HomeProductEndpointsAccountPricingDocumentation

Platform documentation

New to eventpipe? Start with how the Inspector, Pipe Studio, and CLI work together—then come back here for HTTP details.

API docsv1

Webhook Interceptor API

Webhook capture, Pipe Studio (pipelines, versions, execute), endpoint management, privacy, share links, and tier limits.

Protected routes accept your browser session or an API key from Account: Authorization: Bearer <evp_…> or X-Api-Key.

Product

Pipe Studio & eventpipe

A pipeline is a versioned handler attached to your webhook endpoint. You define triggers, ship TypeScript (and optional declarative pipe JSON), publish immutable versions, and run test executions against the live graph—mirroring what the dashboard does.

  • List and create pipelines per endpoint; each pipeline has a linear version history.
  • Publish bundles with validated `settings.pipe` (v3) and code artifacts; production webhooks invoke the enabled pipeline’s current version.
  • Execute simulates the published graph with a JSON payload—ideal before or after shipping.

Tier limits apply to pipelines per endpoint, execution timeout, code boxes per pipe, and HTTP steps—see Pricing. Programmatic access uses the same auth as the dashboard (session cookie or API key).

Start here

60-second quickstart

Three steps from zero to your first event visible in the inspector. Links use your current origin: http://localhost:3000.

All capture URLs and snippets on this page use example ID … (generated uniquely on each visit) so they do not collide with your real endpoints.

1

Create your endpoint

On the home page choose a unique ID (e.g. stripe-orders-prod) and create the endpoint. No server or card required.

2

Send a test webhook

POST JSON to the capture URL using example ID …. It is only for these docs; use your own ID in production.

3

Open the inspector

View headers, body, and timeline in real time. The demo link uses the same example ID ….

Generating a unique example ID…

POST/api/webhook/{id}

Capture webhook

Captures any incoming request for payload inspection.

Auth: Not required. If "Require webhook key" is enabled, send x-webhook-key (or ?key=).

Request

Generating a unique example ID…

Response

{ "success": true, "webhookId": "uuid" }
GET/api/webhook/{id}?_dashboard=1

Dashboard read

Returns endpoint history for UI/dashboard.

Auth: Session or API key when the inspector is locked (owner or approved collaborator).

Request

Generating a unique example ID…

Response

{ "endpoint": {...}, "events": [...] }
POST/api/webhook/register

Register endpoint (auth)

Registers a webhook ID for an authenticated user.

Auth: Session cookie or API key (Bearer / X-Api-Key). Respects tier limits and ownership.

Request

Generating a unique example ID…

Response

{ "success": true }
POST/api/webhook/register-guest

Register endpoint (guest)

Registers an endpoint for guest mode and issues a signed guest_id.

Auth: Not required. Free tier limits apply via signed cookie.

Request

Generating a unique example ID…

Response

{ "success": true }
GET/api/account

Account summary

Tier, policy, and usage summary (endpoints + monthly requests).

Auth: Optional. Session, API key, or unauthenticated guest/free context.

Request

Generating a unique example ID…

Response

{ "tier": "FREE", "policy": {...} }
GET/api/account/endpoints

List owned endpoints

Lists owner endpoints with privacy and metadata.

Auth: Session or API key.

Request

Generating a unique example ID…

Response

{ "endpoints": [...] }
DELETE/api/account/endpoints/{id}

Delete endpoint

Deletes an owned endpoint and associated data.

Auth: Session or API key. Owner only.

Request

Generating a unique example ID…

Response

{ "success": true }
PATCH/api/account/endpoints/{id}/privacy

Update endpoint privacy

Sets inspector lock and/or "Require webhook key". Send inspectorPrivate and/or requireCaptureKey; returns accessKey when capture key is enabled.

Auth: Session or API key. Starter+ for these features.

Request

Generating a unique example ID…

Response

{ "success": true, "inspectorPrivate": true, "requireCaptureKey": true, "accessKey": "hex" }
POST/api/account/endpoints/{id}/inspector/share

Share inspector access

Generates a time-limited share link granting collaborator access to the inspector. Works regardless of inspector privacy setting. Recipient must be approved by the owner.

