Skip to main content
Every palm biometric enrollment and re-authentication/verification flow delegates decisions to the configured webhook API end-point, this is where custom business logic and messages can be handled and returned as a response.
Standard Authsignal webhook verification should be considered. For more info, take a look at our webhook docs

Webhooks request event schema

userId
string
The userId of the user performing the action
action
string
The action code being performed
idempotencyKey
string
A unique key representing the action
authorizedAt
string
The time at which the user were authorized at in ISO 8601 format.
state
string
The outcome of the verification
verificationMethod
string
The method of verification
custom
object
Always has a mode attribute which determines the mode of the terminal. Values can be ENROLLMENT | ACCESS | PAYMENT
{
      "version": 1,
      "data": {
        "userId": "123",
        "action": "terminal-action",
        "idempotencyKey": "d5062447-a2b7-4783-9f94-ddd62ca75ea1",
        "authorizedAt": "2024-06-24T21:11:32.339Z",
        "state": "CHALLENGE_SUCCEEDED",
        "verificationMethod": "PALM_BIOMETRICS_RR",
        "custom" : {
          "mode": "ENROLLMENT",
          ....
        },
      },
      "type: "action.verified"
  }
Note that a single terminal can perform registrations, access, and payment flows which will all occur through the same action and therefore the same webhook.

Webhooks response schema

{
	"isVerified": true,
	"message": "A custom success message",
	"error": "A custom error message"
}
isVerified
boolean
required
Specifies if the webhook successfully verifies the user action after applying custom logic.
message
string
A message that is displayed on the terminal after successful verification.
error
string
A message that is displayed on the terminal after unsuccessful verification.