> ## Documentation Index
> Fetch the complete documentation index at: https://docs.briq.tz/llms.txt
> Use this file to discover all available pages before exploring further.

# Reveal Signing Secret

> Return the webhook's signing secret in **plaintext**. Use it to verify the `X-Briq-Signature` header (HMAC-SHA256 of the raw request body) on incoming deliveries. Store it securely and never expose it client-side.

**Authentication**: X-API-Key header required



## OpenAPI

````yaml /openapi.json get /v1/webhooks/{webhook_id}/secret
openapi: 3.1.0
info:
  title: Briq API
  description: Karibu Briq API Documentation
  version: '0.8'
servers:
  - url: https://karibu.briq.tz
    description: Production
  - url: https://pre-release.karibu.briq.tz
    description: Pre-release
  - url: http://karibu.briq.tz
    description: LocalPass
security: []
paths:
  /v1/webhooks/{webhook_id}/secret:
    get:
      tags:
        - Karibu-Webhooks
      summary: Reveal Signing Secret
      description: >-
        Return the webhook's signing secret in **plaintext**. Use it to verify
        the `X-Briq-Signature` header (HMAC-SHA256 of the raw request body) on
        incoming deliveries. Store it securely and never expose it client-side.


        **Authentication**: X-API-Key header required
      operationId: reveal_webhook_secret_v1_webhooks__webhook_id__secret_get
      parameters:
        - name: webhook_id
          in: path
          required: true
          schema:
            type: string
            title: Webhook Id
        - name: X-API-Key
          in: header
          required: true
          schema:
            type: string
            title: X-Api-Key
      responses:
        '200':
          description: Successful Response
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/WebhookSecretOut'
        '422':
          description: Validation Error
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/HTTPValidationError'
components:
  schemas:
    WebhookSecretOut:
      properties:
        secret_token:
          type: string
          title: Secret Token
          description: >-
            Plaintext signing secret. Use to verify X-Briq-Signature
            (HMAC-SHA256 of the raw request body).
          examples:
            - whsec_xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx
      type: object
      required:
        - secret_token
      title: WebhookSecretOut
      description: Plaintext webhook signing secret.
    HTTPValidationError:
      properties:
        detail:
          items:
            $ref: '#/components/schemas/ValidationError'
          type: array
          title: Detail
      type: object
      title: HTTPValidationError
    ValidationError:
      properties:
        loc:
          items:
            anyOf:
              - type: string
              - type: integer
          type: array
          title: Location
        msg:
          type: string
          title: Message
        type:
          type: string
          title: Error Type
      type: object
      required:
        - loc
        - msg
        - type
      title: ValidationError

````