Goal
Confirm that your webhook endpoints are healthy, diagnose failed deliveries, and export delivery logs for audit. Endpoint creation and management (POST /v1/webhooks, PUT /v1/webhooks/{id}, etc.) is done through the admin panel. This how-to covers the monitoring and testing operations available on the user-facing API.
Prerequisites
- An active API key (
mxcep_…) withwebhooks:read. - At least one webhook endpoint already registered (visible in the admin → Webhooks panel or via
GET /v1/webhooks). - Your receiver must respond with HTTP 2xx and optionally validate the
X-Signature-MexCepHMAC-SHA256 header.
Steps
1. List your endpoints
GET /v1/webhooks returns all registered endpoints with their status and subscribed events. The signing secret is not included — it is shown only once at creation time.
curl 'https://api.example.com/v1/webhooks' \
-H 'Authorization: Bearer mxcep_••••'{
"data": [
{
"type": "webhook_endpoint",
"id": "f47ac10b-58cc-4372-a567-0e02b2c3d479",
"attributes": {
"url": "https://myapp.example.com/hooks/mexcep",
"status": "active",
"events": ["validation.completed", "validation_import.completed"],
"created_at": "2025-02-01T12:00:00Z"
}
}
]
}2. Send a test event
After registering or updating an endpoint, send a synthetic test event to confirm your receiver is reachable and processes the signature correctly. Test deliveries do not count toward the consecutive-failure counter that auto-disables endpoints.
curl -X POST \
'https://api.example.com/v1/webhooks/f47ac10b-58cc-4372-a567-0e02b2c3d479/test' \
-H 'Authorization: Bearer mxcep_••••'Successful response:
{
"data": {
"type": "webhook_test_result",
"attributes": {
"delivered": true,
"http_status": 200,
"response_time_ms": 143
}
}
}If delivered is false, the error field explains the problem (SSRF block, non-2xx response, etc.).
3. Inspect delivery logs for one endpoint
View the 50 most recent delivery attempts for a specific endpoint:
curl 'https://api.example.com/v1/webhooks/f47ac10b-.../deliveries?per_page=50' \
-H 'Authorization: Bearer mxcep_••••'Each entry shows the HTTP status code, response time, and a truncated response body — enough to diagnose most delivery failures without exposing full response payloads.
4. View deliveries across all endpoints
For a consolidated view of all delivery attempts regardless of endpoint:
curl 'https://api.example.com/v1/webhooks/deliveries' \
-H 'Authorization: Bearer mxcep_••••'5. Export delivery logs
Export logs for a specific endpoint or for all endpoints:
# One endpoint — CSV
curl 'https://api.example.com/v1/webhooks/f47ac10b-.../deliveries/export?format=csv' \
-H 'Authorization: Bearer mxcep_••••' \
--output webhook-deliveries-f47ac10b.csv
# All endpoints — XLSX
curl 'https://api.example.com/v1/webhooks/deliveries/export?format=xlsx' \
-H 'Authorization: Bearer mxcep_••••' \
--output all-webhook-deliveries.xlsxWhat's next
- Monitor API quota and billing-cycle consumption: see Monitor usage.
- Analyze validation trends and counterparty patterns: see Analyze insights.