> ## Documentation Index
> Fetch the complete documentation index at: https://docs.dynamic.xyz/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# Webhook Events

## Event object

**eventId**
The unique id of the event that triggered the webhook message. A single event in a project can trigger one or more webhook messages if there is more than one webhook configured.

**messageId**
The unique id of the message sent. This key should be used as the idempotency key in order to handle redeliveries.

**webhookId**
The unique id of the configured webhook that sent the message.

**userId**
The unique id of the user who triggered the event. This can be different than `userId`'s in the event payload. For instance, when creating users via developer APIs the triggerer will be the developer's userId and the event payload will contain the id of the created user. This parameter will be `undefined` if the event is triggered using an API key.

**externalUserId**
The external user id associated with the user who triggered the event. This field is only present when [external authentication](/react/external-auth/third-party-auth-overview) is enabled for the environment and the user has an associated external user id. Useful for correlating Dynamic webhook events with users in your own system.

**eventName**
The name of the event that triggered the message. Events always conform to the following convention `{resourceType}.{action}`. For example with the event name of `user.created`, `user` is the resource type and `created` is the action performed on the resource. The full list of event names can be retrieved by using the `/eventTypes` endpoint in the API [here](https://dynamic.xyz/docs/api-reference/events/getEventTypes).

**environmentId**
The unique id of the environment from which the event originated.

**environmentName**
The name of the environment from which the event originated. This can be used to have the same systems handle both `live` and `sandbox` events.

**timestamp**
Timestamp when the event occurred.

**redelivery**
If the message is a redelivery, this will be set to true.

**data**
The data object contains the event payload. The structure of the data object will depend on the event that triggered the message. The full list of event payloads can be found [here](/overview/developer-dashboard/webhooks/events).

#### Example Event Object

Below is an example of a `user.created` event

```json theme={"system"}
{
  "eventId": "2a92c161-3167-44ad-8fce-4c6cdaed8129",
  "messageId": "5a2a5360-bb7e-4ea6-9bd3-0146bf2f734f",
  "webhookId": "a86acea4-e050-4846-8e4f-0ae039f6e37c",
  "userId": "a5914498-7a8b-4c58-b04c-9624fef2897c",
  "externalUserId": "usr_abc123",
  "eventName": "user.created",
  "environmentId": "123e4567-e89b-12d3-a456-426614174000",
  "environmentName": "sandbox",
  "timestamp": "2023-10-26T14:30:59.210Z",
  "data": {
    "chain": "EVM",
    "origin": null,
    "ipAddress": "::1",
    "verifiedCredentialId": "b13f337d-a8dc-41a7-96f5-5e5d76ad864a",
    "userId": "a5914498-7a8b-4c58-b04c-9624fef2897c",
    "expiresAt": null,
    "walletPublicKey": "0x3FcE1F4F28DbA209344072867134A3a7F547C7f1",
    "createdAt": "2023-10-26T14:30:02.909Z",
    "projectEnvironmentId": "7181a853-fb76-4dc2-9af8-6aeb6d2b818b",
    "provider": "browserExtension",
    "walletName": "metamask",
    "id": "484e49ba-3026-4e2c-9bf0-ed98ae224833",
    "revokedAt": "2023-10-26T14:30:59.204Z",
    "verifiedCredentialType": "wallet"
  }
}
```

## Event types

This is the list of all the types of events we send as part of webhook payloads. We may add more at any time, so when developing and maintaining your code, you should not assume that only these types exist. The current list of event types can be fetched from the [event types endpoint](https://dynamic.xyz/docs/api-reference/events/get-event-types).

The events follow the pattern: `resource.event`. Our goal is to design a consistent system that makes it easy to anticipate and understand.

