# Audit Audit log events. ## Account login method removed - [POST account-login-method-removed](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/account-login-method-removed-event.md): A login method for an account has been removed ## Admin accepted invitation - [POST admin-accepted-invitation](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/admin-accepted-invitation-event.md): A new admin user has accepted the invitation. ## Admin enabled MFA - [POST admin-enabled-mfa](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/admin-enabled-mfa-event.md): An admin user has enabled MFA for their account. ## Admin exported data - [POST admin-exported-data](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/admin-exported-data-event.md): An admin user has exported data. ## Admin loaded data - [POST admin-loaded-data](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/admin-loaded-data-event.md): An admin user has loaded data. Note: this event will only be emitted if extended admin audit logging is enabled. Learn more ## Admin logged in - [POST admin-logged-in](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/admin-logged-in-event.md): An admin user has logged in. ## Admin removed - [POST admin-removed](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/admin-removed-event.md): An admin user has been removed. ## Admin role updated - [POST admin-role-updated](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/admin-role-updated-event.md): An admin user has updated another user's role. ## API key added - [POST api-key-added](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/api-key-added-event.md): An admin user has added a new API Key. ## API key removed - [POST api-key-removed](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/api-key-removed-event.md): An admin user has removed an API Key. ## App approval status updated - [POST app-approval-status-updated](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/app-approval-status-updated-event.md): The approval status of an app has been updated ## App labels added - [POST app-labels-added](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/app-labels-added-event.md): A set of labels has been added to one or more apps. ## App labels removed - [POST app-labels-removed](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/app-labels-removed-event.md): A set of labels has been removed from one or more apps. ## App notes updated - [POST app-notes-updated](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/app-notes-updated-event.md): The notes of an app have been updated ## App owner ID updated - [POST app-owner-id-updated](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/app-owner-id-updated-event.md): The owner ID of an app has been updated ## App sensitivity level updated - [POST app-sensitivity-level-updated](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/app-sensitivity-level-updated-event.md): The sensitivity level of an app has been updated ## Auto-licensing toggled - [POST auto-licensing-toggled](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/auto-licensing-toggled-event.md): An admin user has toggled the auto-licensing setting. ## Auto-unlicensing configuration updated - [POST automatic-unlicensing-configuration-updated](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/automatic-unlicensing-configuration-updated-event.md): An admin user updated the automatic unlicensing configuration. ## Blocked URLs added - [POST blocked-urls-added](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/blocked-urls-added-event.md): A set of URLs has been added to the URL blocking configuration. ## Blocked URLs removed - [POST blocked-urls-removed](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/blocked-urls-removed-event.md): A set of URLs has been removed from the URL blocking configuration. ## Blocked URLs URL schema obfuscation toggled - [POST blocked-urls-url-schema-obfuscation-toggled](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/blocked-urls-url-schema-obfuscation-toggled-event.md): The URL schema obfuscation setting for blocked URLs has been toggled. ## Browser extension enumeration toggled - [POST browser-extension-enumeration-toggled](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/browser-extension-enumeration-toggled-event.md): An admin user has enabled or disabled browser extension enumeration. ## Cloned login page detection ignored domains added - [POST cloned-login-page-detection-ignored-domains-added](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/cloned-login-page-detection-ignored-domains-added-event.md): A set of domains have been added to the list of ignored domains for the Cloned login page detection feature. ## Cloned login page detection ignored domains removed - [POST cloned-login-page-detection-ignored-domains-removed](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/cloned-login-page-detection-ignored-domains-removed-event.md): A set of domains have been removed from the list of ignored domains for the Cloned login page detection feature. ## Control rule added - [POST control-rule-added](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/control-rule-added-event.md): An admin user has added a new control rule. ## Control rule updated - [POST control-rule-updated](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/control-rule-updated-event.md): An admin user has updated a control rule. ## Control rule removed - [POST control-rule-removed](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/control-rule-removed-event.md): An admin user has removed a control rule. ## Control rule toggled - [POST control-rule-toggled](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/control-rule-toggled-event.md): An admin user has enabled or disabled a control rule. ## Control rule reordered - [POST control-rule-reordered](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/control-rule-reordered-event.md): An admin user has reordered a new