From 83bdaf43c35b7c4c5dfaf3e822a917e95d9f5fae Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tim=20M=C3=B6hlmann?= Date: Tue, 10 Dec 2024 12:54:07 +0200 Subject: [PATCH] docs(events-api): user auth example using OIDC session events (#9020) # Which Problems Are Solved Integration guide with event API examples used outdated `user.token.added` events which are no longer produced by ZITADEL. # How the Problems Are Solved Modify the example to use events from the `oidc_session` aggregate. # Additional Changes - Add a TODO for related SAML events. # Additional Context - Related to https://github.com/zitadel/zitadel/issues/8983 --- .../integrate/zitadel-apis/event-api.md | 29 ++++++++++++++----- 1 file changed, 22 insertions(+), 7 deletions(-) diff --git a/docs/docs/guides/integrate/zitadel-apis/event-api.md b/docs/docs/guides/integrate/zitadel-apis/event-api.md index ed35aa1c8e..c79cb27e8e 100644 --- a/docs/docs/guides/integrate/zitadel-apis/event-api.md +++ b/docs/docs/guides/integrate/zitadel-apis/event-api.md @@ -114,10 +114,13 @@ curl --request POST \ }' ``` -## Example: Find out when user have been authenticated +## Example: Find out which users have authenticated -The following example shows you how you could use the events search to get all events where a token has been created. -Also we include the refresh tokens in this example to know when the user has become a new token. +### OIDC session + +The following example shows you how you could use the events search to get all events where a user has authenticated using OIDC. +Also we include the refresh tokens in this example to know when the user has received a new token. +Sessions without tokens events may by created during implicit flow with ID Token only, which do not create an access token. ```bash curl --request POST \ @@ -127,13 +130,25 @@ curl --request POST \ --data '{ "asc": true, "limit": 1000, - "event_types": [ - "user.token.added", - "user.refresh.token.added" - ] + "eventTypes": [ + "oidc_session.added", + "oidc_session.access_token.added", + "oidc_session.refresh_token.added", + "oidc_session.refresh_token.renewed" + ], + "aggregateTypes": [ + "oidc_session" + ] }' ``` + + ## Example: Get failed login attempt