Notifications
TridentStack Control can notify your team when important platform events occur. Notifications support multiple delivery channels and give you granular control over which events trigger alerts and who receives them.
Supported Channels
| Channel | Integration Method | Description |
|---|---|---|
| Built-in (Resend) | HTML-formatted emails sent to selected team members. Per-category recipient selection lets different teams receive different event types | |
| Slack | Incoming webhook URL | Block Kit formatted messages with color coding and action buttons linking back to TridentStack Control |
| Microsoft Teams | Webhook URL | Adaptive Card formatted messages with field-based layouts |
| Discord | Webhook URL | Embedded messages with color-coded severity levels |
| Custom Webhook | HTTP endpoint URL | Raw JSON payloads signed with HMAC-SHA256 for verification. Supports custom headers |
Event Categories
Notifications are organized into four categories. Each category can be enabled or disabled independently, and individual events within a category can be toggled on or off.
Deployment Rings
Lifecycle events for phased deployment rollouts. These help you stay informed as updates progress through your ring phases without needing to watch the deployment rings page.
| Event | Description |
|---|---|
| Deployment Started | A deployment ring began deploying updates to agents |
| Phase Advanced | A ring phase progressed to the next phase |
| Approval Pending | A manual-approval phase is ready for administrator action |
| Deployment Completed | All phases in the ring finished, with summary statistics |
| Emergency Halt | A ring was auto-halted because the failure threshold was exceeded |
| Phase Failure | A phase failed to meet its success criteria after the timeout period |
At minimum, enable Approval Pending and Emergency Halt for deployment rings. These are the two events most likely to require immediate action from your team.
Security and Access
User management and authentication events for audit awareness.
| Event | Description |
|---|---|
| User Invited | A new user was invited to the tenant |
| Role Changed | A user was promoted or demoted (for example, granted or revoked admin access) |
| API Key Created | A new API key was generated |
| API Key Deleted | An API key was revoked |
Agent Fleet
Agent registration and removal events for fleet visibility.
| Event | Description |
|---|---|
| Agent Registered | A new agent enrolled with the platform |
| Agent Removed | An agent was deleted from the tenant |
Risk and Compliance
Summary alerts for vulnerability and compliance posture changes across your fleet.
| Event | Description |
|---|---|
| Critical Vulnerabilities Found | New critical-severity vulnerabilities (CVSS 9.0+) were detected across the fleet. Includes affected agent count and top CVEs |
| Compliance Drift Detected | Agents fell out of compliance with assigned frameworks. Includes drifted agent count and affected frameworks |
Configuring Notifications
Access notification settings from Settings > Notifications in the sidebar.
Master Switch
The master toggle at the top of the page enables or disables all notifications globally. When disabled, no notifications are sent regardless of individual channel or event settings.
Email Configuration
Email is a built-in channel that does not require a webhook URL:
- Toggle Email notifications on
- Optionally set a custom "From" display name (defaults to "TridentStack Control")
- For each event category, select which team members should receive those emails. Different categories can have different recipient lists, so deployment ring alerts go to your ops team while security events go to your security team
Adding an External Channel
To add Slack, Teams, Discord, or a custom webhook:
- Click Add Channel
- Select the channel type
- Enter the webhook URL (and optionally custom headers for webhooks)
- Give the channel a descriptive name
- Click Save
For custom webhooks, a signing secret is generated automatically and displayed once on creation. Store this secret securely. TridentStack Control signs every webhook payload with HMAC-SHA256 using this secret, allowing your endpoint to verify authenticity.
Testing a Channel
After adding a channel, click the Test button to send a sample notification. This verifies that the webhook URL is correct and that your receiving application processes the message format properly.
Per-Channel Event Filtering
Each external channel can have its own event whitelist. For example, you might send all deployment ring events to Slack but only send emergency halts and phase failures to a PagerDuty webhook:
- Click the channel in the channel list
- Toggle individual events on or off for that channel
- Save your changes
Events that are disabled at the category level (in the main event settings) are never sent to any channel, regardless of per-channel filtering.
Notification Delivery
Notifications are sent in near real-time when events occur. Each delivery attempt is logged internally with status (sent or failed) and error details if applicable. Failed deliveries are not automatically retried.
If a webhook endpoint is unreachable or returns an error, the notification is marked as failed and the platform event proceeds normally. Notification failures never block platform operations.
Webhook Payload Format
Custom webhook channels receive a JSON payload with the following structure:
{
"eventType": "deployment.emergencyHalt",
"timestamp": "2026-03-18T14:30:00.000Z",
"tenantId": "your-tenant-id",
"payload": {
"ringId": "ring-uuid",
"ringName": "Production Ring",
"phase": "Canary",
"reason": "Failure threshold exceeded",
"failureCount": 3,
"failureRate": 0.15
}
}
The request includes an X-Signature-256 header containing the HMAC-SHA256 signature of the request body. Verify this against your signing secret to confirm the payload originated from TridentStack Control.