Webhooks

This page outlines how Webhooks work in Zenlogin, and the different Webhook events available.

Webhooks

There are currently 6 different Webhook events that are fired by Zenlogin to the Webhook URL you've set up. When these events fire, they contain data that you can use to trigger your own internal logic.

The primary purpose of these Webhooks is to ensure your system is kept up to date with the status or state of your user's security.

Response HTTP Status Code & Retry Attempts

The HTTP Response from any Webhooks must be a 200 status code. This tells our server that the Webhook has been successfully received.

If the Webhook responds with anything except a 200 HTTP status code, then Zenlogin will re-attempt the webhook (up to 5 times) until it receives a 200 status code response.

This will take place over 5-minutes (1 webhook attempt per minute) until it receives a successful 200 HTTP status code, or the maximum number of attempts has been reached.

Test Requests

Test requests do not trigger webhooks. For example, when you use the Preview or Send preview options on the Email Customization page in the Admin, those will not trigger the applicationLoginCheck.ruleApplied webhooks.

Webhook Events

Below is a list of the Webhook events currently triggered by Zenlogin.

Event	Details
`account.created`	This event is fired when your account is first created. This assumes that during the creation process, you specified a Webhook URL. Currently, this is only relevant for WordPress integrations.
`account.setup.complete`	This event is fired when your account has been successfully been setup. At the moment, this means you've confirmed your email address. Currently, this is only relevant for WordPress integrations.
`application.disabled`	This event is fired when your application's Zenlogin integration is turned off. This is controlled via your Account Settings page.
`application.enabled`	This event is fired when your application's Zenlogin integration is turned on. This is controlled via your Account Settings page.
`applicationLoginCheck.ruleApplied`	This event is fired when a security rule has been applied, indicating that the user should be notified of a potential security issue.
`webhook.test`	This event is fired periodically to test your webhook. It's also fired immediately after specifying a Webhook URL.

Webhook Responses

account.created

{
    "success": true,
    "data": {
        "type": "account.created",
        "accessToken": "********************************",
        "account": {
            "publicId": "accn1abtwskjj3q1"
        },
        "application": null
    }
}

account.setup.complete

{
    "success": true,
    "data": {
        "type": "account.setup.complete",
        "accessToken": "********************************",
        "account": {
            "publicId": "accn1abtwskjj3q1"
        },
        "application": {
            "publicId": "applrn12zr5zayrp"
        }
    }
}

application.disabled

{
    "success": true,
    "data": {
        "type": "application.disabled",
        "account": {
            "publicId": "accn1abtwskjj3q1"
        },
        "application": {
            "publicId": "applrn12zr5zayrp"
        }
    }
}

application.enabled

{
    "success": true,
    "data": {
        "type": "application.enabled",
        "account": {
            "publicId": "accn1abtwskjj3q1"
        },
        "application": {
            "publicId": "applrn12zr5zayrp"
        }
    }
}

applicationLoginCheck.ruleApplied

{
    "success": true,
    "data": {
        "type": "applicationLoginCheck.ruleApplied",
        "account": {
            "publicId": "accn1abtwskjj3q1"
        },
        "application": {
            "publicId": "applrn12zr5zayrp"
        },
        "applicationIdentity": {
            "publicId": "apid1tv26zhtx2zy",
            "identityKey": "usr012s9zbs5b2ro",
            "identityEmailAddress": "oliver@zenlogin.co",
            "identityFirstName": "",
            "identityLastName": "",
            "identityFullName": ""
        },
        "applicationLoginCheck": {
            "publicId": "alch39ztz6gg65as",
            "reqTest": true,
            "ipAddress": {
                "publicId": "ipadl53b436jbexx",
                "ipAddress": "2607:fea8:3a9e:5e00:89e3:c998:abf4:3e13",
                "label": "Richmond Hill, Canada",
                "countryCode2": "ca",
                "lat": "43.86780166626",
                "long": "-79.442001342773"
            },
            "userAgent": {
                "publicId": "usagtxcy386y2v21",
                "userAgent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/88.0.4324.192 Safari/537.36",
                "browserName": "Chrome",
                "browserVersion": "88.0.4324.192",
                "browserVersionMajor": "88",
                "deviceLabel": "Apple Mac",
                "deviceName": "Mac",
                "deviceType": "Desktop",
                "isMobileDevice": false
            },
            "applicationAPIRequest": {
                "publicId": "aarq1i3n636y83az",
                "requestId": "req_27457tl394fhozgz5xwv92wwq5raf9qs"
            }
        }
    }
}

webhook.test

{
    "success": true,
    "data": {
        "type": "webhook.test",
        "account": {
            "publicId": "accn1abtwskjj3q1"
        },
        "application": {
            "publicId": "applrn12zr5zayrp"
        }
    }
}