Skip to main content

policies_event_matcher_create

POST 

/policies/event_matcher/

Event Matcher Policy Viewset

Request

Body

required

    name stringrequired

    Possible values: non-empty

    execution_logging boolean

    When this option is enabled, all executions of this policy will be logged. By default, only execution errors are logged.

    action EventActions (string)nullable

    Match created events with this action type. When left empty, all action types will be matched.

    Possible values: [login, login_failed, logout, user_write, suspicious_request, password_set, secret_view, secret_rotate, invitation_used, authorize_application, source_linked, impersonation_started, impersonation_ended, flow_execution, policy_execution, policy_exception, property_mapping_exception, system_task_execution, system_task_exception, system_exception, configuration_error, model_created, model_updated, model_deleted, email_sent, update_available, custom_]

    client_ip stringnullable

    Matches Event's Client IP (strict matching, for network matching use an Expression Policy)

    Possible values: non-empty

    app AppEnum (string)nullable

    Match events created by selected application. When left empty, all applications are matched.

    Possible values: [authentik.tenants, authentik.admin, authentik.api, authentik.crypto, authentik.flows, authentik.outposts, authentik.policies.dummy, authentik.policies.event_matcher, authentik.policies.expiry, authentik.policies.expression, authentik.policies.geoip, authentik.policies.password, authentik.policies.reputation, authentik.policies, authentik.providers.ldap, authentik.providers.oauth2, authentik.providers.proxy, authentik.providers.radius, authentik.providers.saml, authentik.providers.scim, authentik.rbac, authentik.recovery, authentik.sources.kerberos, authentik.sources.ldap, authentik.sources.oauth, authentik.sources.plex, authentik.sources.saml, authentik.sources.scim, authentik.stages.authenticator, authentik.stages.authenticator_duo, authentik.stages.authenticator_sms, authentik.stages.authenticator_static, authentik.stages.authenticator_totp, authentik.stages.authenticator_validate, authentik.stages.authenticator_webauthn, authentik.stages.captcha, authentik.stages.consent, authentik.stages.deny, authentik.stages.dummy, authentik.stages.email, authentik.stages.identification, authentik.stages.invitation, authentik.stages.password, authentik.stages.prompt, authentik.stages.user_delete, authentik.stages.user_login, authentik.stages.user_logout, authentik.stages.user_write, authentik.brands, authentik.blueprints, authentik.core, authentik.enterprise, authentik.enterprise.audit, authentik.enterprise.providers.google_workspace, authentik.enterprise.providers.microsoft_entra, authentik.enterprise.providers.rac, authentik.enterprise.stages.authenticator_endpoint_gdtc, authentik.enterprise.stages.source, authentik.events]

    model ModelEnum (string)nullable

    Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.

