> ## Documentation Index
> Fetch the complete documentation index at: https://docs.pipevest.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Get Webhook Key

> Return a cryptographic public key

See [Validating Webhooks](/concepts/webhook/validation) for steps on how to use this public key to verify http message signatures.


## OpenAPI

````yaml GET /webhooks/key
openapi: 3.0.0
info:
  title: Pipevest Investment API
  description: Connecting millions of Africans to the global economy
  version: 0.0.1
servers:
  - url: https://api.pipevest.com/v1
    description: Production server
  - url: https://api.staging.pipevest.com/v1
    description: Staging server
security:
  - BearerAuth: []
paths:
  /webhooks/key:
    parameters:
      - $ref: '#/components/parameters/Signature'
      - $ref: '#/components/parameters/SignatureInput'
      - $ref: '#/components/parameters/XCliendId'
    get:
      tags:
        - Webhooks
      summary: Returns the public key for verifies webhook message signatures
      responses:
        '200':
          description: Details of an update webhook
          content:
            application/json:
              schema:
                allOf:
                  - $ref: '#/components/schemas/Success'
                  - type: object
                    properties:
                      data:
                        $ref: '#/components/schemas/WebhookKey'
        '401':
          $ref: '#/components/responses/Unauthorized'
        '404':
          $ref: '#/components/responses/NotFound'
components:
  parameters:
    Signature:
      in: header
      name: Signature
      schema:
        type: string
        example: 'sig1=:OTEyMjY4...A5NTNDMEQ=:'
        description: >
          Base64 encoded signed hash of the http message request components.


          [Learn how signatures
          work](/concepts/http-signature/message-signature)
      required: true
    SignatureInput:
      in: header
      name: Signature-Input
      schema:
        type: string
        example: sig1=("Content-Type" "Content-Digest"...expires=<expires>
        description: >
          An ordered list of components that make up the signature base. It is
          used to recompute and verify the `Signature`


          [Learn how signatures
          work](/concepts/http-signature/message-signature)
      required: true
    XCliendId:
      in: header
      name: X-Client-Id
      schema:
        $ref: '#/components/schemas/ClientId'
      example: client-id
      required: true
  schemas:
    Success:
      type: object
      properties:
        data:
          oneOf:
            - type: object
            - type: array
        code:
          $ref: '#/components/schemas/ResponseCode'
        message:
          $ref: '#/components/schemas/ResponseMessage'
      required:
        - data
        - code
        - message
    WebhookKey:
      type: object
      properties:
        webhookId:
          $ref: '#/components/schemas/WebhookId'
        key:
          $ref: '#/components/schemas/PublicKey'
        createdAt:
          $ref: '#/components/schemas/CreatedAt'
        updatedAt:
          $ref: '#/components/schemas/UpdatedAt'
      required:
        - webhookId
        - key
        - createdAt
        - updatedAt
    ClientId:
      description: Unique identifier assigned to the client
      type: string
      example: client-id
    ResponseCode:
      description: Request response code
      type: string
      example: 200
    ResponseMessage:
      description: Request response message
      type: string
      example: Success
    WebhookId:
      description: The unique webhook identifier
      type: integer
      example: 123456
    PublicKey:
      description: Cryptographic key used for verifying http message signatures
      type: string
      example: >-
        ssh-ed25519
        DDDDC3NzaC1lZDI1NTE5DDDFIH0qa5TtbV3FwK7EcQDTyhbrzzRGol9sjK9L0lhk56Iu
        test@companyx.com
    CreatedAt:
      description: Created at unix timestamp
      type: integer
      example: 1234567890
    UpdatedAt:
      description: Updated at unix timestamp
      type: integer
      example: 1234567890
    Error:
      type: object
      properties:
        code:
          allOf:
            - $ref: '#/components/schemas/ResponseCode'
            - example: 401
        message:
          allOf:
            - $ref: '#/components/schemas/ResponseMessage'
            - example: Unauthorized
      required:
        - code
        - message
  responses:
    Unauthorized:
      description: Unauthorized
      content:
        application/json:
          schema:
            $ref: '#/components/schemas/Error'
    NotFound:
      description: The specified resource was not found
      content:
        application/json:
          schema:
            allOf:
              - $ref: '#/components/schemas/Error'
              - type: object
                properties:
                  code:
                    type: string
                    example: 404
                  message:
                    type: string
                    example: Not Found
  securitySchemes:
    BearerAuth:
      type: http
      scheme: bearer

````