Skip to main content
GET
List captured events across the org (optionally one endpoint)

Authorizations

Authorization
string
header
required

A whk_-prefixed API key (opaque; not a JWT).

Query Parameters

cursor
string

Opaque keyset cursor from a prior page's nextCursor.

limit
integer

Max items to return (1–200, default 50).

Required range: x <= 200
endpointId
string<uuid>

Drill down to one endpoint (a uuid). Omit for the whole org.

Pattern: ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[1-8][0-9a-fA-F]{3}-[89abAB][0-9a-fA-F]{3}-[0-9a-fA-F]{12}|00000000-0000-0000-0000-000000000000|ffffffff-ffff-ffff-ffff-ffffffffffff)$
provider
enum<string>[]

Filter by provider (repeatable).

Available options:
stripe,
github,
shopify,
slack,
standard_webhooks,
clerk,
resend,
stytch,
supabase,
render,
brex,
openai,
replicate,
polar,
gemini,
incident_io,
etsy,
vanta,
pusher,
quickbooks,
chargify,
launchdarkly,
modern_treasury,
autodesk_aps,
mongodb_atlas,
xero,
segment,
aftership,
onfleet,
webflow,
klaviyo,
mux,
shippo,
buildkite,
ms_teams,
ably,
squarespace,
nylas,
linkedin,
tiktok,
airship,
lob,
persona,
bolt,
primer,
airwallex,
affirm,
keygen,
constant_contact,
telegram,
mixpanel,
new_relic,
fillout,
zapier,
tally,
loops,
customer_io,
framer,
box,
configcat,
ashby,
merge_dev,
cronofy,
increase,
finch,
knock,
deel,
razorpay,
sentry,
linear,
dropbox,
checkout_com,
lemon_squeezy,
coinbase_commerce,
dwolla,
gocardless,
notion,
meta,
woocommerce,
bitbucket,
atlassian_jira,
x,
clickup,
npm,
heroku,
dub,
cal_com,
asana,
circleci,
pagerduty,
airtable,
calendly,
zoom,
customerio,
sinch,
workos,
front,
zendesk,
twitch,
paddle,
recurly,
docusign,
vercel,
intercom,
paystack,
authorize_net,
sanity,
square,
trello,
twilio,
mandrill,
hubspot,
adyen,
mailgun,
mercado_pago,
braintree,
contentful,
plivo,
typeform,
messagebird,
netlify,
vonage,
monday,
jira_connect,
discord,
telnyx,
sendgrid,
wise,
kinde,
paypal,
aws_sns,
plaid,
ebay,
gitlab,
microsoft_graph,
chargebee,
postmark,
sparkpost,
okta,
bigcommerce,
datadog,
brevo
verificationState
enum<string>[]

Filter by verification state: verified | authenticated | failed | unattempted (repeatable).

Available options:
verified,
authenticated,
failed,
unattempted
receivedAfter
string

Inclusive lower bound: an RFC 3339 instant, a relative duration (7d / 30m — the last N), or beginning.

receivedBefore
string

Exclusive upper bound (RFC 3339 instant).

Case-insensitive substring (min 3 chars) across providerEventId + dedupKey, or an exact event id.

Required string length: 3 - 256
dedupStrategy
enum<string>[]

Filter by dedup strategy: sw_webhook_id | provider_event_id | content_hash | fields | unique (repeatable).

Available options:
sw_webhook_id,
provider_event_id,
content_hash,
fields,
unique
method
enum<string>[]

Filter by captured HTTP method: GET | POST | PUT | PATCH | DELETE | HEAD | OPTIONS (repeatable).

Available options:
GET,
POST,
PUT,
PATCH,
DELETE,
HEAD,
OPTIONS
eventType
string

Exact match on the normalized, provider-derived event type (e.g. charge.succeeded). Events with no parsed type (providers we don't extract one for) match no eventType value.

Required string length: 1 - 256

Response

Success.

items
object[]
required
nextCursor
string | null
required
headCursor
string | null