Events

1. Events

These are the events that FusionAuth generates that can be optionally consumed by your registered Webhook.

2. User Actions

This event is generated when a User Action is taken on a user and when temporal actions transition between phases.

A temporal action is one that has a start time and and a duration, when a phase transition occurs an event will be sent to the webhook. See the event.phase in the message body.

Event type
user.action
Table 1. Event Body

event.action [String]

This parameter specifies the name of the action that is occurring.

event.actionId [UUID]

This parameter specifies the unique Id of the action that is occurring.

event.actioneeUserId [UUID]

This parameter specifies the unique identifier of the user the action is being performed on.

event.actionerUserId [UUID]

This parameter specifies the Id of the User that performed the action that resulted in the notification being sent. If the action was initiated by FusionAuth this value will not be provided.

event.applicationIds [Array<UUID>]

This parameter if provided specifies the scope of the User Action. When an Action is scoped to one or more Applications the Application Ids will be provided in this parameter.

event.comment [String]

An optional comment left to possibly indicate why the action was taken, modified or canceled.

event.createInstant [Long]

The instant that the event was generated.

event.email [Object]

When the action is configured to send the email in the event body, FusionAuth will render the email and provide the result in the event body. This can be used to send an email through a third party provider. See Example POST body below for fields.

event.emailedUser [Boolean]

This parameter will indicate if FusionAuth has already sent an email to the user as a result of this event. When true an email was sent to the user, and if false an email was not sent to the user.

event.expiry [Long]

The instant that the action will expire, if the action expires.

event.id [UUID]

The event unique Id. You may receive an event more than once based upon your transaction settings. This Id may be used to identify a duplicate event.

event.localizedAction [String]

This parameter specifies the localized version of the action field, based on the user’s preferred languages.

event.localizedDuration [String]

The duration of the action in a human readable format that is localized based on the user’s preferred languages.

event.localizedOption [String]

This parameter specifies the localized version of the option field, based on the user’s preferred languages.

event.localizedReason [String]

This parameter specifies the localized reason of the reason field, based on the user’s preferred languages.

event.notifyUser [Boolean]

This parameter specifies whether the user should be notified. FusionAuth will only set this value based upon the event configuration, it is simply an indicator to the event consumer to notify the user.

event.option [String]

An optional value to provide additional context to the Action. This value is free form and defined by the User Action.

event.phase [Boolean]

If the Action is temporal, this parameter will be provided to indicate the current phase of the action. The following are the possible Action states:

  • start - The event has started.

  • modify - The event has been modified.

  • cancel - The event has been canceled, the end phase will not be reached.

  • end - The event has ended.

When the action is started by an admin, the phase will be "start". If an admin changes the duration of the action, the phase will be "modify". If an admin cancels an action it will be "cancel" or the action expires, the phase will be "end". If the action is key-based, the phase will be "start".

event.reason [String]

The reason the admin selected. Reasons may be configured in the FusionAuth UI, navigate to Settings User Actions Reasons. This value will be omitted when no reasons are selected (or configured).

event.reasonCode [String]

The reason code the admin selected. Reasons may be configured in the FusionAuth UI, navigate to Settings User Actions Reasons. This value will be omitted when no reasons are selected (or configured).

event.type [String]

The event type, this value will always be user.action.

