Request body
json
{
"name": "audit-sync",
"url": "https://example.com/hooks/license",
"events": ["license.generated", "license.revoked"],
"enabled": true
}API Endpoint
POST /management/webhooks
Create a webhook endpoint configuration for selected event types.
POST /management/webhooks
Endpoint context
Use these endpoints from internal tooling or your frontend backend to manage slug policy templates, provisioning API keys, and webhook endpoint configuration. Management routes require the management bootstrap key configured via MANAGEMENT_API_KEYS or MANAGEMENT_API_KEY.
- Requires management API key auth.
- URL must be absolute and use http or https.
- Events must be supported values documented in Webhook Concepts.
- Outbound webhook requests include an Idempotency-Key header (sls-webhook-<delivery_id>) for receiver-side dedupe.
license.generatedlicense.activatedlicense.deactivatedlicense.validatedlicense.validation_failedlicense.revoked
bash
curl -sS http://localhost:8080/management/webhooks \
-H "Authorization: Bearer management_key_dev_123456" \
-H "Content-Type: application/json" \
-d '{
"name": "audit-sync",
"url": "https://example.com/hooks/license",
"events": ["license.generated", "license.revoked"],
"enabled": true
}'Response body
json
{
"id": 1,
"name": "audit-sync",
"url": "https://example.com/hooks/license",
"events": ["license.generated", "license.revoked"],
"enabled": true,
"created_at": "2026-04-21T12:00:00Z",
"updated_at": "2026-04-21T12:00:00Z"
}Response field types
id
number
Webhook endpoint id.
name
string
Operator-friendly endpoint name.
url
string
Destination URL for outbound events.
events
array<string>
Subscribed event list.
enabled
boolean
Whether endpoint receives events.
created_at
string
RFC3339 creation timestamp.
updated_at
string
RFC3339 last update timestamp.
Error codes
400
Invalid JSON, invalid URL, or unsupported event values.
401
Missing or invalid management API key.
500
Unexpected server or storage error.