Authentication Events

This section describes the events associated with authentication, and lists the events and related event attributes in the following tables.

User-Authenticated Event

This event is generated when a user logs into ActivID CMS User Portal.

The following table describes the related attributes.

User-Authenticated Event Attributes
Field	Value	Description
EventID	50001	Unique event identifier.
Description	<AuthenticateUser>	Describes the event taking place.
Status	<Status>	Status indicating whether the operation was successful, with the following possible values: 0 = Success 1 = Failure
StatusDescription	<ErrorMessage>	The operation status reflected one of the following states: Failed, a detailed error message. Null, if no errors occur.
ClientID	<CardSN>	Serial number of the device for which the event occurred.
OperatorID	null	Not used.
AdditionalInfoNum1	<AuthenticationType>	Indicates the authentication type used to log in: 0 = PIN 1 = LDAP Password 2 = Emergency Password The emergency password temporarily replaces an OTP (one-time password) where a user has either forgotten or lost his or her device. 3 = Security Questions (Memorable Data) 4 = Initial Password 5 = FIPS Federal Information Processing Standard 196 (AES)
AdditionalInfoNum2	<LastLoginFlag>	Flag indicating whether this was the last login attempt before the account is locked, which includes: 0 = No 1 = Yes (at this point the account is now locked).
AdditionalInfoChar1	<UserID>	Uniquely identifies the user in the directory.
AdditionalInfoChar2	<URL>	Indicates the URL of User Portal.
AdditionalInfoChar3	null	Not used.

This event is generated when an operator logs into the ActivID CMS Operator Portal or using either the CCM-API or the REST API.

The following table describes the related attributes.

Operator-Authenticated Event Attributes
Field	Value	Description
EventID	50002	Unique event identifier.
Description	<AuthenticateOperator>	Describes the event taking place.
Status	<Status>	Status indicating whether the operation was successful, with the following possible values: 0 = Success 1 = Failure
StatusDescription	<ErrorMessage>	The operation status reflected one of the following states: Failed, a detailed error message. Null, if no errors occur.
ClientID	<CardSN>	Serial number of the device for which the event occurred; null if not applicable.
OperatorID	null	Not used.
AdditionalInfoNum1	<AuthenticationType>	Authentication type used to log in; the only supported type is 0 (zero) which represents PKI-based authentication.
AdditionalInfoNum2	0	Not used.
AdditionalInfoChar1	<OperatorID>	Subject name of the operator’s certificate used to authenticate to ActivID CMS.
AdditionalInfoChar2	<URL>	URL of the ActivID CMS Operator Portal.
AdditionalInfoChar3	<OperatorRole>	Role of the operator; in ActivID CMS, the following types of roles are supported: Administrator Operator Help Desk This parameter matches one of the roles configured using the ActivID CMS Graphical User Interface (GUI). Null is displayed if the operator is not enrolled in ActivID CMS.