control rule. ## Custom login URL added - [POST custom-login-url-added](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/custom-login-url-added-event.md): A custom login URL has been added for an app. ## Custom login URL removed - [POST custom-login-url-removed](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/custom-login-url-removed-event.md): A custom login URL has been removed for an app. ## Data retention configuration updated - [POST data-retention-configuration-updated](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/data-retention-configuration-updated-event.md): An admin user updated the data retention configuration. ## Detection archive status updated - [POST detection-archived](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/detection-archive-status-updated-event.md): The archive status of a detection has been updated ## Detection classification updated - [POST detection-classification-updated](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/detection-classification-updated-event.md): The classification of a detection has been updated ## Detection screenshots toggled - [POST detection-screenshots-toggled](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/detection-screenshots-toggled-event.md): An admin user has enabled or disabled detection screenshots. ## Domain enrichment toggled - [POST domain-enrichment-toggled](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/domain-enrichment-toggled-event.md): An admin user has enabled or disabled domain enrichment. ## Employees added to group - [POST employee-added-to-group](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/employees-added-to-group-event.md): An admin user has added one or more employees to a group. ## Employee disabled extension - [POST employee-disabled-extension](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/employee-disabled-extension-event.md): An employee has temporarily disabled the Push extension for a specific domain. ## Excluded extension domains added - [POST excluded-extension-domains-added](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/excluded-extension-domains-added-event.md): A set of domains have been added to the list of excluded browser extension domains to monitor. ## Extended audit logging toggled - [POST extended-audit-logs-toggled](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/extended-audit-logs-toggled-event.md): An admin user has enabled or disabled extended audit logging. ## Excluded extension domains removed - [POST excluded-extension-domains-removed](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/excluded-extension-domains-removed-event.md): A set of domains have been removed from the list of excluded browser extension domains to monitor. ## Extension branding logo uploaded - [POST extension-branding-logo-uploaded](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/extension-branding-logo-uploaded-event.md): The browser extension banner branding logo has been uploaded ## Extension branding updated - [POST extension-branding-updated](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/extension-branding-updated-event.md): The browser extension banner branding has been updated ## Employee email updated - [POST employee-email-updated](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/employee-email-updated-event.md): An admin user has updated the primary email of an employee. ## Employee name updated - [POST employee-name-updated](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/employee-name-updated-event.md): An admin user has updated the first name and/or last name of an employee. ## Employee removed from group - [POST employee-removed-from-group](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/employee-removed-from-group-event.md): An admin user removed an employee from a group. ## Employees merged - [POST employees-merged](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/employees-merged-event.md): An admin user has merged a list of employees. ## Employees unmerged - [POST employees-unmerged](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/employees-unmerged-event.md): An admin user has unmerged one of the emails of an employee into a new employee. ## Integration added - [POST integration-added](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/integration-added-event.md): A new integration has been added. ## Integration completed - [POST integration-completed](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/integration-completed-event.md): An integration has been successfully completed. ## Integration removed - [POST integration-removed](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/integration-removed-event.md): A integration has been removed. ## Label updated - [POST label-updated](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/label-updated-event.md): A label has been updated. ## Label removed - [POST label-removed](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/label-removed-event.md): A label has been removed. ## Leaked password check toggled - [POST leaked-password-check-toggled](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/leaked-password-check-toggled-event.md): An admin user has toggled the leaked password check. ## License assigned - [POST license-assigned](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/license-assigned-event.md): One or more employees have been assigned a license. ## License removed - [POST license-removed](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/license-removed-event.md): The license has been removed from one or more employees. ## Malicious browser extension detection excluded extensions added - [POST malicious-browser-extension-detection-excluded-extensions-added](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/malicious-browser-extension-detection-excluded-extensions-added-event.md): A set of extensions have been added to the list of excluded extensions for the malicious browser extension