Example Event JSON
{
  "event": {
    "action": "Mute",
    "actionId": "8c10cd8d-251b-4ebc-9171-6a7a2e8ed390",
    "actioneeId": "32ac49fe-1f7f-40b6-a3a1-02611a10945a",
    "actionerId": "1219c8e2-c0c2-4efc-9323-6ee9062e9c1f",
    "applicationIds": [
      "2a6972a9-d332-458f-9c11-aa0eb74cfefc",
      "a1d7c8d2-be38-4530-8c61-b32245f94f0c",
      "def77957-1818-4fd5-b052-004777acb6fa",
      "96ebce2f-f9c0-44f6-a92f-6f476e08b678",
      "563215b9-b819-4ec5-b983-88174f26e390"
    ],
    "comment": "a comment",
    "createInstant": 1505762615056,
    "email": {
      "attachments": [],
      "bcc": [],
      "cc": [],
      "from": {
        "address": "moderator@yourorganization.com",
        "display": "Moderator"
      },
      "html": "<p>Please review the code of conduct to avoid being removed from the community.</p>",
      "replyTo": {
        "address": "no-reply@yourorganization.com",
        "display": "no-reply@yourorganization.com"
      },
      "subject": "You've received a Misconduct action",
      "text": "Please review the code of conduct to avoid being removed from the community.",
      "to": [
        {
          "address": "Allan249@example.com",
          "display": "Allan"
        }
      ]
    },
    "emailedUser": false,
    "expiry": 1408554564119,
    "id": "e502168a-b469-45d9-a079-fd45f83e0406",
    "localizedAction": "Mute",
    "localizedDuration": "2 days",
    "localizedOption": "soft",
    "localizedReason": "Misconduct",
    "notifyUser": true,
    "option": "soft",
    "phase": "start",
    "reason": "Misconduct",
    "reasonCode": "123",
    "type": "user.action"
  }
}

3. User Bulk Create

This event is generated when multiple users are created. The JSON includes each of the Users that were created.

Event type
user.bulk.create
Table 2. Event Body

event.createInstant [Long]

The instant that the event was generated.

event.id [UUID]

The event unique Id. You may receive an event more than once based upon your transaction settings. This Id may be used to identify a duplicate event.

event.type [String]

The event type, this value will always be user.bulk.create.

event.users [Array<Object>]

The users that have been created. See the Users API for property definitions and example JSON.

3.1. Event JSON

Example Event JSON
{
  "event": {
    "createInstant": 1505762615056,
    "id": "e502168a-b469-45d9-a079-fd45f83e0406",
    "type": "user.bulk.create",
    "users": [
      {
        "active": true,
        "email": "example@fusionauth.io",
        "id": "00000000-0000-0001-0000-000000000000",
        "lastLoginInstant": 1471786483322,
        "passwordChangeRequired": false,
        "passwordLastUpdateInstant": 1471786483322,
        "registrations": [
          {
            "applicationId": "10000000-0000-0002-0000-000000000001",
            "id": "00000000-0000-0002-0000-000000000000",
            "insertInstant": 1446064706250,
            "lastLoginInstant": 1456064601291,
            "roles": [
              "user"
            ],
            "usernameStatus": "ACTIVE"
          }
        ],
        "twoFactorEnabled": false,
        "usernameStatus": "ACTIVE",
        "verified": true
      }
    ]
  }
}

4. User Create

This event is generated when a single user is created. The JSON includes the User that was created.

Event type
user.create
Table 3. Event Body

event.createInstant [Long]

The instant that the event was generated.

event.id [UUID]

The event unique Id. You may receive an event more than once based upon your transaction settings. This Id may be used to identify a duplicate event.

event.type [String]

The event type, this value will always be user.create.

event.user [Object]

The user that has been created. See the Users API for property definitions and example JSON.

4.1. Event JSON

Example Event JSON
{
  "event": {
    "createInstant": 1505762615056,
    "id": "e502168a-b469-45d9-a079-fd45f83e0406",
    "type": "user.create",
    "user": {
      "active": true,
      "email": "example@fusionauth.io",
      "id": "00000000-0000-0001-0000-000000000000",
      "passwordChangeRequired": false,
      "registrations": [
        {
          "applicationId": "10000000-0000-0002-0000-000000000001",
          "id": "00000000-0000-0002-0000-000000000000",
          "insertInstant": 1446064706250,
          "roles": [
            "user"
          ],
          "usernameStatus": "ACTIVE"
        }
      ],
      "twoFactorEnabled": false,
      "usernameStatus": "ACTIVE",
      "verified": true
    }
  }
}

5. User Update

This event is generated when a user is updated. The event will include the before and after versions of the User being updated.

