メインコンテンツへスキップ

An IP address is blocked because it attempted too many failed logins without a successful login. Or an IP address is blocked because it attempted too many sign-ups, whether successful or failed.

client_name
string
必須

Client name associated with the client_id, when available. May be empty string.

description
string
必須

Description of the event. This can also contain a description of the issue for failure logs.

environment_name
string
必須

The name of the environment where the event occurred

:

"prod-eu-1"

"prod-us-1"

hostname
string
必須

The hostname associated with the request. For forwarded requests, this should resolve to the original hostname. For failure logs, this may include invalid hostnames.

ip
必須

The IP address associated with the request. For an auth related log this should be the end user IP. For a machine-to-machine auth flow this should be the IP of the computer doing the authentication. For management logs like sapi and mgmt_api_read this should be the IP of the admin using the manage dashboard.

log_id
string
必須

Log id

tenant_name
string
必須

Tenant name

type
string
必須

Blocked Account - Too many attempts or signups

Allowed value: "limit_mu"
$event_schema
object

Event schema meta

client_id
string | null

Client related to the API call. Clients are also called applications. The underlying application may not be owned by your tenant and may not be accessible. For failure logs, this may be a valid ID, an invalid one, or any ID.

connection
string

Name of the connection, when available. The connection here matches the connection_id field.

connection_id
string

ID of the connection on which the auth flow is happening or connection of the user doing the action, when applicable. For failure logs this field may contain an invalid ID.

date
string

The date when the event occurred in ISO 8601 format

:

"2024-01-15T10:30:00.000Z"

details
object

Log details

identity_user_id
string

ID for the user as reported by the IdP.

is_mobile
boolean

Whether the request originated from a mobile device. Only present when user_agent is available.

security_context
object
user_agent
string

The user_agent behind this log, when available

:

"Chrome 120.0.0 / Mac OS X 10.15.7"

user_id
string

ID of the user behind the auth flow, or of the user executing the action, whichever applies. For machine to machine auth flows, this field may contain an empty string. For failure logs, the value may be a valid ID, an invalid ID, or empty string

user_name
string

Username of the user related to the ID is shown in user_id, when available. For failure logs, the value may be a valid username, an invalid username, or empty string.

:
["example@example.com", "+14155554321"]