This lists the various event types and their respective keys (variables) used within the PingFederate Amazon SNS notification publisher instance configuration.
Message payload
As a publisher, PingFederate creates notification messages in JSON format and sends them to the configured topic. This JSON message body contains two top-level keys: data and configuration, as illustrated in the following snippet.
{
"data": {
"USERNAME": "jdoe",
...
},
"configuration": {
"com.pingidentity.notification.config.locale": "en-US",
...
"com.pingidentity.notification.config.event.type": "ADMIN_PASSWORD_CHANGED"
}
}
For all events, PingFederate provides relevant information by including various key:value pairs in the message body, located inside the value of the data key.
The value of the com.pingidentity.notification.config.event.type key, located inside the value of the configuration key, indicates the event type. In this example, the event type is ADMIN_PASSWORD_CHANGED.
For end user-oriented events, the value of the com.pingidentity.notification.config.locale key, also located inside the value of the configuration key, indicates the locale of the end user who initiates the request.
Review the following sections for more information on event types and their respective keys, which are referred to as variables.
Events for administrators
- Local administrative account management events
-
Event type Variables ADMIN_ACCOUNT_CHANGE_NOTIFICATION_OFF - USERNAME represents the username of the local administrative account who has turned off the Notify Administrator of Account Changes option.
- RECEIVER represents the email addresses of all the local administrative accounts configured with an email address.
- NOTIFY represents the Notify Administrator of Account Change option on the Administrative Accounts window.
- CURRENT_USER_MESSAGE represents the username of the administrator who initiated the change.
Note:Unless otherwise noted, the rest of the variables in the Administrative Accounts section are either self-explanatory or identical to those mentioned here.
ADMIN_EMAIL_CHANGED - USERNAME
- RECEIVER
- DEPARTMENT
- DESCRIPTION
- PHONE_NUMBER
- CURRENT_USER_MESSAGE
PingFederate sends two messages for this event type. Variables and their values remain the same, except for the RECEIVER value. They are intended to notify the end user at both the previous email address and the new email address.
ADMIN_PASSWORD_CHANGED - USERNAME
- RECEIVER
- DEPARTMENT
- DESCRIPTION
- PHONE_NUMBER
- CURRENT_USER_MESSAGE
- Certificate, SAML metadata update, and licensing events
-
Event type Variables CERTIFICATE_EVENT_ACTIVATED and CERTIFICATE_EVENT_CREATED - SERIAL_NUMBER
- SUBJECT_DN
- EX_DATE
- PENDING_CERT_SERIAL_NUM
- PENDING_EX_DATE
- ACTIVE_CONNECTIONS represents the connections impacted by the creation of the pending certificate and the activation of it.
- ACTIVATION_DATE
CERTIFICATE_EVENT_EXPIRED,CERTIFICATE_EVENT_FINAL_WARN, and CERTIFICATE_EVENT_INITIAL_WARN - SERIAL_NUMBER
- SUBJECT_DN
- EX_DATE
- EX_TYPE
- CONN_NAME represents the connection impacted by any of the three certificate expiration events.
- DAYS_LEFT
- ACTION
SAML_METADATA_UPDATE_EVENT_ENTITY_ID_NOT_FOUND - ENTITY_ID
- CONNECTION_NAME
- METADATA_URL
- METADATA_URL_NAME
SAML_METADATA_UPDATE_EVENT_FAILED - METADATA_URL
- METADATA_URL_NAME
SAML_METADATA_UPDATE_EVENT_UPDATED - ENTITY_ID
- CONNECTION_NAME
- METADATA_URL
- UPDATED represents any updated connection settings.
- OUT_OF_SYNC represents any out-of-sync connection settings.
SERVER_LICENSING_EVENT_WARNING, SERVER_LICENSING_EVENT_EXPIRED, and SERVER_LICENSING_EVENT_SHUTDOWN - EX_DATE
- DAYS_LEFT
Events for end users
- Self-service password management, account recovery, and username recovery
-
Event type Variables ACCOUNT_UNLOCKED - USERNAME represents the user name of the end user where the request is made.
- RECEIVER represents the email address of the end user where the request is made.
- ADAPTER_ID represents the Instance ID of the invoking HTML Form Adapter instance.
- PCV_ID represents the Instance ID of the Password Credential Validator (PCV) instance involved.
Note:Unless otherwise noted, the rest of the variables in the HTML Form Adapter instances section are either self-explanatory or identical to those mentioned here.
PASSWORD_CHANGED - GIVEN_NAME
- USERNAME
- RECEIVER
- ADAPTER_ID
- PCV_ID
PASSWORD_RESET - USERNAME
- RECEIVER
- ADAPTER_ID
- PCV_ID
- STATUS
PASSWORD_RESET_FAILED - USERNAME
- RECEIVER
- ADAPTER_ID
- PCV_ID
PASSWORD_RESET_ONE_TIME_CODE and PASSWORD_RESET_ONE_TIME_LINK - USERNAME
- RECEIVER
- ADAPTER_ID
- PCV_ID
- CODE represents the one-time code or hyperlink that the end user can use to reset the password associated with the account.
USERNAME_RECOVERY - USERNAME
- RECEIVER
- ADAPTER_ID
- PCV_ID
- DISPLAY_NAME
- Customer IAM email ownership verification
-
Event type Variables OWNERSHIP_VERIFICATION_ONE_TIME_LINK - USERNAME represents the user name of the end user who should receive an email ownership verification request.
- RECEIVER represents the email address to which the email ownership verification request is sent.
- CODE represents the one-time hyperlink that the end user can use to verify the ownership of the email address associated with the account.