Rotate webhook signature secret
POST/v1/subscriptions/:id/rotate-secret
Generate a new signing secret for webhook signature verification.
Use Case: Rotate secrets periodically for security, or immediately if a secret is compromised.
Process:
- A new signature secret is generated
- Future webhook deliveries will use the new secret for signing
- Update your webhook endpoint to verify signatures using the new secret
Important: Update your webhook verification code with the new secret to avoid failed verifications.
Best Practice: Implement a grace period where both old and new secrets are accepted during rotation.
Request
Responses
- 200
- 401
- 404
Secret rotated successfully. Response includes the new masked secret.
Invalid or missing API key
Subscription not found