QEHSDeveloper portal
user.provisioned.v1
A new user was added to the tenant.
user.provisioned.v1v1at-least-once deliveryFires when
On SCIM POST /Users, self-sign-up invitation acceptance, or admin-created user — any path that creates a new tenant membership.
Payload fields
Envelope fields are shared across all event types. Event-specific data is nested under data.
| Field | Type | Required | Description |
|---|---|---|---|
eventId | string (uuid) | required | Unique per delivery attempt. Use for deduplication. |
event | string | required | Fully-qualified event name, e.g. record.created.v1. |
tenantId | string (uuid) | required | Tenant that owns the affected resource. |
firedAt | string (date-time) | required | ISO-8601 UTC timestamp when the event was emitted. |
data.userId | string (uuid) | required | ID of the newly-provisioned user. |
data.email | string (email) | required | Primary email address. |
data.provisionedAt | string (date-time) | required | Timestamp of provisioning. |
data.source | "scim" | "invitation" | "self_signup" | "admin" | required | How the account was created. |
Sample payload
{
"eventId": "dddddddd-eeee-ffff-0000-111111111111",
"event": "user.provisioned.v1",
"tenantId": "00000000-1111-2222-3333-444444444444",
"firedAt": "2026-04-18T13:05:00.000Z",
"data": {
"userId": "ffffffff-eeee-dddd-cccc-bbbbbbbbbbbb",
"email": "alice@acme.com",
"provisionedAt": "2026-04-18T13:05:00.000Z",
"source": "scim"
}
}Verify the signature
Every delivery includes X-QEHS-Signature: sha256=<hex> and X-Job-ID headers. Verify before trusting the body. See the webhooks signature docs for a full verification example.