Get webhook subscription
Returns the current webhook configuration for the authenticated client,
including the endpoint URL, enabled state, subscribed events, and secret key metadata.
| Time | Status | User Agent | |
|---|---|---|---|
Retrieving recent requests… | |||
Returns the current webhook configuration for the authenticated client, including the receiving endpoint URL, whether delivery is enabled, the subscribed event types, and signing-secret metadata. This is a read-only call with no side effects.
Authentication & access
- Requires a client API token:
Authorization: Bearer <token>. - The caller must hold the
webhooks.subscription.readpermission and have the OWNER, DEVELOPER, or OPERATIONS role.
Response
200 returns a WebhookSubscriptionResponse:
| Field | Description |
|---|---|
webhook_url | Endpoint URL that receives webhook events (null if none is configured). |
webhook_enabled | Whether webhook delivery is currently enabled. |
webhook_events | List of event types the client is subscribed to (empty when none are set). |
has_signing_secret | Whether a signing secret is configured for payload verification. |
webhook_secret_kid | Key identifier of the current signing secret (null if no secret). |
webhook_secret_rotated_at | Timestamp the signing secret was last rotated (null if never). |
webhook_updated_at | Timestamp the webhook subscription was last updated (null if never). |
The plaintext signing secret is never returned by this endpoint; only its webhook_secret_kid and rotation metadata are exposed.
Standard 401 (authentication), 403 (insufficient permission or role), and 429 (rate limit) responses apply to every endpoint and are documented in the Error reference.