Skip to Content
CheckoutAPI ReferenceSettingsRegenerate the webhook signing secret

Regenerate the webhook signing secret

POST/settings/webhook/secret

Regenerate the webhook signing secret. The previous secret keeps working for a 24 hour grace window, during which events are signed with both secrets, so deliveries do not fail while you roll out the new one. The response returns previous_secret_expires_at (null when there was no previous secret).

Headers

HeaderDescriptionRequired
AuthorizationBearer token with your secret API keyyes

Example Request

Request

const response = await fetch('https://checkout-api.exodus-int.com/settings/webhook/secret', {
  method: 'POST',
  headers: {
    Authorization: 'Bearer sk_live_xxxxxxxxxxxxxxxx',
  },
});

Responses

StatusDescription
200The new webhook secret.
400Validation error
401Missing or invalid authentication
422No webhook configured.

Response body

FieldTypeRequiredDescription
webhook_secretstringyes
previous_secret_expires_atstring | nullyes

Example Response

{
  "webhook_secret": "whsec_1234567890abcdef1234567890abcdef",
  "previous_secret_expires_at": "2026-07-02T00:00:00.000Z"
}

Error Response

Error (e.g. 400)

{
  "error": {
    "type": "validation_error",
    "message": "amount must be a positive number",
    "param": "amount"
  }
}

Start building

XO

Request Demo

Schedule a call with our team

Select a product
Arrow right

Start building
Grateful

Contact Us

We're here to help