Audit Logs: User Access and Security
This article is a simple reference guide showing you the data fields expected from User Access and Security audit logs.
An audit log generates when the Disable User Creation setting is enabled in Single Sign-On (SSO) Management Administration for Express SSO users. This is due to users being created, SSO attributes being validated, and the Express user being deleted before it can be used later in the same creation process.
To learn more about the Audit Logs API, view our Get API Logs documentation.
This section focuses on adding, changing, and deleting Creator roles using Creator Role Administration.
Adding a Creator Role
An event indicating that a Creator role was created in Creator Role Administration.
| Element | Description | Type |
|---|---|---|
|
attributes↴ |
An object of event attributes. |
Object |
|
context↴ |
An object of context details. |
Object |
|
type |
The administration type where the role was created. |
String |
|
id |
The unique identifier associated with the type. |
String |
|
permissions↴ |
An object of the permissions set at creation. |
Object |
|
applications |
The application permissions set at creation. |
String |
|
managedAssets |
The asset permissions set at creation. |
String |
|
documentTemplates |
The document template permissions set at creation. |
String |
|
dataCollections |
The data collection permissions set at creation. |
String |
|
services |
The services permissions set at creation. |
String |
|
styles |
The style permissions set at creation. |
String |
Changing a Creator Role
An event indicating that a Creator role was modified in Creator Role Administration.
| Element | Description | Type |
|---|---|---|
|
attributes↴ |
An object of event attributes. |
Object |
|
context↴ |
An object of context details after changes were made. |
Object |
|
type |
The administration type after changes were made. |
String |
|
id |
The unique identifier associated with the type. |
String |
|
permissions↴ |
An object of the permission changes that were made to the role. |
String |
|
applications |
The application permissions after changes were made. |
String |
|
managedAssets |
The asset permissions after changes were made. |
String |
|
documentTemplates |
The document template permissions after changes were made. |
String |
|
dataCollections |
The data collection permissions after changes were made. |
String |
|
services |
The services permissions after changes were made. |
String |
|
styles |
The style permissions after changes were made. |
String |
Changing a Creator User's Designer Role
An event indicating that a Creator user's Designer role was modified in Creator Role Administration.
| Element | Description | Type |
|---|---|---|
|
attributes↴ |
An object of event attributes. |
Object |
|
designerRoles |
The Designer role that was changed. |
String |
Deleting a Creator Role
An event indicating that a Creator role was deleted in Creator Role Administration.
| Element | Description | Type |
|---|---|---|
|
attributes↴ |
An object of event attributes. |
Object |
|
context↴ |
An object of attribute details for the deleted role. |
Object |
|
type |
The administration type. |
String |
|
id |
The unique identifier associated with the type. |
String |
|
permissions↴ |
The permissions associated for the deleted role. |
Object |
|
applications |
The application permissions for the deleted role. |
String |
|
managedAssets |
The asset permissions for the deleted role. |
String |
|
documentTemplates |
The document template permissions for the deleted role. |
String |
|
dataCollections |
The data collection permissions for the deleted role. |
String |
|
services |
The services permissions for the deleted role. |
String |
|
styles |
The style permissions for the deleted role. |
String |
This section focuses on login, logout, and password change events by Creator users.
Login
An event indicating that a Creator user logged into Designer or Express View. And the method in which the user accessed the system.
| Element | Description | Type |
|---|---|---|
|
attributes↴ |
An object of event attributes. |
Object |
|
methodName |
The required method name. |
String |
|
methodDetails↴ |
An object of method details. |
Object |
|
idp |
The method's Identity Provider. |
String |
|
op |
The method's OpenID Provider. |
String |
|
userId |
The Creator user's unique identifier. |
String |
|
name |
The Creator user's name. |
String |
|
|
The Creator user's email address. |
String |
|
phone |
The Creator user's phone number. |
String |
|
designerRoles |
An array containing the Creator user's role(s). |
String |
Logout
An event indicating that a Creator user logged out of Designer or Express View. And the method in which the user accessed the system.
