Webhooks

With AuthSafe, you can easily configure webhooks that trigger an alert whenever a security event such as login or reset password attempts occurs in the web application. 

Webhook Management API

Add Webhook

URL: https://a.authsafe.ai/v1/webhooks/

Request:

url
The webhook is URL to be added.

Webhook Trigger Response

The webhook triggers an alert with the following response:

FieldDescription
StatusStatus of the webhook triggers:
Allow: Allows the users to login
Challenge: The user has shown some suspicious activities. You can let them know by sending an email about it or asking them some queries to confirm it is them or giving some challenge.
Deny: Specifies that the user’s device is compromised he has to be denied login. The user should not be allowed to log in unless he verifies it physically or via email or phone number.
SeverityIndicates the severity of the attempt:
Low: Indicates a safe attempt, so can be ignored.
Medium: Indicates that moderate suspicious activities are shown
High: Indicates severe suspicious activities are shown over a period of time
Critical: Indicates the attempt is highly suspicious, critical and the user should be given a very tough challenge to verify the attempt.
MessageContains a message suggesting the reason for denying or giving a challenge for the login or reset password attempt.
UserProvides the login user information such as
user_id: User’s unique identification ID.
email: User’s email address.
username: User’s username.
DeviceDevice’s information:
device_id: Provides the device’s unique identification ID. You can use this information when calling device management APIs.
name: Specifies the device name in Browser on OS format, it is to be used as for the device name. 
ip: IP address of the visitor or user.
location: Location string with city, state, and country.

Note: For webhook, status will always be either deny and the severity is critical in the current scope.

Updated on March 31, 2022

Was this article helpful?

Related Articles

Leave a Comment