Event type
user.update
Table 4. Event Body

event.createInstant [Long]

The instant that the event was generated.

event.id [UUID]

The event unique Id. You may receive an event more than once based upon your transaction settings. This Id may be used to identify a duplicate event.

event.original [Object]

The user before the update occurred, this is the old version of the user. See the Users API for property definitions and example JSON.

event.type [String]

The event type, this value will always be user.update.

event.user [Object]

The user after the update, this is the new version of the user. See the Users API for property definitions and example JSON.

5.1. Event JSON

Example Event JSON
{
  "event": {
    "createInstant": 1505762615056,
    "id": "e502168a-b469-45d9-a079-fd45f83e0406",
    "original": {
      "active": true,
      "email": "example@fusionauth.io",
      "id": "00000000-0000-0001-0000-000000000000",
      "lastLoginInstant": 1471786483322,
      "passwordChangeRequired": false,
      "passwordLastUpdateInstant": 1471786483322,
      "registrations": [
        {
          "applicationId": "10000000-0000-0002-0000-000000000001",
          "id": "00000000-0000-0002-0000-000000000000",
          "insertInstant": 1446064706250,
          "lastLoginInstant": 1456064601291,
          "roles": [
            "user"
          ],
          "usernameStatus": "ACTIVE"
        }
      ],
      "twoFactorEnabled": false,
      "usernameStatus": "ACTIVE",
      "verified": true
    },
    "type": "user.update",
    "user": {
      "active": true,
      "email": "john@fusionauth.io",
      "id": "00000000-0000-0001-0000-000000000000",
      "lastLoginInstant": 1471786483322,
      "passwordChangeRequired": false,
      "passwordLastUpdateInstant": 1471786483322,
      "registrations": [
        {
          "applicationId": "10000000-0000-0002-0000-000000000001",
          "id": "00000000-0000-0002-0000-000000000000",
          "insertInstant": 1446064706250,
          "lastLoginInstant": 1456064601291,
          "roles": [
            "user"
          ],
          "usernameStatus": "ACTIVE"
        }
      ],
      "twoFactorEnabled": false,
      "usernameStatus": "ACTIVE",
      "verified": true
    }
  }
}

6. User Deactivate

This event is generated when a user is deactivated, also referred to as a soft delete.

Event type
user.deactivate
Table 5. Event Body

event.createInstant [Long]

The instant that the event was generated.

event.id [UUID]

The event unique Id. You may receive an event more than once based upon your transaction settings. This Id may be used to identify a duplicate event.

event.type [String]

The event type, this value will always be user.deactivate.

event.user [Object]

The user that has been deactivated. See the Users API for property definitions and example JSON.

6.1. Event JSON

Example Event JSON
{
  "event": {
    "createInstant": 1505762615056,
    "id": "e502168a-b469-45d9-a079-fd45f83e0406",
    "type": "user.deactivate",
    "user": {
      "active": true,
      "email": "example@fusionauth.io",
      "id": "00000000-0000-0001-0000-000000000000",
      "lastLoginInstant": 1471786483322,
      "passwordChangeRequired": false,
      "passwordLastUpdateInstant": 1471786483322,
      "registrations": [
        {
          "applicationId": "10000000-0000-0002-0000-000000000001",
          "id": "00000000-0000-0002-0000-000000000000",
          "insertInstant": 1446064706250,
          "lastLoginInstant": 1456064601291,
          "roles": [
            "user"
          ],
          "usernameStatus": "ACTIVE"
        }
      ],
      "twoFactorEnabled": false,
      "usernameStatus": "ACTIVE",
      "verified": true
    }
  }
}

7. User Reactivate

This event is generated when user is re-activated, a re-activated user is one that had been soft deleted and has now been un-deleted.

