Get a tenant's webhook subscription

GET

/v1/webhooks/{subscription_id}

Returns webhook details.
TENANCY:

• Under ApiKeyAuth: returns 404 if the subscription belongs to
  a different tenant (cross-tenant reads look like not-found,
  not forbidden).
• Under AdminKeyAuth: the owning tenant is
  resolved from the subscription record; admin can read any
  tenant's subscription. 404 only when no subscription exists
  with the given id.

PERMISSIONS: - ApiKeyAuth: requires webhooks:read permission on the API key. - AdminKeyAuth: no permission check beyond admin key validity.

Authorizations

ApiKeyAuth

Tenant-scoped API key for runtime operations (consistent with Cycles Protocol)

Type

API Key (header: X-Cycles-API-Key)

or

AdminKeyAuth

Administrative API key with full system access. Also accepted as an alternative to ApiKeyAuth on an explicit per-operation allowlist — the authoritative list is the union of operations whose security: block declares AdminKeyAuth (consult per-operation security blocks rather than this prose, which has historically drifted as the dual-auth surface expanded). When using AdminKeyAuth on list or fund endpoints, a tenant scoping parameter (typically tenant or tenant_id) is required for scoping (400 if missing) — the per-operation description specifies which. Lookup-style endpoints that uniquely identify a resource by non-tenant key (e.g. GET /v1/admin/budgets/lookup, where the (scope, unit) pair is unique) do NOT require a tenant parameter. Allowlisting is per-operation (exact method:path matching — no prefix matching, no wildcards) so new endpoints do not accidentally inherit admin-accessible status.

Type

API Key (header: X-Admin-API-Key)

Parameters

Path Parameters

subscription_id*

Type

string

Required

Responses

Subscription details

Content-Type

application/json

{

  

"subscription_id": "string",

  

"tenant_id": "string",

  

"name": "string",

  

"description": "string",

  

"url": "string",

  

"event_types": [

  

  

"string"

  

],

  

"event_categories": [

  

  

"string"

  

],

  

"scope_filter": "string",

  

"thresholds": {

  

  

"budget_utilization": [

  

  

  

0

  

  

],

  

  

"burn_rate_multiplier": 3,

  

  

"burn_rate_window_seconds": 300,

  

  

"denial_rate_threshold": 0.1,

  

  

"expiry_rate_threshold": 0.05,

  

  

"auth_failure_rate_threshold": 0.1,

  

  

"rate_window_seconds": 300

  

},

  

"signing_secret": "string",

  

"headers": {

  

  

"additionalProperties": "string"

  

},

  

"status": "string",

  

"retry_policy": {

  

  

"max_retries": 5,

  

  

"initial_delay_ms": 1000,

  

  

"backoff_multiplier": 2,

  

  

"max_delay_ms": 60000

  

},

  

"disable_after_failures": 10,

  

"consecutive_failures": 0,

  

"created_at": "string",

  

"updated_at": "string",

  

"last_triggered_at": "string",

  

"last_success_at": "string",

  

"last_failure_at": "string",

  

"metadata": {

  

  

"additionalProperties": "string"

  

}

}

GET

/v1/webhooks/{subscription_id}

Playground

Authorization

ApiKeyAuth

Variables

Key

Value

subscription_id*

Samples

Powered by VitePress OpenAPI