Audit Log
Authgear provides the event logs for you to analyze security issues and monitor the business.
The portal provides an interface for you to look up the log by event and date range.
View audit logs in the Portal
query {
auditLogs(first:5){
edges{
node{
activityType
clientID
createdAt
data
}
}
}
}
Here are the list of activity types that are logged:
- AUTHENTICATION_IDENTITY_ANONYMOUS_FAILED
- AUTHENTICATION_IDENTITY_BIOMETRIC_FAILED
- AUTHENTICATION_IDENTITY_LOGIN_ID_FAILED
- AUTHENTICATION_PRIMARY_OOB_OTP_EMAIL_FAILED
- AUTHENTICATION_PRIMARY_OOB_OTP_SMS_FAILED
- AUTHENTICATION_PRIMARY_PASSWORD_FAILED
- AUTHENTICATION_SECONDARY_OOB_OTP_EMAIL_FAILED
- AUTHENTICATION_SECONDARY_OOB_OTP_SMS_FAILED
- AUTHENTICATION_SECONDARY_PASSWORD_FAILED
- AUTHENTICATION_SECONDARY_RECOVERY_CODE_FAILED
- AUTHENTICATION_SECONDARY_TOTP_FAILED
- IDENTITY_BIOMETRIC_DISABLED
- IDENTITY_BIOMETRIC_ENABLED
- IDENTITY_EMAIL_ADDED
- IDENTITY_EMAIL_REMOVED
- IDENTITY_EMAIL_UPDATED
- IDENTITY_OAUTH_CONNECTED
- IDENTITY_OAUTH_DISCONNECTED
- IDENTITY_PHONE_ADDED
- IDENTITY_PHONE_REMOVED
- IDENTITY_PHONE_UPDATED
- IDENTITY_USERNAME_ADDED
- IDENTITY_USERNAME_REMOVED
- IDENTITY_USERNAME_UPDATED
- USER_ANONYMOUS_PROMOTED
- USER_AUTHENTICATED
- USER_CREATED
- USER_DELETED
- USER_DELETION_SCHEDULED
- USER_DELETION_UNSCHEDULED
- USER_DISABLED
- USER_PROFILE_UPDATED
- USER_REENABLED
- USER_SESSION_TERMINATED
- USER_SIGNED_OUT
- WHATSAPP_OTP_VERIFIED
- SMS_SENT
- EMAIL_SENT
Each audit log event contains the following attributes in their data
Attribute | Description |
|---|---|
id | Unique identifier of the event |
seq | Sequence number of the event |
type | Activity type |
context | The who, when and where of the event triggered. e.g. IP address, user agent, user ID, timestamp |
payload | Relevant data according to the event type: Messaging (SMS, Email OTP): the phone number/email address of the receiver Authentication/Identity/User actions: a snapshot of the related session and user attributes |
Last modified 5mo ago