Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.authsignal.com/llms.txt

Use this file to discover all available pages before exploring further.

These webhooks are asynchronous and delivered in batches of up to 500 events, after your tenant’s challenge token duration (typically 15 minutes). Delivery is at-least-once, so de-duplicate using the envelope id. Configure the webhook URL for log events in tenant settings.

Batch delivery format

{
  "records": [
    { "type": "action.log_created",    "record": { } },
    { "type": "challenge.log_created", "record": { } }
  ]
}

Payload

tenantId
string
required
The ID of the tenant that the action occurred within.
userId
string
required
The ID of the user that the action was triggered by.
actionCode
string
required
The action being evaluated (e.g. login, withdrawal).
idempotencyKey
string
required
Unique per action instance.
createdAt
string
required
When the action was first evaluated.
updatedAt
string
required
When the action record was last updated.
state
string
required
Final action state. One of ALLOW, BLOCK, CHALLENGE_REQUIRED, CHALLENGE_SUCCEEDED, CHALLENGE_FAILED, REVIEW_REQUIRED.
stateUpdatedAt
string
required
When state last changed.
outcome
string
required
The rule engine decision. One of ALLOW, BLOCK, CHALLENGE, REVIEW. Immutable for the lifetime of the action.
verificationMethod
string
The method the user actually used to complete a challenge, if any (e.g. EMAIL_OTP, PASSKEY, SMS, AUTHENTICATOR_APP).
allowedVerificationMethods
string[]
The set of methods the user was offered for this challenge. Omitted if empty.
rules
object[]
Rules that fired during evaluation. Omitted if none.
priorityRuleId
string
The rule that drove the outcome, when multiple rules fired.
ipAddress
string
IP address of the request that initiated the action.
countryCode
string
Country resolved from the IP.
email
string
Email on file for the user at the time of the action.
phoneNumber
string
Phone number on file for the user at the time of the action.
deviceId
string
Opaque identifier for the device that initiated the action.
enrolledVerificationMethods
string[]
Verification methods the user had enrolled at the time of the action.
custom
object
Custom key/value data supplied by your application. Omitted if empty.
{
  "version": 1,
  "id": "ffffffff-ffff-ffff-ffff-ffffffffffff",
  "source": "https://authsignal.com",
  "time": "2026-04-22T01:08:05.197Z",
  "tenantId": "dddddddd-dddd-dddd-dddd-dddddddddddd",
  "type": "action.log_created",
  "record": {
    "tenantId": "dddddddd-dddd-dddd-dddd-dddddddddddd",
    "userId": "user_abc",
    "actionCode": "login",
    "idempotencyKey": "bb51e6b9-a7f8-4f03-8044-2940ae574236",
    "createdAt": "2026-04-22T01:08:05.197Z",
    "updatedAt": "2026-04-22T01:08:05.197Z",
    "state": "CHALLENGE_SUCCEEDED",
    "stateUpdatedAt": "2026-04-22T01:10:34.067Z",
    "outcome": "CHALLENGE",
    "verificationMethod": "EMAIL_OTP",
    "allowedVerificationMethods": ["PASSKEY", "EMAIL_OTP", "AUTHENTICATOR_APP"],
    "rules": [
      { "id": "40fcd205-5318-41d7-b225-3b6122b13654", "name": "challenge nz" }
    ],
    "priorityRuleId": "40fcd205-5318-41d7-b225-3b6122b13654",
    "ipAddress": "192.168.1.1",
    "countryCode": "NZ",
    "email": "alice@example.com",
    "phoneNumber": "+64221234567",
    "deviceId": "device_xyz",
    "enrolledVerificationMethods": ["AUTHENTICATOR_APP", "EMAIL_OTP"],
    "custom": { "plan": "pro" }
  }
}