policies_event_matcher_create

POST 
/api/v3//policies/event_matcher/

Event Matcher Policy Viewset

Request

application/json

Bodyrequired

namestringrequired

Possible values: non-empty

execution_loggingboolean

When this option is enabled, all executions of this policy will be logged. By default, only execution errors are logged.

actionEventActions (string)nullable

Match created events with this action type. When left empty, all action types will be matched.

Possible values: [login, login_failed, logout, user_write, suspicious_request, password_set, secret_view, secret_rotate, invitation_used, authorize_application, source_linked, impersonation_started, impersonation_ended, flow_execution, policy_execution, policy_exception, property_mapping_exception, system_task_execution, system_task_exception, system_exception, configuration_error, model_created, model_updated, model_deleted, email_sent, update_available, custom_]

client_ipstringnullable

Matches Event's Client IP (strict matching, for network matching use an Expression Policy)

Possible values: non-empty

appAppEnum (string)nullable

Match events created by selected application. When left empty, all applications are matched.

Possible values: [authentik.tenants, authentik.admin, authentik.api, authentik.crypto, authentik.flows, authentik.outposts, authentik.policies.dummy, authentik.policies.event_matcher, authentik.policies.expiry, authentik.policies.expression, authentik.policies.geoip, authentik.policies.password, authentik.policies.reputation, authentik.policies, authentik.providers.ldap, authentik.providers.oauth2, authentik.providers.proxy, authentik.providers.rac, authentik.providers.radius, authentik.providers.saml, authentik.providers.scim, authentik.rbac, authentik.recovery, authentik.sources.kerberos, authentik.sources.ldap, authentik.sources.oauth, authentik.sources.plex, authentik.sources.saml, authentik.sources.scim, authentik.stages.authenticator, authentik.stages.authenticator_duo, authentik.stages.authenticator_email, authentik.stages.authenticator_sms, authentik.stages.authenticator_static, authentik.stages.authenticator_totp, authentik.stages.authenticator_validate, authentik.stages.authenticator_webauthn, authentik.stages.captcha, authentik.stages.consent, authentik.stages.deny, authentik.stages.dummy, authentik.stages.email, authentik.stages.identification, authentik.stages.invitation, authentik.stages.password, authentik.stages.prompt, authentik.stages.redirect, authentik.stages.user_delete, authentik.stages.user_login, authentik.stages.user_logout, authentik.stages.user_write, authentik.brands, authentik.blueprints, authentik.core, authentik.enterprise, authentik.enterprise.audit, authentik.enterprise.providers.google_workspace, authentik.enterprise.providers.microsoft_entra, authentik.enterprise.providers.ssf, authentik.enterprise.stages.authenticator_endpoint_gdtc, authentik.enterprise.stages.source, authentik.events]

modelModelEnum (string)nullable

Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.

