Webhooks

Webhook endpoints receive signed HTTP POSTs from SurfacedBy whenever events you subscribed to occur (scan lifecycle, credit top-ups, key activity). The register endpoint returns a signing secret exactly once; store it immediately, because the system cannot show it to you again. The per-endpoint GET returns delivery stats and a tail of recent attempts so you can debug without leaving the Console.

For the full event catalog and signature-verification algorithm, see Webhooks.

GET

/webhooks

Header Parameters

`X-API-Key`X-Api-Key

curl -X GET "https://example.com/webhooks" \
  -H "X-API-Key: string"

Successful Response

null

POST

/webhooks

Request Body

application/jsonRequired

`[key: string]`any

Header Parameters

`X-API-Key`X-Api-Key

curl -X POST "https://example.com/webhooks" \
  -H "X-API-Key: string" \
  -H "Content-Type: application/json" \
  -d '{}'

Successful Response

null

GET

/webhooks/{endpoint_id}

Path Parameters

`endpoint_id`
Required
Endpoint Id

Header Parameters

`X-API-Key`X-Api-Key

curl -X GET "https://example.com/webhooks/string" \
  -H "X-API-Key: string"

Successful Response

null

DELETE

/webhooks/{endpoint_id}

Path Parameters

`endpoint_id`
Required
Endpoint Id

Header Parameters

`X-API-Key`X-Api-Key

curl -X DELETE "https://example.com/webhooks/string" \
  -H "X-API-Key: string"

Successful Response

null

Headers

Header Parameters

X-API-KeyX-Api-Key

Response

TypeScript

Headers

Body

Request Body

[key: string]any

Header Parameters

X-API-KeyX-Api-Key

Response

TypeScript

Path

Headers

Path Parameters

endpoint_idRequiredEndpoint Id

Header Parameters

X-API-KeyX-Api-Key

Response

TypeScript

Path

Headers

Path Parameters

endpoint_idRequiredEndpoint Id

Header Parameters

X-API-KeyX-Api-Key

Response

TypeScript

`X-API-Key`X-Api-Key

`[key: string]`any

`X-API-Key`X-Api-Key

`endpoint_id`
Required
Endpoint Id

`X-API-Key`X-Api-Key

`endpoint_id`
Required
Endpoint Id

`X-API-Key`X-Api-Key