerce, Razorpay, Cal.com, Intercom, and Telegram are now available in send_webhook, send_to, preview_webhook, list_provider_templates, and verify_signature — wired automatically through the SDK provider lists
Web Appv0.20.3

CLI v1.1.2 Release

  • Ships the CLI v1.1.2 polish — correct version display in `whk update` and a clear, actionable message when the install directory isn't writable
CLIv1.1.2

Update Command Polish

  • `whk update` now displays the current version correctly (was rendering as `vv1.0.0` due to a double `v` prefix)
  • When the install directory isn't user-writable, `whk update` fails fast with a clear message naming the path and suggesting `sudo whk update` or a user-writable reinstall — instead of the cryptic `Permission denied (os error 13)` after a multi-MB download
Web Appv0.20.2

MCP v1.4.1 & CLI v1.1.1 Release

  • MCP and CLI version bumps ship transitive dependency upgrades — zod 4 in MCP, tokio 1.52 and rustls-webpki refresh in the CLI
CLIv1.1.1

Dependency Maintenance

  • tokio 1.51 → 1.52, rustls-webpki refresh, axum 0.8.9, rand 0.8.6, clap 4.6.1, clap_complete 4.6.5, open 5.3.5 — picks up upstream security fixes
  • Internal clippy 1.95 cleanups in the TUI event loop and update screen (no behavior change)
MCPv1.4.1

zod 4 Upgrade

  • Upgrades the zod dependency from 3.x to 4.x with the matching tool-schema adaptation in src/tools.ts
Web Appv0.20.1

CI hardening & lint cleanup

  • CI: Build Web App job now uses placeholder env values when Supabase secrets aren't available (e.g. Dependabot PRs), so dependency-update PRs get a meaningful build signal
  • Resolved new strict react-hooks lint errors surfaced by an upcoming plugin bump, keeping the workspace lint-clean across plugin versions
Web Appv0.20.0

Provider Auto-Detect & Typeform Support

  • Dashboard auto-detects the webhook provider from headers and payload and renders a colored provider badge on each request
  • Provider icons (Stripe, GitHub, Shopify, Twilio, Slack, Paddle, Linear, Clerk, Discord, Vercel, GitLab, Typeform, and more) across the request list and detail panes
  • Typeform added to provider templates and signature verification — configure on any endpoint
  • Hardened signing configuration invariants: partial or stale provider state is no longer possible, eliminating a class of silent verification failures
  • Refreshed provider docs, ngrok and webhook.site comparison guides, signature verification guide, and MCP tools reference
SDKv1.5.0

Typeform Provider & Webhook Auto-Detect

  • Typeform provider templates (form_response, partial_response, payment) and verifyTypeformSignature
  • detectWebhookInfo() and detectWebhookProvider() helpers for provider auto-detection from headers and body
  • DetectedWebhookInfo type and isTypeformWebhook detection helper
MCPv1.4.0

Typeform Provider Support

  • Typeform exposed in list_provider_templates with templates, default event, and signature metadata
  • Typeform usable in create_endpoint and update_endpoint signing config
Web Appv0.19.1

Guest Dashboard SEO Overhaul

  • Fixed layout bug on /go where hero copy rendered above the navbar
  • Added feature cards flanking the Send Your First Webhook widget — mock responses, signature verification, CLI tunnel, SDK testing, MCP, and search/replay — visible without scrolling on xl+ screens
  • Expanded server-rendered SEO content (14 internal doc links, 12 headings, 751 words, BreadcrumbList + FAQPage schemas, hreflang alternates)
  • Promoted the page h1 to a visible subtitle inside the nav on md+ screens
CLIv1.1.0

Signature Verification

  • Tunnel forwards X-Signature-Verified, X-Signature-Provider, and X-Signature-Error headers
  • Listen shows inline verification status (checkmark/cross) per request
  • Create supports --signing-provider and --signing-secret flags (or WHK_SIGNING_SECRET env var)
SDKv1.4.0

Signature Verification Matchers

  • matchVerified() and matchUnverified() matchers for signature verification assertions
  • signatureVerified, signatureError, and signingProvider fields on Request and Endpoint types
MCPv1.3.0

Signature Verification Tools

  • Signing config (provider + secret) on create_endpoint and update_endpoint
  • verify_signature tool returns stored server-side results with skipped detection
  • Discord publicKey support for Ed25519 verification
Web Appv0.19.0

Signature Verification

  • Server-side webhook signature verification for 13 providers — configure once per endpoint, every request verified automatically
  • New Signature tab in request detail: paste a secret for instant client-side verification, or view stored server-side results with detailed error diagnostics
  • Verification badges (shield icons) in the request list and summary bar for at-a-glance valid/invalid status
  • Signing configuration section in endpoint settings: provider dropdown, encrypted secret storage, provider-specific tips
  • SDK: matchVerified() and matchUnverified() matchers for test assertions
  • MCP: verify_signature returns stored results without needing a secret; create/update endpoints with signing config
  • CLI: X-Signature-Verified headers on tunnel, verification status in listen output, --signing-provider/--signing-secret on create
Web Appv0.18.3

