Skip to main content
POST
http://localhost:8001
/
webhooks
/
register
curl -X POST http://localhost:8001/webhooks/register \
  -H "Content-Type: application/json" \
  -d '{
    "customer_id": "550e8400-e29b-41d4-a716-446655440000",
    "endpoint_url": "https://example.com/webhooks/quint"
  }'

{
  "webhook_id": "a5b6c7d8-e9f0-1234-abcd-567890123456",
  "endpoint_url": "https://example.com/webhooks/quint",
  "secret": "whsec_k7m2p9x4r1n6t3w8j5q0v..."
}
The auth service is deployed on a private network. All endpoints except /health are internal management-plane operations.

Request Body

customer_id
string
required
UUID of the customer to register the webhook for.
endpoint_url
string
required
HTTPS URL to receive webhook event notifications.

Response

webhook_id
string
UUID of the newly registered webhook.
endpoint_url
string
The registered endpoint URL echoed back.
secret
string
Webhook signing secret, prefixed with whsec_. Store this securely — it is only returned once. Use it to verify the X-Quint-Signature header on incoming webhook payloads.
curl -X POST http://localhost:8001/webhooks/register \
  -H "Content-Type: application/json" \
  -d '{
    "customer_id": "550e8400-e29b-41d4-a716-446655440000",
    "endpoint_url": "https://example.com/webhooks/quint"
  }'

{
  "webhook_id": "a5b6c7d8-e9f0-1234-abcd-567890123456",
  "endpoint_url": "https://example.com/webhooks/quint",
  "secret": "whsec_k7m2p9x4r1n6t3w8j5q0v..."
}