Skip to main content
GET
/
v1
/
webhooks
/
{webhookId}
Get Webhook
curl --request GET \
  --url https://api.waycore.com/v1/webhooks/{webhookId} \
  --header 'Authorization: Bearer <token>'
{
  "id": "<string>",
  "url": "<string>",
  "events": [
    "connection.status_changed"
  ],
  "secret": "<string>",
  "active": true,
  "createdAt": "2023-11-07T05:31:56Z",
  "updatedAt": "2023-11-07T05:31:56Z",
  "metadata": {}
}

Authorizations

Authorization
string
header
required

Opaque API key passed as Authorization: Bearer <key>. Keys are organization-bound, environment-bound (live or test), scope-carrying, and expiring. Create and manage keys via the console.

Path Parameters

webhookId
string
required

Response

Successful Response

id
string
required

Stable, immutable identifier for the webhook registration.

url
string<uri>
required

HTTPS URL where events are delivered via POST.

Maximum string length: 2048
Pattern: ^https://.+
events
enum<string>[]
required

Event types to subscribe to. Current producers emit transactions.sync_available and connection.status_changed, and test can be triggered explicitly via the API. The remaining spec-defined event types are reserved for upcoming producers.

Available options:
connection.status_changed,
account.created,
account.updated,
transactions.sync_available,
transfer.status_changed,
test
secret
string
required

HMAC-SHA256 signing secret for webhook delivery verification. The server includes a Waycore-Signature header on each delivery using the format t=<unix>,v1=<hex>, where v1 is the HMAC-SHA256 of <timestamp>.<raw_body>. Only returned in full on creation; subsequent reads return a masked value.

active
boolean
required

Whether this webhook registration is enabled. Deliveries are sent only to active webhook registrations.

createdAt
string<date-time>
required

When the webhook was registered.

updatedAt
string<date-time>
required

When the webhook registration last changed.

metadata
Metadata · object

Opaque client-defined metadata.