The log out could be explicitly logging out on the browser, timed-out sessions, or closing the browser.
| Element | Description | Type |
|---|---|---|
|
attributes↴ |
An object of event attributes. |
Object |
|
methodName |
The required method name. |
String |
|
methodDetails↴ |
An object of method details. |
Object |
|
idp |
The method's Identity Provider. |
String |
|
op |
The method's OpenID Provider. |
String |
|
userId |
The Creator user's unique identifier. |
String |
|
name |
The Creator user's name. |
String |
|
|
The Creator user's email address. |
String |
|
phone |
The Creator user's phone number. |
String |
|
designerRoles |
An array containing the Creator user's role(s). |
String |
Password Change
An event indicating that a Creator user changed their password.
| Element | Description | Type |
|---|---|---|
|
attributes↴ |
An object of event attributes. |
Object |
|
passwordChanged |
Whether the password was changed. True if changed; false otherwise. |
Boolean |
This section focuses on adding, changing, and deleting Creator users with Creator (User) Administration.
Adding a Creator
An event indicating that a new Creator was created in Creator (User) Administration.
| Element | Description | Type |
|---|---|---|
|
attributes↴ |
An object of event attributes. |
Object |
|
userId |
The Creator user's unique identifier at creation. |
String |
|
name |
The Creator user's name at creation. |
String |
|
|
The Creator user's email address at creation. |
String |
|
phone |
The Creator user's phone number at creation. |
String |
|
designerRoles |
The Creator user's role at creation. |
String |
|
revoked |
Whether the Creator user was revoked. True if revoked; false otherwise. |
Boolean |
Changing a Creator
An event indicating that a Creator was modified in Creator (User) Administration.
| Element | Description | Type |
|---|---|---|
|
attributes↴ |
An object of event attributes. |
Object |
|
userId |
The Creator user's unique identifier after changes were made. |
String |
|
name |
The Creator user's name after changes were made. |
String |
|
|
The Creator user's email address after changes were made. |
String |
|
phone |
The Creator user's phone number after changes were made. |
String |
|
designerRoles |
The Creator user's role after changes were made. |
String |
|
revoked |
Whether the Creator user was revoked. True if revoked; false otherwise. |
Boolean |
Deleting a Creator
An event indicating that a Creator role was deleted in Creator (User) Administration.
| Element | Description | Type |
|---|---|---|
|
attributes↴ |
An object of event attributes. |
Object |
|
userId |
The unique identifier of the Creator user that was deleted. |
String |
|
name |
The name of the Creator user that was deleted. |
String |
|
|
The email of the Creator user that was deleted. |
String |
|
phone |
The phone number of the Creator user that was deleted. |
String |
|
designerRoles |
The role of the Creator user that was deleted. |
String |
|
revoked |
Whether the Creator user was revoked. True if revoked; false otherwise. |
Boolean |
Locked Out
An event when a Creator user is locked out of their environment after exceeded the number of login attempts configured in Creator (User) Administration.
| Element | Description | Type |
|---|---|---|
|
attributes↴ |
An object of event attributes. |
Object |
|
userId |
The Creator user's unique identifier. |
String |
|
|
The Creator user's email address. |
String |
|
lockedAt |
The date the Creator user was locked out of their environment. |
Date |
Resend Temporary Password
An event when a temporary password has been resent to a Creator using Creator (User) Administration.
| Element | Description | Type |
|---|---|---|
|
attributes↴ |
An object of event attributes. |
Object |
|
userId |
The Creator user's unique identifier. |
String |
|
name |
The Creator user's name. |
String |
|
|
The Creator user's email address. |
String |
|
phone |
The Creator user's phone number. |
String |
|
resendTempPassword |
Whether a temporary password was resent to the user. True if resent; false otherwise. |
Boolean |
This section focuses on enabling, disabling, and changing the various settings related to Environment Administration.
