Update Webhook Endpoint
Update a webhook endpoint’s URL, subscribed events, or active status.
Authorizations
Send the credential as Authorization: Bearer <key>.
Scoped partner credentials use the exclusive nxsk_v1_... namespace.
Each scoped key is bound at issuance to one organization, one canonical
named environment, an explicit engine set, and a least-privilege
capability set. A malformed, unknown, rotated, or revoked nxsk_ key
fails closed and is never retried as a legacy key.
Capabilities used by this API are runs:write, runs:read,
engines:read, catalog:read, webhooks:manage,
runs:defensibility:read, runs:test, and converse:use. Operation
descriptions name the required capability.
Grandfathered nx_live_... and nx_test_... keys retain their existing
broad access during the compatibility window.
Path Parameters
Webhook endpoint UUID.
Body
At least one field is required.
1run.completed, run.failed, run.superseded 256Set to null to clear the bearer token.
1024Delivery body shape. Omit to keep the current mode; an empty value is rejected.
full, thin Response
Updated endpoint.
Endpoint identifier.
Delivery target URL.
Environment this endpoint receives events from.
test, live Subscribed event types.
run.completed, run.failed, run.superseded Whether the endpoint is active.
Whether an auth token is set (the token value is never returned).
Payload version string (e.g. 2026-03-22).
RFC 3339 creation timestamp.
Human-readable description.
Delivery body shape. full (default) carries the complete run; thin carries only run identifiers and terminal status.
full, thin Exact instant when the previous secret stops being valid.
Present only while the system has deactivated the endpoint after a consecutive dead-letter streak. Cleared on re-enable.
Actor that deactivated the endpoint (system for the automatic dead-letter streak deactivation). Present only while deactivated.
Why the endpoint was deactivated, including the triggering delivery ID. Present only while deactivated.
RFC 3339 last-update timestamp.