Rotate a webhook signing secret

curl --request POST \
  --url https://api.balansas.com/functions/v1/customer-api/webhooks/{webhookId}/rotate-secret \
  --header 'x-api-key: <api-key>'

{
  "data": {
    "id": "a1b2c3d4-e5f6-4a7b-8c9d-0e1f2a3b4c5d",
    "url": "https://example.com/webhooks/balansas",
    "description": "Production payment events",
    "event_types": [
      "payment.created",
      "payee.status_updated"
    ],
    "is_active": true,
    "signing_secret_prefix": "whsec_ab",
    "created_at": "2026-05-28T11:02:09.456Z",
    "updated_at": "2026-05-28T11:02:09.456Z",
    "signing_secret": "whsec_ab12cd34ef56gh78ij90kl12mn34op56"
  }
}

POST

webhooks

{webhookId}

rotate-secret

Rotate a webhook signing secret

curl --request POST \
  --url https://api.balansas.com/functions/v1/customer-api/webhooks/{webhookId}/rotate-secret \
  --header 'x-api-key: <api-key>'

{
  "data": {
    "id": "a1b2c3d4-e5f6-4a7b-8c9d-0e1f2a3b4c5d",
    "url": "https://example.com/webhooks/balansas",
    "description": "Production payment events",
    "event_types": [
      "payment.created",
      "payee.status_updated"
    ],
    "is_active": true,
    "signing_secret_prefix": "whsec_ab",
    "created_at": "2026-05-28T11:02:09.456Z",
    "updated_at": "2026-05-28T11:02:09.456Z",
    "signing_secret": "whsec_ab12cd34ef56gh78ij90kl12mn34op56"
  }
}

Authorizations

x-api-key

string

header

required

Customer API key. Send as x-api-key: sk_... or Authorization: Bearer sk_.... Write operations also require an X-CSRF-Token header (64-char hex).

Response

Success

data

object

required

Show child attributes

Update a webhook subscription Send a test event to a webhook