Rotate Secret - Theo API Docs

POST

api

webhooks

{id}

rotate-secret

Rotate Secret

curl --request POST \
  --url https://api.example.com/api/v1/webhooks/{id}/rotate-secret

Path Parameters

string

required

The webhook UUID.

Behavior

Generates a new cryptographically random 32-byte hex signing secret, encrypts it at rest (AES-256-GCM), and immediately invalidates the previous secret. All subsequent deliveries will be signed with the new secret. Update your verification code immediately after rotation — any in-flight deliveries signed with the old secret will fail verification on your end.

Example

curl -X POST https://www.hitheo.ai/api/v1/webhooks/WEBHOOK_ID/rotate-secret \
  -H "Authorization: Bearer $THEO_API_KEY"

Response

{
  "id": "a1b2c3d4-...",
  "signing_secret": "new_secret_hex_here...",
  "_note": "Save the new signing_secret — it will not be shown again. The old secret is now invalid."
}

The new secret is shown once. If you lose it, you’ll need to rotate again.

Retry Delivery

Webhook Stats

⌘I

Rotate Secret

curl --request POST \
  --url https://api.example.com/api/v1/webhooks/{id}/rotate-secret

​Path Parameters

​Behavior

​Example

​Response

Path Parameters

Behavior

Example

Response