    Possible values: [authentik_tenants.domain, authentik_crypto.certificatekeypair, authentik_flows.flow, authentik_flows.flowstagebinding, authentik_outposts.dockerserviceconnection, authentik_outposts.kubernetesserviceconnection, authentik_outposts.outpost, authentik_policies_dummy.dummypolicy, authentik_policies_event_matcher.eventmatcherpolicy, authentik_policies_expiry.passwordexpirypolicy, authentik_policies_expression.expressionpolicy, authentik_policies_geoip.geoippolicy, authentik_policies_password.passwordpolicy, authentik_policies_reputation.reputationpolicy, authentik_policies.policybinding, authentik_providers_ldap.ldapprovider, authentik_providers_oauth2.scopemapping, authentik_providers_oauth2.oauth2provider, authentik_providers_proxy.proxyprovider, authentik_providers_radius.radiusprovider, authentik_providers_radius.radiusproviderpropertymapping, authentik_providers_saml.samlprovider, authentik_providers_saml.samlpropertymapping, authentik_providers_scim.scimprovider, authentik_providers_scim.scimmapping, authentik_rbac.role, authentik_sources_kerberos.kerberossource, authentik_sources_kerberos.kerberossourcepropertymapping, authentik_sources_kerberos.userkerberossourceconnection, authentik_sources_kerberos.groupkerberossourceconnection, authentik_sources_ldap.ldapsource, authentik_sources_ldap.ldapsourcepropertymapping, authentik_sources_oauth.oauthsource, authentik_sources_oauth.oauthsourcepropertymapping, authentik_sources_oauth.useroauthsourceconnection, authentik_sources_oauth.groupoauthsourceconnection, authentik_sources_plex.plexsource, authentik_sources_plex.plexsourcepropertymapping, authentik_sources_plex.userplexsourceconnection, authentik_sources_plex.groupplexsourceconnection, authentik_sources_saml.samlsource, authentik_sources_saml.samlsourcepropertymapping, authentik_sources_saml.usersamlsourceconnection, authentik_sources_saml.groupsamlsourceconnection, authentik_sources_scim.scimsource, authentik_sources_scim.scimsourcepropertymapping, authentik_stages_authenticator_duo.authenticatorduostage, authentik_stages_authenticator_duo.duodevice, authentik_stages_authenticator_sms.authenticatorsmsstage, authentik_stages_authenticator_sms.smsdevice, authentik_stages_authenticator_static.authenticatorstaticstage, authentik_stages_authenticator_static.staticdevice, authentik_stages_authenticator_totp.authenticatortotpstage, authentik_stages_authenticator_totp.totpdevice, authentik_stages_authenticator_validate.authenticatorvalidatestage, authentik_stages_authenticator_webauthn.authenticatorwebauthnstage, authentik_stages_authenticator_webauthn.webauthndevice, authentik_stages_captcha.captchastage, authentik_stages_consent.consentstage, authentik_stages_consent.userconsent, authentik_stages_deny.denystage, authentik_stages_dummy.dummystage, authentik_stages_email.emailstage, authentik_stages_identification.identificationstage, authentik_stages_invitation.invitationstage, authentik_stages_invitation.invitation, authentik_stages_password.passwordstage, authentik_stages_prompt.prompt, authentik_stages_prompt.promptstage, authentik_stages_user_delete.userdeletestage, authentik_stages_user_login.userloginstage, authentik_stages_user_logout.userlogoutstage, authentik_stages_user_write.userwritestage, authentik_brands.brand, authentik_blueprints.blueprintinstance, authentik_core.group, authentik_core.user, authentik_core.application, authentik_core.token, authentik_enterprise.license, authentik_providers_google_workspace.googleworkspaceprovider, authentik_providers_google_workspace.googleworkspaceprovidermapping, authentik_providers_microsoft_entra.microsoftentraprovider, authentik_providers_microsoft_entra.microsoftentraprovidermapping, authentik_providers_rac.racprovider, authentik_providers_rac.endpoint, authentik_providers_rac.racpropertymapping, authentik_stages_authenticator_endpoint_gdtc.authenticatorendpointgdtcstage, authentik_stages_source.sourcestage, authentik_events.event, authentik_events.notificationtransport, authentik_events.notification, authentik_events.notificationrule, authentik_events.notificationwebhookmapping]

Responses

Schema

    pk uuidrequired
    name stringrequired
    execution_logging boolean

    When this option is enabled, all executions of this policy will be logged. By default, only execution errors are logged.

    component stringrequired

    Get object component so that we know how to edit the object

    verbose_name stringrequired

    Return object's verbose_name

    verbose_name_plural stringrequired

    Return object's plural verbose_name

    meta_model_name stringrequired

    Return internal model name

    bound_to integerrequired

    Return objects policy is bound to

    action EventActions (string)nullable

    Match created events with this action type. When left empty, all action types will be matched.

    Possible values: [login, login_failed, logout, user_write, suspicious_request, password_set, secret_view, secret_rotate, invitation_used, authorize_application, source_linked, impersonation_started, impersonation_ended, flow_execution, policy_execution, policy_exception, property_mapping_exception, system_task_execution, system_task_exception, system_exception, configuration_error, model_created, model_updated, model_deleted, email_sent, update_available, custom_]

    client_ip stringnullable

    Matches Event's Client IP (strict matching, for network matching use an Expression Policy)

    app AppEnum (string)nullable

    Match events created by selected application. When left empty, all applications are matched.

    Possible values: [authentik.tenants, authentik.admin, authentik.api, authentik.crypto, authentik.flows, authentik.outposts, authentik.policies.dummy, authentik.policies.event_matcher, authentik.policies.expiry, authentik.policies.expression, authentik.policies.geoip, authentik.policies.password, authentik.policies.reputation, authentik.policies, authentik.providers.ldap, authentik.providers.oauth2, authentik.providers.proxy, authentik.providers.radius, authentik.providers.saml, authentik.providers.scim, authentik.rbac, authentik.recovery, authentik.sources.kerberos, authentik.sources.ldap, authentik.sources.oauth, authentik.sources.plex, authentik.sources.saml, authentik.sources.scim, authentik.stages.authenticator, authentik.stages.authenticator_duo, authentik.stages.authenticator_sms, authentik.stages.authenticator_static, authentik.stages.authenticator_totp, authentik.stages.authenticator_validate, authentik.stages.authenticator_webauthn, authentik.stages.captcha, authentik.stages.consent, authentik.stages.deny, authentik.stages.dummy, authentik.stages.email, authentik.stages.identification, authentik.stages.invitation, authentik.stages.password, authentik.stages.prompt, authentik.stages.user_delete, authentik.stages.user_login, authentik.stages.user_logout, authentik.stages.user_write, authentik.brands, authentik.blueprints, authentik.core, authentik.enterprise, authentik.enterprise.audit, authentik.enterprise.providers.google_workspace, authentik.enterprise.providers.microsoft_entra, authentik.enterprise.providers.rac, authentik.enterprise.stages.authenticator_endpoint_gdtc, authentik.enterprise.stages.source, authentik.events]

    model ModelEnum (string)nullable

    Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.

