Skip to content
MCP Gateway

Update SIEM/webhook destination metadata and write-only delivery refs.

PUT
/v1/siem-webhooks/{destination_id}

Authorizations

Section titled “Authorizations ”

Parameters

Section titled “ Parameters ”

Path Parameters

Section titled “Path Parameters ”
destination_id
required
string
>= 1 characters

Request Body required

Section titled “Request Body required ”
object
tenant_id
required
string
>= 1 characters
environment_id
required
string
>= 1 characters
kind
required
Allowed values: siem webhook audit_export
destination_ref
required

Opaque gateway-owned destination handle. Raw http(s) URLs, path/query token shapes, and secret-bearing endpoint material are rejected; real endpoint/token values use write-only reference fields.

string
/^(otel|siem|webhook|audit-export|disabled)://(?!.*(?:secret|token|password|api_key|client_secret))[a-z0-9][a-z0-9_-]{0,127}$/
endpoint_ref
required

Opaque gateway-owned destination handle. Raw http(s) URLs, path/query token shapes, and secret-bearing endpoint material are rejected; real endpoint/token values use write-only reference fields.

string
/^(otel|siem|webhook|audit-export|disabled)://(?!.*(?:secret|token|password|api_key|client_secret))[a-z0-9][a-z0-9_-]{0,127}$/
write_only_secret_ref

Optional signing/token reference accepted only on write and never returned.

string
reason_code
required
string
/^[a-z0-9_]+$/
retention_policy
required
object
metadata_retention_days
required
integer
<= 3650
export_format
required
Allowed values: metadata otlp_metadata siem_ndjson_metadata webhook_json_metadata
redaction
required
object
include_payloads
required
boolean
private_payload_egress
required
boolean
secret_material_returned
required
boolean
no_payload_guarantee
required
boolean
audit_material
Allowed values: metadata_only

Responses

Section titled “ Responses ”

200

Section titled “200 ”

Destination updated and audited.

object
schemaVersion
required
tenant_id
required
string
>= 1 characters
environment_id
required
string
>= 1 characters
destination_id
required
string
>= 1 characters
kind
required
Allowed values: siem webhook audit_export
enabled
required
boolean
destination_ref
required

Opaque gateway-owned destination handle. Raw http(s) URLs, path/query token shapes, and secret-bearing endpoint material are rejected; real endpoint/token values use write-only reference fields.

string
/^(otel|siem|webhook|audit-export|disabled)://(?!.*(?:secret|token|password|api_key|client_secret))[a-z0-9][a-z0-9_-]{0,127}$/
endpoint_ref
required

Opaque gateway-owned destination handle. Raw http(s) URLs, path/query token shapes, and secret-bearing endpoint material are rejected; real endpoint/token values use write-only reference fields.

string
/^(otel|siem|webhook|audit-export|disabled)://(?!.*(?:secret|token|password|api_key|client_secret))[a-z0-9][a-z0-9_-]{0,127}$/
siem_delivery_status
required
object
status
required
Allowed values: healthy degraded failed disabled unknown
checked_at
required
string format: date-time
reason_code
required
string
/^[a-z0-9_]+$/
last_error
object
reason_code
required
string
/^[a-z0-9_]+$/
retryable
boolean
webhook_status
required
object
status
required
Allowed values: healthy degraded failed disabled unknown
checked_at
required
string format: date-time
reason_code
required
string
/^[a-z0-9_]+$/
last_error
object
reason_code
required
string
/^[a-z0-9_]+$/
retryable
boolean
audit_export_status
required
object
status
required
Allowed values: healthy degraded failed disabled unknown
checked_at
required
string format: date-time
reason_code
required
string
/^[a-z0-9_]+$/
last_error
object
reason_code
required
string
/^[a-z0-9_]+$/
retryable
boolean
audit_export_link
required
object
admin_api_operation
required
duplicates_export_jobs
required
boolean
retention_policy
required
object
metadata_retention_days
required
integer
<= 3650
export_format
required
Allowed values: metadata otlp_metadata siem_ndjson_metadata webhook_json_metadata
redaction
required
object
include_payloads
required
boolean
private_payload_egress
required
boolean
secret_material_returned
required
boolean
no_payload_guarantee
required
boolean
audit_material
Allowed values: metadata_only
permissions
required
object
allowed_actions
required
Array
Allowed values: read create update test disable

403

Section titled “403 ”

Caller lacks permission to update this destination.

object
schemaVersion
required
requestId
required
string
>= 1 characters
status
required
integer
>= 400 <= 599
reasonCode
required
string
/^[a-z0-9_]+$/
message
required
string
>= 1 characters
retryable
required
boolean
machineSafe
required
boolean
redactionStatus
required
Allowed values: redacted metadata_only
field

Optional metadata-only field identifier for validation errors.

string
details

Optional metadata-only diagnostic details. Never include secret material, payloads, prompts, raw endpoint URLs, or customer data.

object
requiredAction
string
>= 1 characters
resourceRef
string
>= 1 characters
key
additional properties
One of:
string

404

Section titled “404 ”

Destination not found in tenant/environment scope.

object
schemaVersion
required
requestId
required
string
>= 1 characters
status
required
integer
>= 400 <= 599
reasonCode
required
string
/^[a-z0-9_]+$/
message
required
string
>= 1 characters
retryable
required
boolean
machineSafe
required
boolean
redactionStatus
required
Allowed values: redacted metadata_only
field

Optional metadata-only field identifier for validation errors.

string
details

Optional metadata-only diagnostic details. Never include secret material, payloads, prompts, raw endpoint URLs, or customer data.

object
requiredAction
string
>= 1 characters
resourceRef
string
>= 1 characters
key
additional properties
One of:
string

Type set in Geist, Source Serif 4, and Departure Mono.