Skip to main content
POST
profile.updated

Body

application/json

Fires when user has updated their profile information.

Password hashes

When a password is updated, the webhook includes password hashes in 4 different formats to ensure compatibility with various authentication systems:

  • argon2id: Modern, secure algorithm. Format: $argon2id$v=19$m=65536,t=1,p=4$salt$hash (PHC format).
  • bcrypt: Widely supported. Format: $2a$10$... (standard bcrypt format).
  • pbkdf2_sha256: FIPS-compliant. Format: $pbkdf2-sha256$i=100000$salt$hash (PHC format).
  • scrypt: Memory-hard algorithm. Format: $scrypt$n=32768,r=8,p=1$salt$hash (PHC format).

All passwords are normalized to UTF-8 NFC before hashing. Salts are randomly generated for each hash.

The hashes follow the PHC string format specification where applicable.

Learn about password hashes verification.

id
string
required
Example:

"evt_00000000000000000000000000"

type
string
required
created_at
integer<int64>
required

UNIX timestamp in seconds

location
object
required
profile
object
required
project_id
string
required
Example:

"00000000000000000000000000"

is_sandbox
boolean
required
Example:

false

session_id
string
required
Example:

"ses_00000000000000000000000000"

data
object
required
funnel_id
string
deprecated
Example:

"00000000000000000000000000"

profile_id
string
deprecated
Example:

"pro_00000000000000000000000000"

Response

200

Event received successfully