View a Webhook Event

Important. This endpoint is designed for testing and troubleshooting; it's not designed as an alternate way to monitor and download webhook events. That's the job of your listener endpoint.

Endpoint URL: {identityDomain}/{customerId}/webhooks/subscriptions/{subscriptionId}/events/{eventId}

Enables you to return information about a specific event. 

This endpoint supports the following methods:

  • GET



Returns information about the specified webhooks event. Keep in mind that this endpoint (like the other /events endpoints) works against the Identity Cloud event store and not against your webhooks database. 

Base URL

The base URL for this endpoint is your Identity Cloud API URL, including the appropriate region. For example, if you are in the US region, then your base URL will look like this:

If you are in the Australian (AU) region your base URL will look like this: 

URL path parameters








Unique identifier of the organization (customer) associated with the webhooks subscription. For example:





Unique identifier of the webhooks subscription associated with the event being retrieved. For example:





Unique identifier of the webhooks event being returned. For example:


Request Parameters

No additional parameters are required in order to call this endpoint.


This endpoint requires token-based authentication. To obtain an access token, you must use a confidential client (using the client ID as the username and the client secret as the password) to access the /{customerId}/login/token endpoint. The access token returned from that endpoint is then used in the Authorization header of your API call. For example, if you get back the access token 03v-eeodppPrrHXXIx56pRLyDBaOldDxqEwI59MFCFGVuSkLRapzgmfwmEHyKWle then your Authorization header will look like this when using Curl:

-H 'Authorization: Bearer 03v-eeodppPrrHXXIx56pRLyDBaOldDxqEwI59MFCFGVuSkLRapzgmfwmEHyKWle'

In Postman, set the Authorization Type to Bearer and use the access token as the value of the Token field.

Sample Request (curl)

The following command returns information about the event notification with the ID d375d2f8-e2d8-4859-9c31-648468b80acd:

curl -X GET \ 
  -H 'Authorization: Bearer Xk7EzdpGq5GPQcsxCWM2SxdlwU_iTsA4i2Px4TEzBrfLIvddjnDVBJxjPDuCARHH' 


200 OK

If your call to this endpoint succeeds, you'll get back detailed information for the specified event notification:

