When the

session

after hook is enabled in an Ory after registration action, a

Set-Cookie

HTTP Header is set alongside the HTTP 303 redirect. This header contains the Ory Session Cookie. This is applicable for both server-side browser clients and client-side browser clients. For server-side browser clients, the response looks like this:

bash HTTP/1.1 303 See Other   Cache-Control: 0   Location: <http://127.0.0.1:4455/>   Set-Cookie: csrf_token=b8OebRPTPr5ow23mA5gIZmFNLeuMbv8pZz1jT1Ex7ys=; Path=/; Domain=127.0.0.1; Max-Age=31536000; HttpOnly   Set-Cookie: ory_kratos_session=MTU5OTE2ODc2N3xEdi1CQkFFQ180SUFBUkFCRUFBQVJfLUNBQUVHYzNSeWFXNW5EQThBRFhObGMzTnBiMjVmZEc5clpXNEdjM1J5YVc1bkRDSUFJR055VlROMGRteHhSakJrUzBkbmRUUjBlVFY1V0RCRWFVTnJXVmR6V25oaHx2DICsB6IMbaHSQwnYITUZqr7Qx7CxUlnaneJWH495wQ==; Path=/; Expires=Fri, 04 Sep 2020 21:32:47 GMT; Max-Age=86400; HttpOnly; SameSite=Lax   Vary: Cookie   Date: Thu, 03 Sep 2020 21:32:47 GMT   Content-Length: 0

For client-side browser clients, the response looks like this:

bash HTTP/1.1 303 See Other   Cache-Control: 0   Location: <http://127.0.0.1:4455/>   Set-Cookie: csrf_token=b8OebRPTPr5ow23mA5gIZmFNLeuMbv8pZz1jT1Ex7ys=; Path=/; Domain=127.0.0.1; Max-Age=31536000; HttpOnly   Set-Cookie: ory_kratos_session=MTU5OTE2ODc2N3xEdi1CQkFFQ180SUFBUkFCRUFBQVJfLUNBQUVHYzNSeWFXNW5EQThBRFhObGMzTnBiMjVmZEc5clpXNEdjM1J5YVc1bkRDSUFJR055VlROMGRteHhSakJrUzBkbmRUUjBlVFY1V0RCRWFVTnJXVmR6V25oaHx2DICsB6IMbaHSQwnYITUZqr7Qx7CxUlnaneJWH495wQ==; Path=/; Expires=Fri, 04 Sep 2020 21:32:47 GMT; Max-Age=86400; HttpOnly; SameSite=Lax   Vary: Cookie

For API clients, the Ory Session Cookie and Ory Session Token are included in the response when the

session

after hook is enabled. Please note that the

session

action modifies the HTTP response, and as a result, no other hooks can be executed after the

session

action. If you want to trigger multiple actions that modify the HTTP response in your setup, make sure that

session

is triggered last. Sources: - [Server-side browser clients](https://www.ory.sh/docs/kratos/self-service/flows/user-registration#server-side-browser-clients) - [Client-side browser clients](https://www.ory.sh/docs/kratos/self-service/flows/user-registration#client-side-browser-clients) - [API clients](https://www.ory.sh/docs/kratos/self-service/flows/user-registration#with-auto-login-on-registration-2) - [Sign in after registration](https://www.ory.sh/docs/actions/session)

The

Content-Type

header for a custom hook defined via Jsonnet is not explicitly set in the Jsonnet configuration. However, the

Content-Type

header can be set in the HTTP request configuration when defining the webhook. Here is an example of how you can set the

Content-Type

header in the HTTP request configuration:

bash courier:     delivery_strategy: http     http:       request_config:         url: <https://api.sendgrid.com/v3/mail/send>         method: POST         body: file:///etc/config/kratos/mail.template.jsonnet         headers:           "Content-Type": "application/json"         auth:           type: api_key           config:             name: Authorization             value: Bearer <API_KEY>             in: header

In this example, the

Content-Type

is set to

application/json

. Source: [Send emails using Sendgrid](https://www.ory.sh/docs/kratos/emails-sms/sending-emails-smtp#http-integrations)

Yes, it is possible to inspect logs for webhooks. Ory provides logging capabilities for its services. The log output is sent to stdout/stderr and there is no option to change the log destination. You can use bash pipes to redirect the output to a file. For example:

bash hydra serve all >log.txt 2>&1

The log configuration happens via environment variables

LOG_LEVEL

,

LOG_FORMAT

,

LOG_LEAK_SENSITIVE_VALUES

or the configuration file:

bash log:     level: info     format: text     leak_sensitive_values: false

The

level

configuration key supports the following values:

panic

,

fatal

,

error

,

warn

,

info

,

debug

,

trace

. The

format

configuration key supports

text

and

json

. For Docker-based deployments, you can check the logs using

docker logs <container-id>

. Please note that sensitive data such as Personally Identifiable Information (PII), secrets, tokens, and others should not be leaked to the logs. The

leak_sensitive_values

configuration key should always be set to

false

. Sources: - [Logs and audit trails](https://www.ory.sh/docs/self-hosted/operations/logging) - [The docker image exits immediately](https://www.ory.sh/docs/hydra/faq#the-docker-image-exits-immediately)

I'm sorry, but based on the provided knowledge sources, there is no specific information available about inspecting webhook logs using Ory Network. However, Ory Network does provide live event streams for enterprise contracts, which allow you to stream events like sign-ups, logins, machine-to-machine tokens issued, and many more, in real-time to your own infrastructure. This could potentially be used to monitor webhook events. For more detailed information or specific requirements, it's recommended to reach out to Ory directly or talk to your account manager. Source: [Live event streams](https://www.ory.sh/docs/actions/live-events)