Webhook request
Once a valid hook event is emitted, Logto will find corresponding webhooks and send a POST request per hook config.
Request headersโ
| Key | Customizable | Notes |
|---|---|---|
| user-agent | โ | Logto (https://logto.io/) by default |
| content-type | โ | application/json by default |
| logto-signature-sha-256 | the signature of the request body, refer to Securing your webhooks |
You can overwrite customizable headers by customizing request headers with the same key.
Request bodyโ
| Field | Type | Optional | Notes |
|---|---|---|---|
| hookId | string | the identifier in Logto | |
| event | string | which event that triggers this hook | |
| createdAt | string | the create time of payload in ISO format | |
| sessionId | string | โ | the Session ID (not Interaction ID) for this event, if applicable |
| userAgent | string | โ | the user-agent for the request that triggers this hook |
| userId | string | โ | the related User ID for this event, if applicable |
| user | UserEntity | โ | the related user entity for this event, if applicable |
| application | ApplicationEntity | โ | the related application info for this event, if applicable |
UserEntity includes the following fields from user data:
| Field | Type | Optional |
|---|---|---|
| id | string | |
| username | string | โ |
| primaryEmail | string | โ |
| primaryPhone | string | โ |
| name | string | โ |
| avatar | string | โ |
| customData | object | |
| identities | object | |
| lastSignInAt | string | |
| createdAt | string | |
| applicationId | string | โ |
| isSuspended | boolean | โ |
ApplicationEntity includes the following fields from application data:
| Field | Type | Optional |
|---|---|---|
| id | string | |
| name | string | |
| description | string | โ |
See Users and Applications reference for detailed field explanations.