Event type
user.reactivate
Table 6. Event Body

event.createInstant [Long]

The instant that the event was generated.

event.id [UUID]

The event unique Id. You may receive an event more than once based upon your transaction settings. This Id may be used to identify a duplicate event.

event.type [String]

The event type, this value will always be user.reactivate.

event.user [Object]

The user that has been re-activated. See the Users API for property definitions and example JSON.

7.1. Event JSON

Example Event JSON
{
  "event": {
    "createInstant": 1505762615056,
    "id": "e502168a-b469-45d9-a079-fd45f83e0406",
    "type": "user.reactivate",
    "user": {
      "active": true,
      "email": "example@fusionauth.io",
      "id": "00000000-0000-0001-0000-000000000000",
      "lastLoginInstant": 1471786483322,
      "passwordChangeRequired": false,
      "passwordLastUpdateInstant": 1471786483322,
      "registrations": [
        {
          "applicationId": "10000000-0000-0002-0000-000000000001",
          "id": "00000000-0000-0002-0000-000000000000",
          "insertInstant": 1446064706250,
          "lastLoginInstant": 1456064601291,
          "roles": [
            "user"
          ],
          "usernameStatus": "ACTIVE"
        }
      ],
      "twoFactorEnabled": false,
      "usernameStatus": "ACTIVE",
      "verified": true
    }
  }
}

8. User Delete

This event is generated when a user is deleted.

Event type
user.delete
Table 7. Event Body

event.createInstant [Long]

The instant that the event was generated.

event.id [UUID]

The event unique Id. You may receive an event more than once based upon your transaction settings. This Id may be used to identify a duplicate event.

event.type [String]

The event type, this value will always be user.delete.

event.user [Object]

The user that has been deleted. See the Users API for property definitions and example JSON.

8.1. Event JSON

Example Event JSON
{
  "event": {
    "createInstant": 1505762615056,
    "id": "e502168a-b469-45d9-a079-fd45f83e0406",
    "type": "user.delete",
    "user": {
      "active": true,
      "email": "example@fusionauth.io",
      "id": "00000000-0000-0001-0000-000000000000",
      "lastLoginInstant": 1471786483322,
      "passwordChangeRequired": false,
      "passwordLastUpdateInstant": 1471786483322,
      "registrations": [
        {
          "applicationId": "10000000-0000-0002-0000-000000000001",
          "id": "00000000-0000-0002-0000-000000000000",
          "insertInstant": 1446064706250,
          "lastLoginInstant": 1456064601291,
          "roles": [
            "user"
          ],
          "usernameStatus": "ACTIVE"
        }
      ],
      "twoFactorEnabled": false,
      "usernameStatus": "ACTIVE",
      "verified": true
    }
  }
}

9. User Email Verified

This event has been available since 1.8.0

This event is generated when a user verifies their email address.

Event type
user.email.verified
Table 8. Event Body

event.createInstant [Long]

The instant that the event was generated.

event.id [UUID]

The event unique Id. You may receive an event more than once based upon your transaction settings. This Id may be used to identify a duplicate event.

event.type [String]

The event type, this value will always be user.email.verified.

event.user [Object]

The user that has verified their email address. See the Users API for property definitions and example JSON.

9.1. Event JSON

Example Event JSON
{
  "event" : {
    "createInstant" : 1563399203743,
    "id" : "a5b9cae9-aacd-4649-a0f2-50bba29039c4",
    "type" : "user.email.verified",
    "user": {
      "active": true,
      "email": "example@fusionauth.io",
      "id": "00000000-0000-0001-0000-000000000000",
      "passwordChangeRequired": false,
      "registrations": [
        {
          "applicationId": "10000000-0000-0002-0000-000000000001",
          "id": "00000000-0000-0002-0000-000000000000",
          "insertInstant": 1446064706250,
          "roles": [
            "user"
          ],
          "usernameStatus": "ACTIVE"
        }
      ],
      "twoFactorEnabled": false,
      "usernameStatus": "ACTIVE",
      "verified": true
    }
  }
}

10. User Login Success

This event has been available since 1.6.0

This event is generated when a user completes a successful login.

