> ## Documentation Index
> Fetch the complete documentation index at: https://docs.moritosh.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Create a webhook endpoint

> Registers a URL to receive event notifications. The response includes a `secret` used to verify payload signatures; see [Webhooks](/webhooks).



## OpenAPI

````yaml POST /webhook-endpoints
openapi: 3.1.0
info:
  title: Pulsewave API
  description: >-
    Pulsewave is a messaging platform for sending transactional and marketing
    email, SMS, and push notifications. This specification documents every
    resource and operation exposed by the Pulsewave API.
  version: '2024-06-01'
  license:
    name: MIT
  contact:
    name: Pulsewave Developer Support
    url: https://pulsewave.dev/support
    email: developers@pulsewave.dev
servers:
  - url: https://api.pulsewave.dev/v1
    description: Production
  - url: https://api.sandbox.pulsewave.dev/v1
    description: Sandbox (test keys only)
security:
  - bearerAuth: []
tags:
  - name: Messages
    description: Send and inspect individual messages
  - name: Templates
    description: Reusable, versioned content for messages
  - name: Contacts
    description: People you send messages to
  - name: Lists
    description: Named groups of contacts
  - name: Domains
    description: Sending domains and their verification status
  - name: API Keys
    description: Credentials used to authenticate requests
  - name: Webhook Endpoints
    description: URLs that receive event notifications
  - name: Events
    description: Read-only log of everything that happened to a message
paths:
  /webhook-endpoints:
    post:
      tags:
        - Webhook Endpoints
      summary: Create a webhook endpoint
      description: >-
        Registers a URL to receive event notifications. The response includes a
        `secret` used to verify payload signatures; see [Webhooks](/webhooks).
      operationId: createWebhookEndpoint
      requestBody:
        required: true
        content:
          application/json:
            schema:
              $ref: '#/components/schemas/NewWebhookEndpoint'
      responses:
        '201':
          description: The created webhook endpoint, including its signing secret
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/WebhookEndpointCreated'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '422':
          $ref: '#/components/responses/ValidationError'
components:
  schemas:
    NewWebhookEndpoint:
      type: object
      required:
        - url
        - enabled_events
      properties:
        url:
          type: string
          format: uri
          example: https://example.com/webhooks/pulsewave
        enabled_events:
          type: array
          items:
            $ref: '#/components/schemas/EventType'
          description: Pass `["*"]` to receive every event type
    WebhookEndpointCreated:
      allOf:
        - $ref: '#/components/schemas/WebhookEndpoint'
        - type: object
          properties:
            secret:
              type: string
              description: >-
                Signing secret used to verify the `Pulsewave-Signature` header.
                Only returned once.
              example: whsec_3f8a2k9q1m7r5t6y
    EventType:
      type: string
      enum:
        - message.sent
        - message.delivered
        - message.bounced
        - message.opened
        - message.clicked
        - message.complained
        - contact.unsubscribed
        - domain.verified
    WebhookEndpoint:
      type: object
      properties:
        id:
          type: string
          example: we_9k2m5p
        object:
          type: string
          enum:
            - webhook_endpoint
        url:
          type: string
          format: uri
        enabled_events:
          type: array
          items:
            $ref: '#/components/schemas/EventType'
        status:
          type: string
          enum:
            - enabled
            - disabled
        created_at:
          type: string
          format: date-time
    Error:
      type: object
      properties:
        error:
          type: object
          properties:
            type:
              type: string
              enum:
                - invalid_request
                - authentication_error
                - not_found
                - validation_error
                - rate_limit_error
                - api_error
            code:
              type: string
              example: missing_required_field
            message:
              type: string
              example: The 'to' field is required for channel 'email'
            param:
              type: string
              nullable: true
              example: to
  responses:
    Unauthorized:
      description: Missing or invalid API key
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
    ValidationError:
      description: The request body failed validation
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
  securitySchemes:
    bearerAuth:
      type: http
      scheme: bearer
      description: >-
        All requests must include `Authorization: Bearer <api_key>`. Keys are
        prefixed `pw_live_` or `pw_test_`. See
        [Authentication](/authentication).

````