Create an endpoint
url must be https://. The name field is optional and is only used in the dashboard for display.
Update an endpoint
PATCH /v1/webhooks/endpoints/:endpoint_id accepts any subset of name, url, enabled, subscribed_event_types, and undelivered_payload_retention_hours. To temporarily stop deliveries without losing the configuration, set enabled: false — disabled endpoints retain history and can be re-enabled later.
Undelivered payload retention
Delivered webhook payloads are scrubbed immediately after the first successful2xx response. The undelivered_payload_retention_hours setting only controls how long Kayle keeps encrypted payloads after a delivery exhausts automatic retries and becomes failed.
Supported values are 0, 24, 72, and 168 hours. New endpoints default to 72. Use 0 if you do not want manual retry or replay after final delivery failure; use a longer window if your downstream service may need time to recover from an outage.
Reveal or rotate the signing secret
Reveal the current secret (admin-only, owner role required):Delete an endpoint
Encryption keys
Webhook payloads are always JWE-encrypted. A new endpoint cannot receive deliveries until you register an active encryption key on it — the API will record afailed delivery row instead of sending the body. Register a key immediately after creation. See Encrypted payloads for the registration flow and decryption guidance.
Permissions
Managing endpoints requireswebhooks:write on an API key, or the admin / owner role on a session-cookie caller. Reading lists endpoints requires webhooks:read or any role. See Scopes for the full mapping.