Skip to main content

policies_event_matcher_create

POST 
/api/v3//policies/event_matcher/

Event Matcher Policy Viewset

Request

Body

required

    name stringrequired

    Possible values: non-empty

    execution_logging boolean

    When this option is enabled, all executions of this policy will be logged. By default, only execution errors are logged.

    action EventActions (string)

    Possible values: [login, login_failed, logout, user_write, suspicious_request, password_set, secret_view, secret_rotate, invitation_used, authorize_application, source_linked, impersonation_started, impersonation_ended, flow_execution, policy_execution, policy_exception, property_mapping_exception, system_task_execution, system_task_exception, system_exception, configuration_error, model_created, model_updated, model_deleted, email_sent, update_available, custom_]

    client_ip stringnullable

    Possible values: non-empty

    Matches Event's Client IP (strict matching, for network matching use an Expression Policy)

    app AppEnum (string)

    Possible values: [authentik.tenants, authentik.admin, authentik.api, authentik.crypto, authentik.flows, authentik.outposts, authentik.policies.dummy, authentik.policies.event_matcher, authentik.policies.expiry, authentik.policies.expression, authentik.policies.geoip, authentik.policies.password, authentik.policies.reputation, authentik.policies, authentik.providers.ldap, authentik.providers.oauth2, authentik.providers.proxy, authentik.providers.radius, authentik.providers.saml, authentik.providers.scim, authentik.rbac, authentik.recovery, authentik.sources.ldap, authentik.sources.oauth, authentik.sources.plex, authentik.sources.saml, authentik.sources.scim, authentik.stages.authenticator, authentik.stages.authenticator_duo, authentik.stages.authenticator_sms, authentik.stages.authenticator_static, authentik.stages.authenticator_totp, authentik.stages.authenticator_validate, authentik.stages.authenticator_webauthn, authentik.stages.captcha, authentik.stages.consent, authentik.stages.deny, authentik.stages.dummy, authentik.stages.email, authentik.stages.identification, authentik.stages.invitation, authentik.stages.password, authentik.stages.prompt, authentik.stages.user_delete, authentik.stages.user_login, authentik.stages.user_logout, authentik.stages.user_write, authentik.brands, authentik.blueprints, authentik.core, authentik.enterprise, authentik.enterprise.audit, authentik.enterprise.providers.google_workspace, authentik.enterprise.providers.microsoft_entra, authentik.enterprise.providers.rac, authentik.enterprise.stages.source, authentik.events]

    model ModelEnum (string)

    Possible values: [authentik_tenants.domain, authentik_crypto.certificatekeypair, authentik_flows.flow, authentik_flows.flowstagebinding, authentik_outposts.dockerserviceconnection, authentik_outposts.kubernetesserviceconnection, authentik_outposts.outpost, authentik_policies_dummy.dummypolicy, authentik_policies_event_matcher.eventmatcherpolicy, authentik_policies_expiry.passwordexpirypolicy, authentik_policies_expression.expressionpolicy, authentik_policies_geoip.geoippolicy, authentik_policies_password.passwordpolicy, authentik_policies_reputation.reputationpolicy, authentik_policies.policybinding, authentik_providers_ldap.ldapprovider, authentik_providers_oauth2.scopemapping, authentik_providers_oauth2.oauth2provider, authentik_providers_proxy.proxyprovider, authentik_providers_radius.radiusprovider, authentik_providers_radius.radiusproviderpropertymapping, authentik_providers_saml.samlprovider, authentik_providers_saml.samlpropertymapping, authentik_providers_scim.scimprovider, authentik_providers_scim.scimmapping, authentik_rbac.role, authentik_sources_ldap.ldapsource, authentik_sources_ldap.ldapsourcepropertymapping, authentik_sources_oauth.oauthsource, authentik_sources_oauth.oauthsourcepropertymapping, authentik_sources_oauth.useroauthsourceconnection, authentik_sources_oauth.groupoauthsourceconnection, authentik_sources_plex.plexsource, authentik_sources_plex.plexsourcepropertymapping, authentik_sources_plex.userplexsourceconnection, authentik_sources_plex.groupplexsourceconnection, authentik_sources_saml.samlsource, authentik_sources_saml.samlsourcepropertymapping, authentik_sources_saml.usersamlsourceconnection, authentik_sources_saml.groupsamlsourceconnection, authentik_sources_scim.scimsource, authentik_sources_scim.scimsourcepropertymapping, authentik_stages_authenticator_duo.authenticatorduostage, authentik_stages_authenticator_duo.duodevice, authentik_stages_authenticator_sms.authenticatorsmsstage, authentik_stages_authenticator_sms.smsdevice, authentik_stages_authenticator_static.authenticatorstaticstage, authentik_stages_authenticator_static.staticdevice, authentik_stages_authenticator_totp.authenticatortotpstage, authentik_stages_authenticator_totp.totpdevice, authentik_stages_authenticator_validate.authenticatorvalidatestage, authentik_stages_authenticator_webauthn.authenticatorwebauthnstage, authentik_stages_authenticator_webauthn.webauthndevice, authentik_stages_captcha.captchastage, authentik_stages_consent.consentstage, authentik_stages_consent.userconsent, authentik_stages_deny.denystage, authentik_stages_dummy.dummystage, authentik_stages_email.emailstage, authentik_stages_identification.identificationstage, authentik_stages_invitation.invitationstage, authentik_stages_invitation.invitation, authentik_stages_password.passwordstage, authentik_stages_prompt.prompt, authentik_stages_prompt.promptstage, authentik_stages_user_delete.userdeletestage, authentik_stages_user_login.userloginstage, authentik_stages_user_logout.userlogoutstage, authentik_stages_user_write.userwritestage, authentik_brands.brand, authentik_blueprints.blueprintinstance, authentik_core.group, authentik_core.user, authentik_core.application, authentik_core.token, authentik_enterprise.license, authentik_providers_google_workspace.googleworkspaceprovider, authentik_providers_google_workspace.googleworkspaceprovidermapping, authentik_providers_microsoft_entra.microsoftentraprovider, authentik_providers_microsoft_entra.microsoftentraprovidermapping, authentik_providers_rac.racprovider, authentik_providers_rac.endpoint, authentik_providers_rac.racpropertymapping, authentik_stages_source.sourcestage, authentik_events.event, authentik_events.notificationtransport, authentik_events.notification, authentik_events.notificationrule, authentik_events.notificationwebhookmapping]