<Note>
  Events that occur on subresources like user.session will include the parent id
  but do not trigger the parent's update event.
</Note>

### User

<ParamField body="user.created" type="object">
  Occurs whenever a user is created. Is a [user.](/api-reference/schemas/User)
</ParamField>

<ParamField body="user.updated" type="object">
  Occurs whenever a user is updated. Is a [user.](/api-reference/schemas/User)
</ParamField>

<ParamField body="user.deleted" type="object">
  Occurs whenever a user is deleted. Is a [user.](/api-reference/schemas/User)
</ParamField>

<ParamField body="user.passkeyRecovery.started" type="object">
  Occurs whenever a user started the passkey recovery process. Is a
  [wallet.](/api-reference/schemas/Wallet)
</ParamField>

<ParamField body="user.passkeyRecovery.completed" type="object">
  Occurs whenever a user completed the passkey recovery process. Is a
  [wallet.](/api-reference/schemas/Wallet)
</ParamField>

<ParamField body="user.session.created" type="object">
  Occurs whenever a user session is created. Is a
  [userSessionAndCredentials](/api-reference/schemas/UserSessionAndCredentials)
  — the `Session` fields plus the user's `verifiedCredentials` (wallets,
  emails, phone numbers, social accounts) at session-create time, so consumers
  can attribute the login without a follow-up API call.
</ParamField>

<ParamField body="user.session.revoked" type="object">
  Occurs whenever a user session is revoked. Is a
  [session.](/api-reference/schemas/Session)
</ParamField>

<ParamField body="user.social.linked" type="object">
  Occurs whenever a user links a social account. Is a
  [provider.](/api-reference/schemas/SocialSignInProvider)
</ParamField>

<ParamField body="user.social.unlinked" type="object">
  Occurs whenever a user unlinks a social account. Is a
  [provider.](/api-reference/schemas/SocialSignInProvider)
</ParamField>

<ParamField body="user.exchangeTransfer.success" type="object">
  Occurs whenever an exchange transfer is successfully initiated. Is an
  [ExchangeTransferResponse.](/api-reference/schemas/ExchangeTransferResponse)
</ParamField>

<ParamField body="user.exchangeTransfer.failed" type="object">
  Occurs whenever an exchange transfer fails for any reason. Contains error details
  about the failure.
</ParamField>

### Wallet

<ParamField body="wallet.created" type="object">
  Occurs whenever a Dynamic-powered embedded wallet is created. Is a
  [wallet.](/api-reference/schemas/Wallet)
</ParamField>

<ParamField body="wallet.linked" type="object">
  Occurs whenever a wallet is linked to a user. Is a
  [wallet.](/api-reference/schemas/Wallet)
</ParamField>

<ParamField body="wallet.unlinked" type="object">
  Occurs whenever a wallet is unlinked from a user. Is a
  [wallet.](/api-reference/schemas/Wallet)
</ParamField>

<ParamField body="wallet.exported" type="object">
  Occurs whenever a Dynamic-powered embedded wallet is exported. Is a
  [wallet.](/api-reference/schemas/Wallet)
</ParamField>

<ParamField body="wallet.transferred" type="object">
  Occurs whenever a wallet is transferred between user accounts. Is a
  [wallet.](/api-reference/schemas/Wallet)
</ParamField>

<ParamField body="wallet.keyShares.backedUpToExternal" type="object">
  Occurs whenever a user backs up their key share to an external location such as Google Drive. Is a
  [wallet.](/api-reference/schemas/Wallet)
</ParamField>

<ParamField body="wallet.signature" type="object">
  Occurs whenever a WaaS wallet signature is completed. Is a
  [wallet.](/api-reference/schemas/Wallet)
</ParamField>

<ParamField body="wallet.activity" type="object">
  Occurs when a confirmed transaction involves a user's wallet. Tracks all on-chain activity across EVM and SVM networks. See [on-chain events](/overview/developer-dashboard/webhooks/on-chain-events) for details. Is a
  [WalletTransaction.](/api-reference/schemas/WalletTransaction)
</ParamField>

<ParamField body="wallet.activity.registered" type="object">
  Occurs when a wallet is newly registered for on-chain activity monitoring.
  Fired once per wallet after creation when the environment has on-chain
  activity tracking enabled — not on duplicates, replays, or
  already-registered addresses. Contains the wallet address, wallet id, and
  owning user id.
</ParamField>

<ParamField body="wallet.delegated.signature" type="object">
  Occurs whenever a WaaS wallet signature is completed from a delegated entity. Is a
  [wallet.](/api-reference/schemas/Wallet)
</ParamField>

### Flow

Flow events send a **state-transition payload**, not the full flow object. Use the `flowId` with [`getFlow`](/javascript/reference/client/get-flow) to fetch the full flow state. See the [Flow API guide](/overview/fireblocks-flow-api) for details on each state.

