Skip to main content
POST
/
v1
/
webhooks
/
endpoints
Create webhook endpoint
curl --request POST \
  --url https://api.example.com/v1/webhooks/endpoints \
  --header 'Content-Type: application/json' \
  --data '
{
  "name": "<string>",
  "url": "<string>",
  "event_filters": [
    "<string>"
  ]
}
'
{
  "id": "660e8400-e29b-41d4-a716-446655440001",
  "name": "My Backend",
  "url": "https://api.example.com/webhooks/truthlock",
  "status": "active",
  "secret": "whsec_a1b2c3d4-e5f6-7890-abcd-ef1234567890",
  "event_filters": ["attestation.*", "verification.completed"],
  "created_at": "2026-03-25T12:00:00Z",
  "updated_at": "2026-03-25T12:00:00Z"
}
Registers a new webhook endpoint for the authenticated tenant. The endpoint receives HTTP POST requests when matching events occur. The endpoint secret is returned once in the response — store it securely.
The number of webhook endpoints you can create depends on your billing plan. If you exceed your plan limit, the API returns 402 Payment Required.

Parameters

name
string
required
Human-readable name for the endpoint (e.g., “My Backend”)
url
string
required
Publicly reachable HTTPS URL that receives webhook deliveries
event_filters
string[]
required
List of event types or wildcard patterns to subscribe to. Use category.* to subscribe to all events in a category (e.g., attestation.*). See the webhooks guide for the full list of event types.

Responses

The secret field is only returned in the creation response. Store it securely — you cannot retrieve it later. If you lose it, rotate the secret to generate a new one.
{
  "id": "660e8400-e29b-41d4-a716-446655440001",
  "name": "My Backend",
  "url": "https://api.example.com/webhooks/truthlock",
  "status": "active",
  "secret": "whsec_a1b2c3d4-e5f6-7890-abcd-ef1234567890",
  "event_filters": ["attestation.*", "verification.completed"],
  "created_at": "2026-03-25T12:00:00Z",
  "updated_at": "2026-03-25T12:00:00Z"
}