Respond to activity that occurs within WorkOS and third-party providers.
Events represent activity that has occurred within WorkOS or within third-party identity and directory providers. Your app can sync the data via either the events API or webhooks.
All event objects share a similar structure.
| Attribute | Description |
|---|---|
event | A string that distinguishes the event type. |
id | Unique identifier for the event. |
data | Event payload. Payloads match the corresponding API objects. |
created_at | Timestamp of when the event occurred. |
context | An optional object of extra information relevant to the event. |
Events emitted when API keys are created or revoked.
{ "object": "event", "id": "event_01KD8Z96BMTAXC8Z9VAQJEYJPW", "event": "api_key.created", "data": { "object": "api_key", "id": "api_key_01KD8Z96B7CEWS9F792MVPFZ5X", "name": "testing key", "owner": { "id": "org_01KC5960YS14A61DAEZ30DJ0EG", "type": "organization" }, "obfuscated_value": "sk_…kZL1", "permissions": ["posts:read"], "last_used_at": null, "created_at": "2025-12-24T20:02:23.200Z", "updated_at": "2025-12-24T20:02:23.200Z" }, "created_at": "2025-12-24T20:02:23.220Z", "context": {} }
Triggered when an API key is created.
{ "object": "event", "id": "event_01KD8ZGJK4YWC2WHWHQA71DERV", "event": "api_key.revoked", "data": { "object": "api_key", "id": "api_key_01KD8Z96B7CEWS9F792MVPFZ5X", "name": "testing key", "owner": { "id": "org_01KC5960YS14A61DAEZ30DJ0EG", "type": "organization" }, "obfuscated_value": "sk_…kZL1", "permissions": ["posts:read"], "last_used_at": null, "created_at": "2025-12-24T20:02:23.200Z", "updated_at": "2025-12-24T20:02:23.200Z" }, "created_at": "2025-12-24T20:02:23.220Z", "context": {} }
Triggered when an API key is revoked.
Each step in the authentication flow emits an authentication event. Authentication success events are emitted even when additional steps, such as MFA, are required to complete the process.
{ "event": "authentication.email_verification_failed", "id": "event_04FKJ843CVE8F7BXQSPFH0M53V", "data": { "type": "email_verification", "status": "failed", "user_id": "user_01E4ZCR3C5A4QZ2Z2JQXGKZJ9E", "email": "todd@example.com", "ip_address": "192.0.2.1", "user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36", "error": { "code": "invalid_one_time_code", "message": "Invalid one-time code" } }, "created_at": "2023-11-18T04:18:13.126Z", "context": { "client_id": "client_123456789" } }
Triggered when a user fails to verify their email.
{ "event": "authentication.email_verification_succeeded", "id": "event_04FKJ843CVE8F7BXQSPFH0M53V", "data": { "type": "email_verification", "status": "succeeded", "user_id": "user_01E4ZCR3C5A4QZ2Z2JQXGKZJ9E", "email": "todd@example.com", "ip_address": "192.0.2.1", "user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36" }, "created_at": "2023-11-18T04:18:13.126Z", "context": { "client_id": "client_123456789" } }
Triggered when a user successfully verifies their email.
{ "event": "authentication.magic_auth_failed", "id": "event_04FKJ843CVE8F7BXQSPFH0M53V", "data": { "type": "magic_auth", "status": "failed", "user_id": "user_01E4ZCR3C5A4QZ2Z2JQXGKZJ9E", "email": "todd@example.com", "ip_address": "192.0.2.1", "user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36", "error": { "code": "authentication_method_not_allowed", "message": "Google OAuth is disabled." } }, "created_at": "2023-11-18T04:18:13.126Z", "context": { "client_id": "client_123456789" } }
Triggered when a user fails to authenticate via Magic Auth.
{ "event": "authentication.magic_auth_succeeded", "id": "event_04FKJ843CVE8F7BXQSPFH0M53V", "data": { "type": "magic_auth", "status": "succeeded", "user_id": "user_01E4ZCR3C5A4QZ2Z2JQXGKZJ9E", "email": "todd@example.com", "ip_address": "192.0.2.1", "user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36" }, "created_at": "2023-11-18T04:18:13.126Z", "context": { "client_id": "client_123456789" } }
Triggered when a user successfully authenticates via Magic Auth.
{ "event": "authentication.mfa_failed", "id": "event_04FKJ843CVE8F7BXQSPFH0M53V", "data": { "type": "mfa", "status": "failed", "user_id": "user_01E4ZCR3C5A4QZ2Z2JQXGKZJ9E", "email": "todd@example.com", "ip_address": "192.0.2.1", "user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36", "error": { "code": "invalid_one_time_code", "message": "Invalid one-time code." } }, "created_at": "2023-11-18T04:18:13.126Z", "context": { "client_id": "client_123456789" } }
Triggered when a user fails to authenticate with a multi-factor authentication code.
{ "event": "authentication.mfa_succeeded", "id": "event_04FKJ843CVE8F7BXQSPFH0M53V", "data": { "type": "mfa", "status": "succeeded", "user_id": "user_01E4ZCR3C5A4QZ2Z2JQXGKZJ9E", "email": "todd@example.com", "ip_address": "192.0.2.1", "user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36" }, "created_at": "2023-11-18T04:18:13.126Z", "context": { "client_id": "client_123456789" } }
Triggered when a user successfully authenticates with a multi-factor authentication code.
{ "event": "authentication.oauth_failed", "id": "event_04FKJ843CVE8F7BXQSPFH0M53V", "data": { "type": "oauth", "status": "failed", "user_id": "user_01E4ZCR3C5A4QZ2Z2JQXGKZJ9E", "email": "todd@example.com", "ip_address": "192.0.2.1", "user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36", "error": { "code": "invalid_credentials", "message": "Invalid credentials." } }, "created_at": "2023-11-18T04:18:13.126Z", "context": { "client_id": "client_123456789" } }
Triggered when a user fails to authenticate via OAuth.
{ "event": "authentication.oauth_succeeded", "id": "event_04FKJ843CVE8F7BXQSPFH0M53V", "data": { "type": "oauth", "status": "succeeded", "user_id": "user_01E4ZCR3C5A4QZ2Z2JQXGKZJ9E", "email": "todd@example.com", "ip_address": "192.0.2.1", "user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36" }, "created_at": "2023-11-18T04:18:13.126Z", "context": { "client_id": "client_123456789" } }
Triggered when a user successfully authenticates via OAuth.
