Stripe sends webhook events for every payment, refund, and subscription change. Routing those events through your sGTM container means your conversion tracking does not depend on the user staying on the success page long enough for the client-side tag to fire.

Step 1: add a Webhook client to your container

In sGTM, gallery, search "Webhook." Add the client. Configure it to listen on a path like /webhook/stripe. Set the request method to POST.

Step 2: register the endpoint with Stripe

In Stripe Dashboard, Developers > Webhooks, Add Endpoint. Endpoint URL: https://data.example.com/webhook/stripe. Select the events you want forwarded: typically checkout.session.completed, charge.refunded, customer.subscription.created.

Stripe shows a signing secret. Copy it.

Step 3: verify the signature

In your Webhook client, add signature verification using the secret. The Stripe signature is in the Stripe-Signature header. The official Webhook client templates handle verification natively; if you wrote a Custom Template, implement HMAC-SHA256 verification using the secret.

Reject any request with a missing or invalid signature with a 401. Without this check, anyone who knows your endpoint can inject fake purchases.

Step 4: map Stripe events to GA4 events

Add a GA4 tag with a trigger on the webhook event. Map the Stripe payload fields:

Step 5: handle the dual-source problem

If your client-side checkout page also fires a purchase event, you now have two sources for the same purchase. Either deduplicate using a shared event_id (use the Stripe payment intent ID), or pick one source and disable the other. For most teams the webhook is more reliable; turn off the client-side purchase event.

Step 6: handle refunds

Refunds in Stripe arrive as charge.refunded events. Send them to GA4 as a refund event with the negative value. GA4's standard refund event handles this correctly in reports.