DGuardAPI Docs

Push Notifications

DGuard follows a B2B2C Webhook architecture. Instead of DGuard messaging your users directly, we notify your backend via webhooks, giving you full control over the notification content, localization, and delivery logic.

Process Architecture

Step 0
Setup
Step 1
Detect
Step 2
Notify Backend
Step 3
Push to User
Step 4
App Fetch
0

One-time Setup

Webhook Configuration

Configure your endpoint (e.g., https://api.client.com/dguard/webhook) for each environment. Subscribed event types can include phishing, breaches, and VPN status.

Device Registration

Your mobile app registers for push tokens (APNs/FCM). Your backend must maintain a mapping of your client_user_id to their device_push_tokens[].

1

DGuard Detection

When DGuard identifies a threat, it emits a standardized event containing minimal, safe metadata.

Email/SMS

High-risk Phishing

Dark Web

New Data Breach Match

VPN Status

Connection Dropped

2

Webhook Delivery

DGuard POSTs the event to your configured endpoint with full HMAC-SHA256 signatures and replay protection. We perform automatic retries for 24+ hours with exponential backoff if your server is unreachable.

json
// POST https://client.com/dguard/webhook
{
  "event_id": "evt_abc123xyz",
  "event_type": "phishing.email_detected",
  "severity": "high",
  "user_reference": "your_internal_user_id_456",
  "created_at": "2025-01-19T14:30:00Z",
  "payload": {
    "threat_type": "phishing",
    "risk_score": 0.92
  }
}
Verify HMAC signature
Deduplicate with event_id
Apply business rules & opt-ins
3

Client Backend Sends Push

Your backend triggers the actual push notification via APNs (iOS) or FCM (Android/iOS). We recommend keeping the payload thin.

Recommended Push Payload

json
{
  "to": "device_token_xyz",
  "notification": {
    "title": "Security Alert",
    "body": "A potential threat was detected. Tap to review."
  },
  "data": {
    "event_id": "evt_abc123xyz",
    "deep_link": "dguard://alerts/phishing/evt_abc123xyz",
    "category": "security_threat"
  }
}
4

App Interaction

Completing the Flow

When the user taps the notification, the app uses the event_id from the push data to fetch detailed analysis from your backend (which in turn queries DGuard) to present the full security report.

Common Event Types

phishing.email_detected

Phishing attempt found in email analysis

high
phishing.sms_detected

Smishing attempt detected

high
darkweb.leak_detected

User credentials matched in a data breach

critical
vpn.connection_dropped

Secure VPN connection was interrupted

medium
fraud.transaction_flagged

A financial transaction requires review

critical

Rate Limiting

Rate limits for the Push Notifications module are enforced per application. All endpoints share the same quota based on your plan. For detailed specifications, see the Security & Compliance page.

Sandbox: 60 req/min
Production: 1,000 req/min