{ "event": "authentication.password_failed", "id": "event_04FKJ843CVE8F7BXQSPFH0M53V", "data": { "type": "password", "status": "failed", "user_id": "user_01E4ZCR3C5A4QZ2Z2JQXGKZJ9E", "email": "todd@example.com", "ip_address": "192.0.2.1", "user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36", "error": { "code": "invalid_credentials", "message": "Invalid credentials." } }, "created_at": "2023-11-18T04:18:13.126Z", "context": { "client_id": "client_123456789" } }
Triggered when a user fails to authenticate with password credentials.
{ "event": "authentication.password_succeeded", "id": "event_04FKJ843CVE8F7BXQSPFH0M53V", "data": { "type": "password", "status": "succeeded", "user_id": "user_01E4ZCR3C5A4QZ2Z2JQXGKZJ9E", "email": "todd@example.com", "ip_address": "192.0.2.1", "user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36" }, "created_at": "2023-11-18T04:18:13.126Z", "context": { "client_id": "client_123456789" } }
Triggered when a user successfully authenticates with password credentials.
{ "event": "authentication.passkey_failed", "id": "event_01HS2EAGQA9EZW6D0MFCV5S38D", "data": { "type": "passkey", "status": "failed", "email": "todd@example.com", "user_id": "user_01EHWNC0FCBHZ3BJ7EGKYXK0E6", "error": { "code": "invalid_credentials", "message": "Invalid credentials." }, "user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36", "ip_address": "0.0.0.0" }, "created_at": "2023-11-18T04:18:13.126Z", "context": { "client_id": "client_123456789" } }
Triggered when a user fails to authenticate with a passkey.
{ "event": "authentication.passkey_succeeded", "id": "event_01HS2EAGQA9EZW6D0MFCV5S38D", "data": { "type": "passkey", "status": "succeeded", "email": "todd@example.com", "user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36", "ip_address": "0.0.0.0", "user_id": "user_01EHWNC0FCBHZ3BJ7EGKYXK0E6" }, "created_at": "2023-11-18T04:18:13.126Z", "context": { "client_id": "client_123456789" } }
Triggered when a user successfully authenticates with a passkey.
{ "event": "authentication.sso_failed", "id": "event_04FKJ843CVE8F7BXQSPFH0M53V", "data": { "type": "sso", "status": "failed", "user_id": "user_01E4ZCR3C5A4QZ2Z2JQXGKZJ9E", "email": "todd@example.com", "ip_address": "192.0.2.1", "user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36", "error": { "code": "authentication_method_not_allowed", "message": "SSO is disabled for this environment." }, "sso": { "connection_id": "conn_01FKJ843CVE8F7BXQSPFH0M53V", "organization_id": "org_01E4ZCR3C5A4QZ2Z2JQXGKZJ9E" } }, "created_at": "2023-11-18T04:18:13.126Z", "context": { "client_id": "client_123456789" } }
Triggered when a user fails to authenticate with Single Sign-On.
{ "event": "authentication.sso_succeeded", "id": "event_04FKJ843CVE8F7BXQSPFH0M53V", "data": { "type": "sso", "status": "succeeded", "user_id": "user_01E4ZCR3C5A4QZ2Z2JQXGKZJ9E", "email": "todd@example.com", "ip_address": "192.0.2.1", "user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36", "sso": { "connection_id": "conn_01FKJ843CVE8F7BXQSPFH0M53V", "organization_id": "org_01E4ZCR3C5A4QZ2Z2JQXGKZJ9E", "session_id": "saml_session_01FKJ843CVE8F7BXQSPFH0M53V" } }, "created_at": "2023-11-18T04:18:13.126Z", "context": { "client_id": "client_123456789" } }
Triggered when a user successfully authenticates with Single Sign-On.
{ "event": "authentication.radar_risk_detected", "id": "event_04FKJ843CVE8F7BXQSPFH0M53V", "data": { "auth_method": "magic_auth", "action": "signup", "control": "restriction", "blocklist_type": "ip_address", "ip_address": "192.0.2.1", "user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36", "user_id": "user_01E4ZCR3C5A4QZ2Z2JQXGKZJ9E" }, "created_at": "2023-11-18T04:18:13.126Z", "context": { "client_id": "client_123456789" } }
Triggered when an authentication succeeds but is flagged by Radar. For example, the authentication may have succeeded at passing a Radar challenge.
Events emitted when Single Sign-On connections are activated, deactivated, or deleted. Also emitted when a SAML certificate is renewed for the connection.
{ "event": "connection.activated", "id": "event_10FKJ843CVE8F7BXQSPFH0M53V", "data": { "object": "connection", "id": "conn_01EHWNC0FCBHZ3BJ7EGKYXK0E6", "organization_id": "org_01EHWNCE74X7JSDV0X3SZ3KJNY", "state": "active", "connection_type": "OktaSAML", "name": "Foo Corp's Connection", "created_at": "2021-06-25T19:07:33.155Z", "updated_at": "2021-06-25T19:07:33.155Z", "domains": [ { "id": "org_domain_01EHWNFTAFCF3CQAE5A9Q0P1YB", "object": "connection_domain", "domain": "foo-corp.com" } ] }, "created_at": "2021-06-25T19:07:33.155Z", "context": {} }
Payload data corresponds to the Connection
object.
Triggered when a connection is activated.
{ "event": "connection.deactivated", "id": "event_11FKJ843CVE8F7BXQSPFH0M53V", "data": { "object": "connection", "id": "conn_01EHWNC0FCBHZ3BJ7EGKYXK0E6", "organization_id": "org_01EHWNCE74X7JSDV0X3SZ3KJNY", "state": "inactive", "connection_type": "OktaSAML", "name": "Foo Corp's Connection", "created_at": "2021-06-25T19:07:33.155Z", "updated_at": "2021-06-25T19:07:33.155Z", "domains": [ { "id": "org_domain_01EHWNFTAFCF3CQAE5A9Q0P1YB", "object": "connection_domain", "domain": "foo-corp.com" } ] }, "created_at": "2021-06-25T19:07:33.155Z", "context": {} }
Payload data corresponds to the Connection
object.
Triggered when a connection is deactivated.
