Create a source
Create a new webhook source. Optionally apply a template for pre-configured verification.
POST
/sources
Create a new webhook source. Optionally apply a template for pre-configured verification.
Authentication
API Key (header: X-API-Key) API Key (cookie: better-auth.session_token)
Request Body required
Request body
application/jsonorg_id
string
Organization ID (defaults to auth context)
env_id
string
Environment ID (defaults to auth context)
name
string
REQUIRED
Source name
slug
string
REQUIRED
URL-safe slug
description
string
Source description
template
string
Template slug (e.g. stripe, github)
type
string
Source type
Enum:
http, websocketsource_config
object
Provider-specific config
verification_enabled
boolean
Enable signature verification
verification_type
string
Verification algorithm
verification_secret
string
Verification secret
verification_header
string
Header containing signature
dedup_enabled
boolean
Enable deduplication
dedup_strategy
string
Dedup strategy
dedup_field
string
Dedup field path
dedup_window_seconds
number
Dedup window in seconds
ip_allowlist
string[]
Allowed IP CIDRs
Array of:
ip_denylist
string[]
Denied IP CIDRs
Array of:
Responses
201
Created source
application/jsonsource
object | null
REQUIRED
id
string
REQUIRED
org_id
string
REQUIRED
env_id
string
REQUIRED
slug
string
REQUIRED
name
string
REQUIRED
description
string | null
REQUIRED
template
string | null
REQUIRED
verification_enabled
integer
REQUIRED
verification_type
string | null
REQUIRED
verification_secret
string | null
REQUIRED
verification_header
string | null
REQUIRED
verification_config
string | null
REQUIRED
dedup_enabled
integer
REQUIRED
dedup_strategy
string | null
REQUIRED
dedup_field
string | null
REQUIRED
dedup_window_seconds
integer
REQUIRED
ip_allowlist
string | null
REQUIRED
ip_denylist
string | null
REQUIRED
status
string
REQUIRED
event_count
integer
REQUIRED
last_event_at
string | null
REQUIRED
created_at
string
REQUIRED
updated_at
string
REQUIRED
is_ephemeral
integer
REQUIRED
expires_at
string | null
REQUIRED
request_limit
integer | null
REQUIRED
type
string
REQUIRED
source_config
string | null
REQUIRED
schema_validation_enabled
integer
REQUIRED
json_schema
string | null
REQUIRED
schema_action
string | null
REQUIRED
400
Validation error
401
Unauthorized
403
Plan limit reached
curl -X POST 'https://hookstream.io/v1/sources' \ -H 'Authorization: Bearer YOUR_API_TOKEN' \ -H 'Content-Type: application/json' \ -d '{ "org_id": "string", "env_id": "string", "name": "string", "slug": "my-source", "description": "string", "template": "string", "type": "http", "source_config": {}, "verification_enabled": true, "verification_type": "string", "verification_secret": "string", "verification_header": "string", "dedup_enabled": true, "dedup_strategy": "string", "dedup_field": "string", "dedup_window_seconds": 0, "ip_allowlist": [ "string" ], "ip_denylist": [ "string" ]}'const response = await fetch('https://hookstream.io/v1/sources', { method: 'POST', headers: { "Authorization": "Bearer YOUR_API_TOKEN", "Content-Type": "application/json" }, body: JSON.stringify({ "org_id": "string", "env_id": "string", "name": "string", "slug": "my-source", "description": "string", "template": "string", "type": "http", "source_config": {}, "verification_enabled": true, "verification_type": "string", "verification_secret": "string", "verification_header": "string", "dedup_enabled": true, "dedup_strategy": "string", "dedup_field": "string", "dedup_window_seconds": 0, "ip_allowlist": [ "string" ], "ip_denylist": [ "string" ] })});const data = await response.json();console.log(data);import requestsheaders = { 'Authorization': 'Bearer YOUR_API_TOKEN'}response = requests.post('https://hookstream.io/v1/sources', headers=headers, json={ "org_id": "string", "env_id": "string", "name": "string", "slug": "my-source", "description": "string", "template": "string", "type": "http", "source_config": {}, "verification_enabled": true, "verification_type": "string", "verification_secret": "string", "verification_header": "string", "dedup_enabled": true, "dedup_strategy": "string", "dedup_field": "string", "dedup_window_seconds": 0, "ip_allowlist": [ "string" ], "ip_denylist": [ "string" ]})print(response.json())package mainimport ( "fmt" "io" "net/http" "strings")func main() { body := strings.NewReader(`{ "org_id": "string", "env_id": "string", "name": "string", "slug": "my-source", "description": "string", "template": "string", "type": "http", "source_config": {}, "verification_enabled": true, "verification_type": "string", "verification_secret": "string", "verification_header": "string", "dedup_enabled": true, "dedup_strategy": "string", "dedup_field": "string", "dedup_window_seconds": 0, "ip_allowlist": [ "string" ], "ip_denylist": [ "string" ]}`) req, _ := http.NewRequest("POST", "https://hookstream.io/v1/sources", body) req.Header.Set("Authorization", "Bearer YOUR_API_TOKEN") req.Header.Set("Content-Type", "application/json") resp, _ := http.DefaultClient.Do(req) defer resp.Body.Close() result, _ := io.ReadAll(resp.Body) fmt.Println(string(result))}
201
Response
{ "source": { "id": "<string>", "org_id": "<string>", "env_id": "<string>", "slug": "<string>", "name": "<string>", "description": "<string>", "template": "<string>", "verification_enabled": 123, "verification_type": "<string>", "verification_secret": "<string>", "verification_header": "<string>", "verification_config": "<string>", "dedup_enabled": 123, "dedup_strategy": "<string>", "dedup_field": "<string>", "dedup_window_seconds": 123, "ip_allowlist": "<string>", "ip_denylist": "<string>", "status": "<string>", "event_count": 123, "last_event_at": "<string>", "created_at": "<string>", "updated_at": "<string>", "is_ephemeral": 123, "expires_at": "<string>", "request_limit": 123, "type": "<string>", "source_config": "<string>", "schema_validation_enabled": 123, "json_schema": "<string>", "schema_action": "<string>" }}API Playground
Try this endpoint
POST
/sources