8.4 Mobile and Social Events You Can Audit

The following topics describe how to audit mobile and social events:

8.4.1 REST Run-Time Audit Events

You can audit the REST run-time events.

Table 8-4 REST Run-Time Audit Events

Run-time Event Issued When Event Details Include

Partner Security Validation Event

Partner credentials are validated using the appropriate security mechanism. The event is logged for both success and failure scenarios.

  • Partner ID (or any unique partner var)

  • Remote IP

  • Security Mechanism

  • Service Instance (Endpoint or name)

  • Event Status (success/fail)

Create Token

A token is created.

  • Event Status

  • Caller Attribute

  • Subject Attribute

  • Filter Subject Attribute

  • Token Attribute

  • Opcode Attribute

  • Message Text

Terminate Token

A token is terminated.

  • Event Status

  • Caller Attribute

  • Subject Attribute

  • Filter Subject Attribute

  • Token Attribute

  • Opcode Attribute

  • Message Text

Get Token

A token is obtained/read.

  • Event Status

  • Caller Attribute

  • Subject Attribute

  • Filter Subject Attribute

  • Token Attribute

  • Opcode Attribute

  • Message Text

8.4.2 Mobile and Social Audit Events

You can audit the Mobile and Social runtime events.

Table 8-5 Mobile and Social Run-Time Audit Events

Run-Time Event Issued When Event Details Include

IDP Login

A user attempts to log in using an identity provider

  • Event status

  • Application ID

  • Identity provider name

  • Event message

IDP Rest Access

The REST service for identity providers is accessed

  • Event status

  • Application ID

  • Protocol

  • Event message

IDP User Profile

The user profile related to a user authenticated by an identity provider is obtained

  • Event status

  • Application ID

  • User attributes

  • Identity provider name

  • Event message (optional attributes)

Local Registration

A user registers locally by providing registration info

  • Event status

  • User ID

  • First name

  • Last name

  • E-mail

  • Location

  • Time zone

  • Event message

Security Validation

The security mechanism on the Identity Provider REST Services for Relying Party (RP) is validated

  • Security mechanism

  • Client principal

  • Remote IP address

  • Event message

OpenID Authentication Request

An OpenID authentication request is initiated

  • Event status

  • Request ID

  • IDP login URL

  • Request attributes

  • Message text

OAuth Authentication Request

An OAuth authentication request is initiated

  • Event status

  • Request ID

  • Return URL

  • IDP attributes

  • Message text

OAuth Access Token Request

An OAuth access token request is initiated

  • Event status

  • Request ID

  • Token

  • Message text

Local Login

User logs in locally

  • Event status

  • Application ID

  • User ID

  • Token

  • Message text