Skip to main content

Overview

Webhooks enable seamless integration with LoginRadius by allowing systems to subscribe to specific events. LoginRadius automatically triggers a real-time HTTPS POST request to the configured webhook URL, delivering relevant payload data when an event occurs. This functionality can be leveraged for various use cases, such as updating external tracking systems or synchronizing data with a backup mirror.

Use Cases

Webhooks enable real-time, event-driven integrations across various industries. Here are some practical use cases:

  • User Authentication & Management: Notify external systems when users register, log in, or update their profiles.
  • CRM & Marketing Automation: Sync customer data with CRM platforms, trigger automated email campaigns, or update lead statuses.
  • Security & Compliance: Log security events such as failed login attempts, password changes, or suspicious activities.
  • Incident Monitoring & Alerts: Integrate with monitoring tools to send alerts for system failures or performance issues.
  • Project Management & Collaboration: Automatically create tasks, update statuses, or send notifications when specific actions occur.

Webhooks are highly versatile, enabling seamless automation and real-time synchronization between applications.

Multiple events can trigger webhooks, each corresponding to specific system actions. Each event is linked to one or more LoginRadius APIs that initiate the webhook, ensuring real-time data synchronization and automation.

For more information, have a look at the table below comprising of events and related APIs

EventAPIs
LoginPasswordless Login Verification
Smart Login Ping
MFA Email Login
Auth Login by Email
Passwordless Login Phone Verification
MFA Validate Google Auth Code
MFA Validate OTP
One Touch OTP Verification
Auth Verify Email
Auth Verify Email by OTP
Auth Reset Password by OTP
Auth Reset Password by Reset Token
Auth Reset Password by Security Answer and Phone
Phone Verification by OTP
Auth User Registration by Email
Auth Social Identity
Auth User Registration by ReCaptcha
RegisterSmart Login Ping
One Touch Login by Phone
One Touch Login by Email
Account Create
Auth User Registration by Email
Auth Social Identity
Auth User Registration by ReCaptcha
UpdateProfileAuth Privacy Policy Accept
Account Email Delete
Account Update
Upsert Email
Auth Update Profile by Token
ResetPasswordPhone Reset Password by OTP
Auth Reset Password by Reset Token
ChangePasswordAuth Change Password
emailVerificationPasswordless Login Verification
Smart Login Verify Token
Auth Verify Email
Auth Verify Email by OTP
Auth Reset Password by Reset Token
AddEmailAuth Verify Email
Auth Verify Email by OTP
RemoveEmailAuth Remove Email
BlockAccountMFA Email Login
Auth Login by Email
Passwordless login Phone Verification
MFA Validate Backup code
MFA Validate Google Auth Code
MFA Validate OTP
One Touch OTP Verification
Account Update
Auth Unlock Account by Access Token
Update MFA setting
Auth Verify Email
Auth Verify Email by OTP
Validate MFA by Backup Code
Validate MFA by Google Authenticator code
Auth Change Password
Phone reset password by OPT
Auth Reset Password by Reset Token
Auth Reset Password by Security Answer and Phone
Phone Verification by OTP
Auth User Registration by Email
Auth User Registration by ReCaptcha
DeleteAccountAccount Delete
Auth Account Delete
SetUsernameAuth Set or Change UserName
AssignRolesRole Context Profile
Assign Roles by UID
UnassignRolesDelete Additional Permission from Context
Unassign roles by UID
Delete Role from Context
SetPasswordAccount Set Password
LinkAccountSmart Login Ping
Auth Account DeleteAuth Social Identity
Auth Social Identity
Auth Link Social Identities
UnlinkAccountAuth unlink Social Identities
UpdatePhoneIdAccount Update
Phone Number Update
VerifyPhoneNumberPhone Verification by OTP
UpdateCustomobjectCustom object update by Access token
Custom Object Update by UID
DeleteCustomObjectCustom Object Delete by Record Id And Token
Delete custom Object by ObjectRecordId
CreateCustomObjectCreate Custom Object by Token
Create Custom Object by UID
InvalidateEmailVerificationAccount Invalidate Verification Email
InvalidatePhoneVerificationReset phone ID verification
RemovePhoneIdRemove Phone ID by Access Token
RemoveRoleContextDelete Role Context
ConsentProfileUpdateUpdate Consent By Access Token
SetPINSet PIN By PINAuthToken
ResetPINReset PIN By Email and OTP
Reset PIN By UserName and OTP
Reset PIN By Phone and OTP
Reset PIN By ResetToken
Reset PIN By SecurityAnswer and Email
Reset PIN By SecurityAnswer and UserName
Reset PIN By SecurityAnswer and Phone
ChangePINChange PIN By Access Token

Webhook Handling

Effective webhook handling is crucial for ensuring the reliable processing of incoming event notifications. When your server receives a webhook request, it should be structured to handle the data efficiently and securely.

Webhooks in LoginRadius use the POST method to transmit event data to the configured endpoint.
Ensure your server is set up to handle POST requests properly to receive and process webhook payloads efficiently.

Webhook APIs

Using the Create Webhook Subscription API, you can set up a target URL of your server where the POST request will be triggered.

Best Practices

Adhere to these best practices to enhance security, ensure reliability, and optimize efficiency in webhook processing:

  • Verify the Payload – Authenticate the request using signature validation or API keys to prevent unauthorized access.
  • Respond Quickly – Acknowledge receipt with a 2xx HTTP status code to prevent unnecessary retries.
  • Process Asynchronously – Avoid long-running operations in the request handler; instead, queue the payload for background processing.
  • Implement Retry Logic – Be prepared for duplicate requests by ensuring idempotent processing to handle retries gracefully.
  • Log and Monitor – Maintain logs of incoming webhooks for debugging and auditing and set up alerts for failures.