POST
/
v2
/
webhook_subscriptions
Create a new webhook subscription
curl --request POST \
  --url https://thirdparty.qonto.com/v2/webhook_subscriptions \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '{
  "callback_url": "https://api.partner.com/webhooks/qonto",
  "types": [
    "v1/transactions",
    "v1/accounts",
    "v1/organizations",
    "v1/memberships",
    "v1/consent-revocations",
    "v1/cards"
  ],
  "secret": "whsec_VuvcYxzMbryt1UBytq58jtGBxCgbQdzX/c0vj5ZLjUA=",
  "description": "Production webhook for transactions"
}'
{
  "id": "123e4567-e89b-12d3-a456-426614174000",
  "organization_id": "123e4567-e89b-12d3-a456-426614174000",
  "membership_id": "123e4567-e89b-12d3-a456-426614174000",
  "callback_url": "https://api.partner.com/webhooks/qonto",
  "types": [
    "v1/transactions",
    "v1/accounts",
    "v1/organizations",
    "v1/memberships",
    "v1/consent-revocations",
    "v1/cards"
  ],
  "description": "Production webhook for transactions",
  "created_at": "2025-01-24T10:55:00Z",
  "updated_at": "2025-01-24T10:55:00Z",
  "secret": "whsec_VuvcYxzMbryt1UBytq58jtGBxCgbQdzX/c0vj5ZLjUA="
}

Authorizations

​
Authorization
string
header
required

Bearer authorization header: Bearer <token>, where <token> is the access token received from the authorization server at the end of the OAuth 2.0 flow.

Body

application/json
​
callback_url
string<uri>
required

The HTTPS URL where webhooks will be sent

Maximum length: 512
Example:

"https://api.partner.com/webhooks/qonto"

​
types
enum<string>[]
required

The types of events to subscribe to

Minimum length: 1
Example:
[
  "v1/transactions",
  "v1/accounts",
  "v1/organizations",
  "v1/memberships",
  "v1/consent-revocations",
  "v1/cards"
]
​
secret
string

Secret key for verifying webhook signatures. If not provided, one will be generated

Required string length: 32 - 128
Example:

"whsec_VuvcYxzMbryt1UBytq58jtGBxCgbQdzX/c0vj5ZLjUA="

​
description
string

Optional description for the webhook subscription

Example:

"Production webhook for transactions"

Response

Webhook subscription created successfully

​
id
string<uuid>
required

Unique identifier for the webhook subscription

Example:

"123e4567-e89b-12d3-a456-426614174000"

​
organization_id
string<uuid>
required

ID of the organization that owns this subscription

Example:

"123e4567-e89b-12d3-a456-426614174000"

​
membership_id
string<uuid>
required

ID of the membership that owns this subscription

Example:

"123e4567-e89b-12d3-a456-426614174000"

​
callback_url
string<uri>
required

The HTTPS URL where webhooks will be sent

Maximum length: 512
Example:

"https://api.partner.com/webhooks/qonto"

​
types
enum<string>[]
required

The types of events to subscribe to

Minimum length: 1
Example:
[
  "v1/transactions",
  "v1/accounts",
  "v1/organizations",
  "v1/memberships",
  "v1/consent-revocations",
  "v1/cards"
]
​
created_at
string<date-time>
required

When the subscription was created

Example:

"2025-01-24T10:55:00Z"

​
updated_at
string<date-time>
required

When the subscription was last updated

Example:

"2025-01-24T10:55:00Z"

​
description
string

Optional description for the webhook subscription

Maximum length: 256
Example:

"Production webhook for transactions"

​
secret
string

Secret key for verifying webhook signatures.

Required string length: 32 - 128
Example:

"whsec_VuvcYxzMbryt1UBytq58jtGBxCgbQdzX/c0vj5ZLjUA="