SafeWeb API

List webhook endpoints

GET
/api/integrations/webhooks

Header Parameters

SW-PARTNER-ID*string

Partner organization identifier

SW-API-KEY*string

API authentication key

Response Body

application/json

application/json

application/json

application/json

curl -X GET "https://connect.safeweb.co/api/integrations/webhooks" \  -H "SW-PARTNER-ID: string" \  -H "SW-API-KEY: string"
{
  "success": true,
  "webhooks": [
    {
      "id": 1,
      "url": "https://partner.example.com/webhooks/safeweb",
      "events": [
        "breach.new",
        "breach.resolved",
        "breach.unresolved"
      ],
      "active": true,
      "created_at": "2026-03-18T12:00:00.000Z"
    },
    {
      "id": 2,
      "url": "https://partner.example.com/webhooks/emails",
      "events": [
        "email.added",
        "email.removed"
      ],
      "active": false,
      "created_at": "2026-03-15T09:30:00.000Z"
    }
  ]
}
{
  "success": false,
  "error": "Failed to verify org API key"
}
{
  "success": false,
  "error": "Partner ID and API key are required in headers"
}
{
  "success": false,
  "error": "Failed to list webhooks"
}

Intro to Webhooks

Receive real-time notifications when breaches are discovered, resolved, or when monitored emails change.

Create a webhook endpoint POST

Registers a new webhook endpoint for the authenticated partner organization. A unique HMAC signing secret is automatically generated and returned in the response — store it securely, as it will not be returned again in list or update responses. All webhook deliveries include an `X-SafeWeb-Signature` header containing an HMAC-SHA256 signature of the request body, which you can verify using this secret.