Adding an OIDC SSO Configuration
An event indicating that an OIDC SSO configuration was created in Environment Administration.
| Element | Description | Type |
|---|---|---|
|
attributes↴ |
An object of event attributes. |
Object |
|
domain |
The OIDC OpenID Discovery URL at creation. |
String |
|
config↴ |
An object of OIDC configuration details configured at creation. |
Object |
|
issuer |
The OIDC OpenID Discovery URL/Issuer configured at creation. |
String |
|
client_id |
The OIDC OpenID Client ID configured at creation. |
String |
|
scope |
The OIDC scope configured at creation. |
String |
|
redirect |
The OIDC redirect URI configured at creation. |
String |
|
code_challenge_method |
The PKCE Code Challenge Method selected at creation. |
String |
|
storeIdToken |
Whether the ID Token is stored at creation. True if stored; false otherwise. |
Boolean |
|
readClaimsFromAccessToken |
Whether the Read Claims From Access Token setting is enabled at creation. True if enabled; false otherwise. |
Boolean |
|
additionalParameters |
An object of additional OIDC parameters configured at creation. |
Object |
|
options↴ |
An object of additional OIDC configuration options configured at creation. |
Object |
|
defaultRole |
The Default Role selected at creation. |
String |
|
defaultGroups |
The Default Groups selected at creation. |
String |
|
requireUserExists |
Whether the Require User Exists setting is enabled at creation. True if enabled; false otherwise. |
Boolean |
|
disableUserCreation |
Whether the Disable User Creation setting is enabled at creation. True if enabled; false otherwise. |
Boolean |
|
matchAttribute |
Whether the Match Attribute setting is enabled at creation. True if enabled; false otherwise. |
Boolean |
|
attributeMappings↴ |
An object of Attribute Mappings configured at creation. |
Object |
|
attribute |
The attribute configured at creation. |
String |
|
claim |
The claim configured at creation. |
String |
Adding a SAML SSO Configuration
An event indicating that a SAML SSO configuration was created in Environment Administration.
| Element | Description | Type |
|---|---|---|
|
attributes↴ |
An object of event attributes. |
Object |
|
domain |
The SAML Identity Provider SSO URL at creation. |
String |
|
config↴ |
An object of SAML configuration details configured at creation. |
Object |
|
idpMetadata |
The Identity Provider metadata XML data configured at creation. |
String |
|
entryPoint |
The SSO configuration's entrypoint configured at creation. |
String |
|
cert |
The SAML Identity Provider X.509 certificate configured at creation. |
String |
|
issuer |
The SAML SP Entity ID configured at creation. |
String |
|
callbackUrl |
The SAML callback URL configured at creation. |
String |
|
identifierFormat |
The SAML Identity Provider NameID format configured at creation. |
String |
|
usePostBinding |
Whether the HTTP-POST Binding setting is enabled at creation. True if enabled; false otherwise. |
Boolean |
|
useSignedAuthnRequest |
Whether the Signed AuthnRequest setting is enabled at creation. True if enabled; false otherwise. |
Boolean |
|
expectEncrytedAssertions |
Whether the Expect Encrypted Assertions setting is enabled at creation. True if enabled; false otherwise. |
Boolean |
|
disableRequestedAuthnContext |
Whether the Do Not Request a Specific Authentication Context setting is enabled at creation. True if enabled; false otherwise. |
Boolean |
|
options↴ |
An object of additional SAML configuration options configured at creation. |
Object |
|
defaultRole |
The Default Role selected at creation. |
String |
|
defaultGroups |
The Default Groups selected at creation. |
String |
|
requireUserExists |
Whether the Require User Exists setting is enabled at creation. True if enabled; false otherwise. |
Boolean |
|
disableUserCreation |
Whether the Disable User Creation setting is enabled at creation. True if enabled; false otherwise. |
Boolean |
|
matchAttribute |
The Match Attribute configured at creation. |
String |
|
attributeMappings |
An object of Attribute Mappings configured at creation. |
Object |
|
attribute |
The attribute configured at creation. |
String |
|
claim |
The claim configured at creation. |
String |
Changing Express User Account Password
An event indicating whether the Express User Account Password settings were modified in Environment Administration.
