Event types
Four event types exist:| Event | Trigger |
|---|---|
verification.session.succeeded | An attempt was confirmed by Kayle. The payload includes the consented claims and the list of selected field keys. |
verification.session.failed | Kayle could not confirm an attempt. The payload includes a failure_code. |
verification.session.expired | A session passed its 60-minute window with no confirmed attempt. |
verification.session.cancelled | A session was cancelled by you (authenticated cancel), by the user (public cancel), or as a privacy-withdrawal replacement for a succeeded / failed payload that was scrubbed before delivery. The payload includes a reason and the per-check retry counters. |
succeeded or failed event was queued but before it delivered, the payload is scrubbed and a verification.session.cancelled event is emitted in its place. See verification.session.cancelled for the full reason enumeration.
Delivery semantics
- At-least-once. Kayle retries failed deliveries. Build idempotent handlers — key on
metadata.event_id(one ID per event, never reused) or onmetadata.verification_session_idcombined with the eventtype. - Per-endpoint. A single event triggers one delivery per subscribed endpoint. Disabling or deleting an endpoint does not affect other endpoints.
- Best-effort ordering. Within a session you’ll usually receive events in the order they happened, but a delivery that retries can land after later events. Don’t rely on order; rely on
metadataand the resource state you can fetch from the API. - Sub-minute latency for the first attempt. The first delivery is queued immediately when the event fires and processed by a scheduled job. See Deliveries for the retry schedule.
What you have to handle
Every endpoint must:- Register an encryption key before it can receive deliveries. Webhook payloads are always JWE-encrypted; an endpoint without an active key fails delivery before the body is sent.
- Verify the
X-Kayle-Signatureheader against the encrypted body before decrypting. See Verifying signatures. - Respond with a
2xxstatus code within a few seconds. Anything else is treated as a delivery failure and retried. - Be idempotent on
metadata.event_id(or onmetadata.verification_session_id+ eventtype).
2xx after the automatic retry schedule are marked failed. You can replay or retry them from the dashboard or via the API while the encrypted payload is still retained; see Deliveries.