Overview
Webhooks enable seamless integration with LoginRadius by allowing systems to subscribe to specific events. LoginRadius automatically triggers a real-time HTTPS POST request to the configured webhook URL, delivering relevant payload data when an event occurs. This functionality can be leveraged for various use cases, such as updating external tracking systems or synchronizing data with a backup mirror.
Use Cases
Webhooks enable real-time, event-driven integrations across various industries. Here are some practical use cases:
- User Authentication & Management: Notify external systems when users register, log in, or update their profiles.
- CRM & Marketing Automation: Sync customer data with CRM platforms, trigger automated email campaigns, or update lead statuses.
- Security & Compliance: Log security events such as failed login attempts, password changes, or suspicious activities.
- Incident Monitoring & Alerts: Integrate with monitoring tools to send alerts for system failures or performance issues.
- Project Management & Collaboration: Automatically create tasks, update statuses, or send notifications when specific actions occur.
Webhooks are highly versatile, enabling seamless automation and real-time synchronization between applications.
Event-Based Webhook-Related APIs
Multiple events can trigger webhooks, each corresponding to specific system actions. Each event is linked to one or more LoginRadius APIs that initiate the webhook, ensuring real-time data synchronization and automation.
For more information, have a look at the table below comprising of events and related APIs
Webhook Handling
Effective webhook handling is crucial for ensuring the reliable processing of incoming event notifications. When your server receives a webhook request, it should be structured to handle the data efficiently and securely.
- Trigger Method
- Format
- Payload Information
Webhooks in LoginRadius use the POST method to transmit event data to the configured endpoint.
Ensure your server is set up to handle POST requests properly to receive and process webhook payloads efficiently.
Following is the format for the data posted to your respective server:
{
"HookName": "login",
"Time": "2018-07-31T09:03:18Z",
"HookId": "50***64eb",
"Data": {
"Password": "83c****Sxj",
"LastPasswordChangeDate": "2018-03-05T22:13:36.48263Z",
"EmailVerified": false,
"IsActive": true,
"IsDeleted": false,
"Uid": "8061*****4b9"
}
}
The data posted to your server includes the following details:
-
HookName (string): The WebHook event which is triggered.
-
Time (string): The timestamp when the hook is triggered.
-
HookId (string): A uniquely generated number associated with the triggered hook.
-
Data (object): The object that contains information about the user profile details associated with the webhook.
Webhook APIs
- Subscribe to Webhook
- Subscribed URLs
- Update Webhook
- Unsubscribe Webhook
Using the Create Webhook Subscription API, you can set up a target URL of your server where the POST request will be triggered.
List All Webhooks can get a list of all the URLs subscribed for a particular event.
Using the Update Webhook Subscription API, you can modify existing webhooks as required.
This way, you can make updates to a webhook that already exists.
Delete Webhook Subscription can unsubscribe a particular server URL based on an event.
You can use these APIs to remove one of the targeted URLs where LoginRadius posts data.
Best Practices
Adhere to these best practices to enhance security, ensure reliability, and optimize efficiency in webhook processing:
- Verify the Payload – Authenticate the request using signature validation or API keys to prevent unauthorized access.
- Respond Quickly – Acknowledge receipt with a 2xx HTTP status code to prevent unnecessary retries.
- Process Asynchronously – Avoid long-running operations in the request handler; instead, queue the payload for background processing.
- Implement Retry Logic – Be prepared for duplicate requests by ensuring idempotent processing to handle retries gracefully.
- Log and Monitor – Maintain logs of incoming webhooks for debugging and auditing and set up alerts for failures.