Webhooks
This index is auto-generated by
scripts/docs/gen-webhook-reference.ts. Do not edit by hand — seedocs/dev/docs-auto-sync.md.
Upwarden talks to upstream providers (Stytch, GitHub Security Advisories, customer registries) via webhooks, and receives verdicts from customer-side BYOS scanners via a signed callback. Each surface below has its own reference page covering the HTTP route, signature scheme, idempotency contract, retry posture, body shape, and dispatch table.
Inbound
Section titled “Inbound”- Stytch B2B webhook — Inbound webhook from Stytch — organization / member / session / SSO state changes.
- Customer publish-event trigger — Inbound webhook customers point at their private registry to trigger scans.
- GHSA security-advisory webhook — Inbound webhook from GitHub — real-time GHSA advisory publish / withdraw.
Customer-side callbacks
Section titled “Customer-side callbacks”- Scan-result callback — Inbound callback from customer-side (BYOS) scanners reporting verdicts back to Upwarden.