Rotate webhook endpoint secret

Mint a new HMAC signing secret for the endpoint and return it in the response secret field (shown exactly once). The previous secret stops signing immediately, so accept both during your cutover window.

Authentication

AuthorizationBearer

Enter your API key with the Bearer prefix, e.g. ‘Bearer sk_…’.

Path parameters

webhook_endpoint_idstringRequired

Webhook endpoint id (prefixed whe_…).

Response

The endpoint, including its new one-time signing secret.

idstring

Prefixed wire id (whe_<26 char Crockford base32>).

urlstringformat: "uri"

HTTPS destination Speechify POSTs signed events to.

enabled_eventslist of strings

The events this endpoint receives: a list of catalog event names (see WebhookEventType) or ["*"] for every event, current and future.

disabledboolean

When true, Speechify stops delivering to this endpoint.

created_atdatetime

updated_atdatetime

descriptionstring or null

Optional human-readable label for the endpoint.

secretstring

The HMAC-SHA256 signing secret (whsec_…) used to verify the Speechify-Signature header. Returned ONLY when the endpoint is created or its secret is rotated — it is never shown again.

Errors

401

Unauthorized Error

403

Forbidden Error

404

Not Found Error

$	curl -X POST https://api.speechify.ai/v1/webhooks/endpoints/webhook_endpoint_id/rotate-secret \
>	-H "Authorization: Bearer <token>" \
>	-H "Content-Type: application/json" \
>	-d '{}'

1	{
2	"id": "whe_01kwxwcbyb6wk952swa0432cf1",
3	"url": "https://acme-inc.com/webhooks/speechify",
4	"enabled_events": [
5	"conversation.completed"
6	],
7	"disabled": false,
8	"created_at": "2024-01-15T09:30:00Z",
9	"updated_at": "2024-04-20T14:45:00Z",
10	"description": "Acme Inc production webhook for conversation completions",
11	"secret": "whsec_7f9d8a2b3c4e5f67890123456789abcd"
12	}

Authentication

Path parameters

Headers

Response

Errors