Event type
user.login.success
Table 9. Event Body

event.authenticationType [String]

The type of authentication used in the login request.

event.createInstant [Long]

The instant that the event was generated.

event.id [UUID]

The event unique Id. You may receive an event more than once based upon your transaction settings. This Id may be used to identify a duplicate event.

event.type [String]

The event type, this value will always be user.login.success.

event.user [Object]

The user that completed the login request. See the Users API for property definitions and example JSON.

10.1. Event JSON

Example Event JSON
{
  "event": {
    "authenticationType": "PASSWORD",
    "createInstant": 1505762615056,
    "id": "e502168a-b469-45d9-a079-fd45f83e0406",
    "type": "user.login.success",
    "user": {
      "active": true,
      "email": "example@fusionauth.io",
      "id": "00000000-0000-0001-0000-000000000000",
      "passwordChangeRequired": false,
      "registrations": [
        {
          "applicationId": "10000000-0000-0002-0000-000000000001",
          "id": "00000000-0000-0002-0000-000000000000",
          "insertInstant": 1446064706250,
          "roles": [
            "user"
          ],
          "usernameStatus": "ACTIVE"
        }
      ],
      "twoFactorEnabled": false,
      "usernameStatus": "ACTIVE",
      "verified": true
    }
  }
}

11. User Login Failure

This event has been available since 1.6.0

This event is generated when a user login request fails due to invalid credentials.

Event type
user.login.failed
Table 10. Event Body

event.authenticationType [String]

The type of authentication used in the login request.

event.createInstant [Long]

The instant that the event was generated.

event.id [UUID]

The event unique Id. You may receive an event more than once based upon your transaction settings. This Id may be used to identify a duplicate event.

event.type [String]

The event type, this value will always be user.login.failed.

event.user [Object]

The user that failed the login request. See the Users API for property definitions and example JSON.

11.1. Event JSON

Example Event JSON
{
  "event": {
    "authenticationType": "PASSWORD",
    "createInstant": 1505762615056,
    "id": "e502168a-b469-45d9-a079-fd45f83e0406",
    "type": "user.login.failed",
    "user": {
      "active": true,
      "email": "example@fusionauth.io",
      "id": "00000000-0000-0001-0000-000000000000",
      "passwordChangeRequired": false,
      "registrations": [
        {
          "applicationId": "10000000-0000-0002-0000-000000000001",
          "id": "00000000-0000-0002-0000-000000000000",
          "insertInstant": 1446064706250,
          "roles": [
            "user"
          ],
          "usernameStatus": "ACTIVE"
        }
      ],
      "twoFactorEnabled": false,
      "usernameStatus": "ACTIVE",
      "verified": true
    }
  }
}

12. User Registration Create

This event has been available since 1.6.0

This event is generated when a user registration is created.

Event type
user.registration.create
Table 11. Event Body

event.applicationId [UUID]

The unique Id of the Application for which the user has now been registered.

event.createInstant [Long]

The instant that the event was generated.

event.id [UUID]

The event unique Id. You may receive an event more than once based upon your transaction settings. This Id may be used to identify a duplicate event.

event.registration [Object]

The user registration that has been created. See the Registration API for property definitions and example JSON.

event.type [String]

The event type, this value will always be user.registration.create.

event.user [Object]

The user that owns the new registration. See the Users API for property definitions and example JSON.

