Events

These are the events that FusionAuth generates that can be optionally consumed by your registered Webhook.

Audit Log Create - when an audit log is created
Event Log Create - when an event log is created
JWT Public Key Update - when a JWT RSA Public / Private keypair used for signing may have been updated
JWT Refresh - when an access token is refreshed using a refresh token
JWT Refresh Token Revoke - when a refresh token (or multiple tokens) are revoked
Kickstart Success - when kickstart has successfully completed
User Actions - when a moderator takes an action on a user
User Bulk Create - when multiple users are created as the result of the Import API
User Create - when a user is created
User Create Complete - when a user create transaction has completed
User Deactivate - when a user is deactivated
User Delete - when a user is deleted
User Delete Complete - when a user delete transaction has completed
User Email Update - when a user updates their email address
User Email Verified - when a user verifies their email address
User Login Failed - when a user fails to complete login
User Login Success - when a user successfully completes login
User Reactivate - when a user is reactivated
User Registration Create - when a new user registration is created
User Registration Create Complete - when a new user registration create transaction has completed
User Registration Delete - when a user registration is deleted
User Registration Delete Complete - when a user registration delete transaction has completed
User Registration Update - when a user registration is updated
User Registration Update Complete - when a user registration update transaction has completed
User Registration Verified - when a user completes registration verification
User Update - when a user is updated
User Update Complete - when a user update transaction has completed

Breached Password Events

These are the Breached Password licensed events that may FusionAuth generates that can be optionally consumed by your registered Webhook.

This feature is only available in paid editions of FusionAuth. Please visit our pricing page to learn more about paid editions.

User Password Breach - when Reactor detects a user is using a potentially breached password

Threat Detection Events

These are the Threat Detection licensed events that may FusionAuth generates that can be optionally consumed by your registered Webhook.

This feature is only available in Enterprise versions of FusionAuth. Please visit our pricing page to learn more about paid editions.

User Login Id Duplicate Create - when a request to create a user with an already in-use login Id (email or username) has been received
User Login Id Duplicate Update - when a request to update a user with an already in-use login Id (email or username) has been received
User Login New Device - when a user begins login with a new device
User Login Suspicious - when a user complete login and is considered to be a potential threat
User Password Reset Send - when a forgot password email has been sent to a user
User Password Reset Start - when a user starts the reset password flow
User Password Reset Success - when a user password reset flow has completed successfully
User Password Update - when a user’s password is updated
User Two-factor Method Add - when a user has added a two-factor method
User Two-factor Method Remove - when a user has removed a two-factor method

Tenant Scoped Events

Tenant scoped events are generated for all applications in a tenant or for none of them.

All user events are tenant scoped because a user is a tenant scoped entity. For example, the user.delete, user.create, user.update, and user.deactivate events are all tenant scoped.

A tenant scoped event can, however contain an applicationId which can be used to filter events when received. One example is user.registration.create.

Application Scoped Events

A few events can be generated for one or more specified applications, or for all applications within a tenant.

The ability to limit the generation of an event for only certain applications is legacy functionality and may be modified in the future. If you want to get events for certain applications, send events for a tenant. Filter on the applicationId when consuming the event and discard events from any applications that are not of interest.

These events can be application scoped:

jwt.public-key.update
jwt.refresh-token.revoke
user.action

Transaction Compatibility

Events can be either transactional or non-transactional. The final state of the operation which caused a transaction event is not persisted to FusionAuth until after the configured webhook finishes. Non-transactional events do not require any webhooks to succeed.

To learn more about writing webhooks, see Writing a Webhook.

For more information on event transaction configurations, see transaction setting under Tenant Settings.

Feedback

How helpful was this page?

See a problem?

File an issue in our docs repo