View user activity
Mosaic provides a log for user actions, such as when a user is created or logs in to an app. The log includes the time the event occurred and when applicable, the ID of the user who created the event, the ID of the app in which the event was created, and IP address of the user's device.
View or search for events
From User Activity, you can view user events. You can filter the events using the search box at the top of the page. Events can be filtered by date and time, event type, and the user who created the event.
Activity events
Below is the list of user activity events captured by Mosaic.
| Activity | Event type | Description |
|---|---|---|
| reset_password | Identity management | A user reset their password. |
| user_register_mobile_native_biometrics | Identity management | A user registered using mobile native biometrics. |
| update_user | Identity management | A user profile was updated. |
| user_failed_login | Identity management | A user login attempt failed. |
| webauthn_registration | Identity management | A user registered WebAuthn credentials. |
| failed_OTP_attempt | Identity management | A user failed an OTP verification attempt. |
| update_password | Identity management | A user updated their password. |
| passwordless_registration | Identity management | A user registered for passwordless authentication. |
| suspend_user | Identity management | A user account was suspended. |
| silent_authentication | Identity management | A silent authentication attempt was made. |
| get_users | Identity management | A request was made to retrieve user details. |
| user_delete_webauthn_credential | Identity management | A WebAuthn credential was deleted for a user. |
| locked_account | Identity management | A user account was locked due to multiple failed login attempts. |
| passwordless_authentication | Identity management | A passwordless authentication attempt was performed. |
| update_user_failure | Identity management | A user profile update attempt failed. |
| user_delete_mobile_native_biometrics | Identity management | A mobile native biometric credentials were deleted for a user. |
| authentication_started | Identity management | An authentication attempt was initiated. |
| authentication_failed | Identity management | An authentication attempt failed. |
| get_user | Identity management | Retrieves details of a specific user. |
| user_logout | Identity management | A user logged out. |
| create_user_failure | Identity management | A user creation attempt failed. |
| add_password | Identity management | A password was added to a user account. |
| authentication_succeeded | Identity management | A user successfully authenticated. |
| sms_sent | Identity management | An SMS message was sent. |
| user_login | Identity management | A user successfully logged in. |
| create_user | Identity management | A new user was created. |
| passwordless_transaction | Identity management | A passwordless authentication transaction was initiated. |
| ldap_bind_entry | Journeys | A user authentication attempt was made via LDAP. |
| session_logout | Journeys | A user session was logged out. |
| custom | Journeys | A custom event was logged. |
| set_variables | Journeys | Journey variables were updated. |
| session_end | Journeys | A user journey has ended. |
| transmit_identity_verification | Journeys | Identity verification was initiated. |
| assertion_end | Journeys | A journey client request processing ended. |
| custom_activity_log | Journeys | A custom activity was logged in the system. |
| transmit_platform_custom_authentication | Journeys | A custom authentication step was used in a journey. |
| oidc_token_exchange_request | Journeys | An OpenID Connect token exchange was requested. |
| typescript_function_node | Journeys | A TypeScript function was executed. |
| validate_response | Journeys | A response validation process was performed. |
| policy_decision | Journeys | A policy-based decision was made. |
| restore_user_context | Journeys | A user’s session context was restored. |
| loop | Journeys | A loop execution was triggered. |
| action_start | Journeys | A journey step execution started. |
| events_enrichment | Journeys | Event data enrichment was performed. |
| ldap_create_entry | Journeys | A new LDAP entry was created. |
| custom_data | Journeys | Custom data was processed. |
| consume_ticket | Journeys | A cross-session message was processed by a journey. |
| assertion_escape | Journeys | A journey client request selected a branch. |
| assertion_error | Journeys | A journey client request encountered an error. |
| external_connection_call | Journeys | An external system connection was initiated. |
| ldap_fetch_entry | Journeys | An LDAP entry was retrieved. |
| condition_evaluated | Journeys | A conditional logic evaluation was performed. |
| session_pending | Journeys | A user session is pending completion. |
| session_start | Journeys | A user journey has started. |
| action_complete | Journeys | A journey step execution has started. |
| assertion_start | Journeys | A journey client request processing started. |
| http_auth_pass | Journeys | An HTTP authentication request was passed. |
| session_error | Journeys | A journey error has occurred. |
| create_ticket | Journeys | A new cross-session message was created. |
| custom_token_enrichment | Journeys | A custom token was enriched with additional data. |
| read_fraud_image_data | Identity verification | Fraud image data was accessed. |
| delete_fraud_image_data | Identity verification | Fraud image data was deleted. |
| download_session_zip | Identity verification | A session ZIP file was downloaded. |
| session_started | Identity verification | Indicates starting a verification session. |
| consent_approved | Identity verification | Indicates saving consent info. |
| verification_completed | Identity verification | A verification process was completed. |
| face_auth_session_completed | Identity verification | A face authentication session was completed. |
| expiration_session | Identity verification | A session expired. |
| download_fraud_csv | Identity verification | A fraud-related CSV file was downloaded. |
| verification_status_updated | Identity verification | Indicates the status of the internal verification process. |
| image_uploaded_info | Identity verification | Indicates an image upload, including metadata information (processing time, etc.). |
| error | Identity verification | Indicates an error on frontend, such as "something went wrong" page. |
| sdk_process_completed | Identity verification | An SDK process was successfully completed. |
| session_deleted | Identity verification | Indicates a session deletion (via API or by retention). |
| session_created | Identity verification | Indicates creating a new verification session. |
| restriction_criteria_updated | Identity verification | A restriction criterion was updated. |