Get Webhook Destination
Retrieve one webhook destination with its secret_shared_key signing secret and delivery health summary. API-key callers always receive the secret in full; Console users without read:webhooks see an empty string.
Authorizations
Path Parameters
UUID of the destination (the uuid returned from create / list).
Response
Webhook destination details.
v1, v2, v3 HMAC signing secret (43-character URL-safe token). Always returned in full to API-key callers; Console users need read:webhooks, otherwise an empty string.
Event filter for this webhook destination. Didit delivers only webhooks whose event type exactly matches one of these values — there is no wildcard subscription. When sent, the list must contain at least one valid event (an explicit [] is rejected with 400); a destination whose list is empty (field omitted at create) receives nothing. On update the list is replaced wholesale, never merged.
1Supported webhook event name. Use these exact strings in subscribed_events; unsupported values are rejected.
status.updated, data.updated, user.status.updated, user.data.updated, business.status.updated, business.data.updated, activity.created, transaction.created, transaction.status.updated ["status.updated", "data.updated"]Delivery health metrics aggregated over the destination's lifetime.