Stripe Event validation in a Gatsby Serverless Function

If you are new to serverless, you might have thought nothing of yesterday's "Using Http Request Body" example.

export default function handler(req, res) {
  const { city, year } = req.body;
  res.send(`You time-travelled to ${city}, in year ${year}`);

But having the body served to you automagically as json, when it makes sense, is something I really like about Gatsby Functions. In most other serverless implementations, you have to parse it yourself.

However, when it comes to verifying the signature of a webhook using a third-party SDK, not so much! Most signature checks require access to the raw body.

And for the longest time, we could not access the raw body in a Gatsby Function, but with the release of Gatbsy v4.14, we can 🎉

To control the body-parser middleware export an object named config.

const stripe = require("stripe")(process.env.STRIPE_SECRET_KEY);
const endpointSecret = process.env.STRIPE_ENDPOINT_SECRET;

// Export a config object
// to configure the bodyParser
export const config = {
  bodyParser: {
    raw: {
      type: `*/*`,

export default function handler(req, res) {
  try {
    const sig = req.headers["stripe-signature"];
    const event = stripe.webhooks.constructEvent(req.body, sig, endpointSecret);

    // Handle the verified event,
    // event data can be trusted
    switch (event.type) {
      case "checkout.session.completed":
        console.log("CheckoutSession completed, fulfill the order!");
        // Handle the event
      // ... handle other event types
        console.log(`Unhandled event type ${event.type}`);

  } catch (err) {

Unfortunately, I cannot seem to make this work locally, but I have verified that it works on Gatsby Cloud. I will, of course, follow up with Gatsby to figure out what's up. Is it a feature? Or a bug? I know my opinion on the matter 😬

Update: Raw body works in develop from v4.16

All the best,
Queen Raae

Interested in more daily treasures like this one?
Sent directly to your inbox?