Skip to contentSkip to navigationSkip to topbar
Rate this page:
On this page

Toggle Signature Verification for an Event Webhook

API Overview

api-overview page anchor

The SendGrid Event Webhook sends email event data as SendGrid processes it. This means you can receive data in nearly real-time, making it ideal to integrate with logging or monitoring systems.

Because the Event Webhook delivers data to your systems, it is also well-suited to backing up and storing event data within your infrastructure to meet your own data access and retention needs.

Event types

event-types page anchor

You can think about the types of events provided by the Event Webhook in two categories: deliverability events and engagement events.

  • Deliverability events such as "delivered," "bounced," and "processed" help you understand if your email is being delivered to your customers.
  • Engagement events such as "open," and "click" help you understand if customers are reading and interacting with your emails after they arrive.

Both types of events are important and should be monitored to understand the overall health of your email program. The Webhooks API allows you to configure your Event Webhook configurations.


Base url:

This endpoint allows you to enable or disable signature verification for a single Event Webhook by ID.

If you do not pass a webhook ID to this endpoint, it will enable signature verification for your oldest webhook by created_date. This means the default webhook operated on by this endpoint when no ID is provided will be the first one you created. This functionality allows customers who do not have multiple webhooks to enable or disable signature verifiction for their only webhook, even if they do not supply an ID. If you have multiple webhooks, you can retrieve their IDs using the Get All Event Webhooks endpoint.

This endpoint accepts a single boolean request property, enabled, that can be set true or false to enable or disable signature verification. This endpoint will return the public key required to verify Twilio SendGrid signatures if it is enabled or an empty string if signing is disabled. You can also retrieve your public key using the Get an Event Webhook's Public Key endpoint.

For more information about cryptographically signing the Event Webhook, see Getting Started with the Event Webhook Security Features.

Default: Bearer <<YOUR_API_KEY_HERE>>


The on-behalf-of header allows you to make API calls from a parent account on behalf of the parent's Subusers or customer accounts. You will use the parent account's API key when using this header. When making a call on behalf of a customer account, the property value should be "account-id" followed by the customer account's ID (e.g., on-behalf-of: account-id <account-id>). When making a call on behalf of a Subuser, the property value should be the Subuser's username (e.g., on-behalf-of: <subuser-username>). See On Behalf Of for more information.


The ID of the Event Webhook you want to retrieve.


Enable or disable the webhook by setting this property to true or false, respectively.




A unique string used to identify the webhook. A webhook's ID is generated programmatically and cannot be changed after creation. You can assign a natural language identifier to your webhook using the friendly_name property.


The public key you can use to verify the Twilio SendGrid signature.

Toggle Signature Verification for an Event Webhook

toggle-signature-verification-for-an-event-webhook page anchor

const client = require('@sendgrid/client');
const id = "ZGkrHSypTsudrGkmdpJJ";
const data = {
"enabled": false
const request = {
url: `/v3/user/webhooks/event/settings/signed/${id}`,
method: 'PATCH',
body: data
.then(([response, body]) => {
.catch(error => {

Rate this page: