> ## Documentation Index > Fetch the complete documentation index at: https://docs.signa.so/llms.txt > Use this file to discover all available pages before exploring further. # Create Webhook Endpoint > Register a URL that receives signed alert/event POSTs ## Overview Registers a webhook endpoint and returns the signing `secret` **once** in the response. Store the secret immediately; subsequent list/retrieve responses redact it. Required scope: `portfolios:manage`. ## Body Parameters HTTPS endpoint (HTTP is allowed in non-production environments only). Max 2048 chars. Optional human-readable description (max 2000 chars). 1--20 event types. The only customer-subscribable event today is `alert.created`. Any other value returns `400`. `webhook.test` is delivered only when you call [`POST /v1/webhooks/{id}/test`](/api-reference/monitoring/webhooks/test) \-- you cannot subscribe to it. Free-form metadata. ## Response Endpoint ID (`whk_*`). Always `"webhook_endpoint"`. Echo of input. Echo of input. Echo of input. `active` or `disabled`. Starts at `1`. Plaintext signing secret. **Returned only on this response and on rotate-secret.** `0` on create. Null on create. Null on create. Echoed back. ISO timestamp. ISO timestamp. Request identifier. ## Errors * **400** — invalid URL, unknown event type, or HTTP URL in production. ```bash cURL theme={null} curl -X POST "https://api.signa.so/v1/webhooks" \ -H "Authorization: Bearer $SIGNA_API_KEY" \ -H "Content-Type: application/json" \ -H "Idempotency-Key: create-prod-webhook-2026-06-12" \ -d '{ "url": "https://acme.example.com/signa-webhook", "description": "prod alerts", "enabled_events": ["alert.created"] }' ``` ```ts TypeScript theme={null} const wh = await signa.webhooks.create({ url: 'https://acme.example.com/signa-webhook', description: 'prod alerts', enabled_events: ['alert.created'], }); // IMPORTANT: store wh.secret now — it will not be returned again. await secretsManager.put('SIGNA_WEBHOOK_SECRET', wh.secret); ```