Projects
Events
Campaigns
Subscriptions
- PATCHBulk toggle the current contact’s subscription states
- GETList subscription types
- POSTCreate a subscription type
- GETGet a subscription type
- PATCHUpdate a subscription type
- POSTBulk toggle subscription states across many contacts
- GETList a contact’s subscription states
- PATCHBulk toggle a contact’s subscription states
Journeys
Templates
Contacts
API keys
Organisation
curl --request PATCH \
--url https://apix.spotzee.com/api/client/webhooks/{endpointId} \
--header 'Authorization: Bearer <token>' \
--header 'Content-Type: application/json' \
--data '
{
"name": "<string>",
"description": "<string>",
"url": "<string>",
"status": "active",
"event_types": [
"delivery.delivered"
]
}
'{
"id": 17,
"project_id": 42,
"name": "Order events to billing service",
"url": "https://api.example.com/spotzee/webhooks",
"status": "active",
"event_types": [
"delivery.delivered",
"delivery.failed"
],
"has_secret": true,
"created_at": "<string>",
"updated_at": "<string>",
"description": "<string>"
}Update a webhook endpoint
Partial update of a webhook endpoint. To rotate the signing secret, call POST /webhooks/{endpointId}/rotate-secret instead — secret changes are not accepted on this route.
Idempotent — pass an Idempotency-Key header to make safely retryable. On a replay the original response is returned with Idempotent-Replayed: true. See the API conventions guide for the full state machine, TTL, and mismatch behaviour.
curl --request PATCH \
--url https://apix.spotzee.com/api/client/webhooks/{endpointId} \
--header 'Authorization: Bearer <token>' \
--header 'Content-Type: application/json' \
--data '
{
"name": "<string>",
"description": "<string>",
"url": "<string>",
"status": "active",
"event_types": [
"delivery.delivered"
]
}
'{
"id": 17,
"project_id": 42,
"name": "Order events to billing service",
"url": "https://api.example.com/spotzee/webhooks",
"status": "active",
"event_types": [
"delivery.delivered",
"delivery.failed"
],
"has_secret": true,
"created_at": "<string>",
"updated_at": "<string>",
"description": "<string>"
}Documentation Index
Fetch the complete documentation index at: https://docs.spotzee.com/llms.txt
Use this file to discover all available pages before exploring further.
Authorizations
Project-scoped secret API key (sk_…). Pass in the Authorization: Bearer <key> header. Grants access to the project the key was issued for.
Path Parameters
Numeric webhook endpoint identifier.
17
Body
Partial update of a webhook endpoint. To rotate the signing secret, use POST /webhooks/{endpointId}/rotate-secret instead.
Human-readable name shown in dashboards.
1 - 255Optional free-text note describing the endpoint.
HTTPS URL the signed event payload will be POSTed to.
Set to active to receive deliveries; inactive to pause without losing config. disabled is reserved for the system to set after repeated delivery failures.
active, inactive, disabled "active"
Replace the set of subscribed events. At least one is required.
1Event the endpoint is subscribed to. Each event identifies a queue, delivery, reputation, or infrastructure signal. See the events reference for full descriptions.
queue.queue-message-authenticated, queue.rescheduled, queue.quota-exceeded, delivery.concurrency-limit-exceeded, delivery.attempt-start, delivery.attempt-end, delivery.completed, delivery.delivered, delivery.dsn-perm-fail, delivery.dsn-temp-fail, delivery.failed, delivery.mail-from-rejected, delivery.message-rejected, delivery.rcpt-to-rejected, delivery.rcpt-to-failed, delivery.mx-lookup-failed, delivery.ip-lookup-failed, delivery.null-mx, delivery.connect-error, delivery.greeting-failed, delivery.ehlo-rejected, delivery.start-tls-error, delivery.start-tls-unavailable, delivery.implicit-tls-error, incoming-report.abuse-report, incoming-report.fraud-report, incoming-report.virus-report Response
The updated webhook endpoint.
Configured destination that receives signed event payloads when subscribed events fire. Verify each delivery using the Spotzee-Signature header — t=<unix-ts>,v1=<hex-hmac-sha256> — with HMAC-SHA-256 over "<unix-ts>.<raw-request-body>" keyed by the signing secret. Reject signatures whose timestamp is more than 5 minutes from now.
Numeric webhook endpoint identifier.
17
Identifier of the owning project.
42
Human-readable name shown in dashboards.
"Order events to billing service"
HTTPS URL the signed event payload will be POSTed to.
"https://api.example.com/spotzee/webhooks"
Lifecycle state of the endpoint. active receives events; inactive is paused by the user; disabled was suspended by the system after repeated delivery failures.
active, inactive, disabled "active"
Events the endpoint is subscribed to.
Event the endpoint is subscribed to. Each event identifies a queue, delivery, reputation, or infrastructure signal. See the events reference for full descriptions.
queue.queue-message-authenticated, queue.rescheduled, queue.quota-exceeded, delivery.concurrency-limit-exceeded, delivery.attempt-start, delivery.attempt-end, delivery.completed, delivery.delivered, delivery.dsn-perm-fail, delivery.dsn-temp-fail, delivery.failed, delivery.mail-from-rejected, delivery.message-rejected, delivery.rcpt-to-rejected, delivery.rcpt-to-failed, delivery.mx-lookup-failed, delivery.ip-lookup-failed, delivery.null-mx, delivery.connect-error, delivery.greeting-failed, delivery.ehlo-rejected, delivery.start-tls-error, delivery.start-tls-unavailable, delivery.implicit-tls-error, incoming-report.abuse-report, incoming-report.fraud-report, incoming-report.virus-report ["delivery.delivered", "delivery.failed"]
Whether a signing secret is currently configured. The plaintext secret itself is only returned on create and on rotate — never re-fetched.
Time the endpoint was created. ISO 8601.
Time the endpoint was last modified. ISO 8601.
Optional free-text note describing the endpoint.
Was this page helpful?