description: OneLogin provides single sign-on and identity management for organizations
referenceURL: https://developers.onelogin.com/api-docs/1/events/event-resource
description: The Universal Unique Identifier for this message generated by OneLogin.
description: Account that triggered the event.
description: Time and date at which the event was created. This value is autogenerated by OneLogin.
timeFormat: layout=2006-01-02 15:04:05 MST
- name: error_description
description: Provisioning error details, if applicable.
description: The name of the login user
description: Name of the app involved in the event, if applicable.
- name: authentication_factor_description
description: More details about the authentication factor used.
description: The name of the certificate that was included in the request.
description: The ID of the certificate that was included in the request.
- name: assumed_by_superadmin_or_reseller
description: Indicates that the operation was performed by superadmin or reseller.
description: The directory name.
description: ID of the user whose action triggered the event.
description: Name of the user that was acted upon to trigger the event.
description: The ID of the mapping included in the operation.
description: The ID of the Radius configuration included in the operation.
description: The higher thiss number, the higher the risk.
description: ID of a device involved in the event.
description: The ID of the imported user.
description: The resolution.
description: The directory ID.
- name: authentication_factor_id
description: The ID of the authentication factor used.
description: The ID of the risk cookie.
description: ID of the app involved in the event, if applicable.
description: More details about the event.
- name: browser_fingerprint
description: The fingerprint of the browser.
description: Name of a device involved in the event.
description: First and last name of the user whose action triggered the event.
description: Acting system that triggered the event when the actor is not a user.
description: The name of the custom user field.
description: The ID of the custom user field.
- name: assuming_acting_user_id
description: ID of the user who assumed the role of the acting user to trigger the event, if applicable.
- name: api_credential_name
description: The name of the API credential used.
- name: imported_user_name
description: The name of the imported user.
description: The title of the note.
description: The name of the trusted IDP.
description: ID of the policy involved in the event.
description: Name of a role involved in the event.
- name: resolved_by_user_id
description: The ID of the user that resolved the issue.
description: ID of a group involved in the event.
description: Client ID used to generate the access token that made the API call that generated the event.
description: IP address of the machine used to trigger the event.
description: More details about the event.
description: Type of event triggered.
description: ID of the user that was acted upon to trigger the event.
description: This is not an exhaustive list of the reasons for the risk score and should only be used as a guide
description: The name of the proxy agent.
description: The type of the policy.
description: ID of a role involved in the event.
description: The user agent from which the request was invoke
description: The name of the privilege.
description: Name of a group involved in the event.
description: The entity involved in this request.
description: ID of the resource (user, role, group, and so forth) associated with the event.
description: The name of the mapping.
description: The name of the task.
- name: authentication_factor_type
description: The type of the authentication type.
- name: radius_config_name
description: The name of the Radius configuration used.
description: Name of the policy involved in the event.
description: The id of the privilege.
- name: directory_sync_run_id
description: Directory sync run ID.
description: The name of the operation