| Element | Description | Type |
|---|---|---|
|
attributes↴ |
An object of event attributes. |
Object |
|
userSetPasswordOnLogin |
Whether the Let User Set Password on Login setting is enabled. True if enabled; false otherwise. |
Boolean |
|
choosePassword |
Whether the Choose Password setting is enabled. True if enabled; false otherwise. |
Boolean |
Changing an OIDC SSO Configuration
An event indicating that an OIDC SSO configuration was modified in Environment Administration.
| Element | Description | Type |
|---|---|---|
|
attributes↴ |
An object of event attributes. |
Object |
|
domain |
The OIDC OpenID Discovery URL after changes were made. |
String |
|
config↴ |
An object of OIDC configuration details after changes were made. |
Object |
|
issuer |
The OIDC OpenID Discovery URL/Issuer after changes were made. |
String |
|
client_id |
The OIDC OpenID Client ID after changes were made. |
String |
|
scope |
The OIDC scope after changes were made. |
String |
|
redirect |
The OIDC redirect URI after changes were made. |
String |
|
code_challenge_method |
The PKCE Code Challenge Method after changes were made. |
String |
|
storeIdToken |
Whether the ID Token is stored. True if stored; false otherwise. |
Boolean |
|
readClaimsFromAccessToken |
Whether the Read Claims From Access Token setting is enabled. True if enabled; false otherwise. |
Boolean |
|
additionalParameters |
An object of additional OIDC parameters. |
Object |
|
options↴ |
An object of additional OIDC configuration options. |
Object |
|
defaultRole |
The Default Role after changes were made. |
String |
|
defaultGroups |
The Default Groups after changes were made. |
String |
|
requireUserExists |
Whether the Require User Exists setting is enabled. True if enabled; false otherwise. |
Boolean |
|
disableUserCreation |
Whether the Disable User Creation setting is enabled. True if enabled; false otherwise. |
Boolean |
|
matchAttribute |
The Match Attribute after changes were made. |
String |
|
attributeMappings |
An object of Attribute Mappings after changes were made. |
Object |
|
attribute |
The attribute configured after changes were made. |
String |
|
claim |
The claim configured after changes were made. |
String |
Changing Password Requirements
An event indicating the Password Requirements settings were modified in Environment Administration.
| Element | Description | Type |
|---|---|---|
|
attributes↴ |
An object of event attributes. |
Object |
|
noOfDaysForPasswordReset |
The total time before users need to reset their password (in days). |
Integer |
|
minLengthPassword |
The minimum character length to create a password. |
Integer |
|
maxLengthPassword |
The maximum character length to create a password. |
Integer |
|
lowercaseLetterFlag |
Whether the Require Lowercase Letter setting is enabled. True if enabled; false otherwise. |
Boolean |
|
uppercaseLetterFlag |
Whether the Require Uppercase Letter setting is enabled. True if enabled; false otherwise. |
Boolean |
|
requireNumberFlag |
Whether the Require Number setting is enabled. True if enabled; false otherwise. |
Boolean |
|
requireSymbolFlag |
Whether the Require Symbol setting is enabled. True if enabled; false otherwise. |
Boolean |
Changing a SAML SSO Configuration
An event indicating that an SAML SSO configuration was modified in Environment Administration.
| Element | Description | Type |
|---|---|---|
|
attributes↴ |
An object of event attributes. |
Object |
|
domain |
The SAML Identity Provider SSO URL after changes were made. |
String |
|
config↴ |
An object of SAML configuration details after changes were made. |
Object |
|
idpMetadata |
The Identity Provider metadata XML data after changes were made. |
String |
|
entryPoint |
The SSO configuration's entrypoint after changes were made. |
String |
|
cert |
The SAML Identity Provider X.509 certificate after changes were made. |
String |
|
issuer |
The SAML SP Entity ID after changes were made. |
String |
|
callbackUrl |
The SAML callback URL after changes were made. |
String |
|
identifierFormat |
The SAML Identity Provider NameID format after changes were made. |
String |
|
usePostBinding |
Whether the HTTP-POST Binding setting is enabled. True if enabled; false otherwise. |
Boolean |
|
useSignedAuthnRequest |
Whether the Signed AuthnRequest setting is enabled. True if enabled; false otherwise. |
Boolean |
|
expectEncrytedAssertions |
Whether the Expect Encrypted Assertions setting is enabled. True if enabled; false otherwise. |
Boolean |
|
disableRequestedAuthnContext |
Whether the Do Not Request a Specific Authentication Context setting is enabled. True if enabled; false otherwise. |
Boolean |
|
options↴ |
An object of additional SAML configuration options after changes were made. |
Object |
|
defaultRole |
The Default Role after changes were made. |
String |
|
defaultGroups |
The Default Groups after changes were made. |
String |
|
requireUserExists |
Whether the Require User Exists setting is enabled. True if enabled; false otherwise. |
Boolean |
|
disableUserCreation |
Whether the Disable User Creation setting is enabled. True if enabled; false otherwise. |
Boolean |
|
matchAttribute |
The Match Attribute after changes were made. |
String |
|
attributeMappings |
An object of Attribute Mappings after changes were made. |
Object |
|
attribute |
The attribute configured after changes were made. |
String |
|
claim |
The claim configured after changes were made. |
String |
Changing User Account Lockout
An event indicating the User Account Lockout settings were modified in Environment Administration.
