Getting StartedWebhooks

Webhook Configuration

Manage webhook subscriptions, secrets, and API access

Overview

All webhook-related API endpoints require authentication and appropriate permissions.

Permission Model

To work with webhooks, the following permissions are used:

  • webhook_subscription_read
  • webhook_subscription_edit
  • delivery_audit_read
EndpointOperationsRequired permission
/api/v1/event-deliveries/secretslist / get detailswebhook_subscription_read
/api/v1/event-deliveries/secretscreate, patch, rotate, deletewebhook_subscription_edit
/api/v1/event-deliveries/subscriptionslist / get detailswebhook_subscription_read
/api/v1/event-deliveries/subscriptionscreate, update, activate, deactivatewebhook_subscription_edit
/api/v1/event-deliveries/subscriptions/{id}/deliveriesview deliveries for one subscriptiondelivery_audit_read
/api/v1/event-deliveries/deliverieslist / get delivery detailsdelivery_audit_read
/api/v1/event-deliveries/env-variableslist / get detailswebhook_subscription_read
/api/v1/event-deliveries/env-variablescreate, update, deletewebhook_subscription_edit

Minimum Required Permissions

For users who only configure webhooks:

  • webhook_subscription_read
  • webhook_subscription_edit

Investigating Delivery Issues

To view delivery attempts, failures, and retries:

  • delivery_audit_read

Role Assignment

These permissions were included in the Event Publisher permission in the Fynapse REST API Client role available by default in Fynapse.

Ensure that:

  • users configuring webhooks have this role assigned
  • or an equivalent custom role with these permissions