Skip to content
Integrations

Webhooks

Sign In can push events to an external system over webhooks, so that authentication activity can be forwarded to a SIEM, a log-management platform such as Splunk, or a custom endpoint. This gives an organization real-time or batched insight into who is connecting and when, in its own tooling.

Sign In publishes login and session events, including a successful captive-portal login and a resumed session (a remembered device that reconnected without user interaction). Each event carries the relevant context as structured JSON.

  • Destination: an HTTPS endpoint that the organization controls.
  • Mode: events can be delivered in real time, or collected and delivered in batches. A batch is bounded by a maximum size and a delivery interval, whichever comes first.
  • Security: a secret token can be attached so the receiver can verify that a delivery came from the platform, typically passed as an HTTP header.
  • Resilience: if the receiving endpoint does not accept a delivery, the platform retries with an increasing back-off before marking the delivery failed.

The Administration Portal shows each configured webhook, the events pending delivery (for batch mode), and a history of recent deliveries with their outcome, response code, and payload, so an administrator can confirm that events are reaching the destination and investigate any that failed.

Next