Configure partner webhook
Create or update the HTTPS URL where Ochy sends analysis progress and completion events. You can also enable optional HMAC-SHA256 signatures for webhook delivery.
- If no webhook exists yet, this creates the configuration.
- If a webhook already exists, this updates the URL and/or the
enabledflag. - If
signature.enabledistrue, Ochy signs webhook requests with HMAC-SHA256.
Set enabled to false to stop all webhook traffic until you enable it again.
To receive events for a given analysis, you must also pass notify_via_webhook=true on
POST /analysis/start. See API keys and webhooks
for event types, payload shape, and ordering (sequence).
Authorizations
Your API key, passed as a query parameter on every request.
Body
HTTPS endpoint that will receive POST requests with JSON payloads.
"https://client.example.com/webhooks/ochy"
When false, no webhook events are sent until set back to true.
true
Optional HMAC-SHA256 signature settings for webhook delivery.
Response
Webhook configuration saved. Body mirrors GET /webhook.
If a signing secret is generated during this request, it is returned once as
signature.secret; store it securely.
Returned by GET /webhook and PUT /webhook. When no webhook has been stored yet,
GET /webhook returns an empty object. The full signing secret is only present in
responses that generated or rotated it.
Registered webhook URL.
"https://client.example.com/webhooks/ochy"
Whether webhook delivery is enabled for this partner.
true
When the configuration was last updated (ISO 8601 UTC).
"2026-03-23T10:45:00Z"
Webhook signing configuration. The secret field is returned only when generated or rotated.