Rotate a webhook secret

Immediate Effect

Rotate secrets every 90 days as a security best practice.

curl --request POST \
  --url https://api.peepal.dev/v1/webhooks/endpoints/{endpoint_id}/rotate-secret \
  --header 'x-api-key: <api-key>'

{
  "endpoint_id": "<string>",
  "secret": "<string>",
  "rotated_at": "2023-11-07T05:31:56Z"
}

Immediate Effect

Rotate secrets every 90 days as a security best practice.

POST

webhooks

endpoints

{endpoint_id}

rotate-secret

Rotate a webhook secret

curl --request POST \
  --url https://api.peepal.dev/v1/webhooks/endpoints/{endpoint_id}/rotate-secret \
  --header 'x-api-key: <api-key>'

{
  "endpoint_id": "<string>",
  "secret": "<string>",
  "rotated_at": "2023-11-07T05:31:56Z"
}

Generate a new secret for a webhook endpoint. Use this if the current secret is compromised or as part of regular security rotation.

curl -X POST "https://api.peepal.dev/v1/webhooks/endpoints/wh_01ARZ3NDEKTSV4RRFFQ69G5FAV/rotate-secret" \
  -H "x-api-key: YOUR_API_KEY"

{
  "endpoint_id": "wh_01ARZ3NDEKTSV4RRFFQ69G5FAV",
  "secret": "whsec_x9y8z7w6v5u4t3s2r1q0p9o8n7m6l5k4",
  "rotated_at": "2025-12-31T10:00:00Z"
}

x-api-key

string

header

required

endpoint_id

string

required

Secret rotated

endpoint_id

string

required

secret

string

required

rotated_at

string<date-time>

required

⌘I