> ## Documentation Index
> Fetch the complete documentation index at: https://docs.passlet.io/llms.txt
> Use this file to discover all available pages before exploring further.

# List webhook endpoints

> Lists all webhook endpoints registered for the organization.

Requires the `webhooks:read` scope on the access token.



## OpenAPI

````yaml /api-reference/openapi.json get /v1/webhooks/endpoints
openapi: 3.1.0
info:
  title: Passlet API (Public)
  version: 0.1.0
  description: >-
    Public integration API for Passlet — every route callable with a `plt_*`
    access token. Each operation lists the required access-token scope.
  license:
    name: UNLICENSED
    identifier: UNLICENSED
servers:
  - url: https://api.passlet.io
    description: Production
security: []
paths:
  /v1/webhooks/endpoints:
    get:
      tags:
        - webhooks
      summary: List webhook endpoints
      description: |-
        Lists all webhook endpoints registered for the organization.

        Requires the `webhooks:read` scope on the access token.
      operationId: getV1WebhooksEndpoints
      responses:
        '200':
          description: OK
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PublicListWebhookEndpointsResponse'
        '400':
          description: Bad request
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ApiError'
        '401':
          description: Unauthorized
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ApiError'
        '403':
          description: Forbidden
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ApiError'
        '404':
          description: Not found
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ApiError'
        '409':
          description: Conflict
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ApiError'
        '429':
          description: Rate limited
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ApiError'
        '500':
          description: Internal server error
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ApiError'
        '503':
          description: Service unavailable
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ApiError'
      security:
        - bearerAuth: []
components:
  schemas:
    PublicListWebhookEndpointsResponse:
      $schema: https://json-schema.org/draft/2020-12/schema
      type: object
      properties:
        items:
          type: array
          items:
            type: object
            properties:
              id:
                type: string
                format: uuid
                pattern: >-
                  ^([0-9a-fA-F]{8}-[0-9a-fA-F]{4}-[1-8][0-9a-fA-F]{3}-[89abAB][0-9a-fA-F]{3}-[0-9a-fA-F]{12}|00000000-0000-0000-0000-000000000000|ffffffff-ffff-ffff-ffff-ffffffffffff)$
                description: Webhook endpoint identifier
              url:
                type: string
                format: uri
                description: Webhook delivery URL
              events:
                minItems: 1
                type: array
                items:
                  type: string
                  enum:
                    - pass.issued
                    - pass.updated
                    - pass.voided
                    - pass.failed
                    - pass.scanned
                    - pass.scan.reversed
                description: Events to receive
              enabled:
                type: boolean
                description: Whether the endpoint is active
              description:
                description: Optional human-readable label for the endpoint
                anyOf:
                  - type: string
                    maxLength: 255
                  - type: 'null'
              createdAt:
                type: string
                format: date-time
                pattern: >-
                  ^(?:(?:\d\d[2468][048]|\d\d[13579][26]|\d\d0[48]|[02468][048]00|[13579][26]00)-02-29|\d{4}-(?:(?:0[13578]|1[02])-(?:0[1-9]|[12]\d|3[01])|(?:0[469]|11)-(?:0[1-9]|[12]\d|30)|(?:02)-(?:0[1-9]|1\d|2[0-8])))T(?:(?:[01]\d|2[0-3]):[0-5]\d(?::[0-5]\d(?:\.\d+)?)?(?:Z))$
                description: ISO 8601 timestamp
            required:
              - id
              - url
              - events
              - enabled
              - createdAt
            additionalProperties: false
        total:
          type: integer
          minimum: -9007199254740991
          maximum: 9007199254740991
      required:
        - items
        - total
      additionalProperties: false
    ApiError:
      $schema: https://json-schema.org/draft/2020-12/schema
      type: object
      properties:
        errorCode:
          type: string
          enum:
            - UNAUTHORIZED
            - FORBIDDEN
            - TOKEN_EXPIRED
            - TOKEN_INVALID
            - CSRF_TOKEN_INVALID
            - TENANT_EXPIRED
            - TENANT_NOT_FOUND
            - ORGANIZATION_REQUIRED
            - TENANT_SUSPENDED
            - VALIDATION_ERROR
            - INVALID_INPUT
            - MISSING_REQUIRED_FIELD
            - INVALID_FORMAT
            - NOT_FOUND
            - PASS_NOT_FOUND
            - TEMPLATE_NOT_FOUND
            - WEBHOOK_NOT_FOUND
            - NOTIFICATION_NOT_FOUND
            - CONFLICT
            - VERSION_CONFLICT
            - DUPLICATE_PASS
            - IDEMPOTENCY_CONFLICT
            - TEMPLATE_VERSION_NOT_NEWER
            - SCAN_REVERSAL_WINDOW_EXPIRED
            - WEBHOOK_MANAGED_EXTERNALLY
            - PASS_ALREADY_ISSUED
            - PASS_ALREADY_VOIDED
            - PASS_NOT_ISSUED
            - PASS_ISSUING_FAILED
            - APPLE_SIGNING_FAILED
            - APPLE_APNS_FAILED
            - GOOGLE_API_FAILED
            - GOOGLE_JWT_FAILED
            - PROVIDER_UNAVAILABLE
            - LINK_EXPIRED
            - LINK_REVOKED
            - LINK_INVALID
            - TOKEN_SIGNATURE_INVALID
            - TOKEN_CLOCK_SKEW
            - RATE_LIMITED
            - TOO_MANY_REQUESTS
            - INTERNAL_ERROR
            - SERVICE_UNAVAILABLE
            - JOB_FAILED
          description: Machine-readable error code
        message:
          type: string
          description: Human-readable error message
        correlationId:
          type: string
          description: Request correlation ID for debugging
        details:
          description: Additional error details
          type: object
          propertyNames:
            type: string
          additionalProperties: {}
      required:
        - errorCode
        - message
        - correlationId
      additionalProperties: false
  securitySchemes:
    bearerAuth:
      type: http
      scheme: bearer
      bearerFormat: plt_<secret>
      description: >-
        Passlet access token (`plt_*`) sent as `Authorization: Bearer <token>`
        or `X-API-Key`. Authorized scopes are listed per operation under
        `x-required-scopes`.

````