Rotate the signing secret
Mint a fresh whsec_… signing secret and retire the previous one over a 24-hour grace window. During the grace window the platform signs each delivery with both secrets, so verifiers can be rolled forward without dropping deliveries.
Authentication: Supports API key and bearer token authentication.
Authentication
AuthorizationBearer
Bearer authentication of the form Bearer <token>, where token is your auth token.
Path parameters
endpoint_id
Headers
X-Organization-ID
Response
Successful Response
id
organization_id
url
description
event_types
headers
status
Endpoint lifecycle state.
DISABLED is reserved for automatic disable by the auto-disable job;
PAUSED is explicitly paused and indicates intent to resume.
disabled_reason
created_at
updated_at
signing_secret
whsec_<base64> — store this; it is not retrievable later.
Errors
401
Unauthorized Error
403
Forbidden Error
404
Not Found Error
422
Unprocessable Entity Error
429
Too Many Requests Error

