Skip to content
MCP Gateway

List metadata-only SIEM and webhook destination configuration.

GET
/v1/siem-webhooks

Authorizations

Section titled “Authorizations ”

Parameters

Section titled “ Parameters ”

Query Parameters

Section titled “Query Parameters ”
tenant_id
required
string
>= 1 characters
environment_id
required
string
>= 1 characters
status
Allowed values: healthy degraded failed disabled unknown
kind
Allowed values: siem webhook audit_export
limit
integer
default: 50 >= 1 <= 100
page_token
string
sort
default: updated_at_desc
Allowed values: updated_at_desc updated_at_asc status_asc kind_asc

Responses

Section titled “ Responses ”

200

Section titled “200 ”

SIEM/webhook destination page with safe refs and delivery health.

object
schemaVersion
required
request_id
required
string
>= 1 characters
tenant_id
required
string
>= 1 characters
environment_id
required
string
>= 1 characters
destinations
required
Array<object>
object
schemaVersion
required
tenant_id
required
string
>= 1 characters
environment_id
required
string
>= 1 characters
destination_id
required
string
>= 1 characters
kind
required
Allowed values: siem webhook audit_export
enabled
required
boolean
destination_ref
required

Opaque gateway-owned destination handle. Raw http(s) URLs, path/query token shapes, and secret-bearing endpoint material are rejected; real endpoint/token values use write-only reference fields.

string
/^(otel|siem|webhook|audit-export|disabled)://(?!.*(?:secret|token|password|api_key|client_secret))[a-z0-9][a-z0-9_-]{0,127}$/
endpoint_ref
required

Opaque gateway-owned destination handle. Raw http(s) URLs, path/query token shapes, and secret-bearing endpoint material are rejected; real endpoint/token values use write-only reference fields.

string
/^(otel|siem|webhook|audit-export|disabled)://(?!.*(?:secret|token|password|api_key|client_secret))[a-z0-9][a-z0-9_-]{0,127}$/
siem_delivery_status
required
object
status
required
Allowed values: healthy degraded failed disabled unknown
checked_at
required
string format: date-time
reason_code
required
string
/^[a-z0-9_]+$/
last_error
object
reason_code
required
string
/^[a-z0-9_]+$/
retryable
boolean
webhook_status
required
object
status
required
Allowed values: healthy degraded failed disabled unknown
checked_at
required
string format: date-time
reason_code
required
string
/^[a-z0-9_]+$/
last_error
object
reason_code
required
string
/^[a-z0-9_]+$/
retryable
boolean
audit_export_status
required
object
status
required
Allowed values: healthy degraded failed disabled unknown
checked_at
required
string format: date-time
reason_code
required
string
/^[a-z0-9_]+$/
last_error
object
reason_code
required
string
/^[a-z0-9_]+$/
retryable
boolean
audit_export_link
required
object
admin_api_operation
required
duplicates_export_jobs
required
boolean
retention_policy
required
object
metadata_retention_days
required
integer
<= 3650
export_format
required
Allowed values: metadata otlp_metadata siem_ndjson_metadata webhook_json_metadata
redaction
required
object
include_payloads
required
boolean
private_payload_egress
required
boolean
secret_material_returned
required
boolean
no_payload_guarantee
required
boolean
audit_material
Allowed values: metadata_only
permissions
required
object
allowed_actions
required
Array
Allowed values: read create update test disable
pagination
required
object
limit
required
integer
>= 1 <= 100
next_page_token
string
sort
Allowed values: updated_at_desc updated_at_asc status_asc kind_asc
permissions
required
object
allowed_actions
required
Array
Allowed values: read create update test disable

403

Section titled “403 ”

Caller lacks permission to list SIEM/webhook settings.

object
schemaVersion
required
requestId
required
string
>= 1 characters
status
required
integer
>= 400 <= 599
reasonCode
required
string
/^[a-z0-9_]+$/
message
required
string
>= 1 characters
retryable
required
boolean
machineSafe
required
boolean
redactionStatus
required
Allowed values: redacted metadata_only
field

Optional metadata-only field identifier for validation errors.

string
details

Optional metadata-only diagnostic details. Never include secret material, payloads, prompts, raw endpoint URLs, or customer data.

object
requiredAction
string
>= 1 characters
resourceRef
string
>= 1 characters
key
additional properties
One of:
string

Type set in Geist, Source Serif 4, and Departure Mono.