Account sync event payload
You can use the following account sync event payloads to trigger asynchronous workflows and synchronizations for event notification webhooks and APIs.
The following table lists the attributes that are contained in the account sync event.
| Name | Data type | Description |
|---|---|---|
| data.action | String | Details of the action performed. For example, account_sync_complete. |
| data.adoptionstats_compliant_accounts | String | The count of complaint accounts. |
| data.adoptionstats_deleted_accounts | String | The count of deleted accounts. |
| data.adoptionstats_failed_accounts | String | The count of failed accounts. |
| data.adoptionstats_non_compliant_accounts | String | The count of non-compliant accounts. |
| data.adoptionstats_unmatched_accounts | String | The count of unmatched accounts. |
| data.api_grant_type | String | The grant-type in the JWT. |
| data.applicationid | String | The unique identifier for each application. |
| data.applicationname | String | The name of the application. |
| data.applicationtype | String | The type of the application. |
| data.cause | String | The message describing the action. For example: "data.cause": [ "Account sync completed."]" ] |
| data.delta_changes | String | The attribute delta changes that are calculated as part of remediation. |
| data.devicetype | String | The browser user agent. |
| data.modified | String | Indicates the data that was modified. |
| data.origin | String | IP address of system that caused event to be generated. |
| data.performedby | String | The Cloud Directory userid or the UUID of the API client. |
| data.performedby_clientname | String | The API client name |
| data.performedby_realm | String | The realm of the person who performed the action. |
| data.performedby_type | String | API, System, or User. |
| data.performedby.username | String | The username of the person who performed the action. |
| data.reconcilliationid | String | The account sync ID for each recon that is run. |
| data.recon_account_info | String | Specifies account sync stats. For example, total:59, new:0, modified:1, unchanged:58, markedAsDeleted:0. |
| data.recon_accounts_count | String | Specifies recon account count. For Example, "recon_accounts_count": "7". |
| data.recon_groups_count | String | Specifies recon groups count. For Example, "recon_groups_count": "1". |
| data.recon_groups_info | String | Specify account sync group info. For example,"recon_groups_info": "{\"total\":1,\"new\":0,\"modified\":0,\"unchanged\":1,\"markedAsDeleted\":0}" |
| data.recon_operations_info | String | Account sync operation info. For example,"recon_operations_info": "[{\"resourceType\":\"SupportingData\",\"status\":\"SUCCESS\"},{\"resourceType\":\"Groups\",\"status\":\"SUCCESS\"},{\"resourceType\":\"Users\",\"status\":\"SUCCESS\"}]". |
| data.recon_status | String | Specifies the account Sync status. Can be success or failed. |
| data.recon_supporting_data_count | String | Specifies account sync supporting data count. For example, "recon_supporting_data_count": "2". |
| data.remediation_policy | String | Gives information about what remediation policy is using. For example, on_ci, on_target, or none. |
| data.remediation_status | String | Specifies what the account status is after remediation of the account. For example, complaint, non-complaint, or unmatched |
| data.subject | String | Indicates additional information about the event. This field contains the name of the subject. |
| data.subject_type | String | Indicates extra information about the event. This field indicates the type of the subject. For example, account. |
| data.subjectid | String | Indicates the unique identifier for the subject. |
| data.subtype | String |
|
| data.target | String | Secondary resource that might be applicable. |
| data.target_matching_attributes | String | Indicates the matching attributes for the target. |
| data.target_type | String | Information of target type. For example, user or application. |
| data.targetid | String | Indicates the unique identifier for the target. |
| geoip.city_name geoio.continent_name geoip.country_iso_code geoip.country_name geoip.location geoip.region_name |
String | Augmented by Event service by using data.origin. |
Example
The following code is a sample payload. Use the Events APIs to get the actual attributes. See https://docs.verify.ibm.com/verify/reference/getallevents and https://docs.verify.ibm.com/verify/docs/pulling-event-data.
{
"data": {
"performedby_type": "system",
"subject_type": "account",
"subject": "1111111111111111111111@111.111.111.111",
"origin": "unavailable",
"cause": "Compliance status of account.",
"subjectid": "22222222222222222222",
"remediation_status": "unmatched",
"remediation_policy": "on_ci",
"performedby": "system",
"action": "compliance_status",
"reconciliationid": "3333333333-3333-3333-3333-333333333333",
"applicationid": "4444444444444444444",
"performedby_clientname": "system"
},
"year": 2023,
"tags": [
"_geoip_lookup_failed-unresolvable_origin"
],
"event_type": "account_sync",
"month": 2,
"indexed_at": 1675283597657,
"tenantid": "55555555-5555-5555-5555-555555555555",
"tenantname": "tenant name.verify.ibmcloudsecurity.com",
"correlationid": "CORR_ID-66666666-6666-6666-6666-666666666666",
"id": "77777777-7777-7777-7777-777777777777",
"time": 1675282426328,
"day": 1
}