Session Ended Webhook

The Session ended webhook is triggered when a particular User Service Session was terminated through either its parent Directory, Service, or a Mobile Authenticator.


Note that the Session Ended Webhook does not utilize JWE encryption as all of the necessary fields are located in URL parameters.

Query String Parameters


JSON string with following parameters:


The date and time the logout was performed. This value is passed for two distinct reasons:

  • Ensuring that the service is informed of when the logout callback was made, so that the service may ensure the user has not started a new session, since logging out and ending their service session.
  • Enabling the service to protect itself from replay and denial of service attacks by verifying the request was recent based on the value of this parameter.

string The hashed user identifier that will match the same value returned by a Auths GET request in which the user had responded or an Authentication Response Event.


A Base64 encoded RSA Signature of the clear query string parameter.


Content-Type: application/json
Accept-Encoding: gzip, deflate
Accept: */*
Connection: close
Content-Length: 0

User Contributed

TransUnion links to user contributed code as a resource to its community. TransUnion does not in any way guarantee or warrant the quality and security of these code bases. User contributed code is supported by the creators. If you do find a link from the site to user contributed code that is malicious or inappropriate in any way, please report that link to TransUnion immediately and we will investigate the claim. Submit any issue to TransUnion support at ×