Message payload
As a publisher, PingFederate creates notification messages in JSON format and sends them to the configured topic. This JSON message body contains two top-level keys: data and configuration, as illustrated in the following snippet.
{
"data": {
"USERNAME": "jdoe",
...
},
"configuration": {
"com.pingidentity.notification.config.locale": "en-US",
...
"com.pingidentity.notification.config.event.type": "ADMIN_PASSWORD_CHANGED"
}
}
For all events, PingFederate provides relevant information by including various key:value pairs in the message body found inside the value of the data key.
The value of the com.pingidentity.notification.config.event.type key, located inside the value of the configuration key, indicates the event type. In this example, the event type is ADMIN_PASSWORD_CHANGED.
For end user-oriented events, the value of the com.pingidentity.notification.config.locale key, also located inside the value of the configuration key, indicates the locale of the end user who initiates the request.
Review the following sections for more information on event types and their respective keys, which are referred to as variables.
Events for administrators
- Local administrative account management events
-
Event type Variables ADMIN_ACCOUNT_CHANGE_NOTIFICATION_OFF - USERNAME (represents the username of the local administrative account who has turned off the Notify Administrator of Account Changes option)
- RECEIVER (represents the email addresses of all the local administrative accounts that have been configured with an email address)
- NOTIFY (represents the Notify Administrator of Account Change option on the Administrative Accounts screen)
- CURRENT_USER_MESSAGE (represents the username of the administrator who initiated the change)
Note:Unless otherwise noted, the rest of the variables in this Administrative Accounts section are either self-explanatory or identical to those mentioned here.
ADMIN_EMAIL_CHANGED - USERNAME
- RECEIVER
- DEPARTMENT
- DESCRIPTION
- PHONE_NUMBER
- CURRENT_USER_MESSAGE
PingFederate sends two messages for this event type. Variables and their values remain the same, except for the RECEIVER value. The intent of them is to notify the end user at both the previous email address and the new email address.
ADMIN_PASSWORD_CHANGED - USERNAME
- RECEIVER
- DEPARTMENT
- DESCRIPTION
- PHONE_NUMBER
- CURRENT_USER_MESSAGE
- Certificate, SAML metadata update, and licensing events
-
Event type Variables CERTIFICATE_EVENT_ACTIVATED and CERTIFICATE_EVENT_CREATED - SERIAL_NUMBER
- SUBJECT_DN
- EX_DATE
- PENDING_CERT_SERIAL_NUM
- PENDING_EX_DATE
- ACTIVE_CONNECTIONS (represents the connections impacted by the creation of the pending certificate and the activation of it)
- ACTIVATION_DATE
CERTIFICATE_EVENT_EXPIRED,CERTIFICATE_EVENT_FINAL_WARN, and CERTIFICATE_EVENT_INITIAL_WARN - SERIAL_NUMBER
- SUBJECT_DN
- EX_DATE
- EX_TYPE
- CONN_NAME (represents the connection impacted by any of the three certificate expiration events)
- DAYS_LEFT
- ACTION
SAML_METADATA_UPDATE_EVENT_ENTITY_ID_NOT_FOUND - ENTITY_ID
- CONNECTION_NAME
- METADATA_URL
- METADATA_URL_NAME
SAML_METADATA_UPDATE_EVENT_FAILED - METADATA_URL
- METADATA_URL_NAME
SAML_METADATA_UPDATE_EVENT_UPDATED - ENTITY_ID
- CONNECTION_NAME
- METADATA_URL
- UPDATED (represents any updated connection settings)
- OUT_OF_SYNC (represents any out-of-sync connection settings)
SERVER_LICENSING_EVENT_WARNING, SERVER_LICENSING_EVENT_EXPIRED, and SERVER_LICENSING_EVENT_SHUTDOWN - EX_DATE
- DAYS_LEFT
Events for end users
- Self-service password management, account recovery, and username recovery
-
Event type Variables ACCOUNT_UNLOCKED - USERNAME (represents the username of the end user where the request is made)
- RECEIVER (represents the email address of the end user where the request is made)
- ADAPTER_ID (represents the Instance ID of the invoking HTML Form Adapter instance)
- PCV_ID (represents the Instance ID of the Password Credential Validator instance involved)
Note:Unless otherwise noted, the rest of the variables in this HTML Form Adapter instances section are either self-explanatory or identical to those mentioned here.
PASSWORD_CHANGED - GIVEN_NAME
- USERNAME
- RECEIVER
- ADAPTER_ID
- PCV_ID
PASSWORD_RESET - USERNAME
- RECEIVER
- ADAPTER_ID
- PCV_ID
- STATUS
PASSWORD_RESET_FAILED - USERNAME
- RECEIVER
- ADAPTER_ID
- PCV_ID
PASSWORD_RESET_ONE_TIME_CODE and PASSWORD_RESET_ONE_TIME_LINK - USERNAME
- RECEIVER
- ADAPTER_ID
- PCV_ID
- CODE (represents the one-time code or hyperlink that the end user can use to reset the password associated with the account)
USERNAME_RECOVERY - USERNAME
- RECEIVER
- ADAPTER_ID
- PCV_ID
- DISPLAY_NAME
- Customer IAM email ownership verification
-
Event type Variables OWNERSHIP_VERIFICATION_ONE_TIME_LINK - USERNAME (represents the username of the end user who should receive an email ownership verification request)
- RECEIVER (represents the email address to which the email ownership verification request should be sent)
- CODE (represents the one-time hyperlink that the end user can use to verify the ownership of the email address associated with the account)