Update a webhook
Partial update — enable/disable, rebind the Definition (ownership re-validated), or edit the input template. Secret rotation is a separate endpoint. Cross-tenant access returns 404, never 403.
Authorizations
Path Parameters
Body
PATCH /webhooks/{id} body — partial semantics; mode/provider immutable.
Router uses body.model_dump(exclude_unset=True). mode/provider are
intentionally omitted — they are not mutable once a config exists.
description/enabled/definition_id keep their | None typing ONLY so
they stay unset-omittable for partial semantics — an explicit JSON null for
any of them is rejected with 422 at the router (CR-04 / T-41-35), because
the underlying WebhookConfig fields are required non-null and a null $set
would corrupt the stored document. input_template/dispatch_retry/
rate_limit are legitimately nullable and remain clearable with null.
Response
Successful Response
GET response — NEVER carries the signing secret (T-41-05).
Surfaces rate_limit + dispatch_retry so admins can read back the
current policy.