the simplest process is to leverage context-server-actions to send a HTTPs POST to your 3rd party system, this can be event driven and you can pretty much include any data from the authN/authZ in the body, you can send it as xml/json eyc.
The key is having a system that can consume the data and can handle potentially a large number of API calls.