| Element | Description | Type |
|---|---|---|
|
attributes↴ |
An object of event attributes. |
Object |
|
maxNumberLoginAttempts |
The maximum number of login attempts before the user is locked out. |
Integer |
|
lockoutDuration |
The total time the user is locked out of their account before they can attempt to log in again (in minutes). |
Integer |
|
loginAttemptDuration |
The total time between failed login attempts that can contribute to a user being locked out of their account (in minutes). |
Integer |
Deleting an OIDC SSO Configuration
An event indicating that an OIDC SSO configuration was deleted in Environment Administration.
| Element | Description | Type |
|---|---|---|
|
attributes↴ |
An object of event attributes. |
Object |
|
domain |
The OIDC OpenID Discovery URL that was deleted. |
String |
|
config↴ |
An object of OIDC configuration details that were deleted. |
Object |
|
issuer |
The OIDC OpenID Discovery URL/Issuer that was deleted. |
String |
|
client_id |
The OIDC OpenID Client ID that was deleted. |
String |
|
scope |
The OIDC scope that was deleted. |
String |
|
redirect |
The OIDC redirect URI that was deleted. |
String |
|
code_challenge_method |
The PKCE Code Challenge Method that was deleted. |
String |
|
storeIdToken |
Whether the ID Token is stored. True if stored; false otherwise. |
Boolean |
|
readClaimsFromAccessToken |
Whether the Read Claims From Access Token setting is enabled. True if enabled; false otherwise. |
Boolean |
|
additionalParameters |
An object of additional OIDC parameters that were deleted. |
Object |
|
options↴ |
An object of additional OIDC configuration options that were deleted. |
Object |
|
defaultRole |
The Default Role that was deleted. |
String |
|
defaultGroups |
The Default Groups that was deleted. |
String |
|
requireUserExists |
Whether the Require User Exists setting is enabled. True if enabled; false otherwise. |
Boolean |
|
disableUserCreation |
Whether the Disable User Creation setting is enabled. True if enabled; false otherwise. |
Boolean |
|
matchAttribute |
The Match Attribute that was deleted. |
String |
|
attributeMappings |
An object of Attribute Mappings that were deleted. |
Object |
|
attribute |
The attribute that was deleted. |
String |
|
claim |
The claim configured that was deleted. |
String |
Deleting a SAML SSO Configuration
An event indicating that a SAML SSO configuration was deleted in Environment Administration.