<ParamField body="flow.execution.updated" type="object">
  Occurs whenever a flow's execution state changes. The payload includes `previousState` and `newState` — for example `initiated` → `source_attached`, `signing` → `broadcasted`, or `broadcasted` → `failed`. Possible execution states: `initiated`, `source_attached`, `quoted`, `signing`, `broadcasted`, `source_confirmed`, `cancelled`, `expired`, `failed`.
</ParamField>

<ParamField body="flow.settlement.updated" type="object">
  Occurs whenever a flow's settlement state changes. Settlement tracks the post-broadcast movement of funds. Possible settlement states: `none`, `routing`, `bridging`, `swapping`, `settling`, `completed`, `failed`.
</ParamField>

<ParamField body="flow.risk.updated" type="object">
  Occurs whenever a flow's risk assessment state changes. Fired when risk screening transitions — for example `unknown` → `pending` → `cleared`. Possible risk states: `unknown`, `pending`, `cleared`, `blocked`, `review`.
</ParamField>

#### Example Flow Event Payload

```json theme={"system"}
{
  "eventId": "2a92c161-3167-44ad-8fce-4c6cdaed8129",
  "messageId": "5a2a5360-bb7e-4ea6-9bd3-0146bf2f734f",
  "webhookId": "a86acea4-e050-4846-8e4f-0ae039f6e37c",
  "userId": "a5914498-7a8b-4c58-b04c-9624fef2897c",
  "externalUserId": "usr_abc123",
  "eventName": "flow.execution.updated",
  "environmentId": "123e4567-e89b-12d3-a456-426614174000",
  "environmentName": "live",
  "timestamp": "2026-06-15T12:00:00.000Z",
  "data": {
    "axis": "execution",
    "flowId": "fl_abc123",
    "previousState": "initiated",
    "newState": "source_attached",
    "timestamp": "2026-06-15T12:00:00.000Z",
    "additionalData": {
      "fromAddress": "0x3FcE1F4F28DbA209344072867134A3a7F547C7f1",
      "fromChainId": "1",
      "sourceType": "wallet"
    }
  }
}
```

### Checkout (Legacy)

<Note>
  Checkout transaction events apply to the legacy checkout system. For new integrations, use [Fireblocks Flow](/overview/fireblocks-flow) and subscribe to `flow.*` events instead.
</Note>

Checkout transaction events send a **state-transition payload**, not the full transaction. Use the `transactionId` with [`getFlow`](/javascript/reference/client/get-flow) to fetch the full flow state.

<ParamField body="checkout.transaction.execution.updated" type="object">
  Occurs whenever a checkout transaction's execution state changes. The execution state tracks how the transaction is moving through the payment lifecycle — for example `initiated`, `source_attached`, `quoted`, `signing`, `broadcasted`, `failed`, `cancelled`, or `expired`.
</ParamField>

<ParamField body="checkout.transaction.settlement.updated" type="object">
  Occurs whenever a checkout transaction's settlement state changes. The settlement state tracks the post-broadcast flow of funds — for example `none`, `routing`, `bridging`, `swapping`, `settling`, `completed`, or `failed`.
</ParamField>

<ParamField body="checkout.transaction.risk.updated" type="object">
  Occurs whenever a checkout transaction's risk assessment state changes. Fired when risk screening transitions between states such as `unknown`, `cleared`, or `blocked`.
</ParamField>

