Authentication Events

Flip is using the standard OAuth protocol for authentication. Some authentication events relate to the OAuth protocol and are relevant for system administrators wanting to troubleshoot authentication issues.

To monitor any problems with the user authentication flow all authentication events can be found in the Admin Console under Access & Security > Authentication Events.

The corresponding user, the time, the event type, a possible error code, as well as the IP address and the client can be displayed.
The displayed columns can be shown or hidden via the column menu at the top right.

Event Types

Depending on your authentication setup, these are the event types:

LOGIN_USERNAME_PASSWORD A user has logged in using the login form.
BACKGROUND_AUTHENTICATION A user was re-authenticated via a background process in our app. This automatic process ensures that users remain logged in.
LOGIN_SSO A user was logged in through another Identity Provider.
LOGIN_POST_REGISTRATION A user was logged in after successfully completing the self-registration process.
LOGIN_API_CLIENT An API client has logged in. Depending on the API used, this could be either an "OAuth2 Resource Owner Password Flow" or an "OAuth2 Client Credentials Flow".
LOGIN_UNSPECIFIED A user or an API was authenticated using unspecified methods.
SESSION_PROPAGATION The user's authentication session was propagated to another OIDC Client. This happens as a result of users clicking on menu items for external applications or integration.
CODE_TO_TOKEN A user/api client has exchanged an authentication code for a refresh/access token pair. This is part of the "OAuth2 Authorization Code Flow" and usually happens after a login or a background authentication.
REFRESH_TOKEN A user/api client has refreshed an access token using their refresh token. This automatic process ensures that users remain logged in.
CUSTOM_REQUIRED_ACTION The user/api client was required to do certain actions prior to accessing the app. This is either verifying their email, changing their password or accepting the terms and conditions.
REGISTER A user has registered.
LOGOUT A user has logged out.
SEND_PASSWORD_RESET A password reset email has been sent.
UPDATE_PASSWORD The password for an account has changed.
UPDATE_PROFILE The profile for an account has changed.
UPDATE_EMAIL The email for an account has changed.
SEND_VERIFY_EMAIL An email verification email has been sent.
VERIFY_EMAIL The email address for an account has been verified.
IDENTITY_PROVIDER_POST_LOGIN A user has logged in via an identity provider.
IDENTITY_PROVIDER_FIRST_LOGIN A user has logged in for the first time via an identity provider.
FEDERATED_IDENTITY_LINK A user has been linked to an external IDP.

 

Error Codes

There is a corresponding error event for each event type, which can be recognized by the _ERROR suffix. If an error occurs, the error code provides further information about the reason.
These are the most common error types:

client_not_found The client has not been found
cookie_not_found The cookie has not been found
email_send_failed Sending the email failed
expired_code The code has expired
Failed to verify login action Failed to verify login action
invalid_code The code is invalid
invalid_email The email is invalid
invalid_redirect_uri The redirect url is invalid
invalid_request The request is invalid
invalid_saml_response The SAML response is invalid
invalid_token The token is invalid
invalid_user_credentials The user credentials are invalid
not_allowed The action is not allowed
password_confirm_error The password has not been confirmed
password_missing The password has not been entered
password_rejected The password has been rejected
rejected_by_user The action was rejected by the user
session_expired The session is expired
user_disabled The user is disabled
user_not_found The user has not been found
user_temporarily_disabled The user is temporarily disabled
username_missing The username has not been entered

 

Was this article helpful?

0 out of 0 found this helpful

Have more questions? Submit a request

Comments

0 comments

Please sign in to leave a comment.