Skip to main content
PATCH
/
api
/
webhooks
/
{id}
Update Webhook
curl --request PATCH \
  --url https://app.opencomputer.dev/api/webhooks/{id} \
  --header 'Content-Type: application/json' \
  --header 'X-API-Key: <api-key>' \
  --data '
{
  "url": "<string>",
  "eventTypes": [
    "<string>"
  ],
  "enabled": true,
  "rotateSecret": true,
  "name": "<string>"
}
'
{
  "id": "whk_3f9a2c",
  "name": "prod",
  "url": "https://app.example.com/oc-webhook",
  "eventTypes": ["sandbox.stopped", "sandbox.ready"],
  "sandboxId": null,
  "enabled": true,
  "hasSecret": true,
  "createdAt": "2026-06-24T12:00:00Z",
  "updatedAt": "2026-06-24T12:05:00Z"
}
Update a destination — pause/resume, retune filters, change the URL, or rotate the secret. See Webhooks.
id
string
required
Destination ID (whk_…).
url
string
New HTTPS endpoint.
eventTypes
string[]
Replace the event-type allow-list (unknown types are rejected with 400). Pass null to clear it (deliver all types).
enabled
boolean
Pause (false) or resume (true) delivery. Pausing does not drop events — events that occur while paused are queued and delivered when you re-enable.
rotateSecret
boolean
Rotate to a new generated signing secret, returned as secret in the response. The previous secret stays valid for a short rollover window so in-flight deliveries still verify. (To set a specific secret, create a new destination.)
name
string
Rename the destination.
sandboxId (scope) is immutable — set it at create; it can’t be changed here. The current signing secret is re-fetchable any time via GET /api/webhooks/{id}/secret.
{
  "id": "whk_3f9a2c",
  "name": "prod",
  "url": "https://app.example.com/oc-webhook",
  "eventTypes": ["sandbox.stopped", "sandbox.ready"],
  "sandboxId": null,
  "enabled": true,
  "hasSecret": true,
  "createdAt": "2026-06-24T12:00:00Z",
  "updatedAt": "2026-06-24T12:05:00Z"
}