> ## Documentation Index
> Fetch the complete documentation index at: https://docs.kiwify.com.br/llms.txt
> Use this file to discover all available pages before exploring further.

# Retrieve a Specific Webhook Subscription

> Fetches the details of a single webhook subscription by its unique `id` for the authenticated bank account. This allows developers to inspect the configuration of a particular webhook.



## OpenAPI

````yaml /api-reference/banking/openapi.json get /v1/webhooks/{id}
openapi: 3.1.0
info:
  title: Digital Account API
  description: Public API for account management, statements, and PIX operations
  license:
    name: ''
  version: 0.1.0
servers:
  - url: https://conta-public-api.kiwify.com
    description: Production environment
security: []
tags:
  - name: Account
    description: Account details, balance, limits, and PIX keys
  - name: Statement
    description: Account statement and transaction history
  - name: Cash out Pix
    description: Send money via PIX transfers
  - name: Cash in Pix
    description: Refund PIX transactions
  - name: Boleto Payments
    description: Pay boletos via API
  - name: PIX QR Codes
    description: PIX QR code generation for receiving payments
  - name: Webhooks
    description: >-
      Manage webhook subscriptions to receive real-time event notifications from
      the API.
paths:
  /v1/webhooks/{id}:
    get:
      tags:
        - Webhooks
      summary: Retrieve a Specific Webhook Subscription
      description: >-
        Fetches the details of a single webhook subscription by its unique `id`
        for the authenticated bank account. This allows developers to inspect
        the configuration of a particular webhook.
      operationId: get_webhook
      parameters:
        - name: id
          in: path
          description: Webhook subscription ID
          required: true
          schema:
            type: integer
            format: int64
      responses:
        '200':
          description: Webhook subscription details
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/WebhookDto'
        '401':
          description: >-
            Authentication failed - invalid or missing service account
            credentials
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
        '403':
          description: Access denied - service account requires ManageWebhooks permission
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
        '404':
          description: >-
            Webhook subscription not found or does not belong to this account.
            Error code: WEBHOOK_NOT_FOUND
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
        '500':
          description: 'Internal server error. Error code: INTERNAL_ERROR'
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
      security:
        - AccessId: []
          PoPChallenge: []
          PoPFormat: []
          PoPSignature: []
components:
  schemas:
    WebhookDto:
      type: object
      description: Webhook subscription representation.
      required:
        - id
        - url
        - subscriptions
      properties:
        id:
          type: string
          description: Unique identifier of the webhook subscription.
          example: '6225875037061120'
        subscriptions:
          type: array
          items:
            $ref: '#/components/schemas/WebhookEventTypeDoc'
          description: List of event types this webhook is subscribed to.
        url:
          type: string
          description: The endpoint URL registered to receive webhook events.
          example: https://empresa.com/empresa_webhook
    ErrorResponse:
      type: object
      required:
        - error
        - timestamp
      properties:
        error:
          $ref: '#/components/schemas/ErrorDetails'
          description: Error payload.
        timestamp:
          type: string
          format: date-time
          description: ISO 8601 / RFC 3339 UTC timestamp of when the error occurred.
          example: '2026-05-28T14:30:00Z'
    WebhookEventTypeDoc:
      type: string
      description: >-
        Event type to subscribe to for webhook notifications.


        Each webhook subscription must include at least one event type.

        Events are sent as HTTP POST requests to the registered endpoint URL.


        ## Subscription → delivery event mapping


        | Subscription | Delivery events (`envelope.type`) |

        |---|---|

        | `CASHIN.PIX.QRCODES` | `CASHIN.PIX.QRCODES.CREATED`,
        `CASHIN.PIX.QRCODES.PAID` |

        | `CASHIN.DEPOSITS` | `CASHIN.DEPOSITS.RECEIVED` |

        | `CASHOUT.PIX.TRANSFERS` | `CASHOUT.PIX.TRANSFERS.SCHEDULED`,
        `CASHOUT.PIX.TRANSFERS.COMPLETED`, `CASHOUT.PIX.TRANSFERS.FAILED`,
        `CASHOUT.PIX.TRANSFERS.SCHEDULED.FAILED` (planned:
        `CASHOUT.PIX.TRANSFERS.CREATED`) |

        | `CASHOUT.PIX.REFUNDS` | `CASHOUT.PIX.REFUNDS.COMPLETED`,
        `CASHOUT.PIX.REFUNDS.FAILED` |

        | `CASHOUT.BOLETO.PAYMENTS` | `CASHOUT.BOLETO.PAYMENTS.SCHEDULED`,
        `CASHOUT.BOLETO.PAYMENTS.COMPLETED`, `CASHOUT.BOLETO.PAYMENTS.FAILED`,
        `CASHOUT.BOLETO.PAYMENTS.SCHEDULED.FAILED` |

        | `CASHOUT.PIX.QRCODE.PAYMENTS` | Reserved — no delivery yet |
      enum:
        - CASHIN.PIX.QRCODES
        - CASHIN.DEPOSITS
        - CASHOUT.PIX.TRANSFERS
        - CASHOUT.PIX.REFUNDS
        - CASHOUT.BOLETO.PAYMENTS
        - CASHOUT.PIX.QRCODE.PAYMENTS
    ErrorDetails:
      type: object
      required:
        - code
        - message
      properties:
        code:
          type: string
          description: >-
            Machine-readable error code. Use this for branching logic, not
            `message`.
          example: INVALID_REQUEST
        details:
          type: object
          description: >-
            Optional structured details. For `INVALID_REQUEST`, may be an array
            of field validation errors or a `validation_failed` object depending
            on the endpoint.
        message:
          type: string
          description: >-
            Human-readable error description. Do not rely on this text for
            programmatic handling.
  securitySchemes:
    AccessId:
      type: apiKey
      in: header
      name: x-access-id
      description: UUID of the service account (e.g., 550e8400-e29b-41d4-a716-446655440000)
    PoPChallenge:
      type: apiKey
      in: header
      name: X-PoP-Challenge
      description: >-
        Unix timestamp in milliseconds (e.g., 1704636800000). Must be within 5
        minutes of server time.
    PoPFormat:
      type: apiKey
      in: header
      name: X-PoP-Format
      description: Must be 'service-account' for service account authentication
    PoPSignature:
      type: apiKey
      in: header
      name: X-PoP-Signature
      description: >-
        EdDSA signature of the request in base64 format. Signs:
        uri:method:body:timestamp

````