# List Webhook Secrets

This endpoint returns a set of webhook signing secrets used to validate the webhook.
Usually only one key will be returned in the response. After key rotation, this endpoint will return two keys:
the new key, and the key that will be revoked soon. There will also be two signatures in the 'Webhook-Signature' request header.
Your application should use all keys available to validate the webhook request. If validation passes for any
of the keys returned, the webhook payload is valid.

Endpoint: GET /v1/webhooks/secrets
Version: 0.1
Security: OAuth2

## Response 200 fields (application/json):

  - `secret` (string, required)
    The payload of the secret to be used for webhook validation.
    Example: "whsec_123"

  - `status` (string, required)
    The status of a webhook secret.
    Enum: "ACTIVE", "PENDING_REVOKE", "REVOKED"


## Response 400 fields

## Response 401 fields

## Response 403 fields

## Response 500 fields