> ## Documentation Index
> Fetch the complete documentation index at: https://docs.lerian.studio/llms.txt
> Use this file to discover all available pages before exploring further.

# Register a webhook subscription

> Registers a webhook subscription for the request tenant. The secret is used only for display and validation; it is never persisted in cleartext (only a SHA-256 hash). In BYOC the real signing secret comes from the client's Kubernetes Secret.



## OpenAPI

````yaml en/openapi/v3-current/slc.yaml post /webhooks
openapi: 3.0.3
info:
  title: Lerian SLC API
  description: >-
    API for Lerian SLC — the participant-side rail that connects the institution
    to Núclea's SLC deferred-net card settlement. It covers settlement-operation
    intake and lifecycle, clearing positions, the participant and arrangement
    registry, transmission recovery and connectivity to Núclea, BYOK Model-A
    signing-key import, and tenant-scoped webhooks.
  version: v1.0.0
servers:
  - url: https://slc.sandbox.lerian.net
security: []
tags:
  - name: Admin
    description: Tenant configuration and dead-letter administration.
  - name: Clearing
    description: Deferred-net clearing positions for the settlement institution.
  - name: Connectivity
    description: >-
      Transmission recovery drains, retransmission, and connectivity probes to
      Núclea.
  - name: Operations
    description: Settlement operation intake, lifecycle, and state history.
  - name: Participants
    description: Participant registry for the tenant.
  - name: Arrangements
    description: Card and scheme arrangements per participant.
  - name: SigningKey
    description: BYOK Model-A signing-key import for message signing.
  - name: Webhooks
    description: Tenant-scoped webhook subscriptions, deliveries, and replay.
paths:
  /webhooks:
    post:
      tags:
        - Webhooks
      summary: Register a webhook subscription
      description: >-
        Registers a webhook subscription for the request tenant. The secret is
        used only for display and validation; it is never persisted in cleartext
        (only a SHA-256 hash). In BYOC the real signing secret comes from the
        client's Kubernetes Secret.
      operationId: createWebhook
      requestBody:
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/http.CreateWebhookRequest'
        description: Webhook subscription to create
        required: true
      responses:
        '201':
          description: Created
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/http.WebhookResponse'
        '400':
          description: Bad Request
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/http.ErrorResponse'
        '401':
          description: Unauthorized
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/http.ErrorResponse'
        '403':
          description: Forbidden
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/http.ErrorResponse'
        '422':
          description: Unprocessable Entity
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/http.ErrorResponse'
        '500':
          description: Internal Server Error
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/http.ErrorResponse'
      security:
        - BearerAuth: []
components:
  schemas:
    http.CreateWebhookRequest:
      properties:
        active:
          type: boolean
        description:
          type: string
        events:
          items:
            type: string
          type: array
        headers:
          additionalProperties:
            type: string
          type: object
        secret:
          type: string
        timeoutSeconds:
          minimum: 1
          type: integer
        url:
          type: string
      required:
        - events
        - url
      type: object
    http.WebhookResponse:
      properties:
        active:
          type: boolean
        createdAt:
          type: string
        description:
          type: string
        events:
          items:
            type: string
          type: array
        failureCount:
          type: integer
        id:
          type: string
        lastDeliveryAt:
          type: string
        lastDeliveryStatus:
          type: integer
        successCount:
          type: integer
        updatedAt:
          type: string
        url:
          type: string
      type: object
    http.ErrorResponse:
      properties:
        code:
          type: string
        details:
          additionalProperties: {}
          type: object
        message:
          type: string
        title:
          type: string
      type: object
  securitySchemes:
    BearerAuth:
      description: 'Bearer token authentication (format: "Bearer {token}")'
      in: header
      name: Authorization
      type: apiKey

````