| Element | Description | Type |
|---|---|---|
|
attributes↴ |
An object of event attributes. |
Object |
|
domain |
The SAML Identity Provider SSO URL that was deleted. |
String |
|
config↴ |
An object of SAML configuration details that were deleted. |
Object |
|
idpMetadata |
The Identity Provider metadata XML data that was deleted. |
String |
|
entryPoint |
The SSO configuration's entrypoint that was deleted. |
String |
|
cert |
The SAML Identity Provider X.509 certificate that was deleted. |
String |
|
issuer |
The SAML SP Entity ID that was deleted. |
String |
|
callbackUrl |
The SAML callback URL that was deleted. |
String |
|
identifierFormat |
The SAML Identity Provider NameID format that was deleted. |
String |
|
usePostBinding |
Whether the HTTP-POST Binding setting is enabled. True if enabled; false otherwise. |
Boolean |
|
useSignedAuthnRequest |
Whether the Signed AuthnRequest setting is enabled. True if enabled; false otherwise. |
Boolean |
|
expectEncrytedAssertions |
Whether the Expect Encrypted Assertions setting is enabled. True if enabled; false otherwise. |
Boolean |
|
disableRequestedAuthnContext |
Whether the Do Not Request a Specific Authentication Context setting is enabled. True if enabled; false otherwise. |
Boolean |
|
options↴ |
An object of additional SAML configuration options that were deleted. |
Object |
|
defaultRole |
The Default Role that was deleted. |
String |
|
defaultGroups |
The Default Groups that was deleted. |
String |
|
requireUserExists |
Whether the Require User Exists setting is enabled. True if enabled; false otherwise. |
Boolean |
|
disableUserCreation |
Whether the Disable User Creation setting is enabled. True if enabled; false otherwise. |
Boolean |
|
matchAttribute |
The Match Attribute that was deleted. |
String |
|
attributeMappings |
An object of Attribute Mappings that were deleted. |
Object |
|
attribute |
The attribute that was deleted. |
String |
|
claim |
The claim configured that was deleted. |
String |
Disabling Anonymous Users
An event indicating whether the Disable Anonymous Access setting is enabled in Environment Administration.
| Element | Description | Type |
|---|---|---|
|
attributes↴ |
An object of event attributes. |
Object |
|
disableAnonymousAccess |
Whether the Disable Anonymous Access setting is enabled. True if enabled; false otherwise. |
Boolean |
Disabling the Login Screen
An event indicating whether the Disable Login setting is enabled in Environment Administration.
| Element | Description | Type |
|---|---|---|
|
attributes↴ |
An object of event attributes. |
Object |
|
disableLoginScreen |
Whether the Disable Login Screen setting is enabled. True if enabled; false otherwise. |
Boolean |
Enabling Custom Login and Logout Modules
An event indicating whether the Enable Custom Login/Logout Module setting is enabled in Environment Administration. This log also determines if the Default Module was changed.
| Element | Description | Type |
|---|---|---|
|
attributes↴ |
An object of event attributes. |
Object |
|
enabled |
Whether the Disable Login Screen setting is enabled. True if enabled; false otherwise. |
Boolean |
|
defaultModule |
The name of the module selected as the Default Module. |
String |
Removing Designer (Super-User) Access
An event indicating the removal of Designer (Super-user) access for Express roles.
| Element | Description | Type |
|---|---|---|
|
attributes↴ |
An object of event attributes. |
Object |
|
removedSuperUserAccess |
Whether the Super-user access was removed for Express roles. True if removed; false otherwise. |
Boolean |
This section focuses on adding, changing, deleting, and promoting Express groups using Express Group Administration.
Adding an Express Group
An event indicating that a new Express group was created in Express Group Administration.
| Element | Description | Type |
|---|---|---|
|
attributes↴ |
An object of event attributes. |
Object |
|
groupName |
The required name of the group at creation. |
String |
|
groupDescription |
The description of the group at creation. |
String |
|
groupType |
The group type selected at creation. |
String |
Changing an Express Group
An event indicating that an Express group was modified in Express Group Administration.
| Element | Description | Type |
|---|---|---|
|
attributes↴ |
An object of event attributes. |
Object |
|
groupName |
The name of the group after changes were made. |
String |
|
groupDescription |
The description of the group after changes were made. |
String |
|
groupType |
The group type selected after changes were made. |
String |
Deleting an Express Group
An event indicating an Express group was deleted in Express Group Administration.
| Element | Description | Type |
|---|---|---|
|
attributes↴ |
An object of event attributes. |
Object |
|
groupName |
The name of the group that was deleted. |
String |
|
groupDescription |
The description of the group that was deleted. |
String |
|
groupType |
The group type selected that was deleted. |
String |
Promoting Express Groups
An event determining the Express groups promoted using Express Group Administration.
| Element | Description | Type |
|---|---|---|
|
attributes↴ |
An object of event attributes. |
Object |
|
targetEnvironmentTitle |
The title of the environment where all Express groups were promoted. |
String |
|
targetEnvironmentName |
The name of the environment where all Express groups were promoted. |
String |
|
groupNames |
An array of all Express groups promoted to the specified environment. |
Array |
This section focuses on adding, changing, deleting, and promoting Express roles using Express Role Administration.
