Skip to main content
POST
https://api.easycred.in
/
api
/
v1
/
partner
/
webhooks
/
{subscriptionId}
/
rotate-secret
Rotate Webhook Secret
curl --request POST \
  --url https://api.easycred.in/api/v1/partner/webhooks/{subscriptionId}/rotate-secret \
  --header 'Authorization: Bearer <token>' \
  --header 'X-Nonce: <x-nonce>' \
  --header 'X-Signature: <x-signature>' \
  --header 'X-Timestamp: <x-timestamp>'
{
  "success": true,
  "data": {
    "secret": "<string>"
  }
}

Authorizations

Authorization
string
header
required

API key of the form ec_(live|test). Scopes are listed per operation.

Headers

X-Signature
string
required

HMAC-SHA256 signature over method, path, timestamp, nonce and raw body.

X-Timestamp
string
required

Unix epoch seconds. Requests outside the tolerance window are rejected.

X-Nonce
string
required

Unique per-request nonce. Replays are rejected.

Path Parameters

subscriptionId
string
required

Response

Success

Returned on rotate-secret. The new plaintext secret is shown ONCE.

success
boolean
required
data
object
required