> ## Documentation Index
> Fetch the complete documentation index at: https://docs.authsignal.com/llms.txt
> Use this file to discover all available pages before exploring further.

# action.verify

> Sent synchronously after a challenge is verified. The webhook response can gate the transition to CHALLENGE_SUCCEEDED.

Sent when an action is about to transition to `CHALLENGE_SUCCEEDED`. Run additional checks against your own systems and gate the final outcome.

This webhook is synchronous, so a non-2xx response or a timeout blocks the transition. There are no automatic retries, but the user can retry by re-running the verification.

Set `verificationWebhookUrl` on the action configuration in the Authsignal Portal, or via the [Create](/api-reference/management-api/create-action-configurations) / [Update](/api-reference/management-api/update-action-configurations) Action Configuration endpoints.

## Payload

<ParamField path="userId" type="string" required>
  The ID of the user that the action belongs to.
</ParamField>

<ParamField path="action" type="string" required>
  The action code for the action that is about to succeed.
</ParamField>

<ParamField path="idempotencyKey" type="string" required>
  The idempotency key of the action that triggered the webhook.
</ParamField>

<ParamField path="verifiedAt" type="string" required>
  The time the verification completed in ISO 8601 format.
</ParamField>

<ParamField path="state" type="string" required>
  The pending action state. For `action.verify` this is always `CHALLENGE_SUCCEEDED`.
</ParamField>

<ParamField path="verificationMethod" type="string" required>
  The verification method that completed the challenge.
</ParamField>

<ParamField path="userAuthenticatorId" type="string">
  The ID of the user authenticator that completed the challenge, when available.
</ParamField>

<ResponseExample>
  ```json action.verify theme={null}
  {
    "version": 1,
    "id": "ffffffff-ffff-ffff-ffff-ffffffffffff",
    "source": "https://authsignal.com",
    "time": "2024-01-01T01:23:45.678Z",
    "tenantId": "dddddddd-dddd-dddd-dddd-dddddddddddd",
    "type": "action.verify",
    "data": {
      "userId": "11111111-1111-1111-1111-111111111111",
      "verificationMethod": "PUSH",
      "action": "signIn",
      "idempotencyKey": "aaaaaaaa-aaaa-aaaa-aaaa-aaaaaaaaaaaa",
      "verifiedAt": "2024-01-01T01:23:45.678Z",
      "state": "CHALLENGE_SUCCEEDED",
      "userAuthenticatorId": "cccccccc-cccc-cccc-cccc-cccccccccccc"
    }
  }
  ```
</ResponseExample>
