Skip to main content
POST
/
api
/
v1
/
webhooks
cURL
curl -sS \
  -X POST \
  -H 'Authorization: Bearer $OXI_SK' \
  -H 'Content-Type: application/json' \
  -d '{"name":"Production webhook","url":"https://example.com/0xinsider/webhook","event_types":["whale_trades_inserted"]}' \
  'https://api.0xinsider.com/api/v1/webhooks'
{
  "object": "<string>",
  "data": {
    "id": 123,
    "object": "<string>",
    "name": "<string>",
    "url": "<string>",
    "event_types": [],
    "verification_token_expires_at": "2023-11-07T05:31:56Z",
    "failure_count": 123,
    "created_at": "2023-11-07T05:31:56Z",
    "updated_at": "2023-11-07T05:31:56Z",
    "retry_policy": {
      "max_attempts": 123,
      "terminal_status": "<string>"
    },
    "verified_at": "2023-11-07T05:31:56Z",
    "signing_secret": "<string>",
    "verification": {
      "token": "<string>",
      "expires_at": "2023-11-07T05:31:56Z"
    }
  },
  "meta": {
    "request_id": "<string>",
    "cached": true,
    "cache_age_s": 123
  }
}
Register an HTTPS endpoint to receive webhook events as they happen. The endpoint starts in pending_verification and must be verified before deliveries begin. 
curl -H "Authorization: Bearer $OXINSIDER_API_KEY" \
  -H "Idempotency-Key: webhook-create-2026-06-01" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "Production webhook",
    "url": "https://api.yourapp.com/webhooks/0xinsider",
    "event_types": ["whale_trades_inserted"]
  }' \
  "https://api.0xinsider.com/api/v1/webhooks"
The response includes a one-time signing_secret and a verification.token. Copy the secret now. You can’t retrieve it later. Use it to verify the x-0xinsider-signature header on every delivery (see the Webhooks guide), and send the verification token to Verify Webhook to activate the endpoint. If the secret leaks, rotate it. Send Idempotency-Key when retrying after a timeout. The same key with the same body returns the original webhook; the same key with a different body returns 422.

Authorizations

Authorization
string
header
required

API key: Authorization: Bearer oxi_sk_live_... for live data (requires an active Insider subscription), or oxi_sk_test_... for sandbox/test mode (free account, deterministic fixture data, no live rows). Both key classes use the same paths; the prefix selects live vs sandbox.

Headers

Idempotency-Key
string

Optional safe-retry key. Reuse the same value only when retrying the exact same mutation request body; a different body returns 422 and an in-flight matching request returns 409.

Required string length: 1 - 255

Body

application/json
name
string
required
Maximum string length: 100
url
string<uri>
required

Public HTTPS callback URL. Local/private/internal targets are rejected.

event_types
enum<string>[]
required
Minimum array length: 1
Available options:
whale_trades_inserted,
live_sports_updated,
whale_trader_synced,
large_positions_updated

Response

Webhook destination

object
string
required
Allowed value: "webhook"
data
object
required
meta
object
required