Documentation Index
Fetch the complete documentation index at: https://docs.authsignal.com/llms.txt
Use this file to discover all available pages before exploring further.
Authenticator challenge events
Sent so you can deliver a challenge through your own provider. Synchronous: a non-2xx response fails the challenge.| Event | Description |
|---|---|
email.created | An email OTP or magic link needs to be sent. |
sms.created | An SMS OTP needs to be sent. |
push.created | A push notification needs to be delivered. |
Authenticator events
Fired when a user adds, updates, or removes an authenticator. These can be used to send custom notifications so that users are aware of changes to the factors protecting their account, and to synchronise user details with third-party systems such as CRMs. Asynchronous, with up to 3 retries.| Event | Description |
|---|---|
authenticator.created | A user enrolled a new authenticator. |
authenticator.updated | An authenticator on a user was updated. |
authenticator.deleted | An authenticator was removed from a user. |
Action verification events
Sent during action evaluation. These can be used to trigger additional blocking checks while a challenge is being verified. Synchronous: a non-2xx response blocks the outcome.| Event | Description |
|---|---|
action.verify | A challenge is about to transition to CHALLENGE_SUCCEEDED. The webhook can block the transition. |
Log events
Audit records for actions and challenges, delivered in batches for SIEM or data-lake forwarding. Asynchronous, batched, at-least-once.| Event | Description |
|---|---|
action.log_created | A snapshot of an action that has reached a terminal state. |
challenge.log_created | A challenge-related event, such as an OTP being sent or verified. |
Envelope schema
Every webhook delivery shares a common envelope. Event-specific fields live underdata (or record, for log events).
Event metadata
A unique identifier for the event.
The source of the event. This is always
https://authsignal.com.The time the event was created in ISO 8601 format.
The type of the event. Each type has a different schema for the
data field.The version of the event.
The ID of the tenant that the event is intended for.
The event-specific data. See below for the schema of the
data field for each event type.