Rotate endpoint secret - Truthlocks Documentation

curl --request POST \ --url https://api.truthlocks.com/v1/webhooks/endpoints/{id}/rotate \ --header 'Content-Type: application/json' \ --header 'X-API-Key: <api-key>' \ --data ' { "reason": "<string>" } '

POST

webhooks

endpoints

{id}

rotate

Rotate webhook secret

curl --request POST \
  --url https://api.truthlocks.com/v1/webhooks/endpoints/{id}/rotate \
  --header 'Content-Type: application/json' \
  --header 'X-API-Key: <api-key>' \
  --data '
{
  "reason": "<string>"
}
'

{
  "id": "<string>",
  "secret": "<string>",
  "rotated_at": "<string>"
}

Generates a new signing secret for a webhook endpoint. The old secret stops working immediately. The new secret is returned once — store it securely.

Rotating the secret invalidates the previous secret immediately. Update your webhook verification code with the new secret before processing further events.

Parameters

uuid

required

The ID of the webhook endpoint

Responses

After rotating, update your webhook verification code with the new secret immediately. Any deliveries signed with the old secret will fail verification.

Authorizations

X-API-Key

string

header

required

API key for machine-to-machine authentication

Path Parameters

string

required

Webhook endpoint ID

Body

application/json

reason

string

Optional reason or note for this action

Response

Secret rotated

string

secret

string

rotated_at

string

List webhook endpoints List deliveries

​Parameters

​Responses

Authorizations

Path Parameters

Body

Response

Parameters

Responses