Possible values: [authentik_tenants.domain, authentik_crypto.certificatekeypair, authentik_flows.flow, authentik_flows.flowstagebinding, authentik_outposts.dockerserviceconnection, authentik_outposts.kubernetesserviceconnection, authentik_outposts.outpost, authentik_policies_dummy.dummypolicy, authentik_policies_event_matcher.eventmatcherpolicy, authentik_policies_expiry.passwordexpirypolicy, authentik_policies_expression.expressionpolicy, authentik_policies_geoip.geoippolicy, authentik_policies_password.passwordpolicy, authentik_policies_reputation.reputationpolicy, authentik_policies.policybinding, authentik_providers_ldap.ldapprovider, authentik_providers_oauth2.scopemapping, authentik_providers_oauth2.oauth2provider, authentik_providers_proxy.proxyprovider, authentik_providers_rac.racprovider, authentik_providers_rac.endpoint, authentik_providers_rac.racpropertymapping, authentik_providers_radius.radiusprovider, authentik_providers_radius.radiusproviderpropertymapping, authentik_providers_saml.samlprovider, authentik_providers_saml.samlpropertymapping, authentik_providers_scim.scimprovider, authentik_providers_scim.scimmapping, authentik_rbac.role, authentik_sources_kerberos.kerberossource, authentik_sources_kerberos.kerberossourcepropertymapping, authentik_sources_kerberos.userkerberossourceconnection, authentik_sources_kerberos.groupkerberossourceconnection, authentik_sources_ldap.ldapsource, authentik_sources_ldap.ldapsourcepropertymapping, authentik_sources_oauth.oauthsource, authentik_sources_oauth.oauthsourcepropertymapping, authentik_sources_oauth.useroauthsourceconnection, authentik_sources_oauth.groupoauthsourceconnection, authentik_sources_plex.plexsource, authentik_sources_plex.plexsourcepropertymapping, authentik_sources_plex.userplexsourceconnection, authentik_sources_plex.groupplexsourceconnection, authentik_sources_saml.samlsource, authentik_sources_saml.samlsourcepropertymapping, authentik_sources_saml.usersamlsourceconnection, authentik_sources_saml.groupsamlsourceconnection, authentik_sources_scim.scimsource, authentik_sources_scim.scimsourcepropertymapping, authentik_stages_authenticator_duo.authenticatorduostage, authentik_stages_authenticator_duo.duodevice, authentik_stages_authenticator_email.authenticatoremailstage, authentik_stages_authenticator_email.emaildevice, authentik_stages_authenticator_sms.authenticatorsmsstage, authentik_stages_authenticator_sms.smsdevice, authentik_stages_authenticator_static.authenticatorstaticstage, authentik_stages_authenticator_static.staticdevice, authentik_stages_authenticator_totp.authenticatortotpstage, authentik_stages_authenticator_totp.totpdevice, authentik_stages_authenticator_validate.authenticatorvalidatestage, authentik_stages_authenticator_webauthn.authenticatorwebauthnstage, authentik_stages_authenticator_webauthn.webauthndevice, authentik_stages_captcha.captchastage, authentik_stages_consent.consentstage, authentik_stages_consent.userconsent, authentik_stages_deny.denystage, authentik_stages_dummy.dummystage, authentik_stages_email.emailstage, authentik_stages_identification.identificationstage, authentik_stages_invitation.invitationstage, authentik_stages_invitation.invitation, authentik_stages_password.passwordstage, authentik_stages_prompt.prompt, authentik_stages_prompt.promptstage, authentik_stages_redirect.redirectstage, authentik_stages_user_delete.userdeletestage, authentik_stages_user_login.userloginstage, authentik_stages_user_logout.userlogoutstage, authentik_stages_user_write.userwritestage, authentik_brands.brand, authentik_blueprints.blueprintinstance, authentik_core.group, authentik_core.user, authentik_core.application, authentik_core.applicationentitlement, authentik_core.token, authentik_enterprise.license, authentik_providers_google_workspace.googleworkspaceprovider, authentik_providers_google_workspace.googleworkspaceprovidermapping, authentik_providers_microsoft_entra.microsoftentraprovider, authentik_providers_microsoft_entra.microsoftentraprovidermapping, authentik_providers_ssf.ssfprovider, authentik_stages_authenticator_endpoint_gdtc.authenticatorendpointgdtcstage, authentik_stages_source.sourcestage, authentik_events.event, authentik_events.notificationtransport, authentik_events.notification, authentik_events.notificationrule, authentik_events.notificationwebhookmapping]

Responses

201

application/json

Schema

Schema

pkuuidrequired

namestringrequired

execution_loggingboolean

When this option is enabled, all executions of this policy will be logged. By default, only execution errors are logged.

componentstringrequired

Get object component so that we know how to edit the object

verbose_namestringrequired

Return object's verbose_name

verbose_name_pluralstringrequired

Return object's plural verbose_name

meta_model_namestringrequired

Return internal model name

bound_tointegerrequired

Return objects policy is bound to

actionEventActions (string)nullable

Match created events with this action type. When left empty, all action types will be matched.

