/login User Fields
These fields apply to the user_added, user_changed, and user_removed events. User events also include the Permission Fields. These fields apply to users added to the /login interface.
| Field | Value | Explanation |
|---|---|---|
|
account:created |
Unix timestamp |
The date and time this user account was created. |
|
account:disabled |
1 or 0 |
1: This local user account is disabled.
|
|
account:email:address |
string |
The email address set for notifications. |
|
account:email:locale |
string |
Values are the language abbreviations (e.g. en-us for English) used with emails. |
|
account:expiration |
Unix timestamp or never |
The date and time this local user account will expire, if ever. |
|
account:failed_logins |
integer |
The number of consecutive failed attempts to log in to this local account. |
|
comments |
string |
Any comments associated with this user. |
|
display_number |
integer |
The display number of this user. |
|
external_id |
string |
An internal representation of a remote user’s identifying information, such as an LDAP attribute, RADIUS username, or Kerberos principal name. |
|
id |
string |
The unique identifier for this user. |
|
idle_timeout |
integer or |
The maximum number of seconds this representative can be idle within the representative console before being logged out. The site_wide_setting option defaults to the timeout set on the Management > Security page. If no timeout, uses none. |
| license_pool:id | string | The unique identifier of the license pool to which this user belongs. |
| license_pool:name | string | The name of the license pool to which this user belongs. |
| login_code:enabled | 1 or 0 | 1: The user must enter an emailed login code to log in. 0: The user may log in without an emailed login code. |
|
login_schedule:enabled |
1 or 0 |
1: The user is disallowed to log in to the representative console outside of the set schedule. |
|
login_schedule:force_logout |
1 or 0 |
1: The user is automatically logged out of the representative console at the end of the scheduled time. |
|
login_schedule:timezone |
string |
The timezone for which the representative login schedule is set. |
|
password |
* * * * |
Indicates if the local user’s password has been changed by an administrator. |
|
password:expiration |
Unix timestamp |
The date and time the local user’s password will expire, if ever. |
|
password:reset |
1 or 0 |
1: The local user must create a new password upon next login.
|
|
password:will_expire |
1 or 0 |
1: The local user’s password is set to expire on a certain date.
|
|
private_display_name |
string |
The private display name of this user. |
|
provider:id |
string |
The unique identifier of the security provider against which this user last authenticated, or 1 for a local user. |
|
provider:name |
string |
The name of the security provider against which this user last authenticated. |
|
public_display_name |
string |
The public display name of this user. |
|
security_answer |
* * * * |
Indicates if the local user’s security answer was changed by an administrator. |
|
security_question |
string |
The security question the local user can answer to reset their password. |
|
username |
string |
The username the user last used to authenticate to BeyondTrust. Not necessarily unique. |
