You can configure Userfront to make a callback request to your server each time a user or tenant is created, updated, or deleted. These requests are called webhooks(opens new window), and they contain information about the user or tenant that changed.
Userfront webhooks are made via POST request and include an API key in the header that your server can use to verify that the request came from Userfront.
Userfront includes an API key in the header of each webhook that you can use to authenticate the request. You can view your Webhook API keys in the Userfront Dashboard.
Do not share your Webhook API keys in publicly accessible areas such as GitHub, client-side code, and so forth.
Webhook API keys are included as HTTP Bearer Auth(opens new window) tokens, included in the header of each request as:
Authorization: Bearer your_webhook_api_key.
All live webhooks must be made over HTTPS. Webhooks configured for plain HTTP will fail.
Each webhook will have an authorization header containing your workspace's webhook API key.
Your server should read this header and verify that it matches the webhook API key found in your dashboard.
Users are the user records within your workspace or within your workspace's tenants.
There are webhooks available for user creation, update, and deletion.
This webhook is sent whenever a new user is created.
This webhook is sent whenever an existing user is updated.
This webhook is sent whenever a user is deleted.
Tenants allow you to sub-divide your application so that certain users only have access to certain parts.
There are webhooks available for tenant creation, update, and deletion.
This webhook is sent whenever a new tenant is created.
This webhook is sent whenever an existing tenant is updated.