webhooks.deliver.secret_unset
A delivery was dead-lettered because the subscription has no encrypted signing secret.
webhooks.deliver.secret_unset is not a wire-level HTTP error code; it is a terminal state string written to the webhook_deliveries.last_error column when the dispatcher dead-letters a delivery because the subscription has no encrypted signing secret. The dispatcher skips retry attempts immediately when this condition is detected, rather than burning through all retry slots.
This state appears in GET /v1/webhooks/{id}/deliveries responses as the last_error field on affected delivery rows.
A webhook subscription was created before a signing secret was set (or the secret was somehow cleared). The dispatcher requires a secret to generate the X-Sautikit-Signature header for delivery.
Call POST /v1/webhooks/{id}/rotate-secret to provision or rotate the signing secret. Once a secret is present, manually retry affected dead-letter deliveries or wait for new events to be dispatched.
This code does not appear in HTTP error envelopes. It appears as:
{
"id": "...",
"status": "dead_letter",
"last_error": "webhooks.deliver.secret_unset"
}