{ "event": "connection.deleted", "id": "event_12FKJ843CVE8F7BXQSPFH0M53V", "data": { "object": "connection", "id": "conn_01EHWNC0FCBHZ3BJ7EGKYXK0E6", "organization_id": "org_01EHWNCE74X7JSDV0X3SZ3KJNY", "state": "inactive", "connection_type": "OktaSAML", "name": "Foo Corp's Connection", "created_at": "2021-06-25T19:07:33.155Z", "updated_at": "2021-06-25T19:07:33.155Z", "domains": [ { "id": "org_domain_01EHWNFTAFCF3CQAE5A9Q0P1YB", "object": "connection_domain", "domain": "foo-corp.com" } ] }, "created_at": "2021-06-25T19:07:33.155Z", "context": {} }
Payload data corresponds to the Connection
object.
Triggered when a connection is deleted. The state attribute indicates
connection state before deletion.
{ "event": "connection.saml_certificate_renewed", "id": "event_12FKJ843CVE8F7BXQSPFH0M53V", "data": { "connection": { "id": "conn_12FKJ843CVE8F7BXQSPFH0M53V", "organization_id": "org_12FKJ843CVE8F7BXQSPFH0M53V" }, "certificate": { "certificate_type": "ResponseSigning", "expiry_date": "2025-06-28T19:07:33.155Z" }, "renewed_at": "2021-06-25T19:07:33.155Z" }, "created_at": "2021-06-25T19:07:33.155Z", "context": {} }
The certificate_type can be one of ResponseSigning, RequestSigning,
or ResponseEncryption.
Triggered when a SAML certificate is renewed either in the Dashboard or Admin Portal.
{ "event": "connection.saml_certificate_renewal_required", "id": "event_12FKJ843CVE8F7BXQSPFH0M53V", "data": { "connection": { "id": "conn_12FKJ843CVE8F7BXQSPFH0M53V", "organization_id": "org_12FKJ843CVE8F7BXQSPFH0M53V" }, "certificate": { "certificate_type": "ResponseSigning", "expiry_date": "2021-06-28T19:07:33.155Z", "is_expired": false }, "days_until_expiry": 3 }, "created_at": "2021-06-25T19:07:33.155Z", "context": {} }
The certificate_type can be one of ResponseSigning, RequestSigning,
or ResponseEncryption.
Triggered when a SAML certificate is expiring (multiple events are sent out as it approaches expiry), or expired (once every 7 days after expiry).
Events emitted when directory-related resources are changed. To learn what exactly each of these events represents, see the in-depth Directory Sync events guide.
{ "event": "dsync.activated", "id": "event_01FKJ843CVE8F7BXQSPFH0M53V", "data": { "object": "directory", "external_key": "UWuccu6o1E0GqkYs", "name": "Foo Corp's Directory", "organization_id": "org_01EZTR6WYX1A0DSE2CYMGXQ24Y", "id": "directory_01EHWNC0FCBHZ3BJ7EGKYXK0E6", "state": "active", "type": "generic scim v2.0", "created_at": "2021-06-25T19:07:33.155Z", "updated_at": "2021-06-25T19:07:33.155Z", "domains": [ { "object": "organization_domain", "id": "org_domain_01EZTR5N6Y9RQKHK2E9F31KZX6", "domain": "foo-corp.com" } ] }, "created_at": "2021-06-25T19:07:33.155Z", "context": {} }
Payload data is based on the
Directory object, but the domain
property is replaced with a domains array of Organization
Domain.
Triggered when a directory is activated.
{ "event": "dsync.deleted", "id": "event_03FKJ843CVE8F7BXQSPFH0M53V", "data": { "object": "directory", "id": "directory_01EHWNC0FCBHZ3BJ7EGKYXK0E6", "organization_id": "org_01EZTR6WYX1A0DSE2CYMGXQ24Y", "type": "generic scim v2.0", "state": "deleting", "name": "Foo Corp's Directory", "created_at": "2021-06-25T19:07:33.155Z", "updated_at": "2021-06-25T19:07:33.155Z" }, "created_at": "2021-06-25T19:07:33.155Z", "context": {} }
Payload data is based on the
Directory object, except the
domain property is omitted.
Triggered when a directory is
deleted.
The state attribute indicates directory state before deletion.
{ "event": "dsync.group.created", "id": "event_44FKJ843CVE8F7BXQSPFH0M53V", "data": { "id": "directory_group_01E1X5GPMMXF4T1DCERMVEEPVW", "idp_id": "02grqrue4294w24", "directory_id": "directory_01ECAZ4NV9QMV47GW873HDCX74", "organization_id": "org_01EZTR6WYX1A0DSE2CYMGXQ24Y", "name": "Developers", "created_at": "2021-06-25T19:07:33.155Z", "updated_at": "2021-06-25T19:07:33.155Z", "raw_attributes": {} }, "created_at": "2021-06-25T19:07:33.155Z", "context": {} }
Payload data corresponds to the Directory
Group object.
Triggered when a directory group is created.
{ "event": "dsync.group.deleted", "id": "event_06FKJ843CVE8F7BXQSPFH0M53V", "data": { "id": "directory_group_01E1X5GPMMXF4T1DCERMVEEPVW", "idp_id": "02grqrue4294w24", "directory_id": "directory_01ECAZ4NV9QMV47GW873HDCX74", "organization_id": "org_01EZTR6WYX1A0DSE2CYMGXQ24Y", "name": "Developers", "created_at": "2021-06-25T19:07:33.155Z", "updated_at": "2021-06-25T19:07:33.155Z", "raw_attributes": {} }, "created_at": "2021-06-25T19:07:33.155Z", "context": {} }
Payload data corresponds to the Directory
Group object.
Triggered when a directory group is deleted.
{ "event": "dsync.group.updated", "id": "event_54FKJ843CVE8F7BXQSPFH0M53V", "data": { "id": "directory_group_01E1X5GPMMXF4T1DCERMVEEPVW", "idp_id": "02grqrue4294w24", "directory_id": "directory_01ECAZ4NV9QMV47GW873HDCX74", "organization_id": "org_01EZTR6WYX1A0DSE2CYMGXQ24Y", "name": "Developers", "created_at": "2021-06-25T19:07:33.155Z", "updated_at": "2021-06-25T19:07:33.155Z", "raw_attributes": {}, "previous_attributes": {} }, "created_at": "2021-06-25T19:07:33.155Z", "context": {} }
Payload data corresponds to the Directory
Group object.
Triggered when a directory group is updated.
