Event subscribers

Event bus instantiation

Airlock IAM emulates a centralized event bus for the Loginapp and the Adminapp by instantiating one event bus for every incoming request and registering the configured event subscribers.

Airlock IAM currently supports the following types of event subscribers:

Loginapp

Adminapp

Email Event Subscriber

check.svg

check.svg

Remote Event Subscriber

check.svg

check.svg

SMS Event Subscriber

check.svg

check.svg

Currently, only the modules Loginapp and Adminapp offer the possibility to configure event subscribers. Event requests are handled by Loginapp and Adminapp as exclusive processes.

Running as its own process, it can be necessary to configure the same subscriber twice – once for Loginapp and once for Adminapp. This is to ensure that the event will be processed in all cases. For this reason, event subscribers can be configured under Event Settings, which is top-level in both modules.

Email Event Subscriber

The Email Event Subscriber plugin sends email messages with event details. The recipient of the email is defined by the plugin's configuration and may, for example, be the end-user or an administrator.

Event attributes (see Event attributes) can be referenced to include event data in both the email subject and body. Refer to the plugin documentation in the Config Editor for further information.

Remote Event Subscriber

The Remote Event Subscriber plugin connects to a remote HTTP endpoint using the configured HTTP Method and Content Type. It can, for example, be used to send event data to a remote REST API.

Event attributes (see Event attributes) can be referenced to include event data in both the request URL and the request body. Refer to the plugin documentation in the Config Editor for further information.

SMS Event Subscriber

An SMS Event Subscriber can be configured to deliver event-triggered SMS notifications to multiple phone numbers simultaneously. Depending on the Phone Number Providers configured, SMS notifications will be sent to the phone number stored in the credential data model and/or to all phone numbers stored in the token data model. It is not possible to configure a preferred communication mobile phone number.

In case of an MTAN Token Phone Number Changed event, it is also possible to send the message to the old (replaced) phone number.

Example:

SMS Event Subscriper configuration with multiple phone number providers

Event attributes (see Event attributes) can be referenced to include event data text messages. Refer to the plugin documentation in the Config Editor for further information.

Phone number provider plugins

mTAN handler

Description

All Phone Numbers Provider

Token Data mTAN Handler

This handler can hold multiple phone numbers.
It is the preferred configuration choice over the credential data handler.

Credential Data mTAN Handler

This handler can only hold a single phone number. We recommend using the Token Data mTAN Handler instead.

Old Phone Number Provider

  • Provides the user's old phone number in case of a phone number change or deletion.

User Locked event

The User Locked event warrants special treatment by the event subscribers. It is often desirable to send different messages contents determined by the cause of the User Locked event.

To support this behavior the User Locked plugin provides an additional Lock Reason filter. If configured, the event subscriber only handles those User Locked events that match the Lock Reason pattern.