User Events
The User Event object
{
"date": "2023-08-07T09:54:34.183123Z",
"auth_type": "password",
"id": "AWUTz0naD6KwGSiAAIMN",
"type": "signup",
"canal": "identity_first_party",
"user_id": "550e8400-e29b-41d4-a716-446655440000",
"profile_id": "121146661725694",
"login_time": "2018-08-07T09:54:34.183123Z",
"client_id": "sg48CdAYohRPeRWZ9j1H",
"provider": "password",
"device": "desktop",
"origin": "www.example.fr/login",
"ip": "127.0.0.1",
"host": "https://example.io",
"job_execution_id": "iKUTe3lBd1MwSSbAmUJp", (1)
"job_type": "import", (1)
"job_name": "Daily imports", (1)
"login_as_profile_id" : "AWUTz0JBD6KwGSiAAIMH",
"updated_keys" : [
"signup"
],
"identifier_type": "email",
"risk_score": 30,
"user_agent": "Mozilla/5.0 (iPhone; CPU iPhone OS 10_3_3 like Mac OS X) AppleWebKit/603.3.8 (KHTML, like Gecko) Mobile/14G60"
}
1 | Only present when the canal is job . |
{
"date": "2023-05-07T09:54:34.183123Z",
"auth_type": "password",
"id": "AWUTz0..6KwGSiAAIMN",
"type": "post_event_failure",
"canal": "hook",
"failed_hook_user_event_type": "signup",
"failed_hook_key": "a_post_event_webhook",
"failed_hook_error_code": "webhook_host_unreachable",
"failed_hook_attempts": 3,
"failed_hook_http_status": "404",
"user_id": "550e8400-e29b-41d4-a716-446655440000",
"profile_id": "121146661725694",
"login_time": "2018-08-07T09:54:34.183123Z",
"client_id": "sg48CdAYohRPeRWZ9j1H",
"provider": "password",
"device": "desktop",
"origin": "www.example.fr/login",
"ip": "127.0.0.1",
"user_agent": "Mozilla/5.0 (iPhone; CPU iPhone OS 10_3_3 like Mac OS X) AppleWebKit/603.3.8 (KHTML, like Gecko) Mobile/14G60"
}
{
"date": "2024-01-07T09:54:34.183123Z",
"id": "AWUTz0..6KwGSiAAIMN",
"type": "pub_sub_event_failure",
"canal": "hook",
"failed_hook_project": "webhook_host_unreachable",
"failed_hook_message_key": "NOT_FOUND",
"failed_hook_key": "failing_event",
"failed_hook_user_event_type": "login_matching_password",
"failed_hook_message": "… NOT_FOUND: Resource not found (resource=blah1234).",
"failed_hook_topic": "blah1234"
}
{
"date": "2023-10-07T09:54:34.183123Z",
"id": "AWUTz0..6KwGSiAAIMN",
"user_id": "550e8400-e29b-41d4-a716-446655440000",
"type": "email_failure",
"canal": "message",
"failed_message_error": "[temporarily_unavailable] [SMTP] Email sending failed: Sending the email to the following server failed : localhost:1025",
"failed_message_provider": "smtp",
"failed_message_template": "email_password_reset"
}
{
"date": "2023-10-07T09:54:34.183123Z",
"id": "AWUTz0..6KwGSiAAIMN",
"user_id": "550e8400-e29b-41d4-a716-446655440000",
"profile_id": "121146661725694",
"login_time": "2018-08-07T09:54:34.183123Z",
"type": "email_failure",
"ip": "127.0.0.1",
"client_id": "sg48CdAYohRPeRWZ9j1H",
"risk_score": 99,
"lockout_end_date": "2023-11-25T12:15:09.536Z",
"user_agent": "Mozilla/5.0 (iPhone; CPU iPhone OS 10_3_3 like Mac OS X) AppleWebKit/603.3.8 (KHTML, like Gecko) Mobile/14G60"
}
User Event Fields
Name | Description | ||
---|---|---|---|
The date on which the event occurred. |
|||
The type of authentication used. options
|
|||
User event id. |
|||
User event type.
|
|||
The channel through which the event was triggered. Possible values
|
|||
The ID for when a specific job was executed.
|
|||
Specifies the type of job such as |
|||
The name of the job. This is a friendly string such as "Nightly imports". |
|||
The ReachFive User ID. |
|||
Alias for |
|||
Alias for |
|||
Client id used. |
|||
This is an alias for |
|||
The user’s device.
|
|||
Free text parameter describing the source of the login (for reporting purposes only). You can influence this value by using a request parameter such as
|
|||
User IP address.
|
|||
Web user agent.