{ "event": "dsync.group.user_added", "id": "event_04FKJ843CVE8F7BXQSPFH0M53V", "data": { "directory_id": "directory_01ECAZ4NV9QMV47GW873HDCX74", "user": { "id": "directory_user_01E1X56GH84T3FB41SD6PZGDBX", "directory_id": "directory_01ECAZ4NV9QMV47GW873HDCX74", "organization_id": "org_01EZTR6WYX1A0DSE2CYMGXQ24Y", "idp_id": "2936", "emails": [ { "primary": true, "type": "work", "value": "eric@example.com" } ], "first_name": "Eric", "last_name": "Schneider", "username": "eric@example.com", "state": "active", "created_at": "2021-06-25T19:07:33.155Z", "updated_at": "2021-06-25T19:07:33.155Z", "custom_attributes": { "department": "Engineering", "job_title": "Software Engineer" }, "role": { "slug": "member" }, "roles": [{ "slug": "member" }], "raw_attributes": {} }, "group": { "id": "directory_group_01E1X5GPMMXF4T1DCERMVEEPVW", "idp_id": "02grqrue4294w24", "directory_id": "directory_01ECAZ4NV9QMV47GW873HDCX74", "organization_id": "org_01EZTR6WYX1A0DSE2CYMGXQ24Y", "name": "Developers", "created_at": "2021-06-25T19:07:33.155Z", "updated_at": "2021-06-25T19:07:33.155Z", "raw_attributes": {} } }, "created_at": "2021-06-25T19:07:33.155Z", "context": {} }
Payload data contains a user which corresponds to the Directory
User object and a group which
corresponds to the Directory
Group object. The groups
field is omitted from the user object to avoid performance issues in
large directories.
Triggered when a directory group user is added.
{ "event": "dsync.group.user_removed", "id": "event_05FKJ843CVE8F7BXQSPFH0M53V", "data": { "directory_id": "directory_01ECAZ4NV9QMV47GW873HDCX74", "user": { "id": "directory_user_01E1X56GH84T3FB41SD6PZGDBX", "directory_id": "directory_01ECAZ4NV9QMV47GW873HDCX74", "organization_id": "org_01EZTR6WYX1A0DSE2CYMGXQ24Y", "idp_id": "2936", "emails": [ { "primary": true, "type": "work", "value": "eric@example.com" } ], "first_name": "Eric", "last_name": "Schneider", "username": "eric@example.com", "state": "active", "created_at": "2021-06-25T19:07:33.155Z", "updated_at": "2021-06-25T19:07:33.155Z", "custom_attributes": { "department": "Engineering", "job_title": "Software Engineer" }, "role": { "slug": "member" }, "roles": [{ "slug": "member" }], "raw_attributes": {} }, "group": { "id": "directory_group_01E1X5GPMMXF4T1DCERMVEEPVW", "idp_id": "02grqrue4294w24", "directory_id": "directory_01ECAZ4NV9QMV47GW873HDCX74", "organization_id": "org_01EZTR6WYX1A0DSE2CYMGXQ24Y", "name": "Developers", "created_at": "2021-06-25T19:07:33.155Z", "updated_at": "2021-06-25T19:07:33.155Z", "raw_attributes": {} } }, "created_at": "2021-06-25T19:07:33.155Z", "context": {} }
Payload data contains a user which corresponds to the Directory
User object and a group which
corresponds to the Directory
Group object. The groups
field is omitted from the user object to avoid performance issues in
large directories.
Triggered when a directory group user is removed.
{ "event": "dsync.user.created", "id": "event_07FKJ843CVE8F7BXQSPFH0M53V", "data": { "id": "directory_user_01E1X1B89NH8Z3SDFJR4H7RGX7", "directory_id": "directory_01ECAZ4NV9QMV47GW873HDCX74", "organization_id": "org_01EZTR6WYX1A0DSE2CYMGXQ24Y", "idp_id": "8931", "emails": [ { "primary": true, "type": "work", "value": "lela.block@example.com" } ], "first_name": "Lela", "last_name": "Block", "username": "lela.block@example.com", "state": "active", "created_at": "2021-06-25T19:07:33.155Z", "updated_at": "2021-06-25T19:07:33.155Z", "custom_attributes": { "department": "Engineering", "job_title": "Software Engineer" }, "role": { "slug": "member" }, "roles": [{ "slug": "member" }], "raw_attributes": {} }, "created_at": "2021-06-25T19:07:33.155Z", "context": {} }
Payload data corresponds to the Directory
User object. The groups field
is omitted to avoid performance issues in large directories.
Triggered when a directory user is created.
{ "event": "dsync.user.deleted", "id": "event_09FKJ843CVE8F7BXQSPFH0M53V", "data": { "id": "directory_user_01E1X1B89NH8Z3SDFJR4H7RGX7", "directory_id": "directory_01ECAZ4NV9QMV47GW873HDCX74", "organization_id": "org_01EZTR6WYX1A0DSE2CYMGXQ24Y", "idp_id": "8931", "emails": [ { "primary": true, "type": "work", "value": "lela.block@example.com" } ], "first_name": "Lela", "last_name": "Block", "job_title": "Software Engineer", "username": "lela.block@example.com", "state": "inactive", "created_at": "2021-06-25T19:07:33.155Z", "updated_at": "2021-06-25T19:07:33.155Z", "custom_attributes": { "department": "Engineering" }, "role": { "slug": "member" }, "roles": [{ "slug": "member" }], "raw_attributes": {} }, "created_at": "2021-06-25T19:07:33.155Z", "context": {} }
Payload data corresponds to the Directory
User object. The groups field
is omitted to avoid performance issues in large directories.
Triggered when a directory user is
deleted.
The state attribute indicates directory user state at time of deletion.
{ "event": "dsync.user.updated", "id": "event_08FKJ843CVE8F7BXQSPFH0M53V", "data": { "id": "directory_user_01E1X1B89NH8Z3SDFJR4H7RGX7", "directory_id": "directory_01ECAZ4NV9QMV47GW873HDCX74", "organization_id": "org_01EZTR6WYX1A0DSE2CYMGXQ24Y", "idp_id": "8931", "emails": [ { "primary": true, "type": "work", "value": "lela.block@example.com" } ], "first_name": "Lela", "last_name": "Block", "username": "lela.block@example.com", "state": "active", "created_at": "2021-06-25T19:07:33.155Z", "updated_at": "2021-06-25T19:07:33.155Z", "custom_attributes": { "department": "Engineering", "job_title": "Software Engineer" }, "role": { "slug": "member" }, "roles": [{ "slug": "member" }], "raw_attributes": {}, "previous_attributes": {} }, "created_at": "2021-06-25T19:07:33.155Z", "context": {} }
Payload data corresponds to the Directory
User object. The groups field
is omitted to avoid performance issues in large directories.
