Skip to content

Events

IFS Cloud provides a rich set of auditing capabilities.

Login Events

Every login action is recorded and stored in the database and can be reviewed on the Login Events page under Solution Manager > Users and Permissions > Identity and Access Manager> Manage -> Login Events. Examples of relevant login events include: a user logs in successfully, a user enters the wrong password, or a user's account is updated.

Below is, a non-exhaustive list of possible login event types.

Login event types:

  • Login - A user has logged in.
  • Register - A user has registered.
  • Logout - A user has logged out.
  • Code to Token - An application/client has exchanged a code for a token.
  • Refresh Token - An application/client has refreshed a token.

Account event types:

  • Update Email - The email address for an account has changed.
  • Update Profile - The profile for an account has changed.
  • Send Password Reset - A password reset email has been sent.
  • Update Password - The password for an account has changed.
  • Send Verify Email - A verification email has been sent.
  • Verify Email - The email address for an account has been verified.

For all the events above, there is a corresponding error event.

A large number of events can be recorded, and these events are stored in the database. They are deleted from the database by a background task that runs periodically. By changing value of the system parameter administrators can specify how long events should be retained in the database.

Category- Security || Parameter- Cleanup age limit in days for IAM Events Log

Clicking the Clear Login Events button will delete all events, except those of the 'LOGIN' event type, that occurred within the past 24 hours.

To delete individual login events, select the checkboxes next to each event and click the Clear Login Event button. As noted earlier, 'LOGIN' events that occurred within the past 24 hours cannot be deleted individually.

Admin Events

Any action an Administrator performs within IAM can be recorded for auditing purposes.

Admin actions can be reviewed from Solution Manager > Users and Permissions > Identity and Access Manager> Manage -> Admin Events

Below is a non-exhaustive list of admin event types:

Admin Event types:

  • CLIENT_DELETE
  • CLIENT_INFO
  • CLIENT_INITIATED_ACCOUNT_LINKING
  • CLIENT_LOGIN
  • CLIENT_REGISTER
  • CLIENT_UPDATE
  • CUSTOM_REQUIRED_ACTION
  • DELETE_ACCOUNT
  • EXECUTE_ACTIONS
  • EXECUTE_ACTION_TOKEN
  • FEDERATED_IDENTITY_LINK
  • GRANT_CONSENT
  • INVALID_SIGNATURE
  • REMOVE_FEDERATED_IDENTITY
  • REVOKE_GRANT
  • UPDATE_CONSENT

For all the events above, there is a corresponding error event.

Clicking the Clear All Admin Events button will delete all events.

To delete individual admin events, select the checkboxes next to each event and click the Delete icon.