The event object for the password-reset-post-challenge Actions trigger provides contextual information about the trigger execution.
event.authenticationDetails about authentication obtained during the password reset flow. Hide authentication properties
Contains the authentication methods a user has completed during their session. Array elements can be one of the following schemas: The name of the first factor that was completed. Values include the following:
federated A social or enterprise connection was used to authenticate the user as the first factor.pwd A password was used to authenticate a database connection user as the first factor.passkey A passkey was used to authenticate a database connection user as the first factor.sms A Passwordless SMS connection was used to authenticate the user as the first factor.email A Passwordless Email connection was used to authenticate the user as the first factor or verify email for password reset.phone_number A phone number was used for password reset.mock Used for internal testing.May also be a URL denoting a custom authentication method (as second or later factor).
The user completed multi-factor authentication (second or later factors). Allowed values: mfa
Supplemental risk assessment. This is available only if the Akamai Integration is enabled and Akamai forwards the headers for the transaction. Hide riskAssessment properties
Supplemental signals sent from third party providers to assist in risk assessments. Show supplemental properties
[Limited Early Access] Supplemental risk assessment. This is available only if Akamai Account Protector is enabled and Akamai forwards the headers for the transaction. The bot detection results as forwarded by Akamai Bot Manager. Show akamaiBot properties
The type of the Akamai bot manager results.
The action of the Akamai bot manager results.
The bot category of the Akamai bot manager results.
The bot score of the Akamai bot manager results.
The bot score response segment of the Akamai bot manager results.
The botnet ID of the Akamai bot manager results.
The user risk detection results as forwarded by Akamai Account Protector. Show akamaiUserRisk properties
The action of the Akamai user risk assessment.
The allowed status of the Akamai user risk assessment.
The email domain of the user.
The general risk of the Akamai user risk assessment.
The request ID of the user.
The risk of the Akamai user risk assessment.
The score of the Akamai user risk assessment.
The status of the Akamai user risk assessment.
The trust of the Akamai user risk assessment.
The username of the user.
The UUID of the Akamai user risk assessment.
event.authorizationAn object containing information describing the authorization granted to the user who is logging in. Hide authorization properties
An array containing the names of a user’s assigned roles.
event.clientInformation about the Client with which this password reset transaction was initiated. The client id of the application the user is logging in to.
An object for holding other application properties.
The name of the application (as defined in the Dashboard).
event.connectionDetails about the Connection that was used to authenticate the user. Hide connection properties
The connection’s unique identifier.
Metadata associated with the connection.
The name of the connection used to authenticate the user (such as twitter or some-g-suite-domain).
The type of connection. For social connections, event.connection.strategy === event.connection.name. For enterprise connections, the strategy is waad (Windows Azure AD), ad (Active Directory/LDAP), auth0 (database connections), and so on.
event.custom_domainDetails about the custom domain associated with the current transaction. Hide custom_domain properties
Custom domain metadata as key-value pairs.
event.organizationDetails about the Organization associated with the current transaction. Hide organization properties
The Organization identifier.
The friendly name of the Organization.
Metadata associated with the Organization.
The name of the Organization.
event.promptCollected data from rendered custom prompts. Fields and hidden fields data.
event.requestDetails about the request that initiated the transaction. The body of the POST request. This data will only be available during refresh token and Client Credential Exchange flows and Post Login Action.
The hostname that is being used for the authentication flow.
The originating IP address of the request.
The language requested by the browser.
The HTTP method used for the request
The query string parameters sent to the authorization request.
The value of the User-Agent header received when initiating the transaction.
event.statsLogin statistics for the current user. The number of times this user has logged in.
event.tenantDetails about the Tenant associated with the current transaction. event.transactionDetails about the current transaction. Hide transaction properties
Correlation ID can be provided in the initial authentication request when the application redirects to Universal Login. You can use value to correlate logs and requests from your Action code with the user flow.
The locale to be used for this transaction as determined by comparing the browser’s requested languages to the tenant’s language settings.
Hint to the Authorization Server about the login identifier the End-User might use to log in (if necessary).
An opaque arbitrary alphanumeric string your app adds to the initial request that Auth0 includes when redirecting back to your application.
The ui_locales provided in the original authentication request.
event.userAn object describing the user on whose behalf the current transaction was initiated. Custom fields that store info about a user that influences the user’s access, such as support plan, security roles, or access control groups.
Timestamp indicating when the user profile was first created.
(unique) User’s email address.
Indicates whether the user has verified their email address.
Timestamp indicating the last time the user’s password was reset/changed. At user creation, this field does not exist. This property is only available for Database connections.
Indicates whether the user has verified their phone number.
Timestamp indicating when the user’s profile was last updated/modified.
(unique) User’s unique identifier.
Custom fields that store info about a user that does not impact what they can or cannot access, such as work address, home address, or user preferences.
(unique) User’s username.
An array of authentication factors that the user has enrolled. Empty array means the user has no enrolled factors. If enrolledFactors is undefined, the system was unable fetch the information, the user may or may not have enrolled factors. Hide enrolledFactors properties
The type of authentication factor such as push-notification, phone, email, otp, webauthn-roaming and webauthn-platform.
Additional options describing this instance of the enrolled factor.
Contains info retrieved from the identity provider with which the user originally authenticated. Users may also link their profile to multiple identity providers; those identities will then also appear in this array. The contents of an individual identity provider object varies by provider. Hide identities element properties
Name of the Auth0 connection used to authenticate the user.
Indicates whether the connection is a social one.
User information associated with the connection. When profiles are linked, it is populated with the associated user info for secondary accounts.
Name of the entity that is authenticating the user, such as Facebook, Google, SAML, or your own provider.
User’s unique identifier for this connection/provider.
event.secretsSecret values securely associated with this Action.