Triggered when a directory user is updated.
Events emitted when a user is required to verify their email.
{ "event": "email_verification.created", "id": "event_01HYGAQ6DVKP4TKDF8P8AHFP47", "data": { "object": "email_verification", "id": "email_verification_01HYGAQN7DTHPWDDMMTW6GRN4Z", "user_id": "user_01E4ZCR3C5A4QZ2Z2JQXGKZJ9E", "email": "todd@example.com", "expires_at": "2023-11-16T21:32:25.235Z", "created_at": "2023-11-16T21:32:25.235Z", "updated_at": "2023-11-16T21:32:25.235Z" }, "created_at": "2023-11-16T16:32:25.239Z", "context": { "client_id": "client_123456789" } }
Payload data corresponds to the Email
verification object with the code omitted.
Triggered when a user is required to verify their email and a code is created.
Events emitted when WorkOS feature flags are created, updated, deleted, or their rules are updated.
{ "event": "flag.created", "id": "event_01K43DMGDK941Z4YPH6XGHTY3S", "data": { "id": "flag_01K43DMGCCK0STXE0EJT2AHQN0", "name": "Advanced Audit Logging", "slug": "advanced-audit-logging", "object": "flag", "created_at": "2025-08-28T17:56:30.985Z", "updated_at": "2025-08-28T17:56:30.985Z", "description": "" }, "context": { "client_id": "client_07FA3DZGSL941Z4YPH6XGHTY3S", "actor": { "id": "user_01K9ZXY7Q2W8V5LJ3T4B8N6M5", "name": "Colin Morikawa", "source": "dashboard" } }, "created_at": "2025-08-28T17:56:31.027Z" }
Payload data corresponds to the Feature Flag
object.
Triggered when a feature flag is created.
{ "event": "flag.updated", "id": "event_01K43DS82YTHC4BN2J0F6QNVW1", "data": { "id": "flag_01K43DMGCCK0STXE0EJT2AHQN0", "name": "Advanced Audit Logging", "slug": "advanced-audit-logging", "object": "flag", "created_at": "2025-08-28T17:56:30.985Z", "updated_at": "2025-09-01T15:49:06.300Z", "description": "Enable advanced audit logging for users", "tags": ["audit", "logging", "beta"] }, "context": { "client_id": "client_07FA3DZGSL941Z4YPH6XGHTY3S", "actor": { "id": "user_01K9ZXY7Q2W8V5LJ3T4B8N6M5", "name": "Colin Morikawa", "source": "dashboard" }, "previous_attributes": { "description": "", "tags": ["audit", "logging"] } }, "created_at": "2025-09-01T15:49:06.334Z" }
Payload data corresponds to the Feature Flag
object.
Triggered when a feature flag is updated.
{ "event": "flag.deleted", "id": "event_01K43DMGDK941Z4YPH6XGHTY3S", "data": { "id": "flag_01K43DMGCCK0STXE0EJT2AHQN0", "name": "Advanced Audit Logging", "slug": "advanced-audit-logging", "object": "flag", "created_at": "2025-08-28T17:56:30.985Z", "updated_at": "2025-08-28T17:56:30.985Z", "description": "Improved logging for audit trail" }, "context": { "client_id": "client_07FA3DZGSL941Z4YPH6XGHTY3S", "actor": { "id": "user_01K9ZXY7Q2W8V5LJ3T4B8N6M5", "name": "Colin Morikawa", "source": "dashboard" } }, "created_at": "2025-08-28T17:56:31.027Z" }
Payload data corresponds to the Feature Flag
object.
Triggered when a feature flag is deleted.
{ "event": "flag.rule_updated", "id": "event_01K43DV45EXDX2M6M903MHYHP3", "data": { "id": "flag_01K43DMGCCK0STXE0EJT2AHQN0", "name": "Advanced Audit Logging", "slug": "advanced-audit-logging", "object": "feature_flag", "created_at": "2025-08-28T17:56:30.985Z", "updated_at": "2025-08-28T17:56:30.985Z", "description": "" }, "context": { "client_id": "client_07FA3DZGSL941Z4YPH6XGHTY3S", "actor": { "id": "user_01K1C557F5P0P36MJ1HE3GRXBN", "name": "Tom Kim", "source": "dashboard" }, "access_type": "some", "configured_targets": { "organizations": [ { "id": "org_01K1C52WNZ2CR3A9QYHHVWXYZ1", "name": "Acme Corp" }, { "id": "org_01K1C52WNZ2CR3A9QYHHVWXYZ2", "name": "Globex Inc" } ], "users": [] }, "previous_attributes": { "context": { "access_type": "none", "configured_targets": { "organizations": [], "users": [] } } } }, "created_at": "2025-09-01T20:00:07.854Z" }
Payload data corresponds to the Feature Flag
object.
Triggered when a feature flag’s rules are modified.
Events emitted when an AuthKit user is invited to join an organization.
{ "event": "invitation.accepted", "id": "event_01HWWSM92W0M1GE0DV8BZS00E5", "data": { "object": "invitation", "id": "invitation_01HWWSMMQSP0FAN9PF071E77W9", "email": "todd@example.com", "state": "accepted", "accepted_at": "2023-11-16T21:32:25.235Z", "revoked_at": null, "expires_at": "2023-11-23T21:32:25.235Z", "organization_id": "org_01HWWSSTF0QKDCXMZC911T8BTG", "inviter_user_id": "user_01HYGAVW79Z32XVDXZJV0WM6Y9", "accepted_user_id": "user_01HYGAVW79Z32XVDXZJV0WM6Y9", "created_at": "2023-11-16T21:32:25.235Z", "updated_at": "2023-11-16T21:32:25.235Z" }, "created_at": "2023-11-16T22:32:25.239Z", "context": { "client_id": "client_123456789" } }
Payload data corresponds to the
Invitation object with the token and
accept_invitation_url omitted.
Triggered when a user accepts an invitation.
