Skip to main content
POST
/
v1
/
developers
/
webhooks
curl -X POST https://api.vouchmark.com/v1/developers/webhooks \
  -H "Authorization: Bearer $TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "appId": "...",
    "environment": "live",
    "serviceType": "kyc_widget",
    "endpoint": "https://api.example.com/webhooks/vouchmark"
  }'
{
  "success": true,
  "data": {
    "id": "...",
    "appId": "...",
    "environment": "live",
    "serviceType": "kyc_widget",
    "endpoint": "https://...",
    "isActive": true,
    "signingSecret": "whsec_...",
    "createdAt": "..."
  }
}
Creates a webhook subscription that delivers events for one service type to your endpoint.

Body

appId
string
required
Widget / app ID this subscription belongs to. 1–64 characters.
environment
string
required
One of sandbox or live.
serviceType
string
required
One of kyc_widget, verification, trust_monitor, disputes.
endpoint
string
required
Delivery URL. Must be an http or https URL.
curl -X POST https://api.vouchmark.com/v1/developers/webhooks \
  -H "Authorization: Bearer $TOKEN" \
  -H "Content-Type: application/json" \
  -d '{
    "appId": "...",
    "environment": "live",
    "serviceType": "kyc_widget",
    "endpoint": "https://api.example.com/webhooks/vouchmark"
  }'
{
  "success": true,
  "data": {
    "id": "...",
    "appId": "...",
    "environment": "live",
    "serviceType": "kyc_widget",
    "endpoint": "https://...",
    "isActive": true,
    "signingSecret": "whsec_...",
    "createdAt": "..."
  }
}
Returns 201 Created.
The full signingSecret is returned only on create and rotate. Store it securely now — it cannot be retrieved later. List responses return a masked signingSecretMasked instead. See Verifying the signature.

Response fields

success
boolean
data
object