Create Webhook Endpoint

Registers a URL to receive events for every integration tied to this partner.
There is no per-endpoint event filter — a registered endpoint receives the
full set of events the partner's integrations emit. Each event is delivered
as POST <webhook_url> with a JSON body shaped like:

{
  "id":          "evt-...",
  "type":        "patient.created",
  "practice_id": "prc-...",
  "created_at":  "2026-05-26T14:23:00.000Z",
  "object":      { ...full resource snapshot... }
}

The object field carries the resource snapshot; its shape matches the
corresponding GET /api/provider/<resource>/:id response.
Each request carries an X-Hint-Signature: sha256=<hmac> header — HMAC-SHA256
of the raw request body, keyed by the partner's webhook signature key
(Partner Portal → API Keys → Webhooks Signature Key, mirrored to the
HINT_WEBHOOK_SECRET env var on Hosted Mode deploys). Endpoints should
compute the expected signature themselves and reject requests whose
signature doesn't match.
Discover the current event-type list at GET /partner/webhook_events
it returns the live set of resource.action strings derived from the
platform's IntegrationEvent registry. Implementations should ignore unknown
event types; new resource/action pairs may be added without a version bump.

Body Params
string
required

HTTPS URL that will receive event payloads. The endpoint must respond with a 2xx within ~10 s; non-2xx responses are retried with backoff and surfaced via last_delivered_at + WebhookRequest.

string

The owning backend's public id (pbnd-...). Omit to register the endpoint on the partner's default backend.

Response

Language
Credentials
Header
LoadingLoading…
Response
Click Try It! to start a request and see the response here! Or choose an example:
application/json