In the near future, we’ll be announcing a change to the Jira Cloud API that will prohibit new webhooks from being created that are non-secure (i.e. using only http:// and not https://). Details about the change will be provided as soon as they’re available, such as the error messages that you may receive if you try creating a webhook programmatically with a non-https URL.
At this time, we do not have any plans on disabling pre-existing non-https webhook subscriptions. However, the takeaway from this pre-notice is that you should begin the process of updating your apps/integrations to no longer send plain http endpoint URLs when creating webhooks.
This is not an official deprecation/change notice, but rather, a pre-notification. As soon as a definitive date is available, we’ll make the announcement on the developer forums, and update this post.