    Possible values: [authentik_tenants.domain, authentik_crypto.certificatekeypair, authentik_flows.flow, authentik_flows.flowstagebinding, authentik_outposts.dockerserviceconnection, authentik_outposts.kubernetesserviceconnection, authentik_outposts.outpost, authentik_policies_dummy.dummypolicy, authentik_policies_event_matcher.eventmatcherpolicy, authentik_policies_expiry.passwordexpirypolicy, authentik_policies_expression.expressionpolicy, authentik_policies_geoip.geoippolicy, authentik_policies_password.passwordpolicy, authentik_policies_reputation.reputationpolicy, authentik_policies.policybinding, authentik_providers_ldap.ldapprovider, authentik_providers_oauth2.scopemapping, authentik_providers_oauth2.oauth2provider, authentik_providers_proxy.proxyprovider, authentik_providers_radius.radiusprovider, authentik_providers_radius.radiusproviderpropertymapping, authentik_providers_saml.samlprovider, authentik_providers_saml.samlpropertymapping, authentik_providers_scim.scimprovider, authentik_providers_scim.scimmapping, authentik_rbac.role, authentik_sources_kerberos.kerberossource, authentik_sources_kerberos.kerberossourcepropertymapping, authentik_sources_kerberos.userkerberossourceconnection, authentik_sources_kerberos.groupkerberossourceconnection, authentik_sources_ldap.ldapsource, authentik_sources_ldap.ldapsourcepropertymapping, authentik_sources_oauth.oauthsource, authentik_sources_oauth.oauthsourcepropertymapping, authentik_sources_oauth.useroauthsourceconnection, authentik_sources_oauth.groupoauthsourceconnection, authentik_sources_plex.plexsource, authentik_sources_plex.plexsourcepropertymapping, authentik_sources_plex.userplexsourceconnection, authentik_sources_plex.groupplexsourceconnection, authentik_sources_saml.samlsource, authentik_sources_saml.samlsourcepropertymapping, authentik_sources_saml.usersamlsourceconnection, authentik_sources_saml.groupsamlsourceconnection, authentik_sources_scim.scimsource, authentik_sources_scim.scimsourcepropertymapping, authentik_stages_authenticator_duo.authenticatorduostage, authentik_stages_authenticator_duo.duodevice, authentik_stages_authenticator_sms.authenticatorsmsstage, authentik_stages_authenticator_sms.smsdevice, authentik_stages_authenticator_static.authenticatorstaticstage, authentik_stages_authenticator_static.staticdevice, authentik_stages_authenticator_totp.authenticatortotpstage, authentik_stages_authenticator_totp.totpdevice, authentik_stages_authenticator_validate.authenticatorvalidatestage, authentik_stages_authenticator_webauthn.authenticatorwebauthnstage, authentik_stages_authenticator_webauthn.webauthndevice, authentik_stages_captcha.captchastage, authentik_stages_consent.consentstage, authentik_stages_consent.userconsent, authentik_stages_deny.denystage, authentik_stages_dummy.dummystage, authentik_stages_email.emailstage, authentik_stages_identification.identificationstage, authentik_stages_invitation.invitationstage, authentik_stages_invitation.invitation, authentik_stages_password.passwordstage, authentik_stages_prompt.prompt, authentik_stages_prompt.promptstage, authentik_stages_user_delete.userdeletestage, authentik_stages_user_login.userloginstage, authentik_stages_user_logout.userlogoutstage, authentik_stages_user_write.userwritestage, authentik_brands.brand, authentik_blueprints.blueprintinstance, authentik_core.group, authentik_core.user, authentik_core.application, authentik_core.token, authentik_enterprise.license, authentik_providers_google_workspace.googleworkspaceprovider, authentik_providers_google_workspace.googleworkspaceprovidermapping, authentik_providers_microsoft_entra.microsoftentraprovider, authentik_providers_microsoft_entra.microsoftentraprovidermapping, authentik_providers_rac.racprovider, authentik_providers_rac.endpoint, authentik_providers_rac.racpropertymapping, authentik_stages_authenticator_endpoint_gdtc.authenticatorendpointgdtcstage, authentik_stages_source.sourcestage, authentik_events.event, authentik_events.notificationtransport, authentik_events.notification, authentik_events.notificationrule, authentik_events.notificationwebhookmapping]

Loading...