We’ve rolled out several backend improvements focused on security, reliability, and observability. This release introduces product- and domain-scoped JWTs, more resilient webhook delivery, and new authorization headers for Power and Secure integrations.

Highlights

• JWTs can now be scoped to specific products and individual domains

• Major webhook upgrades, including retries, static IP delivery, stronger signatures, +more

• New X-Entri-Auth and X-Forwarded-For headers added to Power and Secure requests

• New supported providers for Entri Connect

• New callback events: onEntriClose and onSuccess for clearer flow tracking

• New endpoints to fetch the last webhook by job ID and trigger propagation re-checks

• Ability to retrigger propagation checks directly from the dashboard

• New Conversion Quick Stats provide at-a-glance Connect flow performance

• Social login support added
  
  

Dark mode is here 🌑

Available on Entri Connect Growth, Premium, and Enterprise plans: You can now display Entri Connect in dark mode to your users. You can set the darkMode parameter to “enable”, “disable”, or “auto”, which will default to the user’s system settings. Dark mode is off by default on Entri accounts unless you add the parameter.

Learn more

JWT enhancements

Product key validation

JWTs are now scoped to individual Entri products. For example, a token created for Connect can’t be used for Power or Secure, and vice versa. This adds an extra layer of isolation and ensures tokens are only used where intended.

Learn more about JWTs and authentication in Entri.

Domain validation (Power/Secure)

Applications using Power or Secure can now optionally restrict a JWT to a single domain. This mirrors domain-level validation available during initialization and helps enforce domain-specific access control.

Webhook improvements

Automatic retries

Webhook delivery now automatically retries up to three times when a failure occurs, whether on the client or Entri side. If all retries fail, a warning email is sent (limited to one per day).

See webhook retry behavior in the Webhooks documentation.

Static IP

All webhook traffic now originates from a single static IP: 3.14.77.245

This simplifies allowlisting for customers with firewall rules.

Learn more about this feature

Signature v2

Entri’s new signature scheme improves webhook security with two new headers:

• Entri-Signature-V2

  

• Entri-Timestamp

Each request is signed using the client secret, webhook ID, and timestamp—making every webhook unique and time-bound.

Details are available in Webhook signature documentation.

New key: Provider

Webhook payloads now include a new provider field, identifying the source provider (e.g., Cloudflare, GoDaddy). This enables more transparent tracking and easier debugging of DNS events.

Webhook management endpoints

Endpoints under Webhook Management now allow you to trigger a propagation re-check, fetch the last webhook by job ID, and examine retry attempts and the error state for endpoint deliveries.

Learn more

Get last webhook by job ID

This endpoint allows you to retrieve the last webhook event sent for a specific Connect flow, based on the job_id. It is useful for debugging or validating the final propagation result of a specific domain connection.

Learn more

Trigger propagation re-check

When this endpoint is called, Entri performs an immediate DNS propagation re-check for the specified Connect flow and delivers the latest result via webhook.

Learn more

Re-trigger a propagation check from the Dashboard

Now you’re able to retrigger the propagation check from the webhooks’ logs page within the Entri customer dashboard. This will check for the current propagation status and trigger a new webhook message to your backend. 

Learn more

New callback events

onEntriClose Callback Event

The onEntriClose callback event is used to detect when a user closes the Entri modal, whether they completed domain setup or exited early. It returns details like domain, success, setupType, provider, and lastStatus, giving developers clear context on what happened before the modal closed.

See what it can do

onSuccess Browser Callback Event

This event is triggered when the user reaches the Congratulations screen in Entri Connect and Entri Sell (IONOS and Squarespace flows), regardless of whether the setup was automatic or manual. Use this event to capture a definitive success signal and the jobId that identifies the flow. 

It’s handy for later use in your product experience, for example:

• Notifying users that their domain/website is published

• Prompting users to send their first email for a new sending domain

• Logging a definitive success event for analytics, attribution, or activation tracking

• Saving the jobId for later use on the new Webhooks’ management endpoints

Learn more

Power & Secure improvements

New header: X-Entri-Auth

Requests from Power and Secure now include a new X-Entri-Auth header for accounts that have viewed or created a secret in the dashboard. This header contains the power_secure_authorization_token, improving request-level authorization.

X-Forwarded-For header

Power and Secure requests now include the standardized X-Forwarded-For header, containing the originating client IP address. This replaces the previous X-Forwarded-IP header for new domains, aligning Entri with common proxy standards.

See  Appended Headers on Incoming Traffic for more implementation details.

New DNS Providers for Entri Connect

Connect now supports automatic DNS setup for these new providers

• Alibaba

• Vercel

• TransIP

• Papaki

• GreenGeeks

• O2switch

• Hostpoint

• Openprovider

You can view the full list of supported providers in the Connect provider directory.

Conversion Quick Stats

You can now view Connect flow conversion rates directly in your dashboard. These quick stats show how users progress through domain connection flows, helping you spot drop-offs and measure the impact of your onboarding improvements.

Social login support added

Social login support makes it even easier for your users to log into their DNS provider and set up their records with Entri. We're thrilled to announce that social login is now support for Squarespace and DNSimple domains.

Try it now

These updates are live across all environments. Log in to your Entri dashboard to test JWT scoping, verify webhook delivery, or enable the new Power and Secure headers in your integrations.

Not a customer yet?

Entri’s suite of APIs are designed to make custom domains easier to sell and configure. Meet with a member of our sales team to explore your use case, and simplify domains from infrastructure to frontend.

Meet with Sales