Auth: Session or API key. Owner only. Starter+.

Request

Generating a unique example ID…

Response

{ "success": true, "shareUrl": "https://.../share/token", "expiresAt": "..." }
POST/api/account/endpoints/{id}/studio/share

Invite studio collaborator

Generates a collaborator invite link with role (viewer or editor). Does not require inspector_private. Enforces collaboratorsPerEndpoint tier cap.

Auth: Session or API key. Owner only. Starter+.

Request

Generating a unique example ID…

Response

{ "success": true, "inviteUrl": "https://.../share/token", "expiresAt": "..." }
GET/api/account/endpoints/{id}/my-access

Get my access role

Returns the authenticated user's collaborator role on a given endpoint (viewer, editor, or null if no access).

Auth: Session or API key.

Request

Generating a unique example ID…

Response

{ "role": "viewer" | "editor" | null }
DELETE/api/account/endpoints/{id}/access

List / revoke collaborators

GET returns collaborators with role, granted_via and granted_at. DELETE removes a collaborator by userId.

Auth: Session or API key. Owner only.

Request

Generating a unique example ID…

Response

{ "success": true }
GET/api/account/access-requests

Access requests inbox

Pending access requests for the owner’s endpoints.

Auth: Session or API key.

Request

Generating a unique example ID…

Response

{ "requests": [...] }
PATCH/api/account/access-requests/{requestId}

Approve/reject request

Approves or rejects an access request (approve | reject).

Auth: Session or API key. Endpoint owner only.

Request

Generating a unique example ID…

Response

{ "success": true }
POST/api/share/{token}/accept

Accept share token

Turns a share token into a pending access request.

Auth: Session or API key.

Request

Generating a unique example ID…

Response

{ "success": true }
GET/api/account/pipelines

List pipelines

Returns pipelines owned by the authenticated user (GET /api/account/pipelines), optionally filtered by endpointId.

Auth: Session or API key.

Request

Generating a unique example ID…

Response

{ "pipelines": [ { "id", "endpoint_id", "name", "status", "current_version_id" } ] }
POST/api/account/pipelines

Create pipeline

Creates a new pipeline on an endpoint you own; seeds an initial version when successful.

Auth: Session or API key. Tier must allow pipeline automation (see limits).

Request

Generating a unique example ID…

Response

{ "success": true, "pipelineId": "uuid", "version": 1 }
GET/api/account/pipelines/{pipelineId}

Get pipeline + versions

Returns the pipeline row and all versions (includes settings.pipe when stored).

Auth: Session or API key. Owner only.

Request

Generating a unique example ID…

Response

{ "pipeline": {...}, "versions": [ { "version", "settings", "build_status" } ] }
POST/api/account/pipelines/{pipelineId}/versions

Publish pipeline version

Creates a new version with bundleCode and settings (pipe definition validated server-side).

Auth: Session or API key. Owner only.

Request

Generating a unique example ID…

Response

{ "success": true, "version": { "version": 2 } }
POST/api/account/pipelines/{pipelineId}/execute

Execute pipeline (test)

Runs the current live version with a synthetic event body—same runtime as production, scoped to your account.

Auth: Session or API key. Owner only.

Request

Generating a unique example ID…

Response

{ "success": true, "result": { "status", "output", "logs", "durationMs" } }

Standard errors

StatusWhen it happensExample
400Invalid body or missing required field{ "error": "webhookId is required" }
401Unauthenticated user on protected routes{ "error": "Unauthorized" }
402Tier limit or feature not available{ "error": "Private endpoints are available from STARTER tier" }
403No permission on owner resource{ "error": "Forbidden" }
404Resource not found{ "error": "Endpoint not found" }
409Ownership conflict or webhook ID already taken{ "error": "This webhook ID is already owned by another user" }
410Share link expired{ "error": "Share link expired" }

Integration snippets

Uses the same example ID as the quickstart: ….

Generating a unique example ID…