Register webhook endpoint
Registers a webhook endpoint that receives control-plane event deliveries. The provided secret is encrypted at rest with AES-256-GCM. The eventTypes array is required and must contain canonical control-plane event constants (str.operation., str.readiness., str.certificate., str.approval.). Idempotent — replaying the same X-Idempotency key with the same body returns the cached response.
Authorizations
JWT bearer token issued by the identity provider.
Headers
Idempotency key (canonical).
Idempotency key (legacy alias).
Idempotency key TTL in seconds (overrides the configured default).
"86400"
Body
Canonical control-plane event types to subscribe to (str.operation., str.readiness., str.certificate., str.approval.); at least one required.
[
"str.operation.accepted",
"str.operation.received"
]Shared signing secret (16-512 chars); encrypted at rest with AES-256-GCM and never returned.
"whsec_..."
HTTPS endpoint that receives event deliveries; max 2048 chars and subject to an SSRF check.
"https://example.com/webhooks/str-events"
Whether the endpoint is active and eligible to receive deliveries; defaults to active when omitted.
Arbitrary client-defined key/value metadata stored with the endpoint.

