Rotate the signing secret for a webhook endpoint
Webhooks
Rotate the signing secret for a webhook endpoint
Generates a new HMAC-SHA256 signing secret, stores the hash in the DB and the plaintext in AWS Secrets Manager, and returns the plaintext ONCE. Update your webhook receiver to accept both the old and new secrets during the transition window, then drop the old secret once all in-flight deliveries are using the new one.
Requires webhooks:manage scope.
POST
Rotate the signing secret for a webhook endpoint
Authorizations
API key issued per entity via Settings > Developers > API Keys.
Each key carries scopes (e.g. orders:read, products:write).
Bearer token format: Authorization: Bearer ark_live_ent_Test keys use ark_test_ent_. Both are issued per entity
via Settings > Developers > API Keys.

