Skip to main content
POST
/
orgs
/
{org_id}
/
webhooks
Create a webhook endpoint
curl --request POST \
  --url https://api.mnemom.ai/v1/orgs/{org_id}/webhooks \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "url": "<string>",
  "description": "<string>",
  "event_types": []
}
'
{
  "endpoint_id": "<string>",
  "billing_account_id": "<string>",
  "url": "<string>",
  "description": "<string>",
  "signing_secret": "<string>",
  "event_types": [
    "<string>"
  ],
  "is_active": true,
  "consecutive_failures": 123,
  "disabled_at": "2023-11-07T05:31:56Z",
  "disabled_reason": "<string>",
  "created_at": "2023-11-07T05:31:56Z",
  "updated_at": "2023-11-07T05:31:56Z"
}

Authorizations

Authorization
string
header
required

Supabase JWT token in Authorization: Bearer header

Path Parameters

org_id
string
required

Organization identifier (e.g. org-abc12345)

Body

application/json
url
string<uri>
required

HTTPS URL that will receive webhook POST requests

description
string

Human-readable description of this endpoint

event_types
enum<string>[]

Event types to subscribe to. Empty array means all events. See the webhook event catalog for the full list and per-event payload schemas.

Available options:
integrity.violation,
integrity.checkpoint,
drift.resolved,
conscience.escalation,
quota.warning,
quota.exceeded,
subscription.status_changed,
agent.paused,
agent.resumed,
agent.killed,
conscience.values_updated,
reputation.score_changed,
reputation.grade_changed,
quota.risk_exceeded,
quota.risk_warning,
team.created,
team.archived,
team.member_added,
team.member_removed,
team.card_updated,
quota.team_reputation_exceeded,
quota.team_reputation_warning,
quota.sh_warning,
sh.evaluation.warn,
sh.evaluation.quarantine,
sh.evaluation.block,
sh.canary.triggered,
sh.session.escalated,
sh.campaign.detected,
recipe.promoted,
recipe.retired,
recipe.candidate.created,
reviewer-mode.changed,
trace.created,
trace.verified,
trace.failed,
trace.escalation_required,
policy.violation,
transaction.completed,
alignment_card.updated,
protection_card.updated,
org_alignment_template.updated,
org_alignment_template.deleted,
org_protection_template.updated,
org_protection_template.deleted,
agent.exemption.granted,
agent.exemption.revoked,
sideband.coherence.fired,
sideband.fault_line.fired,
sideband.fleet.fired,
sideband.drift.fired,
advisory.published,
ioc.added,
network.campaign.closed

Response

Webhook endpoint created. Response includes signing_secret (shown only once).

Webhook endpoint with signing secret (only returned on creation and secret rotation)

endpoint_id
string

Unique identifier (whe-xxxxxxxx)

billing_account_id
string
url
string<uri>
description
string
signing_secret
string

32-byte hex-encoded HMAC signing secret. Only returned on creation and rotation.

event_types
string[]

Subscribed event types. Empty array means all events.

is_active
boolean
consecutive_failures
integer
disabled_at
string<date-time> | null
disabled_reason
string | null
created_at
string<date-time>
updated_at
string<date-time>