Skip to main content
POST
/
v1
/
developers
/
webhooks
/
{id}
/
rotate-secret
curl -X POST https://api.vouchmark.com/v1/developers/webhooks/.../rotate-secret \
  -H "Authorization: Bearer $TOKEN"
{
  "success": true,
  "data": {
    "id": "...",
    "appId": "...",
    "environment": "live",
    "serviceType": "kyc_widget",
    "endpoint": "https://...",
    "isActive": true,
    "signingSecret": "whsec_...",
    "createdAt": "..."
  }
}
Rotates the signing secret for a webhook subscription. A new signingSecret (whsec_...) is generated and returned in full, once. The previous secret stops verifying deliveries immediately.

Path parameters

id
string
required
The webhook ID to rotate the signing secret for.

Body

No request body.
curl -X POST https://api.vouchmark.com/v1/developers/webhooks/.../rotate-secret \
  -H "Authorization: Bearer $TOKEN"
{
  "success": true,
  "data": {
    "id": "...",
    "appId": "...",
    "environment": "live",
    "serviceType": "kyc_widget",
    "endpoint": "https://...",
    "isActive": true,
    "signingSecret": "whsec_...",
    "createdAt": "..."
  }
}
Returns 201 Created.
The previous signing secret stops verifying deliveries immediately. Update every integration that verifies this webhook with the new signingSecret in lockstep. The full secret is returned only here — store it securely now, it cannot be retrieved later. See Verifying the signature.

Response fields

success
boolean
data
object