Webhook (AI Agent)
⚡ 4 min readWebhooks push real-time HTTP notifications when auth events fire — including actions your AI agent performs through MCP. Configure endpoints in the Console; agents read policy but do not replace your webhook receiver.
Agent actions → webhooks
When MCP tools mutate project state or trackUserAction-style audit events occur, subscribed webhooks can notify your backend or Slack:
| Event category | Examples |
|---|---|
| Login / registration | login.success, registration.success |
| Step-up MFA | mfa.success, mfa.failure |
| Audit | audit.action — includes high-severity agent operations |
Use webhooks to mirror Audit Logs into your SIEM, database, or Slack without polling MCP.
Configuration (human in Console)
Webhook URL, event filters, and Slack incoming URLs are set in the Webhook panel — same as Admin → Webhook.
Agents can:
- List which event types exist and what payloads look like
- Draft handler code for your endpoint
- Remind you to make handlers idempotent (retries may duplicate
id)
Agents cannot:
- Register arbitrary production URLs without you saving in Console
- Bypass HTTPS requirements
Slack for agent ops teams
Paste a Slack incoming webhook URL in the Console to get formatted alerts when verified MCP tools run (member retire, role changes, etc.).
Example prompt
Show the webhook payload shape for audit.action events.
Draft a Node handler that dedupes by event id and posts to our internal API.Next: Backup · Admin Webhook · Events API