About Mosaic activity events
Mosaic captures activity events across your applications—whether triggered via APIs, SDKs, Journeys, or the Admin Portal—to give you visibility into identity-related actions for monitoring, auditing, and compliance.
Access and analyze activity events
You can access activity events through multiple channels, depending on your needs:
-
Admin Portal
: For in-portal filtering, search, and analysis:
- User activity dashboard: allows reviewing user actions like logins, password resets, and verification sessions. Additionally, it includes journey interaction events.
- Admin activity dashboard: allows reviewing configuration changes made through the Admin Portal or APIs.
- Journey analytics dashboard: focuses on journey-related events and allows in-depth research of how your journeys perform at scale.
- Event streaming : For exporting events to third-party systems
Journey events (cis)
To learn how to search and analyze these events in the Admin Portal, refer to Journey analytics.
| Event type | Description |
|---|---|
| Journey started | A journey was initiated. |
| Journey completed successfully | A journey has completed successfully. |
| Journey completed unsuccessfully | A journey has completed unsuccessfully. |
| Step started | A journey step was initiated successfully. |
| Step completed | A journey step has completed successfully. |
| Custom event | A event recorded as a result of the Log custom event step execution. This event includes custom data sent from the journey. |
| External connection call | A external connection was invoked. |
User management and authentication events (cis)
To learn how to search and analyze these events in the Admin Portal, refer to View user activity events.
| Event type | Description |
|---|---|
| User logout | A user logged out. |
| Create user failure | A user creation attempt failed. |
| Add password | A password was added to a user account. |
| Authentication succeeded | A user successfully authenticated. |
| SMS sent | An SMS message was sent. |
| User login | A user successfully logged in. |
| Create user | A new user was created. |
Identity Verification events (verify)
To learn how to search and analyze these events in the Admin Portal, refer to View user activity events.
| Event type | Description |
|---|---|
| Session started | Indicates starting a verification session. |
| Consent approved | Indicates saving consent info. |
| Verification completed | A verification process was completed. |
| Face auth session completed | A face authentication session was completed. |
| Verification status updated | Indicates the status of the internal verification process. |
| Image uploaded info | Indicates an image upload, including metadata information (processing time, etc.). |
| Error | Indicates an error on frontend, such as "something went wrong" page. |
| Sdk process completed | An SDK process was successfully completed. |
| Session deleted | Indicates a session deletion (via API or by retention). |
| Session created | Indicates creating a new verification session. |
| Image capture clicked | An image capture action was triggered. |
| Image uploaded | An image was uploaded. |
| Page loaded | Indicates a page load. |
| Deny by restriction criterion | Indicates the verification was rejected based on restriction criteria. |
| Read image data | Image data was accessed. |
| Allow by restriction criterion | Indicates the verification can continue according to the restriction criteria. |
| Verification started | A verification process was initiated. |
| User action performed | Indicates an action was performed by the user, such as a button click. |
| Redirect | Indicates redirection to callback URL. |
| Face auth session started | A face authentication session was initiated. |
| Check image quality | Indicates checking the image quality after capturing an image. |
Fraud Prevention events (risk)
To learn how to search and analyze these events in the Admin Portal, refer to View user activity events.
| Event type | Description |
|---|---|
| Risk recommendation | Risk recommendation given to a user action |
Admin events
To learn how to search and analyze these events in the Admin Portal, refer to View admin activity events for filtering and grouping user logs.
| Event type | Description |
|---|---|
addAdmin |
A new admin user was created |
adminCreateTenant |
A new tenant was created |
adminLogin |
An admin user logged in |
adminLogout |
An admin user logged out |
adminUpdateTenant |
The tenant was modified |
adminUpdateUser |
An admin modified a user |
createApiToken |
An API token was created |
enableAppSpecificSigningKey |
Token signing with an app-specific key was enabled |
disableAppSpecificSigningKey |
Token signing with an app-specific key was disabled |
createApp |
An new app was created |
createMgmtApp |
A new management app was created |
createUser |
A new user was created |
deleteApiToken |
An API token was deleted |
deleteApp |
An app was deleted |
deleteMgmtApp |
A management app was deleted |
deleteUser |
A user was deleted |
editAuthSettings |
An app's authentication settings were modified |
editGeneralSettings |
General settings were modified |
removeAdmin |
An admin user was removed |
updateApp |
An app was modified |
updateMgmtApp |
A management app was modified |
editPreviewPolicy |
A preview policy was modified |
pushPolicyToProduction |
A preview policy was pushed to production |