Missing user.login.success webhook event for OpenID Connect provider
-
I have configured my self-hosted instance to send all available events to my log collector, with the intention of eventually building Grafana dashboards based on these events. I'm particularly interested in
user.login.successanduser.login.failedevents (docs).I also added SSO authentication to the admin dashboard using an OpenID Connect identity provider and a custom reconcile lambda to allow users of my Entra ID (formerly Azure Active Directory) to access it. I recently noticed that such SSO logins (in my case) do not populate the
user.login.successanduser.login.failedevents, right? So these logins are missing from my dashboard...To fix this, I was looking for an alternative event related to login records, since at least successful SSO logins seem to output a login record. But according to the documentation login records:
Can be consumed via API. This record itself is not sent through a webhook, but a login success or login failure can be consumed via a web hook.
Questions:
- Am I missing something?
- Do OpenID Connect identity providers emit events like
user.login.success? - Why are login logs not exposed via webhook? Audit and event logs are...
If this is not a configuration error on my part, this is probably a feature request. Where should I submit it?
-
I eventually solved this issue by activating the webhooks on each tenant level additionally. I was under the impression that if I set them on the instance level, they would automatically be applied to all the tenants, but that's not true. I must have missed that in the docs.