Possible values: [login, login_failed, logout, user_write, suspicious_request, password_set, secret_view, secret_rotate, invitation_used, authorize_application, source_linked, impersonation_started, impersonation_ended, flow_execution, policy_execution, policy_exception, property_mapping_exception, system_task_execution, system_task_exception, system_exception, configuration_error, model_created, model_updated, model_deleted, email_sent, update_available, custom_]

client_ipstringnullable

Matches Event's Client IP (strict matching, for network matching use an Expression Policy)

appAppEnum (string)nullable

Match events created by selected application. When left empty, all applications are matched.

Possible values: [authentik.tenants, authentik.admin, authentik.api, authentik.crypto, authentik.flows, authentik.outposts, authentik.policies.dummy, authentik.policies.event_matcher, authentik.policies.expiry, authentik.policies.expression, authentik.policies.geoip, authentik.policies.password, authentik.policies.reputation, authentik.policies, authentik.providers.ldap, authentik.providers.oauth2, authentik.providers.proxy, authentik.providers.rac, authentik.providers.radius, authentik.providers.saml, authentik.providers.scim, authentik.rbac, authentik.recovery, authentik.sources.kerberos, authentik.sources.ldap, authentik.sources.oauth, authentik.sources.plex, authentik.sources.saml, authentik.sources.scim, authentik.stages.authenticator, authentik.stages.authenticator_duo, authentik.stages.authenticator_email, authentik.stages.authenticator_sms, authentik.stages.authenticator_static, authentik.stages.authenticator_totp, authentik.stages.authenticator_validate, authentik.stages.authenticator_webauthn, authentik.stages.captcha, authentik.stages.consent, authentik.stages.deny, authentik.stages.dummy, authentik.stages.email, authentik.stages.identification, authentik.stages.invitation, authentik.stages.password, authentik.stages.prompt, authentik.stages.redirect, authentik.stages.user_delete, authentik.stages.user_login, authentik.stages.user_logout, authentik.stages.user_write, authentik.brands, authentik.blueprints, authentik.core, authentik.enterprise, authentik.enterprise.audit, authentik.enterprise.providers.google_workspace, authentik.enterprise.providers.microsoft_entra, authentik.enterprise.providers.ssf, authentik.enterprise.stages.authenticator_endpoint_gdtc, authentik.enterprise.stages.source, authentik.events]

modelModelEnum (string)nullable

Match events created by selected model. When left empty, all models are matched. When an app is selected, all the application's models are matched.

