Skip to main content
PUT
/
webhooks
/
{id}
curl --request PUT \
  --url https://api.autosend.com/v1/webhooks/60d5ec49f1b2c72d9c8b1234 \
  --header 'Authorization: Bearer AS_your-api-key' \
  --header 'Content-Type: application/json' \
  --data '{
  "events": ["email.delivered", "email.opened", "email.clicked"],
  "isActive": false
}'

{
  "success": true,
  "message": "Webhook updated successfully",
  "data": {
    "webhook": {
      "id": "60d5ec49f1b2c72d9c8b1234",
      "organizationId": "60d5ec49f1b2c72d9c8b0000",
      "projectId": "60d5ec49f1b2c72d9c8b1111",
      "url": "https://example.com/webhooks/autosend",
      "secret": "***hidden***",
      "events": ["email.delivered", "email.opened", "email.clicked"],
      "isActive": false,
      "createdAt": "2026-06-01T09:00:00.000Z",
      "updatedAt": "2026-06-12T11:00:00.000Z"
    }
  }
}
This endpoint accepts a project API key (AS_ prefix). The signing secret is immutable — create a new webhook to rotate it. Supplying a secret field returns a 400 error.
curl --request PUT \
  --url https://api.autosend.com/v1/webhooks/60d5ec49f1b2c72d9c8b1234 \
  --header 'Authorization: Bearer AS_your-api-key' \
  --header 'Content-Type: application/json' \
  --data '{
  "events": ["email.delivered", "email.opened", "email.clicked"],
  "isActive": false
}'

{
  "success": true,
  "message": "Webhook updated successfully",
  "data": {
    "webhook": {
      "id": "60d5ec49f1b2c72d9c8b1234",
      "organizationId": "60d5ec49f1b2c72d9c8b0000",
      "projectId": "60d5ec49f1b2c72d9c8b1111",
      "url": "https://example.com/webhooks/autosend",
      "secret": "***hidden***",
      "events": ["email.delivered", "email.opened", "email.clicked"],
      "isActive": false,
      "createdAt": "2026-06-01T09:00:00.000Z",
      "updatedAt": "2026-06-12T11:00:00.000Z"
    }
  }
}

Authorizations

Authorizations
string | header
required
Project API key header of the form Bearer AS_<key>.

Path Parameters

id
string
required
The unique identifier of the webhook.Example: "60d5ec49f1b2c72d9c8b1234"

Body

All fields are optional — only the fields you supply are updated.
url
string
A new destination URL (must include the http/https protocol).Example: "https://example.com/webhooks/autosend"
events
string[]
Replaces the subscribed event list. Must contain at least one valid event.Example: ["email.delivered", "email.opened"]
isActive
boolean
Enable or disable delivery without deleting the webhook.Example: false

Response

Webhook updated successfully (200)
success
boolean
Indicates if the request was successful
data
object
Wrapper containing the updated webhook object (secret masked)

Error Responses

400 - Secret update not allowed
object
Returned when a secret field is included in the request body.
{
  "success": false,
  "error": {
    "message": "Secret cannot be updated. Create a new webhook instead.",
    "code": "VALIDATION_ERROR",
  }
}
404 - Webhook not found
object
Returned when no webhook with the given ID exists in the project.
{
  "success": false,
  "error": {
    "message": "Webhook not found",
    "code": "WEBHOOK_NOT_FOUND",
  }
}