> ## Documentation Index
> Fetch the complete documentation index at: https://docs.zuba.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Rotate the signing secret for a webhook endpoint



## OpenAPI

````yaml /openapi.json post /v1/webhooks/{id}/rotate-secret
openapi: 3.0.0
info:
  contact: {}
  description: >-
    Comprehensive payment platform API supporting fiat and crypto payments,
    currency conversion, and compliance management
  title: Zuba Payment Platform API
  version: '1.0'
servers: []
security: []
tags:
  - description: Manage M2M API keys and credentials
    name: API Keys
  - description: Internal ledger accounts and transactions
    name: Ledger
  - description: Handle incoming payments and deposits
    name: Pay-ins
  - description: Manage payouts, beneficiaries, and SEPA transfers
    name: Payouts
  - description: Manage outbound webhook endpoints and deliveries
    name: Webhooks
paths:
  /v1/webhooks/{id}/rotate-secret:
    post:
      tags:
        - Webhooks
      summary: Rotate the signing secret for a webhook endpoint
      operationId: WebhookController_rotateSecret
      parameters:
        - description: Webhook endpoint ID
          in: path
          name: id
          required: true
          schema:
            example: 123e4567-e89b-12d3-a456-426614174000
            format: uuid
            type: string
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/WebhookEndpointCreatedResponseDto'
          description: New signing secret. Shown only once.
        '401':
          description: Unauthorized
        '404':
          description: Endpoint not found
      security:
        - bearer: []
components:
  schemas:
    WebhookEndpointCreatedResponseDto:
      properties:
        createdAt:
          description: Creation timestamp
          type: string
        enabled:
          description: Whether the endpoint is enabled
          type: boolean
        events:
          description: Subscribed event types
          items:
            enum:
              - payout.processing
              - payout.paid
              - payout.failed
              - payout.reverted
              - payout.cancelled
              - webhook.test
              - account.created
            type: string
          type: array
        id:
          description: Endpoint ID
          type: string
        signingSecret:
          description: >-
            Signing secret (plaintext, shown only once). Use this to verify
            webhook signatures.
          example: whsec_a1b2c3d4e5f6...
          type: string
        signingSecretHint:
          description: Last 4 characters of the signing secret
          example: ab1f
          type: string
        updatedAt:
          description: Last update timestamp
          type: string
        url:
          description: Webhook URL
          type: string
      required:
        - id
        - url
        - events
        - enabled
        - signingSecretHint
        - createdAt
        - updatedAt
        - signingSecret
      type: object
  securitySchemes:
    bearer:
      bearerFormat: JWT
      description: Enter Auth0 JWT token
      scheme: bearer
      type: http

````