Skip to main content
GET
/
v1
/
webhooks-keys
List Webhook Public Keys
curl --request GET \
  --url https://conta-public-api.kiwify.com/v1/webhooks-keys \
  --header 'X-PoP-Challenge: <api-key>' \
  --header 'X-PoP-Format: <api-key>' \
  --header 'X-PoP-Signature: <api-key>' \
  --header 'x-access-id: <api-key>'
{
  "public_keys": [
    {
      "algorithm": "EdDSA-Ed25519",
      "content": "-----BEGIN PUBLIC KEY-----\nMFYwEAYHKoZIzj0CAQYFK4EEAAoDQgAEQA+bOEY57yQGYdcF0q7Ia/JPc0Hr8Il0\n/pbETwvDSM+7yCkqTPDRsdptMMaoK9UEXILOaXq9Ot5azrgQEcTetg==\n-----END PUBLIC KEY-----",
      "created_at": "2026-05-28T14:30:00Z",
      "id": 2,
      "is_active": true
    }
  ],
  "next_cursor": "<string>"
}

Authorizations

​
x-access-id
string
header
required

UUID of the service account (e.g., 550e8400-e29b-41d4-a716-446655440000)

​
X-PoP-Challenge
string
header
required

Unix timestamp in milliseconds (e.g., 1704636800000). Must be within 5 minutes of server time.

​
X-PoP-Format
string
header
required

Must be 'service-account' for service account authentication

​
X-PoP-Signature
string
header
required

EdDSA signature of the request in base64 format. Signs: uri:method:body:timestamp

Query Parameters

​
limit
integer<int32> | null

Maximum number of results per page (1-100, default: 20).

Required range: x >= 0
​
cursor
string | null

Pagination cursor in format "timestamp_micros:id".

Response

List of public keys for webhook signature verification

Response containing the list of webhook public keys.

​
public_keys
object[]
required

List of public keys used for webhook signature verification.

​
next_cursor
string | null

Cursor for next page (null if no more results).