Skip to content
HookBridge Docs

Create endpoint

POST
/v1/endpoints

Create a new webhook endpoint. The endpoint URL must be HTTPS and publicly accessible. A signing secret is automatically generated and returned only in this response.

Important: The signing_secret is only returned once. Store it securely for verifying webhook signatures.

Authorizations

Section titled “Authorizations ”

Request Body required

Section titled “Request Body required ”
object
url
required

HTTPS URL of the webhook endpoint. Must be publicly accessible. Internal/private IP addresses are blocked for security.

string format: uri
>= 12 characters <= 2048 characters /^https:///
Example
https://customer.app/webhooks
description

Optional description of the endpoint

string
<= 500 characters
Example
Main production webhook
rate_limit_rps

Rate limit in requests per second (0 = no limit)

integer
0 <= 1000
Example
10
burst

Maximum burst size for rate limiting

integer
0 <= 10000
Example
20
headers

Custom headers to include in webhook requests

object
key
additional properties
string
Example
{
  "X-Custom-Header": "value"
}
Examples

Basic endpoint

{
  "url": "https://customer.app/webhooks"
}

Responses

Section titled “ Responses ”

201

Section titled “201 ”

Endpoint created successfully

object
data
object
id

Unique endpoint identifier

string
Example
ep_550e8400e29b41d4a716446655440000
url

Webhook delivery URL

string format: uri
Example
https://customer.app/webhooks
description

Optional description

string
Example
Main production webhook
signing_key_id

Initial signing key identifier

string
Example
sk_550e8400e29b41d4a716446655440001
signing_secret

The signing secret - shown only once! Store this securely for verifying webhook signatures.

string
Example
whsec_abcdefghijklmnopqrstuvwxyz123456
key_hint

Short identifier suffix for the initial signing key

string
Example
abcd
created_at

When the endpoint was created

string format: date-time
Example
2025-12-01T10:00:00Z
meta
object
request_id

Unique identifier for this request (useful for support)

string
Example
req_xyz123
Example
{
  "data": {
    "id": "ep_550e8400e29b41d4a716446655440000",
    "url": "https://customer.app/webhooks",
    "description": "Main production webhook",
    "signing_key_id": "sk_550e8400e29b41d4a716446655440001",
    "signing_secret": "whsec_abcdefghijklmnopqrstuvwxyz123456",
    "key_hint": "abcd",
    "created_at": "2025-12-06T12:00:00Z"
  },
  "meta": {
    "request_id": "req_xyz123"
  }
}

400

Section titled “400 ”

Invalid request

object
error
object
code

Machine-readable error code

string
Example
INVALID_REQUEST
message

Human-readable error message

string
Example
endpoint must be a valid HTTPS URL
meta
object
request_id

Unique identifier for this request (useful for support)

string
Example
req_xyz123
Examples

Endpoint not found

{
  "error": {
    "code": "ENDPOINT_NOT_FOUND",
    "message": "endpoint not found"
  },
  "meta": {
    "request_id": "req_xyz123"
  }
}

401

Section titled “401 ”

Unauthorized - Invalid or missing API key

object
error
object
code

Machine-readable error code

string
Example
INVALID_REQUEST
message

Human-readable error message

string
Example
endpoint must be a valid HTTPS URL
meta
object
request_id

Unique identifier for this request (useful for support)

string
Example
req_xyz123
Example
{
  "error": {
    "code": "UNAUTHORIZED",
    "message": "Invalid or missing API key"
  },
  "meta": {
    "request_id": "req_xyz123"
  }
}
Personalize Examples

Enter your credentials to populate code examples throughout the docs.