Rotate Tool Webhook Secret

Rotate the HMAC signing secret on a webhook tool. The tool id is preserved so attached agents keep working; only the secret rolls. The new plaintext is returned on webhook_secret exactly once — store it immediately, subsequent reads always return the masked placeholder. The previous secret is invalidated immediately on success.

Authentication

AuthorizationBearer

Enter your API key with the Bearer prefix, e.g. ‘Bearer sk_…’.

Path parameters

idstringRequired

Response

The tool with its newly-rotated webhook_secret.

idstring

Prefixed wire identifier (tool_<26 char Crockford base32>).

namestring

descriptionstring

kindenum

Where the tool executes.

system: worker-resident built-in (e.g. end_call, play_audio)
webhook: worker signs a payload and POSTs it to your URL
client: worker dispatches to the caller’s browser/SDK via data channel
mcp: worker connects to a customer-hosted MCP server and proxies tool calls

configobject

One of SystemToolConfig, WebhookToolConfig, ClientToolConfig, or MCPToolConfig depending on kind.

created_atdatetime

updated_atdatetime

webhook_secretstring

HMAC signing secret for kind=webhook. Returned in full only on the create response; all subsequent reads return a masked placeholder. Store it on first create — there is no way to retrieve it later.

Errors

400

Bad Request Error

401

Unauthorized Error

404

Not Found Error

1	{
2	"id": "tool_01kb9kefcacry5t3662gfsgtzj",
3	"name": "string",
4	"description": "string",
5	"kind": "system",
6	"config": {
7	"builtin": "string",
8	"params": [
9	{
10	"name": "string",
11	"type": "string",
12	"description": "string",
13	"required": true,
14	"enum": [
15	"string"
16	]
17	}
18	],
19	"builtin_config": {}
20	},
21	"created_at": "2024-01-15T09:30:00Z",
22	"updated_at": "2024-01-15T09:30:00Z",
23	"webhook_secret": "string"
24	}

$	curl -X POST https://api.speechify.ai/v1/agents/tools/id/rotate-secret \
>	-H "Authorization: Bearer <token>"