Set up webhooks to receive real-time notifications for authentication events.

Available Events

• user.created
• user.login
• user.logout
• user.password_reset
• security.alert

Webhook Configuration

{
  "url": "https://your-api.com/webhooks",
  "events": ["user.login", "user.logout"],
  "secret": "your-webhook-secret",
  "headers": {
    "X-Custom-Header": "value"
  }
}

Payload Structure

{
  "event": "user.login",
  "timestamp": "2024-02-05T10:00:00Z",
  "data": {
    "user_id": "usr_123",
    "ip_address": "192.168.1.1",
    "user_agent": "Mozilla/5.0..."
  }
}

Security

Verify webhook signatures:

const signature = req.headers['x-webhook-signature'];
const payload = req.rawBody;

const isValid = verifySignature(payload, signature, secret);

For retry policies and error handling, see our integration guide.

Integrate popular OAuth providers to enable social login in your applications.

Google OAuth Setup

1. Create project in Google Cloud Console
2. Configure OAuth consent screen
3. Create credentials

const googleConfig = {
  clientId: 'your-client-id.apps.googleusercontent.com',
  clientSecret: 'your-client-secret',
  scopes: ['email', 'profile'],
  callbackUrl: 'https://your-app.com/callback/google'
};

GitHub OAuth Setup

const githubConfig = {
  clientId: 'Iv1.xxx',
  clientSecret: 'xxx',
  scopes: ['user:email', 'read:user'],
  callbackUrl: 'https://your-app.com/callback/github'
};

Microsoft OAuth Setup

const microsoftConfig = {
  clientId: 'your-app-id',
  clientSecret: 'your-secret',
  tenant: 'common',
  scopes: ['User.Read', 'email'],
  callbackUrl: 'https://your-app.com/callback/microsoft'
};

Implementation

auth.configure({
  providers: {
    google: googleConfig,
    github: githubConfig,
    microsoft: microsoftConfig
  }
});

For custom OAuth providers, see our advanced integration guide.