{ "event": "invitation.created", "id": "event_01HWWSM92W0M1GE0DV8BZS00E5", "data": { "object": "invitation", "id": "invitation_01HWWSMMQSP0FAN9PF071E77W9", "email": "todd@example.com", "state": "pending", "accepted_at": null, "revoked_at": null, "expires_at": "2023-11-23T21:32:25.235Z", "organization_id": "org_01HWWSSTF0QKDCXMZC911T8BTG", "inviter_user_id": "user_01HYGAVW79Z32XVDXZJV0WM6Y9", "accepted_user_id": null, "created_at": "2023-11-16T21:32:25.235Z", "updated_at": "2023-11-16T21:32:25.235Z" }, "created_at": "2023-11-16T21:32:25.239Z", "context": { "client_id": "client_123456789" } }
Payload data corresponds to the
Invitation object with the token and
accept_invitation_url omitted.
Triggered when a user is invited to sign up or to join an organization.
{ "event": "invitation.resent", "id": "event_01HWWSM92W0M1GE0DV8BZS00E5", "data": { "object": "invitation", "id": "invitation_01HWWSMMQSP0FAN9PF071E77W9", "email": "todd@example.com", "state": "pending", "accepted_at": null, "revoked_at": null, "expires_at": "2023-11-23T21:32:25.235Z", "organization_id": "org_01HWWSSTF0QKDCXMZC911T8BTG", "inviter_user_id": "user_01HYGAVW79Z32XVDXZJV0WM6Y9", "accepted_user_id": null, "created_at": "2023-11-16T21:32:25.235Z", "updated_at": "2023-11-16T21:32:25.235Z" }, "created_at": "2023-11-16T22:32:25.239Z", "context": { "client_id": "client_123456789" } }
Payload data corresponds to the
Invitation object with the token and
accept_invitation_url omitted.
Triggered when an invitation is resent.
{ "event": "invitation.revoked", "id": "event_01HWWSM92W0M1GE0DV8BZS00E5", "data": { "object": "invitation", "id": "invitation_01HWWSMMQSP0FAN9PF071E77W9", "email": "todd@example.com", "state": "revoked", "accepted_at": null, "revoked_at": "2023-11-16T21:32:25.235Z", "expires_at": "2023-11-23T21:32:25.235Z", "organization_id": "org_01HWWSSTF0QKDCXMZC911T8BTG", "inviter_user_id": "user_01HYGAVW79Z32XVDXZJV0WM6Y9", "accepted_user_id": null, "created_at": "2023-11-16T21:32:25.235Z", "updated_at": "2023-11-16T21:32:25.235Z" }, "created_at": "2023-11-16T22:32:25.239Z", "context": { "client_id": "client_123456789" } }
Payload data corresponds to the
Invitation object with the token and
accept_invitation_url omitted.
Triggered when an invitation is revoked.
Events emitted when a user requests a Magic Auth code.
{ "event": "magic_auth.created", "id": "event_01HWWSTZVFADJG9M9EJMKXB043", "data": { "object": "magic_auth", "id": "magic_auth_01HWWSVXCRMA5481VK9601SKQX", "user_id": "user_01E4ZCR3C5A4QZ2Z2JQXGKZJ9E", "email": "todd@example.com", "expires_at": "2023-11-16T21:32:25.235Z", "created_at": "2023-11-16T21:32:25.235Z", "updated_at": "2023-11-16T21:32:25.235Z" }, "created_at": "2023-11-16T16:32:25.239Z", "context": { "client_id": "client_123456789" } }
Payload data corresponds to the Magic
Auth object with the code omitted.
Triggered when a user initiates Magic Auth and an authentication code is created.
Events emitted when WorkOS organizations are created, updated, or deleted.
{ "event": "organization.created", "id": "event_04FKJ843CVE8F7BXQSPFH0M30K", "data": { "id": "org_01HV1VNQBQ24JVREYB94RFCNDC", "name": "Foo Corp", "object": "organization", "external_id": null, "domains": [ { "id": "org_domain_01HV1VX5N18E48ETTHNNK54R6S", "state": "verified", "domain": "foo-corp.com", "object": "organization_domain", "organization_id": "org_01HV1VNQBQ24JVREYB94RFCNDC", "verification_strategy": "manual", "verification_prefix": "superapp-domain-verification-z3kjny", "verification_token": "gBIJgYXZLjW8uHHpz614dkgqm", "created_at": "2023-11-27T19:07:33.155Z", "updated_at": "2023-11-27T19:07:33.155Z" } ], "created_at": "2023-11-16T16:32:25.239Z", "updated_at": "2023-11-16T16:32:25.239Z" }, "created_at": "2023-11-16T16:32:25.239Z", "context": {} }
Payload data corresponds to the Organization
object.
Triggered when an organization is created.
{ "event": "organization.updated", "id": "event_04FKJ843CVE8F7BXQSPFH0M30K", "data": { "id": "org_01HV1VNQBQ24JVREYB94RFCNDC", "name": "Foo Corp", "object": "organization", "external_id": null, "domains": [ { "id": "org_domain_01HV1VX5N18E48ETTHNNK54R6S", "state": "verified", "domain": "foo-corp.com", "object": "organization_domain", "organization_id": "org_01HV1VNQBQ24JVREYB94RFCNDC", "verification_strategy": "manual", "verification_prefix": null, "verification_token": null, "created_at": "2023-11-27T19:07:33.155Z", "updated_at": "2023-11-27T19:07:33.155Z" } ], "created_at": "2023-11-16T16:32:25.239Z", "updated_at": "2023-11-16T17:32:25.239Z" }, "created_at": "2023-11-16T17:32:25.239Z", "context": {} }
Payload data corresponds to the Organization
object.
Triggered when an organization is updated.
{ "event": "organization.deleted", "id": "event_04FKJ843CVE8F7BXQSPFH0M30K", "data": { "id": "org_01HV1VNQBQ24JVREYB94RFCNDC", "name": "Foo Corp", "object": "organization", "external_id": null, "domains": [ { "id": "org_domain_01HV1VX5N18E48ETTHNNK54R6S", "state": "verified", "domain": "foo-corp.com", "object": "organization_domain", "organization_id": "org_01HV1VNQBQ24JVREYB94RFCNDC", "verification_strategy": "manual" } ], "created_at": "2023-11-16T16:32:25.239Z", "updated_at": "2023-11-16T17:32:25.239Z" }, "created_at": "2023-11-16T17:32:25.239Z", "context": {} }
Payload data corresponds to the Organization
object.
Triggered when an organization is deleted
Events emitted when organization domains are created, updated, deleted, or their verification status changes.
