# Webhooks

Configure signed webhook deliveries for contacts, conversations, and messages.

8 operations in the Webhooks resource group.

## Operations

- [Get webhook settings](/reference/webhooks/get-webhook-settings.md) - GET `/webhooks` - Returns the current tenant webhook configuration, selected event types, and event types that can be subscribed to.
- [Update webhook settings](/reference/webhooks/update-webhook-settings.md) - PATCH `/webhooks` - Partially updates the single webhook configuration for the current tenant. Select event types from availableEventTypes.
- [Delete webhook settings](/reference/webhooks/delete-webhook-settings.md) - DELETE `/webhooks` - Disables and removes the current tenant webhook configuration. Attempt logs remain visible for the retention window.
- [Verify webhook delivery](/reference/webhooks/verify-webhook.md) - POST `/webhooks/verify` - Sends a signed synthetic webhook test event to the supplied URL or the saved webhook URL.
- [List webhook delivery attempts](/reference/webhooks/list-webhook-attempts.md) - GET `/webhooks/attempts` - Returns newest-first webhook delivery attempts from the last 7 days. Use this for delivery debugging, not long-term audit.
- [List webhook signing keys for the current tenant](/reference/webhooks/list-webhook-signing-keys.md) - GET `/webhooks/signing-keys` - Returns the active and any expiring (mid-rotation) webhook signing keys.
On the very first call for a tenant, a key is bootstrapped automatically
and its plaintext is included in the response — exactly once. Subsequent
calls return metadata only (no plaintext).
- [Rotate the webhook signing key](/reference/webhooks/rotate-webhook-signing-key.md) - POST `/webhooks/signing-keys/rotate` - Generates a new signing key for webhook deliveries and demotes the previous
active key to "expiring" with a 24h overlap. During the overlap, both
keys are valid signers; receivers can update at their own pace.
Returns the plaintext of the newly-generated key exactly once.
- [Webhook payloads](/reference/webhooks/receive-webhook-event.md) - POST `{configured webhook URL}` - Endpoint shape implemented by external webhook receivers. Return any 2xx response after accepting an event.

## Schemas

- [ProblemDetails](/reference/schemas/problem-details.md) - object - RFC 9457 Problem Details response with a stable Flownally error code.
- [FieldViolation](/reference/schemas/field-violation.md) - object
- [Window](/reference/schemas/messaging-window.md) - object - Tells a client whether the current actor can send in this conversation right now.
- [WebhookSettings](/reference/schemas/webhook-settings.md) - object - Single tenant-level webhook configuration.
- [WebhookEventType](/reference/schemas/webhook-event-type.md) - enum
- [UpdateWebhookSettingsRequest](/reference/schemas/update-webhook-settings-request.md) - object
- [VerifyWebhookRequest](/reference/schemas/verify-webhook-request.md) - object
- [VerifyWebhookResponse](/reference/schemas/verify-webhook-response.md) - object
- [WebhookEventName](/reference/schemas/webhook-event-name.md) - string - Webhook event name. Resource webhooks use documented event types; journey and chatbot webhook blocks can use tenant-defined names.
- [WebhookAttemptStatus](/reference/schemas/webhook-attempt-status.md) - enum
- [ListWebhookAttemptsResponse](/reference/schemas/list-webhook-attempts-response.md) - object
- [WebhookAttempt](/reference/schemas/webhook-attempt.md) - object
- [ListWebhookSigningKeysResponse](/reference/schemas/list-webhook-signing-keys-response.md) - object
- [WebhookSigningKey](/reference/schemas/webhook-signing-key.md) - object
- [RotateWebhookSigningKeyResponse](/reference/schemas/rotate-webhook-signing-key-response.md) - object