Adding an Express Role
An event indicating that a new Express role was created in Express Role Administration.
| Element | Description | Type |
|---|---|---|
|
attributes↴ |
An object of event attributes. |
Object |
|
roleDescription |
The description of the Express role at creation. |
String |
|
roleParent |
The selected parent role at creation. |
String |
|
designerAccess |
Whether the role was given Designer access at creation. True if given Designer access; false otherwise. |
Boolean |
|
fullSubmissionAccess |
Whether the role was given Full Submission access at creation. True if given Full Submission access; false otherwise. |
Boolean |
|
roleDefaultPermission |
The selected default permission at creation. |
String |
|
groups |
The groups the role was assigned to at creation. |
Array |
Changing an Express Role
An event indicating that an Express role was modified in Express Role Administration.
| Element | Description | Type |
|---|---|---|
|
attributes↴ |
An object of event attributes. |
Object |
|
roleDescription |
The description of the Express role after changes were made. |
String |
|
roleParent |
The parent role of the role after changes were made. |
String |
|
designerAccess |
Whether the modified role was given Designer access. True if given Designer access; false otherwise. |
Boolean |
|
fullSubmissionAccess |
Whether the modified role was given Full Submission. True if given Full Submission access; false otherwise. |
Boolean |
|
roleDefaultPermission |
The default permission of the role after changes were made. |
String |
|
groups |
The groups the modified role is assigned to. |
Array |
Deleting an Express Role
An event indicating an Express role was deleted in Express Role Administration.
| Element | Description | Type |
|---|---|---|
|
attributes↴ |
An object of event attributes. |
Object |
|
roleDescription |
The description of the Express role that was deleted. |
String |
|
roleParent |
The parent role of the role that was deleted. |
String |
|
designerAccess |
Whether the deleted role was given Designer access. True if given Designer access; false otherwise. |
Boolean |
|
fullSubmissionAccess |
Whether the deleted role was given Full Submission. True if given Full Submission access; false otherwise. |
Boolean |
|
roleDefaultPermission |
The default permission of the role that was deleted. |
String |
|
groups |
The groups the deleted role was assigned to. |
Array |
Promoting Express Roles
An event determining the Express roles promoted using Express Role Administration.
| Element | Description | Type |
|---|---|---|
|
attributes↴ |
An object of event attributes. |
Object |
|
targetEnvironmentTitle |
The name of the environment where all Express roles were promoted. |
String |
|
targetEnvironmentName |
The Environment Level where all Express roles were promoted. |
String |
|
groupNames |
An array of all Express groups promoted to the specified environment. |
Array |
This section focuses on adding, changing, deleting, and exporting Express users using Express User Administration.
Adding an Express User
An event indicating that a new Express user was created in Express User Administration.
| Element | Description | Type |
|---|---|---|
|
attributes↴ |
An object of event attributes. |
Object |
|
userId |
The Express user's unique identifier at creation. |
String |
|
name |
The Express user's name at creation. |
String |
|
|
The Express user's email address at creation. |
String |
|
phone |
The Express user's phone number at creation. |
String |
|
defaultRoles |
The default roles assigned to the role at creation. |
String |
|
isServiceUser |
Whether the role is a Service User. True if it's a Service User; false otherwise. |
Boolean |
|
groups |
The groups the role is assigned to. |
String |
|
groupsInherited |
The groups inherited when promoting. |
String |
|
applicationRoles↴ |
An object of applications and application roles assigned to this Express user. |
Object |
|
application |
The applications the Express user will have access to at creation. |
String |
|
roles |
The application roles assigned to this Express user. |
String |
|
passwordSpecified |
Whether a password is specified at creation. True if specified; false otherwise. |
Boolean |
|
tempPassword |
Whether the Temporary setting is enabled at creation. True if enabled; false otherwise. |
Boolean |
|
notifyUsersPassword |
Whether the Notify the User by Email of Their Password setting is enabled at creation. True if enabled; false otherwise. |
Boolean |
Changing an Express User
An event indicating that an Express user was modified in Express User Administration.
