> ## Documentation Index
> Fetch the complete documentation index at: https://docs.easycred.co.in/llms.txt
> Use this file to discover all available pages before exploring further.

# List Webhook Subscriptions



## OpenAPI

````yaml /api-reference/openapi.json get /api/v1/partner/webhooks
openapi: 3.1.0
info:
  title: EASYCRED Partner API
  version: 1.0.0
  description: >-
    EASYCRED-managed secure partner API. All requests require a Bearer API key
    plus HMAC request signing (X-Signature / X-Timestamp / X-Nonce). No raw
    customer PII is exposed by this version. Signing convention: the HMAC-SHA256
    is computed over method, path, timestamp, nonce and the raw request body.
    For GET requests (and any request with no body) the body component is the
    EMPTY string '' — sign over '' for those requests.
servers:
  - url: https://api.easycred.in
    description: Production
security:
  - bearerAuth: []
paths:
  /api/v1/partner/webhooks:
    get:
      summary: List Webhook Subscriptions
      parameters:
        - name: X-Signature
          in: header
          required: true
          description: >-
            HMAC-SHA256 signature over method, path, timestamp, nonce and raw
            body.
          schema:
            type: string
        - name: X-Timestamp
          in: header
          required: true
          description: >-
            Unix epoch seconds. Requests outside the tolerance window are
            rejected.
          schema:
            type: string
        - name: X-Nonce
          in: header
          required: true
          description: Unique per-request nonce. Replays are rejected.
          schema:
            type: string
      responses:
        '200':
          description: Success
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/WebhookListResponse'
        '401':
          description: >-
            Authentication failed (missing/invalid key, signature, or replayed
            nonce).
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ApiError'
        '403':
          description: Authenticated but missing the required scope / product access.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ApiError'
        '429':
          description: Rate limit exceeded.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ApiError'
      security:
        - bearerAuth:
            - webhooks:manage
components:
  schemas:
    WebhookListResponse:
      type: object
      properties:
        success:
          type: boolean
          const: true
        data:
          type: object
          properties:
            subscriptions:
              type: array
              items:
                $ref: '#/components/schemas/WebhookSubscription'
          required:
            - subscriptions
      required:
        - success
        - data
    ApiError:
      type: object
      properties:
        success:
          type: boolean
          const: false
        error:
          type: string
      required:
        - success
        - error
    WebhookSubscription:
      type: object
      description: >-
        A registered webhook subscription (the signing secret is never echoed
        here).
      properties:
        subscriptionId:
          type: string
          description: Stable id of the form whs_<uuid>.
        url:
          type: string
          format: uri
          description: HTTPS delivery endpoint (public host only).
        subscribedEvents:
          type: array
          items:
            type: string
            enum:
              - journey.initiated
              - journey.updated
              - journey.completed
              - journey.rejected
              - journey.failed
        isActive:
          type: boolean
        failureCount:
          type: integer
        lastDeliveryAt:
          type: string
          format: date-time
      required:
        - subscriptionId
        - url
        - subscribedEvents
        - isActive
        - failureCount
  securitySchemes:
    bearerAuth:
      type: http
      scheme: bearer
      description: >-
        API key of the form ec_(live|test)_<prefix>_<secret>. Scopes are listed
        per operation.

````