Responses

Schema

    pk uuidrequired
    name stringrequired
    execution_logging boolean

    When this option is enabled, all executions of this policy will be logged. By default, only execution errors are logged.

    component stringrequired

    Get object component so that we know how to edit the object

    verbose_name stringrequired

    Return object's verbose_name

    verbose_name_plural stringrequired

    Return object's plural verbose_name

    meta_model_name stringrequired

    Return internal model name

    bound_to integerrequired

    Return objects policy is bound to

    action EventActions (string)

    Possible values: [login, login_failed, logout, user_write, suspicious_request, password_set, secret_view, secret_rotate, invitation_used, authorize_application, source_linked, impersonation_started, impersonation_ended, flow_execution, policy_execution, policy_exception, property_mapping_exception, system_task_execution, system_task_exception, system_exception, configuration_error, model_created, model_updated, model_deleted, email_sent, update_available, custom_]

    client_ip stringnullable

    Matches Event's Client IP (strict matching, for network matching use an Expression Policy)

    app AppEnum (string)

    Possible values: [authentik.tenants, authentik.admin, authentik.api, authentik.crypto, authentik.flows, authentik.outposts, authentik.policies.dummy, authentik.policies.event_matcher, authentik.policies.expiry, authentik.policies.expression, authentik.policies.geoip, authentik.policies.password, authentik.policies.reputation, authentik.policies, authentik.providers.ldap, authentik.providers.oauth2, authentik.providers.proxy, authentik.providers.radius, authentik.providers.saml, authentik.providers.scim, authentik.rbac, authentik.recovery, authentik.sources.ldap, authentik.sources.oauth, authentik.sources.plex, authentik.sources.saml, authentik.sources.scim, authentik.stages.authenticator, authentik.stages.authenticator_duo, authentik.stages.authenticator_sms, authentik.stages.authenticator_static, authentik.stages.authenticator_totp, authentik.stages.authenticator_validate, authentik.stages.authenticator_webauthn, authentik.stages.captcha, authentik.stages.consent, authentik.stages.deny, authentik.stages.dummy, authentik.stages.email, authentik.stages.identification, authentik.stages.invitation, authentik.stages.password, authentik.stages.prompt, authentik.stages.user_delete, authentik.stages.user_login, authentik.stages.user_logout, authentik.stages.user_write, authentik.brands, authentik.blueprints, authentik.core, authentik.enterprise, authentik.enterprise.audit, authentik.enterprise.providers.google_workspace, authentik.enterprise.providers.microsoft_entra, authentik.enterprise.providers.rac, authentik.enterprise.stages.source, authentik.events]

    model ModelEnum (string)

