Register a webhook endpoint
Create a webhook endpoint and receive its signing secret. The secret is returned exactly once in this response — store it immediately; it cannot be retrieved later.
Authentication: Supports API key and bearer token authentication.
Authentication
AuthorizationBearer
Bearer authentication of the form Bearer <token>, where token is your auth token.
Headers
X-Organization-ID
Request
This endpoint expects an object.
url
HTTPS URL we will POST events to
event_types
Allowlist of event type names (e.g. [‘elp_test.scored’]). Must contain at least one entry.
description
headers
Optional static headers we will include on every request to this endpoint.
Response
Successful Response
id
organization_id
url
description
event_types
headers
status
Endpoint lifecycle state.
DISABLED is reserved for automatic disable by the auto-disable job;
PAUSED is explicitly paused and indicates intent to resume.
disabled_reason
created_at
updated_at
signing_secret
whsec_<base64> — store this; it is not retrievable later.
Errors
401
Unauthorized Error
403
Forbidden Error
422
Unprocessable Entity Error
429
Too Many Requests Error