Blog Resilience & Housekeeping

  • Blog pages gracefully fall back when Supabase is unreachable instead of erroring
  • Added SECURITY.md and CODE_OF_CONDUCT.md for open-source governance
Web Appv0.18.2

SDK v1.3.0 & MCP v1.2.0 Release

  • Updated llms.txt and llms-full.txt with conditional response rules documentation
  • SDK and MCP version bumps for response rules and provider consolidation
Web Appv0.18.1

Blog Page Redesign

  • Redesigned blog index with clear visual hierarchy: featured post, two latest cards, and a scannable list for all posts
  • Compact page header replacing the bulky hero section
  • Fixed blog posts not appearing after publish due to stale Next.js fetch cache
Web Appv0.18.0

Conditional Response Rules

  • Define ordered response rules that match on method, path, headers, or body — first match wins
  • Visual response rules editor in endpoint settings with drag-to-reorder
  • Rules evaluated in the Rust receiver for low-latency conditional responses
  • Full SDK, MCP, and API support for managing response rules
SDKv1.3.0

Response Rules & Provider Consolidation

  • ResponseRule and ResponseRuleCondition types for conditional mock responses
  • validateResponseRules() and validation constants exported for shared use
  • TEMPLATE_PROVIDERS, VERIFY_PROVIDERS, and buildTemplateSendOptions exports — single source of truth for provider logic
  • Notification URL support in create/update endpoint options
  • Raw body replay with byte-exact fidelity (base64-decoded bodyRaw)
MCPv1.2.0

Response Rules & Notifications

  • Response rules support in create_endpoint and update_endpoint tools
  • Notification URL parameter for endpoint creation and updates
  • Provider lists imported from SDK — single source of truth
Web Appv0.17.4

SEO & Accessibility Improvements

  • Custom 404 page, OG image optimization (PNG→JPG), and improved sitemap generation
  • Comprehensive structured data (JSON-LD) and meta tag improvements across all pages
  • LLMs-full.txt for AI agent discoverability
Web Appv0.17.3

Configurable Limits & Security Hardening

  • Endpoint creation rate limits, ephemeral caps, and receiver body size now configurable via env vars
  • Stored XSS regression test suite for endpoint names, mock responses, and request data
Web Appv0.17.2

Teams Module Refactor

  • Atomic team invite acceptance with member limit enforcement (max 25)
  • Split teams module into focused sub-modules for better maintainability
Web Appv0.17.1

Consolidated Provider Logic

  • Unified webhook provider lists, signing, and payload generation via SDK — single source of truth
  • Added standard-webhooks provider to Send Webhook dialog (fixes drift from SDK/MCP)
  • Shared mock response validation across endpoint routes using SDK constants
Web Appv0.17.0

Redis-Backed Rate Limiting

  • Distributed rate limiting via Redis sliding window for all API routes
  • Receiver notification deduplication backed by Redis
  • Graceful fallback to in-memory rate limiting when Redis is unavailable
Web Appv0.16.0

Raw Body Fidelity & Search Performance

  • Raw body storage for non-UTF-8 payloads preserves byte-exact fidelity
  • Trigram-indexed full-text search across request path, body, and headers
  • Improved SSE streaming with raw body support
  • SDK version drift fix and accurate Retry-After headers
Web Appv0.15.0

Notification Webhooks

  • Configure a notification URL on any endpoint to receive POST alerts when webhooks are captured
  • Supports Slack, Discord, Microsoft Teams, and any webhook-compatible service
  • Notification URL management in endpoint settings and via API/SDK/MCP
  • New docs page for notification webhooks
Web Appv0.14.1

API Key Deletion Confirmation

  • Added confirmation dialog before deleting API keys to prevent accidental revocation
CLIv1.0.0

Rust Rewrite

  • Complete rewrite from Go to Rust for faster startup and smaller binaries
  • Full feature parity: tunnel, listen, auth, endpoints, requests, replay, send, update
  • Interactive TUI with ratatui (search, endpoint detail, request viewer)
  • Request search and filtering in TUI
  • Send webhooks with provider template signing from TUI
Web Appv0.14.0

API Explorer & Rate Limiting

  • Interactive API explorer at /api-explorer powered by Scalar
  • OpenAPI 3.1.0 specification at /openapi.yaml
  • Improved rate limiting with sliding window and informational headers
  • SDK error messages now include rate limit details and Retry-After hints
SDKv1.2.1

