Airlock 2FA Device Activated | User activated a new Airlock 2FA device | | Username concerned by the event | |
event.data.airlock2FAAccountId
| User's Airlock 2FA account ID | 7adc0abe-4820-4ba8-b8ea-a3eaa2860eb6
|
event.data.airlock2FADeviceId
| ID of activated Airlock 2FA device | 02286500-87c2-43da-9b32-d514a18500af
|
Airlock 2FA Device Deleted | An Airlock 2FA device was deleted | | Username concerned by the event | |
event.data.airlock2FAAccountId
| User's Airlock 2FA account ID | 7adc0abe-4820-4ba8-b8ea-a3eaa2860eb6
|
event.data.airlock2FADeviceId
| ID of deleted Airlock 2FA device | 02286500-87c2-43da-9b32-d514a18500af
|
Airlock 2FA Device In Cooldown Used | An Airlock 2FA device that is in cooldown was used for authentication or a transaction approval | | Username concerned by the event | |
event.data.airlock2FAAccountId
| User's Airlock 2FA account ID | 7adc0abe-4820-4ba8-b8ea-a3eaa2860eb6
|
event.data.airlock2FADeviceId
| ID of the Airlock 2FA device in cooldown | 02286500-87c2-43da-9b32-d514a18500af
|
Authentication Flow Successfully Completed | User completed an authentication flow | | Username concerned by the event | |
event.data.authenticationMethods
| List of authentication methods used during the authentication flow | |
Authentication Method Changed | The active authentication method of a user has changed | event.data.activeAuthenticationMethod
| The currently active authentication method. This attribute has no value when the active authentication method was removed. | |
event.data.previousAuthenticationMethod
| The previous authentication method. This attribute has no value when the user did not have an active authentication method. | |
| Context data of a user has been changed | | Username concerned by the event | |
event.data.contextDataChanged.<context-data-key>.oldValue
| Original value of the context data item | |
event.data.contextDataChanged.<context-data-key>.newValue
| New value of the context data item | |
| User activated a new Cronto device | | Username concerned by the event | |
event.data.crontoDeviceId
| ID of activated Cronto device | |
| A Cronto device was deleted | | Username concerned by the event | |
event.data.crontoDeviceId
| ID of deleted Cronto device | |
| A device token was deleted | | Username concerned by the event | |
| ID of the deleted device token | |
| A device token was registered | | ID of the newly registered device token | |
| An Email address was added to the account | | Username concerned by the event | |
event.data.newEmailAddress
| Newly added email address | |
| The email address of the account was changed | | Username concerned by the event | |
event.data.oldEmailAddress
| Original value of the email address | |
event.data.newEmailAddress
| New value of the email address | |
| The email address of the account was removed | | Username concerned by the event | |
event.data.oldEmailAddress
| | |
| FIDO credential was deleted | | Username concerned by the event | |
event.data.fidoCredentialId
| Internal identifier of deleted FIDO credential | 87e82979-a85b-42bb-8cb2-2c3c029fd3d7
|
FIDO Credential Registered | User registered a new FIDO security key | | Username concerned by the event | |
event.data.fidoRelyingPartyId
| Configured identifier of the relying party | |
event.data.fidoPublicKeyCredentialId
| Binary data (Base64url encoded) provided by the FIDO authenticator during registration | |
| This event is created by every step in the Loginapp | event.data.stepResult.type
| | one of SUCCESS, STAY, SKIP, GOTO, FAIL, FAIL_RETRY, FAIL_GOTO, INTERNAL_ERROR, SUBFLOW_SELECTED |
event.data.stepResult.nextAction
| Next step action code (if present) | |
event.data.stepResult.errorCode
| Step error code (if present) | |
event.data.stepResult.attributes
| Map of additional attributes. The map is of the type "String => Object". | |
Logged in from new Device | A user logged in from a previously unknown browser or device. | | Username concerned by the event | |
| Short name used of the browser | |
event.data.operatingSystem
| Short name of the operating system | |
| Short name of the device. | |
| Code of the country (if geo location available) | |
| Name of the city (if geo location available) | |
| Mobile phone number was deleted | | Username concerned by the event | |
| Identifier of the mobile phone number to be deleted | |
event.data.mtanOldPhoneNumber
| The phone number to be deleted | |
MTAN Token Phone Number Changed | Mobile phone number was changed | | Username concerned by the event | |
| Identifier for the registered mobile phone number | |
event.data.mtanOldPhoneNumber
| previously registered modile phone number | |
event.data.mtanNewPhoneNumber
| newly registered mobile phone number | |
| User registered a new mobile phone number | | Username concerned by the event | |
| Identifier for the registered mobile phone number | |
event.data.mtanNewPhoneNumber
| The phone number to be registered | |
| A new OATH OTP secret was created for a specific user. If the user already has an OATH OTP secret, it is replaced by the new secret. Existing authenticator apps of the user based on the "old" secret can no longer be used. | | Username concerned by the event | |
| The existing OATH OTP secret of a specific user was shown/exposed by the Loginapp, allowing the user to activate a new authenticator app. The user can continue using already existing authenticator apps. | | Username concerned by the event | |
| User changes his or her password | | Username concerned by the event | |
| | | Username concerned by the event. | |
| | | Username concerned by the event. | |
| | | Username concerned by the event. | |
| Reason why the user's account was locked. | |
| There was a change in the roles of the user | | Name of the user whose roles were changed | |
| The old roles of the user (before the change) | |
| All the roles of the user after the change | |
| The role(s) added to the user during the change | |
| The role(s) removed from the user during the change | |
| User account was unlocked | | Username concerned by the event | |