#### Example Checkout Event Payload

```json theme={"system"}
{
  "eventId": "2a92c161-3167-44ad-8fce-4c6cdaed8129",
  "messageId": "5a2a5360-bb7e-4ea6-9bd3-0146bf2f734f",
  "webhookId": "a86acea4-e050-4846-8e4f-0ae039f6e37c",
  "userId": "a5914498-7a8b-4c58-b04c-9624fef2897c",
  "externalUserId": "usr_abc123",
  "eventName": "checkout.transaction.execution.updated",
  "environmentId": "123e4567-e89b-12d3-a456-426614174000",
  "environmentName": "sandbox",
  "timestamp": "2023-10-26T14:30:59.210Z",
  "data": {
    "axis": "execution",
    "previousState": "initiated",
    "newState": "source_attached",
    "transactionId": "484e49ba-3026-4e2c-9bf0-ed98ae224833",
    "timestamp": "2023-10-26T14:30:59.210Z",
    "additionalData": {
      "fromAddress": "0x3FcE1F4F28DbA209344072867134A3a7F547C7f1",
      "fromChainId": "1",
      "sourceType": "wallet"
    }
  }
}
```

### Visit

<ParamField body="visit.created" type="object">
  Occurs whenever a visit is created. Is a
  [visit.](/api-reference/schemas/Visitor)
</ParamField>

### WAAS

<ParamField body="waas.policy.violation" type="object">
  Occurs whenever a transaction is blocked by a configured policy rule. This event provides detailed information about the violation including the denied addresses, all counterparties involved in the transaction, and the reason for blocking. Useful for building allow-only rules, security monitoring, and debugging policy configurations. See [Policies & Rules](/overview/wallets/embedded-wallets/mpc/policies#policy-violation-webhook) for more details.
</ParamField>

### Admin

#### WAAS Policy

<ParamField body="admin.waas.policy.created" type="object">
  Occurs whenever a WAAS policy is created by an admin. Is a
  [WaasPolicyResponse.](/api-reference/schemas/WaasPolicyResponse)
</ParamField>

<ParamField body="admin.waas.policy.updated" type="object">
  Occurs whenever a WAAS policy is updated by an admin. Is a
  [WaasPolicyResponse.](/api-reference/schemas/WaasPolicyResponse)
</ParamField>

<ParamField body="admin.waas.policy.rule.created" type="object">
  Occurs whenever a WAAS policy rule is created by an admin. Is a
  [WaasPolicyRule.](/api-reference/schemas/WaasPolicyRule)
</ParamField>

<ParamField body="admin.waas.policy.rule.updated" type="object">
  Occurs whenever a WAAS policy rule is updated by an admin. Is a
  [WaasPolicyRule.](/api-reference/schemas/WaasPolicyRule)
</ParamField>

<ParamField body="admin.waas.policy.rule.deleted" type="object">
  Occurs whenever a WAAS policy rule is deleted by an admin. Contains the deleted
  rule information.
</ParamField>

#### Domain

<ParamField body="admin.environment.domain.created" type="object">
  Occurs whenever a custom domain is created by an admin. Is a
  [CustomHostname.](/api-reference/schemas/CustomHostname)
</ParamField>

<ParamField body="admin.environment.domain.deleted" type="object">
  Occurs whenever a custom domain is deleted by an admin. Contains the deleted
  domain information.
</ParamField>

<ParamField body="admin.environment.domain.updated" type="object">
  Occurs whenever a custom domain is updated by an admin. Is a
  [CustomHostname.](/api-reference/schemas/CustomHostname)
</ParamField>

#### Environment

<ParamField body="admin.environment.apiToken.created" type="object">
  Occurs whenever an API token is created by an admin. Is a
  [Token.](/api-reference/schemas/Token)
</ParamField>

<ParamField body="admin.environment.apiToken.deleted" type="object">
  Occurs whenever an API token is deleted by an admin. Contains the deleted
  token information.
</ParamField>

<ParamField body="admin.environment.settings.updated" type="object">
  Occurs whenever environment settings are updated by an admin. Is a
  [ProjectEnvironment.](/api-reference/schemas/ProjectEnvironment)
</ParamField>

<ParamField body="admin.environment.mfa.deleted" type="object">
  Occurs whenever an admin deletes a user's MFA device. Contains the user ID and
  MFA device information.
</ParamField>

#### Organization

<ParamField body="admin.organization.created" type="object">
  Occurs whenever an organization is created by an admin. Is an
  [Organization.](/api-reference/schemas/Organization)
</ParamField>

<ParamField body="admin.organization.updated" type="object">
  Occurs whenever an organization is updated by an admin. Is an
  [Organization.](/api-reference/schemas/Organization)
</ParamField>

