User Action
User Action
This event is generated when a User Action is taken on a user and when temporal actions transition between phases.
A temporal action is one that has a start time and and a duration. When a phase transition occurs for a temporal action, an event will be sent to the webhook. See the event.phase in the message body.
Event typeuser.action
Event Scope
Prior to version 1.37.0 this was a tenant or application scoped event. It can be sent to all applications or to one or more specified applications.
The ability to limit the generation of an event for only certain applications is legacy functionality and is removed as of version 1.37.0. In earlier versions, you almost certainly want to enable this event at the tenant level and optionally filter on the tenantId when consuming the event.
In version 1.37.0 and later this is a tenant scoped event. It can be sent to all tenants or to one or more specified tenants. Those tenants will only be sent events related to their tenant. You can optionally also filter on the applicationId when consuming the event.
Transaction Compatibility
This event is transactional. The final state of the operation which caused the webhook is not persisted to FusionAuth until after the webhook finishes; learn more
Event Body
This parameter specifies the name of the action that is occurring.
This parameter specifies the unique Id of the action that is occurring.
This parameter specifies the unique identifier of the user the action is being performed on.
This parameter specifies the Id of the User that performed the action that resulted in the notification being sent. If the action was initiated by FusionAuth this value will not be provided.
This parameter if provided specifies the scope of the User Action. When an Action is scoped to one or more Applications the Application Ids will be provided in this parameter.
An optional comment left to possibly indicate why the action was taken, modified or canceled.
The instant that the event was generated.
When the action is configured to send the email in the event body, FusionAuth will render the email and provide the result in the event body. This can be used to send an email through a third party provider. See Example POST body below for fields.
This parameter will indicate if FusionAuth has already sent an email to the user as a result of this event. When true
an email was sent to the user, and if false
an email was not sent to the user.
The instant that the action will expire, if the action expires.
The unique Id of the event. You may receive an event more than once based upon your transaction settings. This Id may be used to identify a duplicate event.
This parameter specifies the localized version of the action field, based on the user’s preferred languages.
The duration of the action in a human readable format that is localized based on the user’s preferred languages.
This parameter specifies the localized version of the option field, based on the user’s preferred languages.
This parameter specifies the localized reason of the reason field, based on the user’s preferred languages.
This parameter specifies whether the user should be notified. FusionAuth will only set this value based upon the event configuration, it is simply an indicator to the event consumer to notify the user.
An optional value to provide additional context to the Action. This value is free form and defined by the User Action.
If the Action is temporal, this parameter will be provided to indicate the current phase of the action. The following are the possible Action states:
start
- The event has started.modify
- The event has been modified.cancel
- The event has been canceled, theend
phase will not be reached.end
- The event has ended.
When the action is started by an admin, the phase will be “start”. If an admin changes the duration of the action, the phase will be “modify”. If an admin cancels an action it will be “cancel” or the action expires, the phase will be “end”. If the action is key-based, the phase will be “start”.
The reason the admin selected. Reasons may be configured in the FusionAuth UI, navigate to Settings -> User Actions -> Reasons. This value will be omitted when no reasons are selected (or configured).
The reason code the admin selected. Reasons may be configured in the FusionAuth UI, navigate to Settings -> User Actions -> Reasons. This value will be omitted when no reasons are selected (or configured).
The unique tenant identifier. This value may not be returned if not applicable.
The event type, this value will always be user.action
.
Example Event JSON
{
"event": {
"action": "Mute",
"actionId": "8c10cd8d-251b-4ebc-9171-6a7a2e8ed390",
"actioneeId": "32ac49fe-1f7f-40b6-a3a1-02611a10945a",
"actionerId": "1219c8e2-c0c2-4efc-9323-6ee9062e9c1f",
"applicationIds": [
"2a6972a9-d332-458f-9c11-aa0eb74cfefc",
"a1d7c8d2-be38-4530-8c61-b32245f94f0c",
"def77957-1818-4fd5-b052-004777acb6fa",
"96ebce2f-f9c0-44f6-a92f-6f476e08b678",
"563215b9-b819-4ec5-b983-88174f26e390"
],
"comment": "a comment",
"createInstant": 1505762615056,
"email": {
"attachments": [],
"bcc": [],
"cc": [],
"from": {
"address": "moderator@yourorganization.com",
"display": "Moderator"
},
"html": "<p>Please review the code of conduct to avoid being removed from the community.</p>",
"replyTo": {
"address": "no-reply@yourorganization.com",
"display": "no-reply@yourorganization.com"
},
"subject": "You've received a Misconduct action",
"text": "Please review the code of conduct to avoid being removed from the community.",
"to": [
{
"address": "Allan249@example.com",
"display": "Allan"
}
]
},
"emailedUser": false,
"expiry": 1408554564119,
"id": "e502168a-b469-45d9-a079-fd45f83e0406",
"localizedAction": "Mute",
"localizedDuration": "2 days",
"localizedOption": "soft",
"localizedReason": "Misconduct",
"notifyUser": true,
"option": "soft",
"phase": "start",
"reason": "Misconduct",
"reasonCode": "123",
"tenantId": "e872a880-b14f-6d62-c312-cb40f22af465",
"type": "user.action"
}
}