Rate Limit Metadata

  • RateLimitError now includes limit, remaining, and reset fields
  • New RateLimitMeta type export
Web Appv0.13.1

Pricing Copy Updates

  • Updated pricing copy across comparison pages and docs
  • Teams highlighted as Pro-exclusive feature
Web Appv0.13.0

Teams

  • Create and manage teams with invite-based membership
  • Share endpoints with team members
  • Team roles: owner and member with scoped permissions
  • Endpoint switcher shows personal and team endpoints
  • Teams documentation page
CLIv0.6.0

Teams Support

  • Endpoint list shows owned and team-shared endpoints
  • TeamShare metadata in endpoint responses
SDKv1.2.0

Teams Support

  • TeamShare type for endpoint team metadata
  • Endpoint type includes sharedWith and fromTeam fields
Web Appv0.12.1

Comparison Pages Expansion

  • New comparison pages: Hookdeck, localtunnel, RequestBin, Smee
  • Redesigned Beeceptor, ngrok, and Webhook.site comparison pages
  • Shared comparison CTA component
Web Appv0.12.0

Request Debugging Tools

  • Pin requests to keep them visible across endpoint switches
  • Add notes to captured requests (stored locally)
  • Side-by-side request diff comparison
  • Visual request timeline view
  • Interactive dashboard guide
  • Dashboard features documentation page
Web Appv0.11.0

Dashboard Improvements

  • Keyboard shortcuts for dashboard navigation
  • Collapsible JSON tree viewer for request bodies
  • JSON to TypeScript type generation
  • Resizable split pane in request viewer
  • Richer request list rows with method badges and size
Web Appv0.10.1

Case-Insensitive Slugs

  • Endpoint slugs are now case-insensitive (e.g. /w/AbC and /w/abc resolve to the same endpoint)
Web Appv0.10.0

Conversion Funnel & Live Preview

  • Live webhook preview on landing page
  • Getting started guide for new users
  • Claim ephemeral endpoints after signing in
  • Site stats social proof on landing page
  • Pricing CTA and docs CTA components
  • Redesigned hero and navigation
Web Appv0.9.3

Docs Expansion

  • REST API reference documentation page
  • Plans & limits documentation page
  • Webhook.site vs webhooks.cc comparison page
  • Docs navigation restructure and consistency improvements
Web Appv0.9.2

Changelog & Version Display

  • Public changelog page at /changelog with track filtering
  • Version display on account page
  • Deep health check endpoint for AppSignal uptime monitoring
  • Forward user IP on test webhook sends
  • Status page link in footer
Web Appv0.9.1

Provider Templates & Mock Response Delay

  • Add SendGrid, Clerk, Discord, Vercel, GitLab provider templates (12 total)
  • Configurable response delay for mock responses (0-30s)
  • Comprehensive analytics tracking for request and endpoint operations
  • New provider template reference documentation page
SDKv1.1.0

New Provider Templates

  • Add SendGrid, Clerk, Discord, Vercel, GitLab provider templates
  • Detection helpers: isSendGridWebhook, isClerkWebhook, isVercelWebhook, isGitLabWebhook
  • Signature verification: verifyClerkSignature, verifyVercelSignature, verifyGitLabSignature
  • Mock response delay field
MCPv1.1.0

New Provider Templates

  • Add SendGrid, Clerk, Discord, Vercel, GitLab to template and verify providers
  • Mock response delay support
Web Appv0.9.0

AppSignal & Next.js 16 Proxy

  • Replace Sentry with AppSignal for EU data residency compliance
  • OpenTelemetry tracing pipeline for Rust receiver
  • Migrate Next.js middleware.ts to proxy.ts (Next.js 16)
  • Proxy test webhook sends through server-side API route
CLIv0.5.3

Tunnel Base Path & TUI Fixes

  • Support base path in tunnel target (e.g. whk tunnel 8080/api/webhooks)
  • Fix TUI tunnel input swallowing shortcut-bound keys
CLIv0.5.2

Custom Headers

  • Add -H/--header flag for injecting custom headers in tunnel forwarding
SDKv1.0.1

Proxy & Delay

  • Mock response delay field support
  • Minor type and documentation fixes
MCPv1.0.1

Delay & Fixes

  • Mock response delay support in update_endpoint tool
  • Minor schema fixes
Web Appv0.8.0

Docs Overhaul

  • 14 new documentation pages with MDX pipeline
  • Standard Webhooks provider and sendTo method
  • Dynamic blog system with API publishing
  • PostHog analytics integration
  • Receiver file logging with daily rotation
  • Adjusted tier quotas (guest 25/12hrs, free 50/day, pro 100K/month)
SDKv1.0.0

Stable API

  • WebhookFlowBuilder for multi-step test scenarios
  • Request export (JSON, HAR) and clear methods
  • Full-text search and count queries
MCPv1.0.0