detection feature. ## Malicious browser extension detection excluded extensions removed - [POST malicious-browser-extension-detection-excluded-extensions-removed](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/malicious-browser-extension-detection-excluded-extensions-removed-event.md): A set of extensions have been removed from the list of excluded extensions for the malicious browser extension detection feature. ## Malicious copy paste detection ignored domains added - [POST malicious-copy-paste-detection-ignored-domains-added](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/malicious-copy-paste-detection-ignored-domains-added-event.md): A set of domains have been added to the list of ignored domains for the malicious copy and paste detection feature. ## Malicious copy paste detection ignored domains removed - [POST malicious-copy-paste-detection-ignored-domains-removed](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/malicious-copy-paste-detection-ignored-domains-removed-event.md): A set of domains have been removed from the list of ignored domains for the malicious copy and paste detection feature. ## MFA tracking exclusions updated - [POST mfa-tracking-exclusions-updated](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/mfa-tracking-exclusions-updated.md): The MFA tracking exclusions list has been updated ## Monitor all domains toggled - [POST monitor-all-domains-toggled](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/monitor-all-domains-toggled-event.md): An admin user has toggled the "Monitor all domains" setting. ## Monitored domains added - [POST monitored-domains-added](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/monitored-domains-added-event.md): A set of domains have been added to the list of monitored company domains. ## Monitored domains removed - [POST monitored-domains-removed](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/monitored-domains-removed-event.md): A set of domains have been removed from the list of monitored company domains. ## Password protection URL masking toggled - [POST password-protection-hide-urls-toggled](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/password-protection-hide-urls-toggled-event.md): An admin user has toggled the password protection URL masking setting. ## Password protection ignore work apps toggled - [POST password-protection-ignore-work-apps-toggled](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/password-protection-ignore-work-apps-toggled-event.md): An admin user has toggled the "Ignore work apps" setting of the password protection feature. ## Password protection ignored domains added - [POST password-protection-ignored-domains-added](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/password-protection-ignored-domains-added-event.md): A set of domains have been added to the list of ignored domains for the password protection feature. ## Password protection ignored domains removed - [POST password-protection-ignored-domains-removed](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/password-protection-ignored-domains-removed-event.md): A set of domains have been removed from the list of ignored domains for the password protection feature. ## Phishing tool detection ignored domains added - [POST phishing-tool-detection-ignored-domains-added](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/phishing-tool-detection-ignored-domains-added-event.md): A set of domains have been added to the list of ignored domains for the Phishing tool detection feature. ## Phishing tool detection ignored domains removed - [POST phishing-tool-detection-ignored-domains-removed](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/phishing-tool-detection-ignored-domains-removed-event.md): A set of domains have been removed from the list of ignored domains for the Phishing tool detection feature. ## Reused password exceptions updated - [POST reused-password-finding-exceptions-updated](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/reused-password-exceptions-updated.md): The reused password exceptions list has been updated ## SAML SSO added - [POST saml-sso-added-event](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/saml-sso-added-event.md): A SAML SSO connection has been added. ## SAML SSO completed - [POST saml-sso-completed-event](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/saml-sso-completed-event.md): A SAML SSO connection has been successfully setup and enabled. ## SAML SSO default role updated - [POST saml-sso-default-role-updated-event](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/saml-sso-default-role-updated-event.md): An admin updated the SAML SSO default role. ## Session theft domains added - [POST session-theft-domains-added](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/session-theft-domains-added-event.md): A set of domains have been added to the list of domains in which the session theft marker is injected. ## Session theft domains removed - [POST session-theft-domains-removed](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/session-theft-domains-removed-event.md): A set of domains have been removed from the list of domains in which the session theft marker is injected. ## Session theft marker rotated - [POST session-theft-marker-rotated](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/session-theft-marker-rotated-event.md): An admin user has rotated the session theft marker. ## Stolen credentials added - [POST stolen-credentials-added](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/stolen-credentials-added-event.md): A set of stolen credentials have been added. ## Stolen credentials removed - [POST stolen-credentials-removed](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/stolen-credentials-removed-event.md): A set of stolen credentials have been removed. ## Stolen credentials mode updated - [POST stolen-credentials-mode-updated](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/stolen-credentials-mode-updated-event.md): An