Passkey events
Passkey events notify you when passkeys are created, updated, or deleted. When a passkey event is triggered, IDaaS sends an HTTP POST request to your configured webhook URL with a JSON payload containing the event details.
Payload structure
Every passkey event payload has this structure:
{
"id": "019cf815-ac2f-747f-8160-4e8061cd8fe4",
"type": "passkey.created",
"accountId": "fba02d5c-2f79-4cfd-91f5-6bd454e97ab3",
"eventTime": "2026-03-16T19:18:15Z",
"data": {
// Event-specific data here
}
}
The data object contains event-specific fields. See the event examples later on this page for the full data object for each event type.
Top-level fields
| Field | Type | Description |
|---|---|---|
id | string | Unique identifier for this webhook delivery |
type | string | The event that occurred (for example, passkey.created, passkey.updated, or passkey.deleted) |
accountId | string | Your account identifier |
eventTime | string | When the event occurred (ISO 8601 format) |
data | object | Details about what happened (varies by event type) |
Event types
passkey.created
Triggered when a passkey is created for a user.
Example payload:
{
"id": "019cf815-ac2f-747f-8160-4e8061cd8fe4",
"type": "passkey.created",
"accountId": "fba02d5c-2f79-4cfd-91f5-6bd454e97ab3",
"eventTime": "2026-03-16T19:18:15Z",
"data": {
"subject": "7a578db7-e8c8-421c-b5aa-2975f1418932",
"subjectName": "john",
"subjectType": "USER",
"resourceName": "User Portal",
"sourceIp": "104.30.161.19",
"entityType": "FIDOTOKENS",
"entityId": "ab136e48-9a81-4cfa-b219-705543a8ec25",
"entityName": "test",
"entityAttributes": {
"userIdStored": true,
"relyingPartyId": "auth.example.com",
"origin": "https://auth.example.com"
}
}
}
The data object includes the following fields:
| Field | Description |
|---|---|
subject | ID of the user for whom the passkey was created |
subjectName | Username of the user for whom the passkey was created |
subjectType | Always USER |
resourceName | Where the passkey was created (for example, User Portal) |
sourceIp | IP address from which the passkey was created |
entityType | Always FIDOTOKENS for passkey events |
entityId | ID of the created passkey |
entityName | Name of the created passkey |
entityAttributes | Details about the created passkey (see below) |
The entityAttributes object includes these fields:
userIdStored- Whether the passkey stores a user handlerelyingPartyId- Relying party ID associated with the passkeyorigin- Origin URL associated with the passkey registration
passkey.updated
Triggered when a passkey is updated.
Example payload:
{
"id": "019cf817-6acb-7a94-8a34-29b47806b454",
"type": "passkey.updated",
"accountId": "fba02d5c-2f79-4cfd-91f5-6bd454e97ab3",
"eventTime": "2026-03-16T19:20:10Z",
"data": {
"subject": "062e8a87-0e86-482a-a0ab-c6429fb599b9",
"subjectName": "john",
"subjectType": "USER",
"resourceName": "Administration Portal",
"sourceIp": "104.30.161.19",
"subscriberAdminRoleName": "Super Administrator",
"entityType": "FIDOTOKENS",
"entityId": "ab136e48-9a81-4cfa-b219-705543a8ec25",
"entityName": "test2",
"entityAttributes": {
"name": "test2"
}
}
}
The data object includes the following fields:
| Field | Description |
|---|---|
subject | ID of the user whose passkey was updated |
subjectName | Username of the user whose passkey was updated |
subjectType | Always USER |
resourceName | Where the passkey was updated (for example, Administration Portal) |
sourceIp | IP address from which the passkey was updated |
subscriberAdminRoleName | Administrator role used to update the passkey, when applicable |
entityType | Always FIDOTOKENS for passkey events |
entityId | ID of the updated passkey |
entityName | Updated name of the passkey |
entityAttributes | Details about the updated passkey fields (see below) |
The entityAttributes object includes these fields:
name- Updated passkey name
passkey.deleted
Triggered when a passkey is deleted.
Example payload:
{
"id": "019cf818-1934-7463-87b5-557584804a3f",
"type": "passkey.deleted",
"accountId": "fba02d5c-2f79-4cfd-91f5-6bd454e97ab3",
"eventTime": "2026-03-16T19:20:54Z",
"data": {
"subject": "062e8a87-0e86-482a-a0ab-c6429fb599b9",
"subjectName": "john",
"subjectType": "USER",
"resourceName": "Administration Portal",
"sourceIp": "104.30.161.19",
"subscriberAdminRoleName": "Super Administrator",
"entityType": "FIDOTOKENS",
"entityId": "ab136e48-9a81-4cfa-b219-705543a8ec25",
"entityName": "passkey name"
}
}
The data object includes the following fields:
| Field | Description |
|---|---|
subject | ID of the user whose passkey was deleted |
subjectName | Username of the user whose passkey was deleted |
subjectType | Always USER |
resourceName | Where the passkey was deleted (for example, Administration Portal) |
sourceIp | IP address from which the passkey was deleted |
subscriberAdminRoleName | Administrator role used to delete the passkey, when applicable |
entityType | Always FIDOTOKENS for passkey events |
entityId | ID of the deleted passkey |
entityName | Name of the deleted passkey |