12.1. Event JSON

Example Event JSON
{
  "applicationId": "fed19281-1584-4db8-8b24-959e2d986904",
  "createInstant": 1505762615056,
  "id": "e502168a-b469-45d9-a079-fd45f83e0406",
  "registration": {
    "applicationId": "10000000-0000-0002-0000-000000000001",
    "id": "00000000-0000-0002-0000-000000000000",
    "insertInstant": 1446064706250,
    "roles": [
      "user"
    ],
    "usernameStatus": "ACTIVE"
  },
  "type": "user.registration.create",
  "user": {
    "active": true,
    "email": "example@fusionauth.io",
    "id": "00000000-0000-0001-0000-000000000000",
    "passwordChangeRequired": false,
    "twoFactorEnabled": false,
    "usernameStatus": "ACTIVE",
    "verified": true
  }
}

13. User Registration Update

This event has been available since 1.6.0

This event is generated when a user registration has been updated.

Event type
user.registration.update
Table 12. Event Body

event.applicationId [UUID]

The unique Id of the Application for which the user registration has been updated.

event.createInstant [Long]

The instant that the event was generated.

event.id [UUID]

The event unique Id. You may receive an event more than once based upon your transaction settings. This Id may be used to identify a duplicate event.

event.original [Object]

The original registration prior to being updated. See the Registration API for property definitions and example JSON.

event.registration [Object]

The user registration that has been updated. See the Registration API for property definitions and example JSON.

event.type [String]

The event type, this value will always be user.registration.update.

event.user [Object]

The user that owns the registration being updated. See the Users API for property definitions and example JSON.

13.1. Event JSON

Example Event JSON
{
  "applicationId": "fed19281-1584-4db8-8b24-959e2d986904",
  "createInstant": 1505762615056,
  "id": "e502168a-b469-45d9-a079-fd45f83e0406",
  "original": {
    "applicationId": "10000000-0000-0002-0000-000000000001",
    "id": "00000000-0000-0002-0000-000000000000",
    "insertInstant": 1446064706250,
    "roles": [
      "user"
    ],
    "usernameStatus": "ACTIVE"
  },
  "registration": {
    "applicationId": "10000000-0000-0002-0000-000000000001",
    "id": "00000000-0000-0002-0000-000000000000",
    "insertInstant": 1446064706250,
    "roles": [
      "admin"
    ],
    "usernameStatus": "ACTIVE"
  },
  "type": "user.registration.update",
  "user": {
    "active": true,
    "email": "example@fusionauth.io",
    "id": "00000000-0000-0001-0000-000000000000",
    "passwordChangeRequired": false,
    "twoFactorEnabled": false,
    "usernameStatus": "ACTIVE",
    "verified": true
  }
}

14. User Registration Delete

This event has been available since 1.6.0

This event is generated when a user registration has been deleted.

Event type
user.registration.delete
Table 13. Event Body

event.applicationId [UUID]

The unique Id of the Application for which the user’s registration has been deleted.

event.createInstant [Long]

The instant that the event was generated.

event.id [UUID]

The event unique Id. You may receive an event more than once based upon your transaction settings. This Id may be used to identify a duplicate event.

event.registration [Object]

The user registration that has been deleted. See the Registration API for property definitions and example JSON.

event.type [String]

The event type, this value will always be user.registration.delete.

event.user [Object]

The user that owns the registration being deleted. See the Users API for property definitions and example JSON.

14.1. Event JSON

Example Event JSON
{
  "applicationId": "fed19281-1584-4db8-8b24-959e2d986904",
  "createInstant": 1505762615056,
  "id": "e502168a-b469-45d9-a079-fd45f83e0406",
  "registration": {
    "applicationId": "10000000-0000-0002-0000-000000000001",
    "id": "00000000-0000-0002-0000-000000000000",
    "insertInstant": 1446064706250,
    "roles": [
      "user"
    ],
    "usernameStatus": "ACTIVE"
  },
  "type": "user.registration.delete",
  "user": {
    "active": true,
    "email": "example@fusionauth.io",
    "id": "00000000-0000-0001-0000-000000000000",
    "passwordChangeRequired": false,
    "twoFactorEnabled": false,
    "usernameStatus": "ACTIVE",
    "verified": true
  }
}

15. User Registration Verified

This event has been available since 1.8.0

This event is generated when a user registration has been verified.

