# Update webhook endpoint configuration **Documentation:** /reference/api-reference/webhook-endpoints/patchWebhookEndpointsByNanoId Updates app-specific secrets and credentials. Uses merge semantics — only included fields are updated; omitted fields are preserved. Can be called on active endpoints (e.g., to rotate a signing secret). --- ## PATCH `/api/v3.1/webhook_endpoints/{nano_id}` **Endpoint:** `https://backend.composio.dev/api/v3.1/webhook_endpoints/{nano_id}` **Summary:** Update webhook endpoint configuration Updates app-specific secrets and credentials. Uses merge semantics — only included fields are updated; omitted fields are preserved. Can be called on active endpoints (e.g., to rotate a signing secret). ### Authentication **ApiKeyAuth** - API Key in `header` header `x-api-key` OR **UserApiKeyAuth** - API Key in `header` header `x-user-api-key` ### Path Parameters - `nano_id` (string) *(required)*: Webhook endpoint nano ID (e.g., we_abc123) ### Request Body **Schema:** - `data` (object) *(required)*: Key-value pairs matching the toolkit's setup_fields. Only include fields you want to update — omitted fields are preserved. - `[key: string]` (string) **Example:** ```json { "data": { "key": "string" } } ``` ### Responses #### 200 - Updated **Response Schema:** - `id` (string) *(required)*: Webhook endpoint nano ID - `toolkit_slug` (string) *(required)*: Toolkit this endpoint is for - `client_id` (string,null) *(required)*: OAuth app client ID - `webhook_url` (string) *(required)*: The webhook URL to register with the provider - `data` (object,null) *(required)*: Configured fields with secret values masked - `created_at` (string) *(required)*: ISO 8601 timestamp **Example Response:** ```json { "id": "string", "toolkit_slug": "string", "client_id": null, "webhook_url": "string", "data": null, "created_at": "string" } ``` #### 400 - Bad request **Response Schema:** - `error` (object) *(required)* - `message` (string) *(required)* - `code` (number) *(required)* - `slug` (string) *(required)* - `status` (number) *(required)* - `request_id` (string) - `suggested_fix` (string) - `errors` (array) #### 401 - Unauthorized **Response Schema:** - `error` (object) *(required)* - `message` (string) *(required)* - `code` (number) *(required)* - `slug` (string) *(required)* - `status` (number) *(required)* - `request_id` (string) - `suggested_fix` (string) - `errors` (array) #### 404 - Not found **Response Schema:** - `error` (object) *(required)* - `message` (string) *(required)* - `code` (number) *(required)* - `slug` (string) *(required)* - `status` (number) *(required)* - `request_id` (string) - `suggested_fix` (string) - `errors` (array) #### 500 - Internal server error **Response Schema:** - `error` (object) *(required)* - `message` (string) *(required)* - `code` (number) *(required)* - `slug` (string) *(required)* - `status` (number) *(required)* - `request_id` (string) - `suggested_fix` (string) - `errors` (array) ### Example cURL Request ```bash curl -X PATCH "https://backend.composio.dev/api/v3.1/webhook_endpoints/string" \ -H "x-api-key: YOUR_API_KEY" \ -H "Content-Type: application/json" \ -d '{ "data": { "key": "string" } }' ```