Message payload

As a publisher, PingFederate creates notification messages in JSON format and sends them to the configured topic. This JSON message body contains two top-level keys: data and configuration, as illustrated in the following snippet. 

{
  "data": {
    "USERNAME": "jdoe",
    ...
  },
  "configuration": {
    "com.pingidentity.notification.config.locale": "en-US",
    ...
    "com.pingidentity.notification.config.event.type": "ADMIN_PASSWORD_CHANGED"
  }
}

For all events, PingFederate provides relevant information by including various key:value pairs in the message body found inside the value of the data key.

The value of the com.pingidentity.notification.config.event.type key, located inside the value of the configuration key, indicates the event type. In this example, the event type is ADMIN_PASSWORD_CHANGED.

For end user-oriented events, the value of the com.pingidentity.notification.config.locale key, also located inside the value of the configuration key, indicates the locale of the end user who initiates the request.

Review the following sections for more information on event types and their respective keys, which are referred to as variables.

Events for administrators

Local administrative account management events
Event type Variables
ADMIN_ACCOUNT_CHANGE_NOTIFICATION_OFF
  • USERNAME (represents the username of the local administrative account who has turned off the Notify Administrator of Account Changes option)
  • RECEIVER (represents the email addresses of all the local administrative accounts that have been configured with an email address)
  • NOTIFY (represents the Notify Administrator of Account Change option on the Administrative Accounts screen)
  • CURRENT_USER_MESSAGE (represents the username of the administrator who initiated the change)
Note:

Unless otherwise noted, the rest of the variables in this Administrative Accounts section are either self-explanatory or identical to those mentioned here.
ADMIN_EMAIL_CHANGED
  • USERNAME
  • RECEIVER
  • DEPARTMENT
  • DESCRIPTION
  • PHONE_NUMBER
  • CURRENT_USER_MESSAGE

PingFederate sends two messages for this event type. Variables and their values remain the same, except for the RECEIVER value. The intent of them is to notify the end user at both the previous email address and the new email address.

ADMIN_PASSWORD_CHANGED
  • USERNAME
  • RECEIVER
  • DEPARTMENT
  • DESCRIPTION
  • PHONE_NUMBER
  • CURRENT_USER_MESSAGE
Certificate, SAML metadata update, and licensing events
Event type Variables
CERTIFICATE_EVENT_ACTIVATED and CERTIFICATE_EVENT_CREATED
  • SERIAL_NUMBER
  • SUBJECT_DN
  • EX_DATE
  • PENDING_CERT_SERIAL_NUM
  • PENDING_EX_DATE
  • ACTIVE_CONNECTIONS (represents the connections impacted by the creation of the pending certificate and the activation of it)
  • ACTIVATION_DATE
CERTIFICATE_EVENT_EXPIRED,CERTIFICATE_EVENT_FINAL_WARN, and CERTIFICATE_EVENT_INITIAL_WARN
  • SERIAL_NUMBER
  • SUBJECT_DN
  • EX_DATE
  • EX_TYPE
  • CONN_NAME (represents the connection impacted by any of the three certificate expiration events)
  • DAYS_LEFT
  • ACTION
SAML_METADATA_UPDATE_EVENT_ENTITY_ID_NOT_FOUND
  • ENTITY_ID
  • CONNECTION_NAME
  • METADATA_URL
  • METADATA_URL_NAME
SAML_METADATA_UPDATE_EVENT_FAILED
  • METADATA_URL
  • METADATA_URL_NAME
SAML_METADATA_UPDATE_EVENT_UPDATED
  • ENTITY_ID
  • CONNECTION_NAME
  • METADATA_URL
  • UPDATED (represents any updated connection settings)
  • OUT_OF_SYNC (represents any out-of-sync connection settings)
SERVER_LICENSING_EVENT_WARNING, SERVER_LICENSING_EVENT_EXPIRED, and SERVER_LICENSING_EVENT_SHUTDOWN
  • EX_DATE
  • DAYS_LEFT

Events for end users

Self-service password management, account recovery, and username recovery
Event type Variables
ACCOUNT_UNLOCKED
  • USERNAME (represents the username of the end user where the request is made)
  • RECEIVER (represents the email address of the end user where the request is made)
  • ADAPTER_ID (represents the Instance ID of the invoking HTML Form Adapter instance)
  • PCV_ID (represents the Instance ID of the Password Credential Validator instance involved)
Note:

Unless otherwise noted, the rest of the variables in this HTML Form Adapter instances section are either self-explanatory or identical to those mentioned here.
PASSWORD_CHANGED
  • GIVEN_NAME
  • USERNAME
  • RECEIVER
  • ADAPTER_ID
  • PCV_ID
PASSWORD_RESET
  • USERNAME
  • RECEIVER
  • ADAPTER_ID
  • PCV_ID
  • STATUS
PASSWORD_RESET_FAILED
  • USERNAME
  • RECEIVER
  • ADAPTER_ID
  • PCV_ID
PASSWORD_RESET_ONE_TIME_CODE and PASSWORD_RESET_ONE_TIME_LINK
  • USERNAME
  • RECEIVER
  • ADAPTER_ID
  • PCV_ID
  • CODE (represents the one-time code or hyperlink that the end user can use to reset the password associated with the account)
USERNAME_RECOVERY
  • USERNAME
  • RECEIVER
  • ADAPTER_ID
  • PCV_ID
  • DISPLAY_NAME
Customer IAM email ownership verification
Event type Variables
OWNERSHIP_VERIFICATION_ONE_TIME_LINK
  • USERNAME (represents the username of the end user who should receive an email ownership verification request)
  • RECEIVER (represents the email address to which the email ownership verification request should be sent)
  • CODE (represents the one-time hyperlink that the end user can use to verify the ownership of the email address associated with the account)