<ParamField body="admin.organization.billing.updated" type="object">
  Occurs whenever an organization's billing settings are updated by an admin. Is a
  [BillingSubscription.](/api-reference/schemas/BillingSubscription)
</ParamField>

<ParamField body="admin.organization.member.invited" type="object">
  Occurs whenever a member is invited to an organization by an admin. Is an
  [Invite.](/api-reference/schemas/Invite)
</ParamField>

<ParamField body="admin.organization.member.joined" type="object">
  Occurs whenever a member joins an organization. Is an
  [OrganizationMember.](/api-reference/schemas/OrganizationMember)
</ParamField>

<ParamField body="admin.organization.member.removed" type="object">
  Occurs whenever a member is removed from an organization by an admin. Contains
  the removed member information.
</ParamField>

#### Project

<ParamField body="admin.project.created" type="object">
  Occurs whenever a project is created by an admin. Is a
  [Project.](/api-reference/schemas/Project)
</ParamField>

<ParamField body="admin.project.deleted" type="object">
  Occurs whenever a project is deleted by an admin. Contains the deleted
  project information.
</ParamField>

<ParamField body="admin.project.updated" type="object">
  Occurs whenever a project is updated by an admin. Is a
  [Project.](/api-reference/schemas/Project)
</ParamField>

#### User

<ParamField body="admin.user.created" type="object">
  Occurs whenever a user is created by an admin. Is a
  [User.](/api-reference/schemas/User)
</ParamField>

<ParamField body="admin.user.deleted" type="object">
  Occurs whenever a user is deleted by an admin. Contains the deleted
  user information.
</ParamField>

<ParamField body="admin.user.updated" type="object">
  Occurs whenever a user is updated by an admin. Is a
  [User.](/api-reference/schemas/User)
</ParamField>

<ParamField body="admin.user.session.revoked" type="object">
  Occurs whenever a user session is revoked by an admin. Is a
  [Session.](/api-reference/schemas/Session)
</ParamField>

#### Webhook

<ParamField body="admin.webhook.created" type="object">
  Occurs whenever a webhook is created by an admin. Is a
  [Webhook.](/api-reference/schemas/Webhook)
</ParamField>

<ParamField body="admin.webhook.deleted" type="object">
  Occurs whenever a webhook is deleted by an admin. Contains the deleted
  webhook information.
</ParamField>

<ParamField body="admin.webhook.updated" type="object">
  Occurs whenever a webhook is updated by an admin. Is a
  [Webhook.](/api-reference/schemas/Webhook)
</ParamField>

#### Security

<ParamField body="admin.security.accessControl.created" type="object">
  Occurs whenever security access control settings are created by an admin. Is an
  [AdminSecurityAccessControl.](/api-reference/schemas/AdminSecurityAccessControl)
</ParamField>

<ParamField body="admin.security.cookieDomain.created" type="object">
  Occurs whenever a cookie domain is created by an admin. Is an
  [AdminSecurityCookieDomain.](/api-reference/schemas/AdminSecurityCookieDomain)
</ParamField>

<ParamField body="admin.security.cors.created" type="object">
  Occurs whenever a CORS origin is created by an admin. Is an
  [OriginResponse.](/api-reference/schemas/OriginResponse)
</ParamField>

<ParamField body="admin.security.cors.deleted" type="object">
  Occurs whenever a CORS origin is deleted by an admin. Contains the deleted
  CORS origin information.
</ParamField>

<ParamField body="admin.security.cors.updated" type="object">
  Occurs whenever a CORS origin is updated by an admin. Is an
  [OriginResponse.](/api-reference/schemas/OriginResponse)
</ParamField>

<ParamField body="admin.security.ipSettings.updated" type="object">
  Occurs whenever IP settings are updated by an admin. Is an
  [AdminSecurityIpSettings.](/api-reference/schemas/AdminSecurityIpSettings)
</ParamField>

<ParamField body="admin.security.jwtSettings.updated" type="object">
  Occurs whenever JWT settings are updated by an admin. Is an
  [AdminSecurityJwtSettings.](/api-reference/schemas/AdminSecurityJwtSettings)
</ParamField>
