Update webhook subscription

PATCH

/v1/admin/webhooks/{subscription_id}

Partial update — only provided fields are modified.
COMMON OPERATIONS: - Re-enable a DISABLED subscription: set status to ACTIVE (resets consecutive_failures) - Pause delivery: set status to PAUSED - Rotate signing secret: provide new signing_secret value - Change event types: provide new event_types array (replaces, does not merge)
EVENTS (document revision 0.1.25.33): - On every successful PATCH the server MUST emit exactly one
Event, typed by the nature of the change:
* Status unchanged, any other field(s) mutated →
webhook.updated. changed_fields lists the mutated
field names.
* Status ACTIVE → PAUSED → webhook.paused.
* Status PAUSED → ACTIVE → webhook.resumed.
* Status DISABLED → ACTIVE (operator re-enable) →
webhook.resumed.
When a single PATCH both changes status AND mutates other
fields, the server emits the status-typed event
(webhook.paused / webhook.resumed) and changed_fields
lists the non-status mutations for operator visibility.
A no-op PATCH (zero fields mutated) MUST NOT emit an Event.

• Payload conforms to EventDataWebhookLifecycle.
  correlation_id = webhook_update:<subscription_id>:<request_id>.
• Auto-disable after failure threshold produces
  webhook.disabled via the dispatcher, not via this PATCH
  path. See WebhookSubscription.FAILURE HANDLING.

Authorizations

AdminKeyAuth

Administrative API key with full system access. Also accepted as an alternative to ApiKeyAuth on an explicit per-operation allowlist — the authoritative list is the union of operations whose security: block declares AdminKeyAuth (consult per-operation security blocks rather than this prose, which has historically drifted as the dual-auth surface expanded). When using AdminKeyAuth on list or fund endpoints, a tenant scoping parameter (typically tenant or tenant_id) is required for scoping (400 if missing) — the per-operation description specifies which. Lookup-style endpoints that uniquely identify a resource by non-tenant key (e.g. GET /v1/admin/budgets/lookup, where the (scope, unit) pair is unique) do NOT require a tenant parameter. Allowlisting is per-operation (exact method:path matching — no prefix matching, no wildcards) so new endpoints do not accidentally inherit admin-accessible status.

Type

API Key (header: X-Admin-API-Key)

Parameters

Path Parameters

subscription_id*

Type

string

Required

Request Body

application/json

{

  

"name": "string",

  

"description": "string",

  

"url": "string",

  

"event_types": [

  

  

"string"

  

],

  

"event_categories": [

  

  

"string"

  

],

  

"scope_filter": "string",

  

"thresholds": {

  

  

"budget_utilization": [

  

  

  

0

  

  

],

  

  

"burn_rate_multiplier": 3,

  

  

"burn_rate_window_seconds": 300,

  

  

"denial_rate_threshold": 0.1,

  

  

"expiry_rate_threshold": 0.05,

  

  

"auth_failure_rate_threshold": 0.1,

  

  

"rate_window_seconds": 300

  

},

  

"signing_secret": "string",

  

"headers": {

  

  

"additionalProperties": "string"

  

},

  

"retry_policy": {

  

  

"max_retries": 5,

  

  

"initial_delay_ms": 1000,

  

  

"backoff_multiplier": 2,

  

  

"max_delay_ms": 60000

  

},

  

"disable_after_failures": 0,

  

"status": "string",

  

"metadata": {

  

  

"additionalProperties": "string"

  

}

}

Responses

Subscription updated

Content-Type

application/json

{

  

"subscription_id": "string",

  

"tenant_id": "string",

  

"name": "string",

  

"description": "string",

  

"url": "string",

  

"event_types": [

  

  

"string"

  

],

  

"event_categories": [

  

  

"string"

  

],

  

"scope_filter": "string",

  

"thresholds": {

  

  

"budget_utilization": [

  

  

  

0

  

  

],

  

  

"burn_rate_multiplier": 3,

  

  

"burn_rate_window_seconds": 300,

  

  

"denial_rate_threshold": 0.1,

  

  

"expiry_rate_threshold": 0.05,

  

  

"auth_failure_rate_threshold": 0.1,

  

  

"rate_window_seconds": 300

  

},

  

"signing_secret": "string",

  

"headers": {

  

  

"additionalProperties": "string"

  

},

  

"status": "string",

  

"retry_policy": {

  

  

"max_retries": 5,

  

  

"initial_delay_ms": 1000,

  

  

"backoff_multiplier": 2,

  

  

"max_delay_ms": 60000

  

},

  

"disable_after_failures": 10,

  

"consecutive_failures": 0,

  

"created_at": "string",

  

"updated_at": "string",

  

"last_triggered_at": "string",

  

"last_success_at": "string",

  

"last_failure_at": "string",

  

"metadata": {

  

  

"additionalProperties": "string"

  

}

}

PATCH

/v1/admin/webhooks/{subscription_id}

Playground

Authorization

AdminKeyAuth

Variables

Key

Value

subscription_id*

Body

Samples

Powered by VitePress OpenAPI