Event type
user.registration.verified
Table 14. Event Body

event.applicationId [UUID]

The unique Id of the Application for which the user registration has been updated.

event.createInstant [Long]

The instant that the event was generated.

event.id [UUID]

The event unique Id. You may receive an event more than once based upon your transaction settings. This Id may be used to identify a duplicate event.

event.registration [Object]

The user registration that has been verified. See the Registration API for property definitions and example JSON.

event.type [String]

The event type, this value will always be user.registration.verified.

event.user [Object]

The user that owns the registration being updated. See the Users API for property definitions and example JSON.

15.1. Event JSON

Example Event JSON
{
  "event" : {
    "applicationId" : "dab376e7-ed33-4a41-86c9-e87de52bd8e2",
    "createInstant" : 1563399203742,
    "id" : "f3baaff6-2b41-4ec3-a786-6849d460b5e8",
    "registration" : {
      "applicationId": "10000000-0000-0002-0000-000000000001",
      "id": "00000000-0000-0002-0000-000000000000",
      "insertInstant": 1446064706250,
      "roles": [
        "admin"
      ],
      "usernameStatus": "ACTIVE",
      "verified" : true
    },
    "type" : "user.registration.verified",
    "user": {
      "active": true,
      "email": "example@fusionauth.io",
      "id": "00000000-0000-0001-0000-000000000000",
      "passwordChangeRequired": false,
      "registrations": [
        {
          "applicationId": "10000000-0000-0002-0000-000000000001",
          "id": "00000000-0000-0002-0000-000000000000",
          "insertInstant": 1446064706250,
          "roles": [
            "user"
          ],
          "usernameStatus": "ACTIVE"
        }
      ],
      "twoFactorEnabled": false,
      "usernameStatus": "ACTIVE",
      "verified": true
    }
  }
}

16. JWT Public Key Update

This event is generated when a public key configuration used to sign a JSON web token has been updated.

Event type
jwt.public-key.update
Table 15. Event Body

event.applicationIds [List<UUID>]

A list of Application Ids that may have been affected by a configuration change in which affect the public key used to sign JWTs.

event.createInstant [Long]

The instant that the event was generated.

event.id [UUID]

The event unique Id. You may receive an event more than once based upon your transaction settings. This Id may be used to identify a duplicate event.

event.type [String]

The event type, this value will always be jwt.public-key.update.

16.1. Event JSON

Example Event JSON
{
  "event": {
    "applicationIds": [
      "ecbe454c-3b52-46c3-87f7-b3e00c5636e6"
    ],
    "createInstant": 1505762615056,
    "id": "e502168a-b469-45d9-a079-fd45f83e0406",
    "type": "jwt.public-key.update"
  }
}

17. JWT Refresh Token Revoke

This event is generated when a refresh token is revoked. The JSON includes either the User Id or the Application Id depending on what was revoked. It will also include the time to live duration (in seconds) for each Application. This value is used to determine if JWTs are valid or not based on their expiration instants.

The following scenarios will cause this event to be generated:

  • A single Refresh Token is revoked

  • All Refresh Tokens owned by a single User are revoked

  • All Refresh Tokens for an Application are revoked

Event type
jwt.refresh-token.revoke

17.1. A single Refresh Token is revoked

This example JSON would reflect a scenario where a single refresh token is revoked for a single user for a single application.

Table 16. Event Body

event.applicationId [UUID]

The unique Id of the Application for which the refresh token have been revoked.

event.applicationTimeToLiveInSeconds [Map<UUID, Integer>]

A map of Application Id to the configured time to live (TTL) for the access token (JWT). This can be used to identify the maximum amount of time after this event occurred where an un-expired access token may be held by a user.

If you take the createInstant of this event and add the number of seconds for a specific application TTL you come up with an instant in time where you should consider all access tokens issued before this time invalid. This is because the access token will have been issued on or before the instant the refresh token was revoked.

