Create signing key

POST

/v1/endpoints/{id}/signing-keys

Production

Create an additional signing key for this endpoint. Maximum 2 active keys per endpoint.

Important: The new signing_secret is only returned once. Store it securely.

Authorizations

BearerAuth

Parameters

Path Parameters

required

string

/^ep_[a-f0-9]{32}$/

Endpoint identifier (ep_ prefix + 32 hex chars)

Example

ep_550e8400e29b41d4a716446655440000

Responses

201

Signing key created successfully

object

data

object

Signing key ID

string

Example

sk_550e8400e29b41d4a716446655440001

signing_secret

The signing secret - shown only once! Store this securely for verifying webhook signatures.

string

Example

whsec_newabcdefghijklmnopqrstuvwxyz12

key_hint

string

Example

wxyz

created_at

string format: date-time

Example

2025-12-06T12:10:00Z

meta

object

request_id

Unique identifier for this request (useful for support)

string

Example

req_xyz123

Example

{
  "data": {
    "id": "sk_550e8400e29b41d4a716446655440001",
    "signing_secret": "whsec_newabcdefghijklmnopqrstuvwxyz12",
    "key_hint": "wxyz",
    "created_at": "2025-12-06T12:10:00Z"
  },
  "meta": {
    "request_id": "req_xyz123"
  }
}

401

Unauthorized - Invalid or missing API key

object

error

object

code

Machine-readable error code

string

Example

INVALID_REQUEST

message

Human-readable error message

string

Example

endpoint must be a valid HTTPS URL

meta

object

request_id

Unique identifier for this request (useful for support)

string

Example

req_xyz123

Example

{
  "error": {
    "code": "UNAUTHORIZED",
    "message": "Invalid or missing API key"
  },
  "meta": {
    "request_id": "req_xyz123"
  }
}

404

Resource not found

object

error

object

code

Machine-readable error code

string

Example

INVALID_REQUEST

message

Human-readable error message

string

Example

endpoint must be a valid HTTPS URL

meta

object

request_id

Unique identifier for this request (useful for support)

string

Example

req_xyz123

Example

{
  "error": {
    "code": "NOT_FOUND",
    "message": "Message not found"
  },
  "meta": {
    "request_id": "req_xyz123"
  }
}

409

Conflict - action cannot be completed

object

error

object

code

Machine-readable error code

string

Example

INVALID_REQUEST

message

Human-readable error message

string

Example

endpoint must be a valid HTTPS URL

meta

object

request_id

Unique identifier for this request (useful for support)

string

Example

req_xyz123

Examples

Maximum signing keys reached

{
  "error": {
    "code": "MAX_SIGNING_KEYS_REACHED",
    "message": "Endpoint already has the maximum of 2 signing keys"
  },
  "meta": {
    "request_id": "req_xyz123"
  }
}

Cannot delete last signing key

{
  "error": {
    "code": "CANNOT_DELETE_LAST_SIGNING_KEY",
    "message": "Cannot delete the last signing key"
  },
  "meta": {
    "request_id": "req_xyz123"
  }
}

Personalize Examples

Enter your credentials to populate code examples throughout the docs.

API Key

Endpoint ID

Inbound Endpoint ID