Format: where Example: |
|||
Message containing information on why an attempt to send a message failed. |
|||
Message occuring for provider failures. possible values
|
|||
Indicates the failed email or SMS template. |
|||
The unique webhook key. |
|||
The http status that is returned.
|
|||
The specific error code for the failure. possible values
|
|||
The user event for which the webhook was triggered. |
|||
The number of retry attempts. |
|||
The topic ID of the pub/sub hook that failed. |
|||
The error message key.
For example, |
|||
The error message for the failed hook. This describes why it failed. For example, the topic ID may have not been found for pub/sub hooks or there is a duplicated external ID. example
|
|||
The project name of the pub/sub hook that failed. |
|||
The URL used to trigger the event. |
|||
Specifies the type of identifier user. possible values
|
|||
The |
|||
An array of strings that lists the fields that were modified for the following event types.
|
|||
Integer showing the risk score between
|
|||
Specifies the date and time when a user lockout ends.
|
User Event Types
The table below describes the types of events that occur under the type
parameter in the User Event object.
Name | Description | ||
---|---|---|---|
|
Emitted after a successful authentication. |
||
|
Emitted after a user logs out. |
||
|
Emitted after a successful signup. |
||
|
Emitted after a new user is successfully created through the Management API. |
||
|
Emitted after a successful unlink identity. |
||
|
Emitted after a successful email update. |
||
|
Emitted after a successful phone number update. |
||
|
Emitted after a successful password reset request. |
||
|
Emitted after a successful password change. |
||
|
Emitted after a successful password reset process. |
||
|
Emitted when the IFP module detects a compromised profile. |
||
|
Emitted after a one-time password (otp) is successfully sent (via sms or email) for verification.
|
||
|
Emitted after an unsuccessful login attempt due to the password not matching. |
||
|
Emitted after a successful login via the |
||
|
Emitted after a successful user update. |
||
|
Emitted after a successful user deletion.
|
||
|
Emitted after a successful merge (for the updated user). |
||
|
Emitted after a successful merge (for the deleted user). |
||
|
Emitted after a successful email verification. |
||
|
Emitted after a successful mobile number verification. |
||
|
Emitted after successfully creating a new Lite profile. |
||
|
Emitted after an unsuccessful authorization attempt. |
||
|
Emitted after authorization was deleted. |
||
|
Emitted after authorization was successfully granted. |
||
|
Emitted after a lite profile was succesfully merged into a managed profile. |
||
|
Emitted after the user has successfully logged in using the Two-factor authentication (2FA) flow. |
||
ACCOUNT PROTECTION |
|||
|
Emitted after a successful user account suspension. |
||
|
Emitted after a successful user account unsuspension. |
||
|
Emitted after an unsuccessful login attempt on a suspended account with the correct credentials. |
||
|
Emitted when a user attempts to log in with an unverified identifier.
|
||
|
Emitted when a user profile is created with a suspicious IP. |
||
|
Emitted when a risky login notification was sent to the user. |
||
|
Emitted when the risk_score threshold was exceeded. |
||
WEBHOOK FAILURES |
|||
|
Emitted when a failure occurred in a pre-event webhook.
|
||
|
Emitted when a failure occurred in a post-event webhook.
|
||
|
Emitted when a failure occurred in a Pub/sub hook. |
||
RETRY FAILURE EVENTS |
|||
|
Emitted if there is an error while sending an |
||
|
Emitted if there is an error while sending an |
||
USER LOCKOUT EVENTS |
|||
|
Emitted each time a user profile is locked. |
||
MFA EVENTS |
|||
|
Emitted after an MFA credential (phone number) is deleted. |
||
|
Emitted after an MFA credential (email) is deleted. |
||
|
Emitted after an email is used to start the MFA registration process. |
||
|
Emitted after an email has been verified as an MFA credential. |
||
|
Emitted after a phone number is used to start the MFA registration process. |
||
|
Emitted after a phone number has been verified as an MFA credential. |
||
|
Emitted after a device has been added as a trusted device . |
||
|
Emitted after a device has been removed as a trusted device . |
||
CONSENT EVENTS |
|||
|
Emitted after a consent was successfully granted. |
||
|
Emitted after a DOI consent was moved to the |
||
|
Emitted after a consent was officially rejected (denied). |
||
PASSKEY EVENTS |
|||
|
Emitted after a passkey was successfully created. |
||
|
Emitted after a passkey was successfully deleted. |
||
GUEST EVENTS |
|||
|
Emitted after an unsuccessful login due to the identifier format. |
||
|
Emitted after an unsuccessful login attempt due to an unknown identifier. |
||
|
Emitted after an unsuccessful signup attempt due to an invalid email format. |
||
|
Emitted after an unsuccessful signup attempt because the password was not compliant. |