Record a Wordwarden connector instance heartbeat.
curl --request POST \ --url https://auth.example.com/api/auth/directory-connectors/heartbeat/example/example \ --header 'Content-Type: application/json' \ --header 'X-Authrim-Heartbeat-Key-Id: example' \ --header 'X-Authrim-Heartbeat-Signature: example' \ --header 'X-Authrim-Heartbeat-Timestamp: example' \ --data '{ "instance_id": "wwi_1234567890123456789012", "display_name": "campus-a", "transport": "direct", "version": "0.13.0", "release_channel": "stable", "started_at": "2026-06-24T00:00:00.000Z", "health_status": "healthy", "health_summary": { "ldap": "ok" }, "config_fingerprint": "sha256:aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", "config_categories": [ "ldap" ], "drift_severity": "none" }'Accepts a small HMAC-signed heartbeat from Authrim Wordwarden direct or tunnel transports. The heartbeat key is separate from the password verification key. The payload must not contain user PII, LDAP secrets, or raw LDAP internal values.
Parameters
Section titled “ Parameters ”Path Parameters
Section titled “Path Parameters ”Header Parameters
Section titled “Header Parameters ”Unix epoch milliseconds or ISO-8601 timestamp within the accepted clock skew.
Request Body required
Section titled “Request Body required ”object
Immutable Wordwarden instance identifier persisted in the connector state directory.
Human-readable operational display name. Not an identity boundary.
Redacted operational health summary. Must not include PII, LDAP secrets, or LDAP internal values.
object
Example
{ "instance_id": "wwi_1234567890123456789012", "display_name": "campus-a", "transport": "direct", "version": "0.13.0", "release_channel": "stable", "started_at": "2026-06-24T00:00:00.000Z", "health_status": "healthy", "health_summary": { "ldap": "ok" }, "config_fingerprint": "sha256:aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa", "config_categories": [ "ldap" ], "drift_severity": "none"}Responses
Section titled “ Responses ”Heartbeat accepted.
object
Example
{ "ok": true, "status": "connected", "instance_id": "wwi_1234567890123456789012", "connector_id": "wwcon_8K4M2Q9F7D3H6P1X"}Error response.
object
Optional browser-side WebAuthn Signal API hint. When unknown_credential is true, clients that just received a WebAuthn credential assertion may call PublicKeyCredential.signalUnknownCredential() for that credential ID.
object
Example generated
{ "error": "example", "error_description": "example", "message": "example", "webauthn_signal": { "unknown_credential": true }}Error response.
object
Optional browser-side WebAuthn Signal API hint. When unknown_credential is true, clients that just received a WebAuthn credential assertion may call PublicKeyCredential.signalUnknownCredential() for that credential ID.
object
Example generated
{ "error": "example", "error_description": "example", "message": "example", "webauthn_signal": { "unknown_credential": true }}Error response.
object
Optional browser-side WebAuthn Signal API hint. When unknown_credential is true, clients that just received a WebAuthn credential assertion may call PublicKeyCredential.signalUnknownCredential() for that credential ID.
object
Example generated
{ "error": "example", "error_description": "example", "message": "example", "webauthn_signal": { "unknown_credential": true }}Error response.
object
Optional browser-side WebAuthn Signal API hint. When unknown_credential is true, clients that just received a WebAuthn credential assertion may call PublicKeyCredential.signalUnknownCredential() for that credential ID.
object
Example generated
{ "error": "example", "error_description": "example", "message": "example", "webauthn_signal": { "unknown_credential": true }}