Skip to main content
POST
/
webhooks
JavaScript
import Whop from '@whop/sdk';

const client = new Whop({
  apiKey: process.env['WHOP_API_KEY'], // This is the default and can be omitted
});

const webhook = await client.webhooks.create({ url: 'https://example.com/path' });

console.log(webhook.id);
{
  "id": "hook_xxxxxxxxxxxxx",
  "url": "https://example.com/path",
  "enabled": true,
  "events": [
    "invoice.created"
  ],
  "api_version": "v1",
  "created_at": "2023-12-01T05:00:00.401Z",
  "child_resource_events": true,
  "testable_events": [
    "invoice.created"
  ],
  "resource_id": "<string>",
  "webhook_secret": "whsec_abc123def456"
}

Authorizations

Authorization
string
header
required

A company API key, company scoped JWT, app API key, or user OAuth token. You must prepend your key/token with the word 'Bearer', which will look like Bearer ***************************

Body

application/json

Parameters for CreateWebhook

url
string
required

The URL to send the webhook to.

Example:

"https://example.com/path"

api_version
enum<string> | null

The API version for this webhook

Available options:
v1,
v2,
v5
child_resource_events
boolean | null

Whether or not to send events for child resources. For example, if the webhook is created for a Company, enabling this will only send events from the Company's sub-merchants (child companies).

enabled
boolean | null

Whether or not the webhook is enabled.

events
enum<string>[] | null

The events to send the webhook for.

The different event types available

Available options:
invoice.created,
invoice.paid,
invoice.past_due,
invoice.voided,
membership.activated,
membership.deactivated,
entry.created,
entry.approved,
entry.denied,
entry.deleted,
setup_intent.requires_action,
setup_intent.succeeded,
setup_intent.canceled,
withdrawal.created,
withdrawal.updated,
course_lesson_interaction.completed,
payout_method.created,
verification.succeeded,
payment.created,
payment.succeeded,
payment.failed,
payment.pending,
dispute.created,
dispute.updated,
refund.created,
refund.updated,
dispute_alert.created,
membership.cancel_at_period_end_changed
resource_id
string | null

The resource to create the webhook for. By default this will use current company

Response

A successful response

A webhook endpoint that receives event notifications for a company via HTTP POST.

id
string
required

The unique identifier for the webhook.

Example:

"hook_xxxxxxxxxxxxx"

url
string
required

The destination URL where webhook payloads are delivered via HTTP POST.

Example:

"https://example.com/path"

enabled
boolean
required

Whether this webhook endpoint is currently active and receiving events.

events
enum<string>[]
required

The list of event types this webhook is subscribed to.

The different event types available

Available options:
invoice.created,
invoice.paid,
invoice.past_due,
invoice.voided,
membership.activated,
membership.deactivated,
entry.created,
entry.approved,
entry.denied,
entry.deleted,
setup_intent.requires_action,
setup_intent.succeeded,
setup_intent.canceled,
withdrawal.created,
withdrawal.updated,
course_lesson_interaction.completed,
payout_method.created,
verification.succeeded,
payment.created,
payment.succeeded,
payment.failed,
payment.pending,
dispute.created,
dispute.updated,
refund.created,
refund.updated,
dispute_alert.created,
membership.cancel_at_period_end_changed
api_version
enum<string>
required

The API version used to format payloads sent to this webhook endpoint.

Available options:
v1,
v2,
v5
created_at
string<date-time>
required

The datetime the webhook was created.

Example:

"2023-12-01T05:00:00.401Z"

child_resource_events
boolean
required

Whether events are sent for child resources. For example, if the webhook is on a company, enabling this sends events only from the company's sub-merchants (child companies).

testable_events
enum<string>[]
required

The subset of subscribed event types that support sending test payloads.

The different event types available

Available options:
invoice.created,
invoice.paid,
invoice.past_due,
invoice.voided,
membership.activated,
membership.deactivated,
entry.created,
entry.approved,
entry.denied,
entry.deleted,
setup_intent.requires_action,
setup_intent.succeeded,
setup_intent.canceled,
withdrawal.created,
withdrawal.updated,
course_lesson_interaction.completed,
payout_method.created,
verification.succeeded,
payment.created,
payment.succeeded,
payment.failed,
payment.pending,
dispute.created,
dispute.updated,
refund.created,
refund.updated,
dispute_alert.created,
membership.cancel_at_period_end_changed
resource_id
string
required

The ID of the resource (company or product) this webhook is attached to.

webhook_secret
string
required

The secret key used to sign webhook payloads for verification. Include this in your HMAC validation logic.

Example:

"whsec_abc123def456"