Skip to main content
POST
Rotate Secret

Path Parameters

id
string
required
The webhook UUID.

Behavior

Generates a new cryptographically random 32-byte hex signing secret, encrypts it at rest (AES-256-GCM), and immediately invalidates the previous secret. All subsequent deliveries will be signed with the new secret. Update your verification code immediately after rotation — any in-flight deliveries signed with the old secret will fail verification on your end.

Example

Response

The new secret is shown once. If you lose it, you’ll need to rotate again.