| Element | Description | Type |
|---|---|---|
|
attributes↴ |
An object of event attributes. |
Object |
|
userId |
The Express user's unique identifier after changes were made. |
String |
|
name |
The Express user's name after changes were made. |
String |
|
|
The Express user's email address after changes were made. |
String |
|
phone |
The Express user's phone number after changes were made. |
String |
|
defaultRoles |
The default roles assigned to the role after changes were made. |
String |
|
isServiceUser |
Whether the role is a Service user. True if it's a Service user; false otherwise. |
Boolean |
|
groups |
The groups the role is assigned to. |
String |
|
groupsInherited |
The groups inherited when promoting. |
String |
|
applicationRoles↴ |
An object of applications and application roles assigned to this Express user. |
Object |
|
application |
The applications the Express user has access to. |
String |
|
roles |
The application roles assigned to this Express user. |
String |
|
passwordSpecified |
Whether a password is specified. True if specified; false otherwise. |
Boolean |
|
tempPassword |
Whether the Temporary setting is enabled. True if enabled; false otherwise. |
Boolean |
|
notifyUsersPassword |
Whether the Notify the User by Email of Their Password setting is enabled. True if enabled; false otherwise. |
Boolean |
Deleting an Express User
An event indicating that an Express user was deleted in Express User Administration.
| Element | Description | Type |
|---|---|---|
|
attributes↴ |
An object of event attributes. |
Object |
|
deletedSuccess |
Whether the Express user was deleted successfully. True if deleted successfully; false otherwise. |
Boolean |
Exporting an Express User
An event indicating the total number of Express users that were exported from Express User Administration.
| Element | Description | Type |
|---|---|---|
|
attributes↴ |
An object of event attributes. |
Object |
|
numberOfRecordsExported |
The total number of Express user records that were exported from Express User Administration. |
Integer |
Locked Out
An event when an Express user is locked out of their environment after exceeded the number of login attempts configured in Express User Administration.
| Element | Description | Type |
|---|---|---|
|
attributes↴ |
An object of event attributes. |
Object |
|
userId |
The Express User's unique identifier. |
String |
|
|
The Express User's email address. |
String |
|
lockedAt |
The date the Express user was locked out of their environment. |
Date |
Resending Temporary Password
An event indicating that a temporary password was resent to an Express User using Express User Administration.
| Element | Description | Type |
|---|---|---|
|
attributes↴ |
An object of event attributes. |
Object |
|
userId |
The Express user's unique identifier. |
String |
|
name |
The Express user's name. |
String |
|
|
The Express user's email address. |
String |
|
phone |
The Express user's phone number. |
String |
|
resendTempPassword |
Whether a temporary password was resent to an Express user. True if resent; false otherwise. |
Boolean |
This section focuses on adding, changing, and deleting SAML and OIDC configuration using Single Sign-On (SSO) Management.
Previewing a Designer SSO Configuration
An event indicating whether a Designer SSO configuration was launched successfully in Single Sign-On (SSO) Management.
| Element | Description | Type |
|---|---|---|
|
attributes↴ |
An object of event attributes. |
Object |
|
previewLaunched |
Whether the Designer SSO configuration was previewed successfully. True if previewed successfully; false otherwise. |
Boolean |
Previewing an Express SSO Configuration
An event indicating whether an Express SSO configuration was launched successfully in Single Sign-On (SSO) Management.
| Element | Description | Type |
|---|---|---|
|
attributes↴ |
An object of event attributes. |
Object |
|
previewLaunched |
Whether the Express SSO configuration was previewed successfully. True if previewed successfully; false otherwise. |
Boolean |
Resources
