With AuthSafe, you can easily configure webhooks that trigger an alert whenever a security event such as login or reset password attempts occurs in the web application.
Webhook Management API
Add Webhook
URL: https://a.authsafe.ai/v1/webhooks/
Request:
url
The webhook is URL to be added.
Webhook Trigger Response
The webhook triggers an alert with the following response:
Field | Description |
Status | Status of the webhook triggers: Allow: Allows the users to login Challenge: The user has shown some suspicious activities. You can let them know by sending an email about it or asking them some queries to confirm it is them or giving some challenge. Deny: Specifies that the user’s device is compromised he has to be denied login. The user should not be allowed to log in unless he verifies it physically or via email or phone number. |
Severity | Indicates the severity of the attempt: Low: Indicates a safe attempt, so can be ignored. Medium: Indicates that moderate suspicious activities are shown High: Indicates severe suspicious activities are shown over a period of time Critical: Indicates the attempt is highly suspicious, critical and the user should be given a very tough challenge to verify the attempt. |
Message | Contains a message suggesting the reason for denying or giving a challenge for the login or reset password attempt. |
User | Provides the login user information such as user_id: User’s unique identification ID. email: User’s email address. username: User’s username. |
Device | Device’s information: device_id: Provides the device’s unique identification ID. You can use this information when calling device management APIs. name: Specifies the device name in Browser on OS format, it is to be used as for the device name. ip: IP address of the visitor or user. location: Location string with city, state, and country. |
Note: For webhook, status will always be either deny and the severity is critical in the current scope.