Register a webhook endpoint - Auth Energy

POST

/

v1

/

webhook

Register a webhook endpoint

curl --request POST \
  --url https://example-supplier.co.uk/v1/webhook \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "webhook_url": "https://my-optimiser.example.com/hooks/tariff-events"
}
'

{
  "webhook_id": "550e8400-e29b-41d4-a716-446655440000"
}

Authorizations

Authorization

string

header

required

OAuth 2.0 Authorisation Code flow for RTI User authentication and consumer consent. Each supplier operates its own OAuth server. In production, substitute the placeholder host with the relevant url from the Supplier Register. OpenAPI does not permit URI templates in security scheme URLs, so a placeholder is used here.

Body

application/json

webhook_url

string<uri>

required

The HTTPS URL that will receive event notification POSTs.

Response

Webhook registered. Returns the assigned webhook ID.

webhook_id

string<uuid>

UUID uniquely identifying a registered webhook endpoint.

Example:

"550e8400-e29b-41d4-a716-446655440000"

Last modified on March 28, 2026

Tariff event notification received by rti userThe supplier POSTs this payload to the RTI User's registered webhook URL whenever a relevant event occurs for a consumer with active consent. ## Event types | Type | Meaning | |------|---------| | `tariff.change` | The tariff applicable to this MPXN has changed | | `tariff.update` | Unit rate, standing charge, or time variables updated (static tariffs only) | | `supplier.change` | The consumer has switched supplier | | `consent.revoked` | The consumer has revoked consent for this RTI User | | `supplier.cessation` | The supplier is ceasing voluntary TI participation for this MPXN | > Dynamic tariffs do not generate `tariff.update` events. RTI Users must poll > proactively using `valid_from` / `valid_to` datetimes in the rate windows. ## Notification timescales | Event | Required within | |-------|----------------| | `tariff.change` / `tariff.update` | Within 60 minutes of the change taking effect | | `consent.revoked` (consumer via supplier) | 1 working day | | `consent.revoked` (RTI User de-registration) | 60 minutes | | `supplier.cessation` | 3 months minimum notice | ## Signature verification Payloads are signed. The signature is provided in the `webhook-signature` HTTP header. RTI Users must verify this before processing. ## Retry behaviour Suppliers buffer undelivered notifications for a minimum of **72 hours** and retry on non-2xx responses.

Register a webhook endpoint

curl --request POST \
  --url https://example-supplier.co.uk/v1/webhook \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "webhook_url": "https://my-optimiser.example.com/hooks/tariff-events"
}
'

{
  "webhook_id": "550e8400-e29b-41d4-a716-446655440000"
}