Get webhook subscription.

curl --request GET \
  --url https://sandbox.api.openfx.com/v1/webhooks/subscriptions/{webhookSubscriptionId} \
  --header 'Authorization: Bearer <token>' \
  --header 'X-Signature: <api-key>' \
  --header 'X-Timestamp: <api-key>'

{
  "id": "wsub_01953e1a5f4b700a",
  "url": "https://example.com/webhooks/openfx",
  "status": "active",
  "eventTypes": [
    "payment.completed",
    "payment.failed",
    "payment.returned"
  ],
  "description": "Payment notifications",
  "createdAt": "2026-02-23T12:00:00Z",
  "updatedAt": "2026-02-23T12:00:00Z"
}

GET

webhooks

subscriptions

{webhookSubscriptionId}

Get webhook subscription.

curl --request GET \
  --url https://sandbox.api.openfx.com/v1/webhooks/subscriptions/{webhookSubscriptionId} \
  --header 'Authorization: Bearer <token>' \
  --header 'X-Signature: <api-key>' \
  --header 'X-Timestamp: <api-key>'

{
  "id": "wsub_01953e1a5f4b700a",
  "url": "https://example.com/webhooks/openfx",
  "status": "active",
  "eventTypes": [
    "payment.completed",
    "payment.failed",
    "payment.returned"
  ],
  "description": "Payment notifications",
  "createdAt": "2026-02-23T12:00:00Z",
  "updatedAt": "2026-02-23T12:00:00Z"
}

Authorizations

Authorization

string

header

required

API key issued at onboarding. Passed as a Bearer token in the Authorization header: Authorization: Bearer <api-key>. Identifies the caller and determines organization scope. Invalid or revoked keys return 401 with error type authentication_error.

X-Signature

string

header

required

Ed25519 or RSA-SHA256 asymmetric signature over the request payload (ADR-0015). Provides request integrity and non-repudiation. The signature covers the HTTP method, path, query string, request body, and timestamp. Invalid signatures return 401 with error type authentication_error.

X-Timestamp

string

header

required

Unix timestamp (seconds) of when the request was signed. Server rejects requests where the timestamp drifts beyond +/-60 seconds from server time to prevent replay attacks. Must match the timestamp used in the signature computation.

Path Parameters

webhookSubscriptionId

string

required

Unique identifier of the webhook subscription (wsub_ prefix). Webhook subscription resource identifier.

Pattern: ^wsub_[A-Za-z0-9]+$

Example:

"wsub_01953e1a5f4b700a"

Response

Webhook subscription details.

A webhook subscription that receives event deliveries.

string

required

Webhook subscription resource identifier.

Pattern: ^wsub_[A-Za-z0-9]+$

Example:

"wsub_01953e1a5f4b700a"

url

string<uri>

required

Fully qualified URL.

Example:

"https://example.com"

eventTypes

string[]

required

Event types to subscribe to. Use ["*"] for all events.

status

enum<string>

required

Status of a webhook subscription.

Available options:

active,

suspended,

disabled

createdAt

string<date-time>

required

UTC timestamp in RFC 3339 / ISO 8601 format.

Example:

"2026-02-23T12:00:00Z"

description

string

metadata

object

Consumer-defined key-value store. Available on all primary resources. Max 50 keys. Keys must match ^[a-zA-Z0-9_]{1,40}$. Values are strings (max 500 chars) or null.

Show child attributes

updatedAt

string<date-time>

UTC timestamp in RFC 3339 / ISO 8601 format.

Example:

"2026-02-23T12:00:00Z"

List webhook subscriptions Update webhook subscription

Identity & Onboarding

Accounts & Balances

FX & Conversions

Counterparties & Payment Methods

Payments & Transfers

Ledger

Events & Webhooks

Payment Rails Discovery

Get webhook subscription.

Authorizations

Path Parameters

Response