Skip to content
Integrations

Webhooks

EntryPoint can push events to an external system over webhooks, so that activity in a context can be forwarded to a SIEM, a log-management platform, or a custom endpoint. This is the supported way to stream EntryPoint activity into an organization’s own tooling.

EntryPoint emits configuration-audit events: each administrative change to the context (for example a change to a group, an attribute profile, a RADIUS client, or the context settings) is published as an event that records what changed, who changed it, and when. Secrets are redacted in the payload. This mirrors the configuration audit log, delivered as a stream rather than viewed in the portal.

For per-attempt authentication outcomes, see the authentication log, which is queried in the portal rather than streamed.

  • Destination: an HTTPS endpoint that the organization controls.
  • Mode: events can be delivered in real time, or batched and delivered on an interval.
  • Security: a secret token can be attached so the receiver can verify that a delivery came from the platform.
  • Resilience: if the receiving endpoint does not accept a delivery, the platform retries with an increasing back-off before marking the delivery failed, and recent delivery history is retained for inspection.

The Administration Portal shows the configured webhooks, the events pending delivery, and a history of recent deliveries with their outcome, so an administrator can confirm that events are reaching the destination.

Next