Create an endpoint
Add a webhook endpoint in Hoursmith — enter your URL, subscribe to events, and save your signing secret, which is shown only once.
An endpoint is the HTTPS URL Hoursmith delivers events to, together with the set of event types it's subscribed to and a signing secret used to authenticate deliveries.
- Plan
- Agency
- Role
- OwnerAdmin
You need the Agency plan and an Owner or Admin role. Have your receiver's public HTTPS URL ready, and somewhere safe to store the signing secret.
Add the endpoint
Open webhook settings
Go to Settings → Webhooks (hoursmith.app/settings/webhooks) and choose Add endpoint.
Enter your endpoint URL
Paste the HTTPS URL that should receive deliveries, e.g.
https://api.example.com/hooks/hoursmith. This is where Hoursmith will POST events.
Choose which events to subscribe to
Select the event types you want delivered to this endpoint. There are no wildcard subscriptions — pick each event type explicitly. You can change the selection later.
Save and copy your signing secret
Click Save. A signing secret is generated and shown once — copy it now and store it securely. You'll use it to verify signatures on every delivery.
The full signing secret is displayed only once, at creation. Afterward Hoursmith stores it
encrypted and shows only its prefix (wsk_...) for identification — the full value is never
shown again. If you lose it, rotate the secret to generate a new
one.
After saving
Once the endpoint exists you can:
- Send a test event to confirm your receiver is wired up correctly. Test events arrive with
livemode: falseanddata.test: true— see Retries & replay. - Identify the secret by its
wsk_...prefix in the endpoint list. - Rotate the secret at any time from the endpoint's settings.
Keep the signing secret out of source control. Load it from an environment variable or a secrets manager so it never lands in your repository.