Update a webhook endpoint
Path Parameters
Webhook endpoint ID
int64Header Parameters
Partner organization identifier
API authentication key
Request Body
application/json
New URL for webhook deliveries
uriReplacement set of event subscriptions
1 <= itemsEnable or disable the endpoint
Response Body
application/json
application/json
application/json
application/json
application/json
application/json
curl -X PATCH "https://connect.safeweb.co/api/integrations/webhooks/0" \ -H "SW-PARTNER-ID: string" \ -H "SW-API-KEY: string" \ -H "Content-Type: application/json" \ -d '{ "url": "https://partner.example.com/webhooks/v2" }'{
"success": true,
"webhook": {
"id": 1,
"url": "https://partner.example.com/webhooks/v2",
"events": [
"breach.new",
"email.added",
"email.removed"
],
"active": true,
"created_at": "2026-03-18T12:00:00.000Z"
}
}{
"success": false,
"error": "Invalid webhook ID"
}{
"success": false,
"error": "Failed to verify org API key"
}{
"success": false,
"error": "Webhook not found"
}{
"success": false,
"error": "Partner ID and API key are required in headers"
}{
"success": false,
"error": "Failed to update webhook"
}Create a webhook endpoint POST
Registers a new webhook endpoint for the authenticated partner organization. A unique HMAC signing secret is automatically generated and returned in the response — store it securely, as it will not be returned again in list or update responses. All webhook deliveries include an `X-SafeWeb-Signature` header containing an HMAC-SHA256 signature of the request body, which you can verify using this secret.
Delete a webhook endpoint DELETE
Permanently removes a webhook endpoint and all associated event logs. The endpoint must belong to the authenticated partner organization.