> ## Documentation Index
> Fetch the complete documentation index at: https://docs.poly.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# Rotate webhook signing secret

> Generates a new signing secret for the webhook endpoint. The previous secret is immediately invalidated.



## OpenAPI

````yaml POST /v1/webhook-endpoints/{endpoint_id}/rotate-secret
openapi: 3.1.0
info:
  title: PolyAI Alerts API
  version: 1.0.0
  description: >-
    Create alert rules, inspect active alerts, register webhook endpoints, and
    receive signed webhook notifications when alert thresholds are breached.
servers:
  - url: https://api.us.poly.ai
    description: US region
  - url: https://api.uk.poly.ai
    description: UK region
  - url: https://api.eu.poly.ai
    description: EU region
security:
  - ApiKeyAuth: []
paths:
  /v1/webhook-endpoints/{endpoint_id}/rotate-secret:
    post:
      summary: Rotate webhook signing secret
      description: >-
        Generates a new signing secret for the webhook endpoint. The previous
        secret is immediately invalidated.
      operationId: rotateWebhookSigningSecret
      parameters:
        - $ref: '#/components/parameters/EndpointId'
      responses:
        '200':
          description: Signing secret rotated successfully.
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/RotateSigningSecretResponse'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '404':
          $ref: '#/components/responses/NotFound'
        '422':
          $ref: '#/components/responses/UnprocessableEntity'
        '500':
          $ref: '#/components/responses/InternalServerError'
components:
  parameters:
    EndpointId:
      name: endpoint_id
      in: path
      required: true
      description: The endpoint_id must be a prefixed ID (e.g. whe_9ZtRcXw3nByK5pVqMaEfJs).
      schema:
        type: string
        pattern: ^whe_[A-Za-z0-9]+$
        example: whe_9ZtRcXw3nByK5pVqMaEfJs
  schemas:
    RotateSigningSecretResponse:
      type: object
      required:
        - signing_secret
      properties:
        signing_secret:
          type: string
          description: >-
            The new signing secret. Store it securely — it cannot be retrieved
            again.
    Error:
      type: object
      properties:
        message:
          type: string
  responses:
    Unauthorized:
      description: Missing or invalid API key.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
    NotFound:
      description: Resource not found.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
    UnprocessableEntity:
      description: Validation error or malformed resource ID.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
    InternalServerError:
      description: Internal server error.
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
  securitySchemes:
    ApiKeyAuth:
      type: apiKey
      in: header
      name: x-api-key

````