Application WebhooksRotate webhook signing secret

Rotate webhook signing secret

Generates a new signing secret for the specified webhook configuration.

curl -X PATCH "https://api.example.com/api/v1/applications/example_string/webhooks/example_string/secret" \
  -H "Content-Type: application/json" \
  -H "Authorization: Bearer YOUR_API_TOKEN (JWT)"
{
  "keyFingerprint": "whsec_****b7d1",
  "signingSecret": "whsec_new_full_secret_value"
}
PATCH
/api/v1/applications/{applicationId}/webhooks/{webhookId}/secret
PATCH
Base URLstring

Target server for requests. Edit to use your own host.

Bearer Token (JWT)
Bearer Tokenstring
Required

Bearer token (JWT) - just enter the token, "Bearer" prefix will be added automatically

path
applicationIdstring
Required

ID of the application that owns the webhook.

path
webhookIdstring
Required

ID of the webhook configuration to rotate.

Request Preview
Response

Response will appear here after sending the request

Authentication

header
Authorizationstring
Required

Bearer token (JWT). Authentication token required.

Path Parameters

applicationIdstring
Required

ID of the application that owns the webhook.

webhookIdstring
Required

ID of the webhook configuration to rotate.

Responses

keyFingerprintstring
Required

Fingerprint of the newly generated signing key. Safe to display and store.

signingSecretstring
Required

Newly generated signing secret. Shown only once on rotation; the merchant must persist it immediately.