Authorization Events

feature added in Trustbuilder v9.4

There are two types of Authorization Events that correspond to the policies that can be set on the Service Provider pages.

  • Authentication Rule (coarse grained)
  • Authorization Rule (fine grained)

Authentication Rules

Event Type: Authorization Event (Authentication Rule)

Trigger

Event Code

Authorization Allowed

ORCH-2010

Authorization Denied

ORCH-2020

Step-up ORCH-2030
Reauthenticate ORCH-2040

Data

  • timestamp (in milliseconds)
  • eventType = “Coarse grained authorization event”
  • eventCode
  • statusCode
  • source (IP Address)
  • subject
  • SessionID
  • authenticatedAuthenticationMethod (method with which you are authenticated for that SP)
  • idpName (possible in case of reauthenticate)
  • stepUpAuthenticationMethod (in case of step-up)
  • stepUpAuthenticationMethodComparion (in case of step-up)
  • spName
  • attributes { Key / Value pairs } (to be sent to SP)

Application Rules

Event Type: Fine Grained Authorization Event

Trigger

Event Code

Allow

ORCH-2110

Deny

ORCH-2120

Step-up

ORCH-2130

Reauthenticate

ORCH-2140

Data

  • timestamp (in milliseconds)
  • eventType = “Fine grained authorization event”
  • eventCode
  • statusCode
  • source (IP Address)
  • subject
  • SessionID
  • authenticationMethod (in case of step-up)
  • authenticationMethodComparison (in case of step-up)
  • location
  • httpHeaders
  • requestURI
  • requestHostname
  • httpMethod
  • requestType(WEB, PUBLIC_WEB or API)
Was this article helpful?
0 out of 0 found this helpful
Have more questions? Submit a request

Comments

0 comments

Please sign in to leave a comment.