  "id": " d375d2f8-e2d8-4859-9c31-648468b80acd ",
  "createdAt": "2020-01-27T16:53:50.815936Z",
  "updatedAt": "2020-01-27T16:53:51.554764Z",
  "state": "success",
  "attempts": 1,
  "request": {
    "endpoint": "",
    "headers": {
      "Accept": "*/*",
      "Content-Length": "1293",
      "Content-Type": "application/secevent+jwt",
      "Host": "",
      "User-Agent": "Akamai Identity Cloud Webhooks/v3.0.0"
    "payload": "eyJhbGciOiJSUzI1NiIsImtpZCI6IjFkYzEyMDczNjk5YzY4YzFkYWVlNmM5YTEwMGUyYjQzZmViZGNkOTIifQ.eyJhdWQiOlsiaHR0cHM6Ly93ZWJob29rLnNpdGUvNDZmZjNjNWUtYWU5NS00M2RmLWIzMmQtZDA3YmI4NDc0NmI0Il0sImV2ZW50cyI6eyJlbnRpdHlVcGRhdGVkIjp7ImF0dHJpYnV0ZXMiOlsiZmFtaWx5TmFtZSJdLCJjYXB0dXJlQXBwbGljYXRpb25JZCI6IjN2YWRiYTN2aHFwa2RndHNycWQ0c3Q3Nm0zIiwiY2FwdHVyZUNsaWVudElkIjoiM2ZwNHp0OXQyNTZqcWs0dHgzNXd1ajRhcDJlNTNocTkiLCJlbnRpdHlUeXBlIjoidXNlciIsImdsb2JhbFN1YiI6ImNhcHR1cmUtdjE6Ly9hcHAuY2FwdHVyZS5tdWx0aS5kZXYub3IuamFucmFpbi5jb20vM3ZhZGJhM3ZocXBrZGd0c3JxZDRzdDc2bTMvdXNlci9lNDk5YWMyNC00NmJkLTRkODUtOTFlZS1iZGVhZGQ0NDZjMWUiLCJzdWIiOiJlNDk5YWMyNC00NmJkLTRkODUtOTFlZS1iZGVhZGQ0NDZjMWUifX0sImlhdCI6MTU4MDE0NDAzMCwiaXNzIjoiaHR0cHM6Ly9hcGkubXVsdGkuZGV2Lm9yLmphbnJhaW4uY29tLzAwMDAwMDAwLTAwMDAtMDAwMC0wMDAwLTAwMDAwMDAwMDAwMC93ZWJob29rcyIsImp0aSI6IjFlNTY5YmI1LWMyMWQtNGU5Yy1hMWFhLTdlYzNiODMxYmRhMiIsInRvZSI6MTU4MDE0NDAzMDczOSwidHhuIjoiMDAwMDAwMDAtMDAwMC0wMDAwLTAwMDAtMDAwMDAwMDAwMDAwIn0.D4PsqQiwvXmd-3bons9JcqHEf69Tw46I2C4Zg713gw8Y11QPLywKXMveFzgmRRVS3OyG38LVSz6wJfmn02Du4hlMpi44Rnna_k9rv1WTxC7CFOFqVXzJyQ-TvSdYLEU5hfCpfodlyeE4v-SPZoOfZ-kQdUa8vPm4wiOOnr0QfZlY3uTRcPczY3jy2Gv6eLRSjk2q4LY0-rYHHaojHofYJARahGjah9JrkmbTaMkvuv3CwBnUrKkp2nomOzl2Z858xaRUrgHfgXEuOYrhasRrbcAn-MyuQfY7hlPjSl8Lka25JgeIOmCLpK2-fFZ0rDW1k1MzHak6q2rftE7vSvObcw"
  "response": {
    "statusCode": 200,
    "headers": {
      "Cache-Control": "no-cache, private",
      "Content-Type": "text/plain; charset=UTF-8",
      "Date": "Mon, 27 Jan 2020 16:53:51 GMT",
      "Server": "nginx/1.14.2",
      "Set-Cookie": "laravel_session=0WvS2SrKRs0In3XSBAdlLykpCCTTnJmzLnCYljfw; expires=Mon, 27-Jan-2020 18:53:51 GMT; Max-Age=7200; path=/; httponly",
      "Vary": "Accept-Encoding",
      "X-Ratelimit-Limit": "100",
      "X-Ratelimit-Remaining": "97",
      "X-Request-Id": "11d339a3-17bd-457d-abde-64c5810e5244",
      "X-Token-Id": "46ff3c5e-ae95-43df-b32d-d07bb84746b4"
  "_links": {
  "self": {
    "href": "/00000000-0000-0000-0000-000000000000/webhooks/subscriptions/454fe969-1909-4e93-b552-674d47eafdb0/events/d375d2f8-e2d8-4859-9c31-648468b80acd"
  "redeliver": {
    "href": "/00000000-0000-0000-0000-000000000000/webhooks/subscriptions/454fe969-1909-4e93-b552-674d47eafdb0/events/d375d2f8-e2d8-4859-9c31-648468b80acd/redeliver"
  "history": {
    "href": "/00000000-0000-0000-0000-000000000000/webhooks/subscriptions/454fe969-1909-4e93-b552-674d47eafdb0/events/d375d2f8-e2d8-4859-9c31-648468b80acd/history"
  "eventType": "entityUpdated"

Note. The API response includes a redeliver property and points to a redelivery URL. This URL is not used in Webhooks v3. Instead, the URL is reserved for future use.

Error Response Codes

The following table includes information about some of the other response codes that you might encounter when calling this endpoint.

Response Code



Forbidden. You do not have permission to access the requested resource. You will often see this error if you are using an expired access token. By default, access tokens can only be used for one hour before they need to be replaced.


Not found. The specified customer, the specified event, and/or the specific webhooks subscription could not be found.