{ "event": "organization_domain.created", "id": "event_01G69A9MDSW8MM1XW5S0EHA0NA", "data": { "object": "organization_domain", "id": "org_domain_01EZTR5N6Y9RQKHK2E9F31KZX6", "organization_id": "org_01EHWNCE74X7JSDV0X3SZ3KJNY", "domain": "foo-corp.com", "state": "pending", "verification_token": "gBIJgYXZLjW8uHHpz614dkgqm", "verification_strategy": "dns", "verification_prefix": "superapp-domain-verification-z3kjny", "created_at": "2023-11-27T19:07:33.155Z", "updated_at": "2023-11-27T19:07:33.155Z" }, "created_at": "2023-11-27T19:07:33.155Z", "context": {} }
Payload data corresponds to the Organization
Domain object.
Triggered when an organization domain is created.
{ "event": "organization_domain.updated", "id": "event_01G69A9MDSW8MM1XW5S0EHA0NA", "data": { "object": "organization_domain", "id": "org_domain_01EZTR5N6Y9RQKHK2E9F31KZX6", "organization_id": "org_01EHWNCE74X7JSDV0X3SZ3KJNY", "domain": "foo-corp.com", "state": "verified", "verification_prefix": "superapp-domain-verification-z3kjny", "verification_token": "gBIJgYXZLjW8uHHpz614dkgqm", "verification_strategy": "dns", "created_at": "2022-11-27T19:07:33.155Z", "updated_at": "2023-11-27T19:07:33.155Z" }, "created_at": "2023-11-27T19:07:33.155Z", "context": {} }
Payload data corresponds to the Organization
Domain object.
Triggered when an organization domain is updated.
{ "event": "organization_domain.deleted", "id": "event_01G69A9MDSW8MM1XW5S0EHA0NA", "data": { "object": "organization_domain", "id": "org_domain_01EZTR5N6Y9RQKHK2E9F31KZX6", "organization_id": "org_01EHWNCE74X7JSDV0X3SZ3KJNY", "domain": "foo-corp.com", "state": "verified", "verification_prefix": "superapp-domain-verification-z3kjny", "verification_token": "gBIJgYXZLjW8uHHpz614dkgqm", "verification_strategy": "dns", "created_at": "2022-11-27T19:07:33.155Z", "updated_at": "2023-11-27T19:07:33.155Z" }, "created_at": "2023-11-27T19:07:33.155Z", "context": {} }
Payload data corresponds to the Organization
Domain object.
Triggered when an organization domain is deleted.
{ "event": "organization_domain.verified", "id": "event_07FKJ843CVE8F7BXQSPFH0M53A", "data": { "object": "organization_domain", "id": "org_domain_01HACSKJ57W8M2Q0N2X759C5HS", "organization_id": "org_01EHT88Z8J8795GZNQ4ZP1J81T", "domain": "foo-corp.com", "state": "verified", "verification_prefix": "superapp-domain-verification-z3kjny", "verification_token": "gBIJgYXZLjW8uHHpz614dkgqm", "verification_strategy": "dns", "created_at": "2022-11-27T19:07:33.155Z", "updated_at": "2023-11-27T19:07:33.155Z" }, "created_at": "2021-06-25T19:07:33.155Z", "context": {} }
Payload data corresponds to the Organization
Domain object.
Triggered when an organization domain is verified.
{ "event": "organization_domain.verification_failed", "id": "event_07FKJ843CVE8F7BXQSPFH0M53A", "data": { "reason": "domain_verification_period_expired", "organization_domain": { "object": "organization_domain", "id": "org_domain_01HACSKJ57W8M2Q0N2X759C5HS", "organization_id": "org_01EHT88Z8J8795GZNQ4ZP1J81T", "domain": "foo-corp.com", "state": "failed", "verification_token": "gBIJgYXZLjW8uHHpz614dkgqm", "verification_strategy": "dns" } }, "created_at": "2021-06-25T19:07:33.155Z", "context": {} }
Payload data contains a reason and an organization_domain which
corresponds to the Organization Domain
object.
Triggered when an organization domain verification fails.
Events emitted when an AuthKit user joins or leaves an organization.
{ "event": "organization_membership.created", "id": "event_04FKJ843CVE8F7BXQSPFH0M53V", "data": { "id": "om_01E4ZCR3C56J083X43JQXF3JK5", "object": "organization_membership", "user_id": "user_01E4ZCR3C5A4QZ2Z2JQXGKZJ9E", "organization_id": "org_01E4ZCR3C56J083X43JQXF3JK5", "status": "pending", "role": { "slug": "member" }, "roles": [ { "slug": "member" } ], "created_at": "2023-11-16T21:32:25.235Z", "updated_at": "2023-11-16T21:32:25.235Z" }, "created_at": "2023-11-16T16:32:25.239Z", "context": {} }
Payload data corresponds to the Organization
Membership object.
Triggered when an organization membership is created.
{ "event": "organization_membership.deleted", "id": "event_04FKJ843CVE8F7BXQSPFH0M97T", "data": { "id": "om_01E4ZCR3C56J083X43JQXF3JK5", "object": "organization_membership", "user_id": "user_01E4ZCR3C5A4QZ2Z2JQXGKZJ9E", "organization_id": "org_01E4ZCR3C56J083X43JQXF3JK5", "status": "active", "role": { "slug": "member" }, "roles": [ { "slug": "member" } ], "created_at": "2023-11-16T21:32:25.235Z", "updated_at": "2023-11-27T03:14:45.864Z" }, "created_at": "2023-11-16T16:32:25.239Z", "context": {} }
Payload data corresponds to the Organization
Membership object.
Triggered when an organization membership is deleted.
{ "event": "organization_membership.updated", "id": "event_04FKJ843CVE8F7BXQSPFH0M30K", "data": { "id": "om_01E4ZCR3C56J083X43JQXF3JK5", "object": "organization_membership", "user_id": "user_01E4ZCR3C5A4QZ2Z2JQXGKZJ9E", "organization_id": "org_01E4ZCR3C56J083X43JQXF3JK5", "status": "active", "role": { "slug": "member" }, "roles": [ { "slug": "member" } ], "created_at": "2023-11-16T21:32:25.235Z", "updated_at": "2023-11-18T17:10:15.121Z" }, "created_at": "2023-11-16T16:32:25.239Z", "context": {} }
Payload data corresponds to the Organization
Membership object.
Triggered when an organization membership is updated.
