Webhooks
You can configure Userfront to make a callback request to your server each time a user or tenant is created, updated, or deleted. These requests are called webhooks(opens new window), and they contain information about the user or tenant that changed.
Userfront webhooks are made via POST request and include an API key in the header that your server can use to verify that the request came from Userfront.
#Authentication
Userfront includes an API key in the header of each webhook that you can use to authenticate the request. You can view your Webhook API keys in the Userfront Dashboard.
Do not share your Webhook API keys in publicly accessible areas such as GitHub, client-side code, and so forth.
Webhook API keys are included as HTTP Bearer Auth(opens new window) tokens, included in the header of each request as:
Authorization: Bearer your_webhook_api_key
.
All live webhooks must be made over HTTPS. Webhooks configured for plain HTTP will fail.
Each webhook will have an authorization header containing your account's webhook API key.
Your server should read this header and verify that it matches the webhook API key found in your dashboard.
#Users
Users are the user records within your account or within your account's tenants.
There are webhooks available for user creation, update, and deletion.
#User created
This webhook is sent whenever a new user is created.
#User updated
This webhook is sent whenever an existing user is updated.
#User deleted
This webhook is sent whenever a user is deleted.
#Tenants
Tenants allow you to sub-divide your application so that certain users only have access to certain parts.
There are webhooks available for tenant creation, update, and deletion.
#Tenant created
This webhook is sent whenever a new tenant is created.
#Tenant updated
This webhook is sent whenever an existing tenant is updated.