    Possible values: [authentik_tenants.domain, authentik_crypto.certificatekeypair, authentik_flows.flow, authentik_flows.flowstagebinding, authentik_outposts.dockerserviceconnection, authentik_outposts.kubernetesserviceconnection, authentik_outposts.outpost, authentik_policies_dummy.dummypolicy, authentik_policies_event_matcher.eventmatcherpolicy, authentik_policies_expiry.passwordexpirypolicy, authentik_policies_expression.expressionpolicy, authentik_policies_geoip.geoippolicy, authentik_policies_password.passwordpolicy, authentik_policies_reputation.reputationpolicy, authentik_policies.policybinding, authentik_providers_ldap.ldapprovider, authentik_providers_oauth2.scopemapping, authentik_providers_oauth2.oauth2provider, authentik_providers_proxy.proxyprovider, authentik_providers_radius.radiusprovider, authentik_providers_radius.radiusproviderpropertymapping, authentik_providers_saml.samlprovider, authentik_providers_saml.samlpropertymapping, authentik_providers_scim.scimprovider, authentik_providers_scim.scimmapping, authentik_rbac.role, authentik_sources_ldap.ldapsource, authentik_sources_ldap.ldapsourcepropertymapping, authentik_sources_oauth.oauthsource, authentik_sources_oauth.oauthsourcepropertymapping, authentik_sources_oauth.useroauthsourceconnection, authentik_sources_oauth.groupoauthsourceconnection, authentik_sources_plex.plexsource, authentik_sources_plex.plexsourcepropertymapping, authentik_sources_plex.userplexsourceconnection, authentik_sources_plex.groupplexsourceconnection, authentik_sources_saml.samlsource, authentik_sources_saml.samlsourcepropertymapping, authentik_sources_saml.usersamlsourceconnection, authentik_sources_saml.groupsamlsourceconnection, authentik_sources_scim.scimsource, authentik_sources_scim.scimsourcepropertymapping, authentik_stages_authenticator_duo.authenticatorduostage, authentik_stages_authenticator_duo.duodevice, authentik_stages_authenticator_sms.authenticatorsmsstage, authentik_stages_authenticator_sms.smsdevice, authentik_stages_authenticator_static.authenticatorstaticstage, authentik_stages_authenticator_static.staticdevice, authentik_stages_authenticator_totp.authenticatortotpstage, authentik_stages_authenticator_totp.totpdevice, authentik_stages_authenticator_validate.authenticatorvalidatestage, authentik_stages_authenticator_webauthn.authenticatorwebauthnstage, authentik_stages_authenticator_webauthn.webauthndevice, authentik_stages_captcha.captchastage, authentik_stages_consent.consentstage, authentik_stages_consent.userconsent, authentik_stages_deny.denystage, authentik_stages_dummy.dummystage, authentik_stages_email.emailstage, authentik_stages_identification.identificationstage, authentik_stages_invitation.invitationstage, authentik_stages_invitation.invitation, authentik_stages_password.passwordstage, authentik_stages_prompt.prompt, authentik_stages_prompt.promptstage, authentik_stages_user_delete.userdeletestage, authentik_stages_user_login.userloginstage, authentik_stages_user_logout.userlogoutstage, authentik_stages_user_write.userwritestage, authentik_brands.brand, authentik_blueprints.blueprintinstance, authentik_core.group, authentik_core.user, authentik_core.application, authentik_core.token, authentik_enterprise.license, authentik_providers_google_workspace.googleworkspaceprovider, authentik_providers_google_workspace.googleworkspaceprovidermapping, authentik_providers_microsoft_entra.microsoftentraprovider, authentik_providers_microsoft_entra.microsoftentraprovidermapping, authentik_providers_rac.racprovider, authentik_providers_rac.endpoint, authentik_providers_rac.racpropertymapping, authentik_stages_source.sourcestage, authentik_events.event, authentik_events.notificationtransport, authentik_events.notification, authentik_events.notificationrule, authentik_events.notificationwebhookmapping]

curl -L '/api/v3/policies/event_matcher/' \
-H 'Content-Type: application/json' \
-H 'Accept: application/json' \
-H 'Authorization: Bearer <TOKEN>' \
-d '{
  "name": "string",
  "execution_logging": true,
  "action": "login",
  "client_ip": "string",
  "app": "authentik.tenants",
  "model": "authentik_tenants.domain"
}'
Request Collapse all
Base URL
/api/v3
Auth
Body required
{
  "name": "string",
  "execution_logging": true,
  "action": "login",
  "client_ip": "string",
  "app": "authentik.tenants",
  "model": "authentik_tenants.domain"
}