33.55 NIDS: Risk-Based Authentication Action for User (002e0045)

This event is generated when you select the Risk-based Pre-authentication Succeeded option under Audit Logging on the Logging page of an Identity Server configuration.

Description: Pre-Risk-Based additional authentication executed successfully for user.

Originator (B): Schema Title: Originator Data Description: JCC Device ID (AMDEVICEID#device_id:)

Target (U): Schema Title: User Identifier Data Description: User DN

SubTarget (Y): Schema Title: Authentication Name Identifier Description: Risk type (preauth or postauth)

Text1 (S): Schema Title: RiskScore Description: Risk score(number) plus IDP session id seperated by '-'.

Text2 (T): Schema Title: RiskLevel Description: Risk category defined by risk score value plus user agent seperated by '-'.

Text3 (F): Schema Title: Authentication class Description: Authentication class name executed as part of risk based authentication.

Value1 (1): 0

Group (G): 0

Data Length (X): 0

Data (D): Schema Title: Client IP Address Description: IP Address of the host from which the authentication succeeded.