> ## Documentation Index
> Fetch the complete documentation index at: https://docs.slash.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Create webhook

> Create a new webhook endpoint



## OpenAPI

````yaml post /webhook
openapi: 3.1.0
info:
  title: Slash Public API
  description: API description
  version: 0.0.1
  contact: {}
servers:
  - url: https://api.slash.com
    description: production
security:
  - api_key: []
  - partner_api_key: []
  - bearer: []
  - developer_application: []
paths:
  /webhook:
    post:
      description: Create a new webhook endpoint
      requestBody:
        required: true
        content:
          application/json:
            schema:
              type: object
              properties:
                legalEntityId:
                  type: string
                  description: >-
                    The ID of the LegalEntity to create the webhook for. You can
                    get this by calling `GET /legal-entity`. This field is
                    required unless you are authenticating via API key.
                url:
                  type: string
                  description: The URL that will receive the webhook payload
                name:
                  type: string
              required:
                - url
                - name
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Webhook'
                x-entrypoint:
                  virtualPath: schemas/Webhook
                  sourcePath: schemas/Webhook.yaml
                  title: Webhook
                  origin: ./src/publicApi
        '201':
          description: Created
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Webhook'
                x-entrypoint:
                  virtualPath: schemas/Webhook
                  sourcePath: schemas/Webhook.yaml
                  title: Webhook
                  origin: ./src/publicApi
        '401':
          description: Unauthorized
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Error'
        '403':
          description: Forbidden
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Error'
        '429':
          description: TooManyRequests
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Error'
        '500':
          description: Internal Error
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Error'
      security:
        - api_key: []
        - bearer: []
components:
  schemas:
    Webhook:
      type: object
      properties:
        id:
          type: string
        createdAt:
          type: string
        archivedAt:
          type: string
        url:
          type: string
          description: The URL that will receive the webhook payload
        name:
          type: string
          description: The name of the webhook
        status:
          type: string
          description: >
            The current status of the webhook endpoint:

            - `active`: The webhook is enabled and receiving events normally.

            - `paused`: The webhook has been paused by the user. Events are
            queued and will be delivered when the endpoint is set back to
            `active`.

            - `backing-off`: The system is temporarily backing off due to
            delivery failures. Delivery will be automatically retried at
            `backingOffUntil`. You can also immediately re-enable by setting
            status to `active` via the PATCH endpoint.

            - `disabled`: The webhook has been automatically disabled due to
            repeated delivery failures. Re-enable by setting status to `active`
            via the PATCH endpoint.
          enum:
            - active
            - paused
            - backing-off
            - disabled
        pausedAt:
          type: string
          description: When the endpoint was paused by the user (ISO 8601 timestamp)
        backingOffUntil:
          type: string
          description: >-
            When the system will automatically retry delivery (ISO 8601
            timestamp). Only present when status is `backing-off`.
        disabledAt:
          type: string
          description: >-
            When the endpoint was automatically disabled due to repeated
            failures (ISO 8601 timestamp). Only present when status is
            `disabled`.
      required:
        - id
        - createdAt
        - url
        - name
        - status
      x-entrypoint:
        virtualPath: schemas/Webhook
        sourcePath: schemas/Webhook.yaml
        title: Webhook
        origin: ./src/publicApi
      title: Webhook
    Error:
      type: object
      properties:
        message:
          type: string
        name:
          type: string
        identifier:
          type: string
        rawStatus:
          type: number
        meta:
          type: object
          additionalProperties: true
      required:
        - message
        - name
        - identifier
        - rawStatus
      x-entrypoint:
        origin: ./src/publicApi
        sourcePath: ./src/publicApi/main.yaml
        title: Error
        virtualPath: components/Error
      title: Error
  securitySchemes:
    api_key:
      type: apiKey
      description: |
        API key authentication for public API requests.

        Keys come in two flavors:

        - *Legal-entity-scoped keys* are pinned to a single legal entity.
          Minted via the dashboard under a specific entity; every request
          acts on that entity.
        - *User-scoped keys* are pinned to a user and span every legal
          entity that user has access to. Every request made with a
          user-scoped key (except `GET /legal-entity`, which lists the
          legal entities the user can access) must include an
          `x-legal-entity` header naming the legal entity the request is
          operating on. Requests without the header are rejected with
          `400`. The authenticated user must have an active permission
          role on the supplied legal entity, otherwise the request is
          rejected with `403`.
      name: X-API-Key
      in: header
    partner_api_key:
      type: apiKey
      description: |
        Partner-program API key authentication.

        Keys are minted in the partner dashboard (Developers → API Keys),
        are scoped to a single partner program, and are prefixed with
        `sk_partner_`. Partner keys are only accepted by routes that
        declare this scheme; they are rejected by `api_key` routes and
        vice versa.
      name: X-API-Key
      in: header
    bearer:
      type: http
      scheme: bearer
    developer_application:
      type: http
      scheme: basic

````