Events emitted when a user requests to reset their password.
{ "event": "password_reset.created", "id": "event_01HYGAT2P3A8XJ4E5AR88J02ZV", "data": { "object": "password_reset", "id": "password_reset_01HYGATMCSBX77HQHP29XT5WV6", "user_id": "user_01E4ZCR3C5A4QZ2Z2JQXGKZJ9E", "email": "todd@example.com", "expires_at": "2023-11-16T21:32:25.235Z", "created_at": "2023-11-16T21:32:25.235Z" }, "created_at": "2023-11-16T16:32:25.239Z", "context": { "client_id": "client_123456789" } }
Payload data corresponds to the Organization
Membership object with the token
omitted.
Triggered when a user requests to reset their password.
{ "event": "password_reset.succeeded", "id": "event_01HYGAT2P3A8XJ4E5AR88J02ZV", "data": { "object": "password_reset", "id": "password_reset_01HYGATMCSBX77HQHP29XT5WV6", "user_id": "user_01E4ZCR3C5A4QZ2Z2JQXGKZJ9E", "email": "todd@example.com", "expires_at": "2023-11-16T21:32:25.235Z", "created_at": "2023-11-16T21:32:25.235Z" }, "created_at": "2023-11-16T16:32:25.239Z", "context": { "client_id": "client_123456789" } }
Payload data corresponds to the Password
Reset object with the token omitted.
Triggered when a user successfully resets their password.
Events emitted when roles are created or deleted in the WorkOS dashboard.
{ "event": "role.created", "id": "event_02F4KLW3C56P083X43JQXF4FO9", "data": { "object": "role", "slug": "admin", "permissions": ["posts:view"], "created_at": "2023-11-16T21:32:25.235Z", "updated_at": "2023-11-16T21:32:25.235Z" }, "created_at": "2023-11-16T21:32:25.245Z", "context": {} }
Triggered when a role is created.
{ "event": "role.deleted", "id": "event_01E4YCD3C56P083X43JQXF4JK5", "data": { "object": "role", "slug": "developer", "created_at": "2023-11-16T21:32:25.235Z", "updated_at": "2023-11-18T10:12:18.121Z" }, "created_at": "2023-11-21T18:14:01.399Z", "context": {} }
Triggered when a role is deleted.
{ "event": "role.updated", "id": "event_01J21G0ED0N5Q5KZT9Z127Q2MZ", "data": { "object": "role", "slug": "admin", "permissions": ["posts:create", "posts:delete"], "created_at": "2023-11-16T21:32:25.235Z", "updated_at": "2023-11-16T21:32:25.235Z" }, "created_at": "2023-11-16T21:32:25.245Z", "context": {} }
Triggered when a role’s permissions are updated.
Events emitted when AuthKit sessions are created.
{ "event": "session.created", "id": "event_04FKJ843CVE8F7BXQSPFH0M53V", "data": { "object": "session", "id": "session_01HSCBECW0D7AY8CA45AYKA64G", "user_id": "user_01HQGXWZW8BSHRG3HVK2QF7XBX", "organization_id": "org_01HQHCBRRAVQ7N3PX81VKAYXSX", "impersonator": { "email": "admin@example.com", "reason": "Helping a customer fix an issue with their account." }, "ip_address": "192.0.2.1", "user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36", "created_at": "2024-03-19T21:56:25.080Z", "updated_at": "2024-03-19T21:56:25.080Z" }, "created_at": "2024-03-19T21:56:25.080Z", "context": { "client_id": "client_123456789" } }
Triggered when a session is created. Sessions started using
impersonation will include an additional
impersonator field with data about the impersonator.
{ "event": "session.revoked", "id": "event_04FKJ843CVE8F7BXQSPFH0M53B", "data": { "object": "session", "id": "session_01HSCBECW0D7AY8CA45AYKA64G", "user_id": "user_01HQGXWZW8BSHRG3HVK2QF7XBX", "organization_id": "org_01HQHCBRRAVQ7N3PX81VKAYXSX", "impersonator": { "email": "admin@example.com", "reason": "Helping a customer fix an issue with their account." }, "ip_address": "192.0.2.1", "user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko) Chrome/94.0.4606.81 Safari/537.36", "created_at": "2024-03-19T21:56:25.080Z", "updated_at": "2024-03-19T21:56:25.080Z" }, "created_at": "2024-03-19T21:56:25.080Z", "context": { "client_id": "client_123456789" } }
Triggered when an issued session is revoked for a user.
Events emitted when AuthKit users are created, updated, or deleted.
{ "event": "user.created", "id": "event_02F4KLW3C56P083X43JQXF4FO9", "data": { "object": "user", "id": "user_01E4ZCR3C5A4QZ2Z2JQXGKZJ9E", "email": "todd@example.com", "first_name": "Todd", "last_name": "Rundgren", "email_verified": false, "profile_picture_url": "https://workoscdn.com/images/v1/123abc", "created_at": "2023-11-18T09:18:13.120Z", "updated_at": "2023-11-18T09:18:13.120Z" }, "created_at": "2023-11-18T04:18:13.126Z", "context": { "client_id": "client_123456789" } }
Payload data corresponds to the User object.
Triggered when a user is created.
{ "event": "user.deleted", "id": "event_123456abcd", "data": { "object": "user", "id": "user_01E4ZCR3C5A4QZ2Z2JQXGKZJ9E", "email": "todd@example.com", "first_name": "Todd", "last_name": "Rundgren", "email_verified": true, "profile_picture_url": "https://workoscdn.com/images/v1/123abc", "created_at": "2023-11-16T21:26:25.427Z", "updated_at": "2023-11-17T04:00:03.937Z" }, "created_at": "2023-11-18T04:18:13.126Z", "context": {} }
Payload data corresponds to the User object.
Triggered when a user is deleted.
{ "event": "user.updated", "id": "event_02F4KLW3C56P083X43JQXF4FO9", "data": { "object": "user", "id": "user_01E4ZCR3C5A4QZ2Z2JQXGKZJ9E", "email": "todd@example.com", "first_name": "Todd", "last_name": "Rundgren", "email_verified": true, "profile_picture_url": "https://workoscdn.com/images/v1/123abc", "created_at": "2023-11-18T09:18:13.120Z", "updated_at": "2023-11-19T11:05:10.539Z" }, "created_at": "2023-11-19T11:05:10.550Z", "context": {} }
Payload data corresponds to the User object.
Triggered when a user is updated.