# About Mosaic activity events

Mosaic captures activity events across your applications—whether triggered via APIs, SDKs, Journeys, or the Admin Portal—to give you visibility into identity-related actions for monitoring, auditing, and compliance.

## Access and analyze activity events

You can access activity events through multiple channels, depending on your needs:

* **Admin Portal**: For in-portal filtering, search, and analysis:
  * [User activity](/guides/user/user_audit_logs) dashboard: allows reviewing user actions like logins, password resets, and verification sessions. Additionally, it includes journey interaction events.
  * [Admin activity](/guides/user/admin_audit_logs) dashboard: allows reviewing configuration changes made through the Admin Portal or APIs.
  * [Journey analytics](/guides/orchestration/getting-started/journey_analytics) dashboard: focuses on journey-related events and allows in-depth research of how your journeys perform at scale.
* **Event streaming**: For exporting events to third-party systems
  * [Stream events to external systems](/guides/user/platform/activities_streaming)


## Journey events (cis)

To learn how to search and analyze these events in the Admin Portal, refer to [Journey analytics](/guides/orchestration/getting-started/journey_analytics).

div
| Event type | Description |
|  --- | --- |
| Journey started | A journey was initiated. |
| Journey completed successfully | A journey has completed successfully. |
| Journey completed unsuccessfully | A journey has completed unsuccessfully. |
| Step started | A journey step was initiated successfully. |
| Step completed | A journey step has completed successfully. |
| Custom event | A event recorded as a result of the [Log custom event](/guides/orchestration/journeys/create_custom_activity_log) step execution. This event includes custom data sent from the journey. |
| External connection call | A external connection was invoked. |


## User management and authentication events (cis)

To learn how to search and analyze these events in the Admin Portal, refer to [View user activity events](/guides/user/user_audit_logs).

div
| Event type | Description |
|  --- | --- |
| User logout | A user logged out. |
| Create user failure | A user creation attempt failed. |
| Add password | A password was added to a user account. |
| Authentication succeeded | A user successfully authenticated. |
| SMS sent | An SMS message was sent. |
| User login | A user successfully logged in. |
| Create user | A new user was created. |


## Identity Verification events (verify)

To learn how to search and analyze these events in the Admin Portal, refer to [View user activity events](/guides/user/user_audit_logs).

div
| Event type | Description |
|  --- | --- |
| Session started | Indicates starting a verification session. |
| Consent approved | Indicates saving consent info. |
| Verification completed | A verification process was completed. |
| Face auth session completed | A face authentication session was completed. |
| Verification status updated | Indicates the status of the internal verification process. |
| Image uploaded info | Indicates an image upload, including metadata information (processing time, etc.). |
| Error | Indicates an error on frontend, such as "something went wrong" page. |
| Sdk process completed | An SDK process was successfully completed. |
| Session deleted | Indicates a session deletion (via API or by retention). |
| Session created | Indicates creating a new verification session. |
| Image capture clicked | An image capture action was triggered. |
| Image uploaded | An image was uploaded. |
| Page loaded | Indicates a page load. |
| Deny by restriction criterion | Indicates the verification was rejected based on restriction criteria. |
| Read image data | Image data was accessed. |
| Allow by restriction criterion | Indicates the verification can continue according to the restriction criteria. |
| Verification started | A verification process was initiated. |
| User action performed | Indicates an action was performed by the user, such as a button click. |
| Redirect | Indicates redirection to callback URL. |
| Face auth session started | A face authentication session was initiated. |
| Check image quality | Indicates checking the image quality after capturing an image. |


## Fraud Prevention events (risk)

To learn how to search and analyze these events in the Admin Portal, refer to [View user activity events](/guides/user/user_audit_logs).

div
| Event type | Description |
|  --- | --- |
| Risk recommendation | Risk recommendation given to a user action |


## Admin events

To learn how to search and analyze these events in the Admin Portal, refer to [View admin activity events](/guides/user/admin_audit_logs) for filtering and grouping user logs.

div
| Event type | Description |
|  --- | --- |
| `addAdmin` | A new admin user was created |
| `adminCreateTenant` | A new tenant was created |
| `adminLogin` | An admin user logged in |
| `adminLogout` | An admin user logged out |
| `adminUpdateTenant` | The tenant was modified |
| `adminUpdateUser` | An admin modified a user |
| `admin_recovery_otp_code_generated` | An admin generated a temporary access code for a user via the [Admin Portal](/guides/user/account_recovery) or [journeys](/guides/user/ido_account_recovery) |
| `createApiToken` | An API token was created |
| `enableAppSpecificSigningKey` | Token signing with an app-specific key was enabled |
| `disableAppSpecificSigningKey` | Token signing with an app-specific key was disabled |
| `createApp` | An new app was created |
| `createMgmtApp` | A new management app was created |
| `createUser` | A new user was created |
| `deleteApiToken` | An API token was deleted |
| `deleteApp` | An app was deleted |
| `deleteMgmtApp` | A management app was deleted |
| `deleteUser` | A user was deleted |
| `editAuthSettings` | An app's authentication settings were modified |
| `editGeneralSettings` | General settings were modified |
| `removeAdmin` | An admin user was removed |
| `updateApp` | An app was modified |
| `updateMgmtApp` | A management app was modified |
| `editPreviewPolicy` | A preview policy was modified |
| `pushPolicyToProduction` | A preview policy was pushed to production |