Webhook
/api/v1/integration/webhooksAn outbound webhook endpoint.
listgetcreateupdatedeleteSchema
| Field | Type | Notes |
|---|---|---|
| id* | uuid | Server-assigned ULID with type prefix (e.g. per_…). |
| tenant_id* | string | Tenant scope — auto-stamped from the caller's JWT. |
| app_id | string | App scope. Stamped ONLY when the caller's JWT was minted for a specific Application (integration API keys). Absent for human-user sessions. Filters reads when present. |
| created_at* | date-time | Server stamp. |
| updated_at* | date-time | Server stamp; updated on every patch. |
| created_by | uuid | Person id from the caller's JWT (sub). |
| updated_by | uuid | Person id from the last writer's JWT (sub). |
| source | string | Provenance tag — defaults to 'edm'. |
| source_type | enum | frontend | backend | server | system | apiWhere the write originated. Defaults to 'api'. |
| is_deleted | boolean | Soft-delete flag. Excluded from default list queries. |
| deleted_at | date-time | Stamped when soft-deleted; null otherwise. |
| deleted_by | uuid | Person id who soft-deleted; null otherwise. |
| schema_version | number | Document schema version. Bumped on incompatible writes. |
| name | string | Human-readable webhook name. |
| direction | string | outbound = cPod pushes to url; inbound = external system calls cPod. |
| url | string | Target URL (outbound) or callback URL (inbound). |
| event_types | json | Event type filters, e.g. rfp.created, rfp.status_changed. |
| signature_scheme | string | Payload signing scheme. |
| vault_path | string | Vault KV v2 path where the HMAC secret lives; never stored inline. |
| headers | json | Static custom headers (non-secret) sent with every delivery. |
| enabled | boolean | Whether this webhook is active. |
| retry_policy | json | { maxAttempts, backoff: 'exponential', timeoutMs } |
| last_delivery_at | date-time | Timestamp of the last delivery attempt. |
| last_delivery_status | string | Outcome of the last delivery attempt. |
| consecutive_failures | number | Count of consecutive delivery failures. |
| paused_at | date-time | Timestamp when the webhook was auto-paused after N consecutive failures. |
| connector_id | string | ID of the owning Connector, if this webhook is connector-owned. |
| tags | json | Free-form tags. |
| version | number | Optimistic concurrency version counter. |
| application_id | uuid | Owning application id. |
| secret_fingerprint | string | Hash of the signing secret; raw secret is never stored. |
| is_active | boolean | Whether this webhook is active. |
API
Loading manifest…