Skip to main content
POST
/
api
/
v3
/
admin
/
webhook_endpoints
Spree Admin SDK
import { createAdminClient } from '@spree/admin-sdk'

const client = createAdminClient({
  baseUrl: 'https://your-store.com',
  secretKey: 'sk_xxx',
})

const endpoint = await client.webhookEndpoints.create({
  name: 'Order pipeline',
  url: 'https://example.com/webhooks/orders',
  active: true,
  subscriptions: ['order.completed', 'order.canceled'],
})

// The plaintext `secret_key` is returned exactly once on create — persist it
// immediately so you can verify incoming webhook signatures. Subsequent reads
// will return `null`.
const signingSecret = endpoint.secret_key
{
  "id": "whe_gbHJdmfrXB",
  "name": "CI integration",
  "url": "https://ci.example.com/webhooks",
  "active": true,
  "subscriptions": [
    "order.completed"
  ],
  "disabled_reason": null,
  "created_at": "2026-06-05T13:13:15.322Z",
  "updated_at": "2026-06-05T13:13:15.322Z",
  "disabled_at": null,
  "secret_key": "81a1cd93ff52f5e579fa149c0621ca1f15817eead13ebdd8f807f5a71ec43353",
  "last_delivery_at": null,
  "recent_delivery_count": 0,
  "recent_failure_count": 0,
  "total_delivery_count": 0,
  "successful_delivery_count": 0,
  "failed_delivery_count": 0
}

Authorizations

x-spree-api-key
string
header
required

Secret API key for admin access

Authorization
string
header
required

JWT token for admin user authentication

Headers

x-spree-api-key
string
required
Authorization
string
required

Bearer token for admin authentication

Body

application/json
url
string
required
Example:

"https://example.com/webhooks/orders"

name
string
Example:

"Order pipeline"

active
boolean
Example:

true

subscriptions
string[]
Example:
["order.completed", "order.canceled"]

Response

webhook endpoint created — secret_key returned once