Skip to main content
POST

Overview

Create a new webhook to receive HTTP notifications when events occur. The response includes a signing secret that is only shown once — save it immediately. Auth: Requires JWT token (Authorization: Bearer <token>).

Body Parameters

url
string
required
The HTTPS URL to receive webhook deliveries. Must start with https://.
events
string[]
required
Event types to subscribe to. At least one is required.Valid values:
  • tool.execution.completed
  • tool.execution.failed
  • workflow.completed
  • workflow.failed
  • agent.spend.limit_approaching
description
string
Optional description for your reference (e.g. “Production monitoring”)

Response

id
string
Webhook UUID
url
string
The registered URL
events
string[]
Subscribed event types
is_active
boolean
Always true on creation
description
string
Optional description
secret
string
The signing secret (format: whsec_...). Only returned on creation. Use this to verify webhook signatures via HMAC-SHA256.

Example

The secret field is only returned when the webhook is created. Store it securely — you will need it to verify webhook signatures. See the Webhooks guide for verification examples.