This map will contain a single entry for the application represented by the applicationId field.

event.createInstant [Long]

The instant that the event was generated.

event.id [UUID]

The event unique Id. You may receive an event more than once based upon your transaction settings. This Id may be used to identify a duplicate event.

event.type [String]

The event type, this value will always be jwt.refresh-token.revoke.

event.userId [UUID]

The unique Id of the User for which a refresh token has been revoked.

Example Event JSON
{
  "event": {
    "applicationId": "21a8893c-51b3-4964-8a50-6afb66ee8acd",
    "applicationTimeToLiveInSeconds": {
      "21a8893c-51b3-4964-8a50-6afb66ee8acd": 600
    },
    "createInstant": 1505762615056,
    "id": "e502168a-b469-45d9-a079-fd45f83e0406",
    "type": "jwt.refresh-token.revoke",
    "userId": "dfdbae16-4e65-42c2-9773-23dfd6f5671d"
  }
}

17.2. All Refresh Tokens owned by a single User are revoked

This example JSON would reflect a scenario where all refresh tokens owned by a single user are revoked.

Table 17. Event Body

event.applicationTimeToLiveInSeconds [Map<UUID, Integer>]

A map of Application Id to the configured time to live (TTL) for the access token (JWT). This can be used to identify the maximum amount of time after this event occurred where an un-expired access token may be held by a user.

If you take the createInstant of this event and add the number of seconds for a specific application TTL you come up with an instant in time where you should consider all access tokens issued before this time invalid. This is because the access token will have been issued on or before the instant the refresh token was revoked.

This map will contain an entry for each application for which the user has a refresh token.

event.createInstant [Long]

The instant that the event was generated.

event.id [UUID]

The event unique Id. You may receive an event more than once based upon your transaction settings. This Id may be used to identify a duplicate event.

event.type [String]

The event type, this value will always be jwt.refresh-token.revoke.

event.userId [UUID]

The unique Id of the User for which all refresh tokens have been revoked.

Example Event JSON
{
  "event": {
    "applicationTimeToLiveInSeconds": {
      "21a8893c-51b3-4964-8a50-6afb66ee8acd": 600
    },
    "createInstant": 1505762615056,
    "id": "e502168a-b469-45d9-a079-fd45f83e0406",
    "type": "jwt.refresh-token.revoke",
    "userId": "dfdbae16-4e65-42c2-9773-23dfd6f5671d"
  }
}

17.3. All Refresh Tokens for an Application are revoked

This example JSON would reflect a scenario where all refresh tokens issued for a specific application are revoked.

Table 18. Event Body

event.applicationId [UUID]

The unique Id of the Application for which all of the refresh tokens have been revoked.

event.applicationTimeToLiveInSeconds [Map<UUID, Integer>]

A map of Application Id to the configured time to live (TTL) for the access token (JWT). This can be used to identify the maximum amount of time after this event occurred where an un-expired access token may be held by a user.

If you take the createInstant of this event and add the number of seconds for a specific application TTL you come up with an instant in time where you should consider all access tokens issued before this time invalid. This is because the access token will have been issued on or before the instant the refresh token was revoked.

event.createInstant [Long]

The instant that the event was generated.

event.id [UUID]

The event unique Id. You may receive an event more than once based upon your transaction settings. This Id may be used to identify a duplicate event.

event.type [String]

The event type, this value will always be jwt.refresh-token.revoke.

Example Event JSON
{
  "event": {
    "applicationId": "21a8893c-51b3-4964-8a50-6afb66ee8acd",
    "applicationTimeToLiveInSeconds": {
      "21a8893c-51b3-4964-8a50-6afb66ee8acd": 600
    },
    "createInstant": 1505762615056,
    "id": "e502168a-b469-45d9-a079-fd45f83e0406",
    "type": "jwt.refresh-token.revoke"
  }
}