Fulfillment events payload

You can use the following fulfillment event payloads to trigger asynchronous workflows and synchronizations for event notification webhooks and APIs.

Table 1. Fulfillment attributes
Name Data type Description
data.account_name String The name of the account that was retrieved from target.
data.action String The details of the action that was performed. For example, provisioning_event.
data.application String The name of the application.
data.applicationid String The unique identifier for each application.
data.applicationname String The name of the application.
data.application type String The type of the application.
data.cause String The message that describes the action. For example, Provisioning event generated, Account provisioning failed.
data.entitlementcategory String The attribute that describes the category of the entitlement.
data.entitlementid String Specifies the entitlement ID.
data.entitlementname String The name of the permission. For example, Basic access.
data.entitlementtype String The type of the entitlement. For example, permission.
data.eventid String The ID that is generated for each event.
data.group_name String The name of the group. For example, All users.
data.groupid String The ID that is given to group. For example, allUsers.
data.ib_request_id String The ID for Identity Broker that is being used to search events at the Identity Broker side.
data.lastUpdatedtime String The last updated time of the event, which is in Greenwich mean time and in epoch.
data.message_description String Gives the description of the event. For example, CSIBK0021E The system can't reach the target application.
data.message_details String The detail description of the event. For example, Endpoint not reachable.
data.owners_ids String A list of the userids that own the application.
data.owners String The names of the users who own the application.
data.performedby String The Cloud Directory userid or the UUID of the API Client.
data.performedby_clientname String The API client name.
data.performedby_realm String The realm of the person who performed the action.
data.performedby_type String API, System, or User.
data.performedby_username String The username of the person who performed the action.
data.permissionextref String The external reference ID for a permission.
data.permissionrights String The values for the permission rights that come from the target side.
data.reason   The reason for the event. For example, Endpoint not reachable.
data.reconcilliationid String The unique ID that is associated with each reconciliation that was run.
data.resource String Specifies the source of event. For example, entitlement.
data.response_status String Indicates the response status for a response that was received from Identity Broker.
data.result String The result of the event. For example, Success or Failed.
data.status_code String Gives the status code of event. For example, 500.
data.subaction String Describes sub action that is performed under the main action.
data.subject String For example, Basic access.
data.subject_type String Provide subject type. For example, entitlement.
data.subjectid String The unique identifier for the target.
data.subtype String Defines subtype of the event. For example, provisioning_event.
data.target_type String Defines the target type.
data.target String The secondary resource that might be applicable.
data.targetid String Unique identifier for the target.
data.templateid String The template ID for application.
data.userid String The Cloud Directory userid or the UUID of the API Client.
data.userid_username String The Cloud Directory username of user.
x-service-correlationid String The correlation ID for each event. For example, CORR_ID-AK 85d04a3d-1873-4145-875e-1872b6448871.

Example

The following code is a sample payload. Use the Events APIs to get the actual attributes. See https://docs.verify.ibm.com/verify/reference/getallevents and https://docs.verify.ibm.com/verify/docs/pulling-event-data.

{
  
    "data": {
      "reason": "CSIBK0030E The application is suspended because of too many recent token refresh requests. Requests will fail until Thu Feb 02 16:43:32 UTC 2023.",
      "status_code": "500",
      "targetid": "1111111111",
      "subject": "jacob",
      "x-service-correlationid": "2222222222222",
      "cause": "Account deprovisioned or suspended.",
      "owners": "[jacob]",
      "result": "success",
      "performedby": "system",
      "account_name": "jacob",
      "action": "account_deprovisioned",
      "applicationid": "3333333333333333333",
      "ib_request_id": "44444444-4444-4444-4444-444444444444",
      "performedby_type": "system",
      "subject_type": "account",
      "lastUpdatedtime": "1675355917468",
      "message_description": "CSIBK0030E The application is suspended because of too many recent token refresh requests. Requests will fail until Thu Feb 02 16:43:32 UTC 2023.",
      "target_type": "user",
      "templateid": "20",
      "subjectid": "55555555555555555555555555555555",
      "applicationname": "ServiceNow",
      "target": "jacob",
      "applicationtype": "ServiceNow",
      "performedby_clientname": "system",
      "owner_ids": "[6666666666]"
    },
    "year": 2023,
    "event_type": "fulfillment",
    "month": 2,
    "indexed_at": 1675355918313,
    "tenantid": "66666666-6666-6666-6666-666666666666",
    "tenantname": "tenant name.ibmcloudsecurity.com",
    "correlationid": "7777777777777",
    "id": "88888888-8888-8888-8888-888888888888",
    "time": 1675355917530,
    "day": 2
 }