Ctrl+K

Register a webhook signing key

post/api/policy/v1/enterprises/{enterpriseId}/webhooks/keys

Registers a new webhook signing key for an enterprise. The key can be provided inline via a JWKS payload or referenced via a JWKS URI.

Authorization: Caller must be an admin of the specified enterprise.

Path Parameters

enterpriseIdstringRequired
The enterprise ID.

Request Body

jwks object

Inline JWKS payload containing the public key(s). Mutually exclusive with jwksUri.

keys array[object] required

Array of JWK objects.

jwksUri string

URI pointing to a hosted JWKS endpoint. Mutually exclusive with jwks.

Example: https://example.com/.well-known/jwks.json

keyName string

Human-readable name for the key.

Example: Production Webhook Key

201 Response

id string <uuid>required

Internal UUID of the registered key.

Example: f47ac10b-58cc-4372-a567-0e02b2c3d479

keyId string required

The derived key identifier.

Example: customer-prod-key-2026

algorithm

string or null

The signing algorithm (EdDSA or ECDSA). Null for JWKS URI registrations.

Allowed values: EdDSA ECDSA

Example: EdDSA

jwksUri

string or null

The JWKS URI if the key was registered via URI.

Example: https://example.com/.well-known/jwks.json

status string required

Status of the newly registered key.

Example: ACTIVE

createdDate string <date-time>required

When the key was registered.

Example: 2026-01-12T10:30:00.000Z

400 Response

One of

code string

message string

status integer

401 Response

code string

message string

status integer

403 Response

code string

message string

status integer

409 Response

code string

message string

status integer

500 Response

code string

message string

status integer

Is this page helpful?