---
api: 'Merchant API'
---
# Retrieve a webhook
Get the details of a specific webhook, including its `signing_secret`.
## Endpoint
GET `/api/webhooks/{webhook_id}`
## Returns
### 200
OK
#### Response attributes
- `id` (string)
The ID of the webhook.
- `url` (string)
Your webhook's URL to which event notifications will be sent.
Must be a valid HTTP or HTTPS URL, capable of receiving `POST` requests.
:::warning
Restrictions:
- Must be a valid URI as defined by [RFC 3986](https://datatracker.ietf.org/doc/html/rfc3986)
- URI scheme is required and must be either `http` or `https`
- URI host is required and cannot be `localhost` or an IP address
- Max length: `2000`
- Reserved or invalid characters must be percent-encoded (for example, use `%20` instead of a space)
:::
- `events` (array of enum)
List of event types that the webhook is configured to listen to.
Each event is related to status changes of a specific object in the Merchant API:
| Object | Event types |
| --------- | ----------- |
| `Order` | - `ORDER_COMPLETED`
- `ORDER_AUTHORISED`
- `ORDER_CANCELLED`
- `ORDER_FAILED`
- `ORDER_INCREMENTAL_AUTHORISATION_AUTHORISED`
- `ORDER_INCREMENTAL_AUTHORISATION_DECLINED`
- `ORDER_INCREMENTAL_AUTHORISATION_FAILED`
|
| `Payment` | - `ORDER_PAYMENT_AUTHENTICATION_CHALLENGED`
- `ORDER_PAYMENT_AUTHENTICATED`
- `ORDER_PAYMENT_DECLINED`
- `ORDER_PAYMENT_FAILED`
|
| `Subscription` | - `SUBSCRIPTION_INITIATED`
- `SUBSCRIPTION_FINISHED`
- `SUBSCRIPTION_CANCELLED`
- `SUBSCRIPTION_OVERDUE`
|
| `Payout` | - `PAYOUT_INITIATED`
- `PAYOUT_COMPLETED`
- `PAYOUT_FAILED`
|
| `Dispute` | - `DISPUTE_ACTION_REQUIRED`
- `DISPUTE_UNDER_REVIEW`
- `DISPUTE_WON`
- `DISPUTE_LOST`
|
- `signing_secret` (string)
The signing secret for the webhook. Use it to verify the signature for the webhook request's payload.
## Error responses
| HTTP status code | Description |
| --- | --- |
| 401 | Unauthorized |
| 404 | Not Found |