Stable API

  • Standard Webhooks provider support
  • Batch endpoint create/delete tools
  • Request export, search, and clear tools
  • Setup commands for Cursor, VS Code, Windsurf, Claude Desktop, Codex
SDKv0.6.0

Build Request & Fixes

  • buildRequest method for constructing signed webhook requests
  • Fix raw secret detection for Standard Webhooks
  • Request diffing (diffRequests)
SDKv0.5.0

Standard Webhooks & sendTo

  • Standard Webhooks provider and sendTo method
  • matchContentType, matchQueryParam, matchBodySubset matchers
  • Provider template sending with signed headers
MCPv0.3.0

Signature & Templates

  • verify_signature tool for 9 providers
  • send_webhook with provider template signing
  • compare_requests and extract_from_request tools
Web Appv0.7.4

SEO & Navigation Refresh

  • Refresh site metadata and navigation layout
  • Fix sitemap response content
Web Appv0.7.3

Webhook Templates & Retention

  • Signed webhook templates (Stripe, GitHub, Shopify, Twilio, Slack, Paddle, Linear)
  • Request retention policy improvements
  • Homepage comparison section
SDKv0.4.0

Signature Verification

  • verifySignature for Stripe, GitHub, Shopify, Twilio, Slack, Paddle, Linear
  • Webhook templates with realistic payloads
MCPv0.2.0

Webhook Templates

  • Provider template support in send_webhook
  • list_provider_templates tool
CLIv0.5.1

Replay & Ephemeral

  • Add whk replay command to resend captured requests
  • Add --ephemeral flag for auto-deleting tunnel endpoints
Web Appv0.7.2

SEO & Search

  • Structured data (JSON-LD), FAQ section, breadcrumbs
  • Add llms.txt for AI discovery
  • Full-text search across request body, headers, and path
  • Paginated request history with retention policies
SDKv0.3.0

SSE Streaming

  • subscribe() SSE async iterator for real-time streaming
  • describe() introspection for AI agents
MCPv0.1.0

Initial Release

  • 11 tools: create/list/get/update/delete endpoints, list/get requests, send/wait/replay, describe
  • stdio transport via @modelcontextprotocol/sdk
  • Setup CLI for Cursor, VS Code, Windsurf, Claude Desktop
Web Appv0.7.0

Rust Receiver & CLI TUI

  • Rewrite webhook receiver from Go to Rust (Axum + sqlx + Tokio)
  • Optimize database with stored procedures (capture_webhook())
  • Guest live dashboard for unauthenticated users
  • Strict quota enforcement for all endpoint types
CLIv0.5.0

TUI Mode

  • Interactive TUI with menu, auth, endpoint listing, and request detail views
  • Real-time SSE subscriptions in TUI
Web Appv0.6.0

Production Hardening

  • Six phases of production hardening (abuse protection, CSP, rate limiting)
  • Integration test suite (42 test cases)
  • SEO metadata, sitemap improvements, crawler exclusions
CLIv0.4.0

Device Auth

  • Browser-based device authentication flow
  • whk update self-update with SHA256 verification
SDKv0.2.0

Matchers & Helpers

  • Composable request matchers (matchMethod, matchHeader, matchBodyPath, matchAll, matchAny)
  • Provider detection helpers (isStripeWebhook, isGitHubWebhook, etc.)
  • parseJsonBody, parseFormBody, extractJsonField helpers
Web Appv0.5.0

Security & Docs

  • Security hardening across backend, API routes, and CLI
  • Floating navbar, sidebar, and docs improvements
CLIv0.3.0

Cosign Signing

  • Cosign keyless signing for release binaries
SDKv0.1.0

Initial Release

  • Endpoint CRUD (create, get, list, delete, update)
  • Request list, waitFor with timeout and polling
  • Replay captured requests to any URL
  • Human-readable duration strings (30s, 5m)
Web Appv0.4.0

Public Pages

  • Installation page with copy-paste commands
  • Privacy policy and terms of service pages
  • XML sitemap generation
CLIv0.2.0

Initial Release

  • whk tunnel for forwarding webhooks to localhost
  • whk listen for streaming requests to terminal
  • whk create, list, delete for endpoint management
Web Appv0.3.0

Billing & Polish

  • Polar.sh subscription management (free/pro tiers)
  • Request batching and endpoint caching for high-throughput
  • Dashboard UI improvements (empty states, layout fixes)
Web Appv0.2.0

CI/CD & Code Quality

  • CI pipeline with lint, typecheck, build, and test stages
  • Dependabot and CodeQL security scanning
  • Input validation, CSP, and rate limiting
Web Appv0.1.0

Initial Release

  • Dashboard with webhook capture and real-time inspection
  • GitHub and Google OAuth authentication
  • Basic endpoint CRUD and request viewer