admin user has updated the mode of the stolen credentials feature. ## Telemetry rule added - [POST telemetry-rule-added](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/telemetry-rule-added-event.md): An admin user has added a new telemetry rule. ## Telemetry rule updated - [POST telemetry-rule-updated](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/telemetry-rule-updated-event.md): An admin user has updated a telemetry rule. ## Telemetry rule removed - [POST telemetry-rule-removed](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/telemetry-rule-removed-event.md): An admin user has removed a telemetry rule. ## Telemetry rule toggled - [POST telemetry-rule-toggled](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/telemetry-rule-toggled-event.md): An admin user has enabled or disabled a telemetry rule. ## Telemetry rule reordered - [POST telemetry-rule-reordered](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/telemetry-rule-reordered-event.md): An admin user has reordered a new telemetry rule. ## Unsupported app support requested - [POST unsupported-app-support-requested](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/unsupported-app-support-requested-event.md): Support for an unsupported app has been requested. ## Unsupported app support request cancelled - [POST unsupported-app-support-request-cancelled](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/unsupported-app-support-request-cancelled-event.md): Support request for an unsupported app has been cancelled. ## URL block page updated - [POST url-block-page-updated](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/url-block-page-updated-event.md): An admin user updated the contents of the page shown when access to a URL is blocked by the URL blocking control. ## Weak password custom words added - [POST weak-password-custom-words-added](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/weak-password-custom-words-added-event.md): An admin user has added custom words to the weak password check. ## Weak password custom words removed - [POST weak-password-custom-words-removed](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/weak-password-custom-words-removed-event.md): An admin user has removed custom words from the weak password check. ## Webhook added - [POST webhook-added](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/webhook-added-event.md): An admin user has configured a new webhook URL. ## Webhook removed - [POST webhook-removed](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/webhook-removed-event.md): An admin user has removed a webhook URL. ## App banner configured (deprecated) - [POST app-banner-configured](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/app-banner-configured-event.md): An app banner was configured. ## App banner enabled (deprecated) - [POST app-banner-enabled](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/app-banner-enabled-event.md): An app banner was enabled or disabled. ## MFA enforcement apps updated (deprecated) - [POST mfa-enforcement-apps-updated](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/mfa-enforcement-apps-updated-event.md): An admin user has updated which apps the MFA enforcement control is enabled for. ## MFA enforcement settings updated (deprecated) - [POST mfa-enforcement-settings-updated](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/mfa-enforcement-settings-updated-event.md): An admin user has updated the MFA enforcement control settings. ## Phishing tool detection page updated (deprecated) - [POST phishing-tool-detection-page-updated](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/phishing-tool-detection-page-updated-event.md): An admin user has updated the page settings of the Phishing tool detection feature. ## Phishing tool detection mode updated (deprecated) - [POST phishing-tool-detection-mode-updated](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/phishing-tool-detection-mode-updated-event.md): An admin user has updated the mode of the Phishing tool detection feature. ## SSO password protection ignored domains added (deprecated) - [POST sso-password-protection-ignored-domains-added](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/sso-password-protection-ignored-domains-added-event.md): A set of domains have been added to the list of ignored domains for the SSO password protection feature. ## SSO password protection ignored domains removed (deprecated) - [POST sso-password-protection-ignored-domains-removed](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/sso-password-protection-ignored-domains-removed-event.md): A set of domains have been removed from the list of ignored domains for the SSO password protection feature. ## SSO password protection ignore work apps toggled (deprecated) - [POST sso-password-protection-ignore-work-apps-toggled](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/sso-password-protection-ignore-work-apps-toggled-event.md): An admin user has toggled the "Ignore work apps" setting of the SSO password protection feature. ## SSO password protection mode updated (deprecated) - [POST sso-password-protection-mode-updated](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/sso-password-protection-mode-updated-event.md): An admin user has updated the mode of the SSO password protection feature. ## SSO password protection page updated (deprecated) - [POST sso-password-protection-page-updated](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/sso-password-protection-page-updated-event.md): An admin user has updated the page settings of the SSO password protection feature. ## SSO password protection URL masking toggled (deprecated) - [POST sso-password-protection-url-masking-toggled-event](https://push-security-prd-ba8f0f76-a2d2-42f5-aea2-d421.redocly.app/help/audience/engineering/webhooks-v1/audit/sso-password-protection-url-masking-toggled-event.md): An admin user has toggled the password protection URL masking setting.