Skip to main content
GET
/
webhooks
/
secret-status
Get webhook secret rotation status
curl --request GET \
  --url https://api.firma.dev/functions/v1/signing-request-api/webhooks/secret-status \
  --header 'Authorization: <api-key>'
{
  "has_secret": true,
  "secret_created_at": "2025-09-01T10:00:00Z",
  "last_rotated_at": "2025-10-16T12:00:00Z",
  "old_secret_expires_at": "2025-10-17T12:00:00Z",
  "old_secret_still_valid": true
}

Authorizations

Authorization
string
header
required

API key for authentication. Use your API key directly without any prefix (e.g., 'your-api-key'). Bearer prefix is optional but not required.

Response

Secret status retrieved successfully

has_secret
boolean
secret_created_at
string<date-time>
last_rotated_at
string<date-time> | null
old_secret_expires_at
string<date-time> | null
old_secret_still_valid
boolean