Send test webhook delivery.
Sends a test event to the subscription URL for verification.
Authorizations
API key issued at onboarding. Passed as a Bearer token in the Authorization header: Authorization: Bearer <api-key>. Identifies the caller and determines organization scope. Invalid or revoked keys return 401 with error type authentication_error.
Ed25519 or RSA-SHA256 asymmetric signature over the request payload (ADR-0015). Provides request integrity and non-repudiation. The signature covers the HTTP method, path, query string, request body, and timestamp. Invalid signatures return 401 with error type authentication_error.
Unix timestamp (seconds) of when the request was signed. Server rejects requests where the timestamp drifts beyond +/-60 seconds from server time to prevent replay attacks. Must match the timestamp used in the signature computation.
Headers
Idempotency key for this request. UUID v4 recommended. Max 128 characters. 24-hour retention. Same key + same body replays original response with Idempotency-Replayed: true. Same key + different body returns 409 (code: duplicate_idempotency_key). Same key while the original request is still processing returns 409 with a Retry-After header (code: idempotency_key_in_flight).
128"550e8400-e29b-41d4-a716-446655440000"
Path Parameters
Unique identifier of the webhook subscription (wsub_ prefix). Webhook subscription resource identifier.
^wsub_[A-Za-z0-9]+$"wsub_01953e1a5f4b700a"
Response
Test delivery sent.
A single webhook delivery attempt.
Webhook delivery resource identifier.
^whd_[A-Za-z0-9]+$"whd_01953e1a5f4b7100"
Webhook subscription resource identifier.
^wsub_[A-Za-z0-9]+$"wsub_01953e1a5f4b700a"
Type of event. Namespaced as resource.action.
entity.created, entity.updated, entity_relationship.created, entity_relationship.deleted, customer.created, customer.status_changed, customer.kyb_status_changed, account.created, account.status_changed, account_number.created, account_number.status_changed, blockchain_address.created, counterparty.created, counterparty.activated, counterparty.archived, payment_method.created, payment_method.validated, payment_method.rejected, payment.created, payment.requires_action, payment.in_review, payment.processing, payment.completed, payment.returned, payment.reversed, payment.refunded, payment.failed, payment.canceled, inbound_payment.received, inbound_payment.completed, inbound_payment.returned, inbound_payment.requires_attribution, conversion.created, conversion.processing, conversion.completed, conversion.failed, transfer.created, transfer.completed, transfer.failed, transaction.created, refund.created, refund.completed, refund.failed, onboarding.created, onboarding.completed, onboarding.failed, collection.created, collection.requires_action, collection.submitted, collection.processing, collection.completed, collection.returned, collection.failed, collection.canceled, settlement_route.created, settlement_route.activated, settlement_route.deactivated, settlement_route.updated, settlement_route.executed Delivery status of a webhook attempt.
pending, delivered, failed UTC timestamp in RFC 3339 / ISO 8601 format.
"2026-02-23T12:00:00Z"
Event resource identifier.
^evt_[A-Za-z0-9]+$"evt_01953e1a5f4b7009"
HTTP status code returned by the endpoint.
Number of delivery attempts made.
UTC timestamp in RFC 3339 / ISO 8601 format.
"2026-02-23T12:00:00Z"
The webhook payload that was (or will be) delivered to the endpoint.