docs(events-api): user auth example using OIDC session events (#9020)

# Which Problems Are Solved

Integration guide with event API examples used outdated
`user.token.added` events which are no longer produced by ZITADEL.

# How the Problems Are Solved

Modify the example to use events from the `oidc_session` aggregate.

# Additional Changes

- Add a TODO for related SAML events.

# Additional Context

- Related to https://github.com/zitadel/zitadel/issues/8983
This commit is contained in:
Tim Möhlmann 2024-12-10 12:54:07 +02:00 committed by GitHub
parent ee7beca61f
commit 83bdaf43c3
No known key found for this signature in database
GPG Key ID: B5690EEEBB952194

View File

@ -114,10 +114,13 @@ curl --request POST \
}' }'
``` ```
## Example: Find out when user have been authenticated ## Example: Find out which users have authenticated
The following example shows you how you could use the events search to get all events where a token has been created. ### OIDC session
Also we include the refresh tokens in this example to know when the user has become a new token.
The following example shows you how you could use the events search to get all events where a user has authenticated using OIDC.
Also we include the refresh tokens in this example to know when the user has received a new token.
Sessions without tokens events may by created during implicit flow with ID Token only, which do not create an access token.
```bash ```bash
curl --request POST \ curl --request POST \
@ -127,13 +130,25 @@ curl --request POST \
--data '{ --data '{
"asc": true, "asc": true,
"limit": 1000, "limit": 1000,
"event_types": [ "eventTypes": [
"user.token.added", "oidc_session.added",
"user.refresh.token.added" "oidc_session.access_token.added",
] "oidc_session.refresh_token.added",
"oidc_session.refresh_token.renewed"
],
"aggregateTypes": [
"oidc_session"
]
}' }'
``` ```
<!--
### SAML session
TODO: https://github.com/zitadel/zitadel/issues/6053
-->
## Example: Get failed login attempt ## Example: Get failed login attempt