Possible values: [authentik_tenants.domain, authentik_crypto.certificatekeypair, authentik_flows.flow, authentik_flows.flowstagebinding, authentik_outposts.dockerserviceconnection, authentik_outposts.kubernetesserviceconnection, authentik_outposts.outpost, authentik_policies_dummy.dummypolicy, authentik_policies_event_matcher.eventmatcherpolicy, authentik_policies_expiry.passwordexpirypolicy, authentik_policies_expression.expressionpolicy, authentik_policies_geoip.geoippolicy, authentik_policies_password.passwordpolicy, authentik_policies_reputation.reputationpolicy, authentik_policies.policybinding, authentik_providers_ldap.ldapprovider, authentik_providers_oauth2.scopemapping, authentik_providers_oauth2.oauth2provider, authentik_providers_proxy.proxyprovider, authentik_providers_rac.racprovider, authentik_providers_rac.endpoint, authentik_providers_rac.racpropertymapping, authentik_providers_radius.radiusprovider, authentik_providers_radius.radiusproviderpropertymapping, authentik_providers_saml.samlprovider, authentik_providers_saml.samlpropertymapping, authentik_providers_scim.scimprovider, authentik_providers_scim.scimmapping, authentik_rbac.role, authentik_sources_kerberos.kerberossource, authentik_sources_kerberos.kerberossourcepropertymapping, authentik_sources_kerberos.userkerberossourceconnection, authentik_sources_kerberos.groupkerberossourceconnection, authentik_sources_ldap.ldapsource, authentik_sources_ldap.ldapsourcepropertymapping, authentik_sources_oauth.oauthsource, authentik_sources_oauth.oauthsourcepropertymapping, authentik_sources_oauth.useroauthsourceconnection, authentik_sources_oauth.groupoauthsourceconnection, authentik_sources_plex.plexsource, authentik_sources_plex.plexsourcepropertymapping, authentik_sources_plex.userplexsourceconnection, authentik_sources_plex.groupplexsourceconnection, authentik_sources_saml.samlsource, authentik_sources_saml.samlsourcepropertymapping, authentik_sources_saml.usersamlsourceconnection, authentik_sources_saml.groupsamlsourceconnection, authentik_sources_scim.scimsource, authentik_sources_scim.scimsourcepropertymapping, authentik_stages_authenticator_duo.authenticatorduostage, authentik_stages_authenticator_duo.duodevice, authentik_stages_authenticator_email.authenticatoremailstage, authentik_stages_authenticator_email.emaildevice, authentik_stages_authenticator_sms.authenticatorsmsstage, authentik_stages_authenticator_sms.smsdevice, authentik_stages_authenticator_static.authenticatorstaticstage, authentik_stages_authenticator_static.staticdevice, authentik_stages_authenticator_totp.authenticatortotpstage, authentik_stages_authenticator_totp.totpdevice, authentik_stages_authenticator_validate.authenticatorvalidatestage, authentik_stages_authenticator_webauthn.authenticatorwebauthnstage, authentik_stages_authenticator_webauthn.webauthndevice, authentik_stages_captcha.captchastage, authentik_stages_consent.consentstage, authentik_stages_consent.userconsent, authentik_stages_deny.denystage, authentik_stages_dummy.dummystage, authentik_stages_email.emailstage, authentik_stages_identification.identificationstage, authentik_stages_invitation.invitationstage, authentik_stages_invitation.invitation, authentik_stages_password.passwordstage, authentik_stages_prompt.prompt, authentik_stages_prompt.promptstage, authentik_stages_redirect.redirectstage, authentik_stages_user_delete.userdeletestage, authentik_stages_user_login.userloginstage, authentik_stages_user_logout.userlogoutstage, authentik_stages_user_write.userwritestage, authentik_brands.brand, authentik_blueprints.blueprintinstance, authentik_core.group, authentik_core.user, authentik_core.application, authentik_core.applicationentitlement, authentik_core.token, authentik_enterprise.license, authentik_providers_google_workspace.googleworkspaceprovider, authentik_providers_google_workspace.googleworkspaceprovidermapping, authentik_providers_microsoft_entra.microsoftentraprovider, authentik_providers_microsoft_entra.microsoftentraprovidermapping, authentik_providers_ssf.ssfprovider, authentik_stages_authenticator_endpoint_gdtc.authenticatorendpointgdtcstage, authentik_stages_source.sourcestage, authentik_events.event, authentik_events.notificationtransport, authentik_events.notification, authentik_events.notificationrule, authentik_events.notificationwebhookmapping]

Example (auto)

{
  "pk": "3fa85f64-5717-4562-b3fc-2c963f66afa6",
  "name": "string",
  "execution_logging": true,
  "component": "string",
  "verbose_name": "string",
  "verbose_name_plural": "string",
  "meta_model_name": "string",
  "bound_to": 0,
  "action": "login",
  "client_ip": "string",
  "app": "authentik.tenants",
  "model": "authentik_tenants.domain"
}

400

application/json

Schema

Schema

non_field_errorsstring[]

codestring

property name*any

Validation Error

Example (auto)

{
  "non_field_errors": [
    "string"
  ],
  "code": "string"
}

403

application/json

Schema

Schema

detailstringrequired
codestring

Example (auto)

{
  "detail": "string",
  "code": "string"
}

Authorization: http

name: authentiktype: httpscheme: bearer

• csharp
• curl
• dart
• go
• http
• java
• javascript
• kotlin
• c
• nodejs
• objective-c
• ocaml
• php
• powershell
• python
• r
• ruby
• rust
• shell
• swift

• HTTPCLIENT
• RESTSHARP

var client = new HttpClient();
var request = new HttpRequestMessage(HttpMethod.Post, "/api/v3/policies/event_matcher/");
request.Headers.Add("Accept", "application/json");
request.Headers.Add("Authorization", "Bearer <token>");
var content = new StringContent("{\n  \"name\": \"string\",\n  \"execution_logging\": true,\n  \"action\": \"login\",\n  \"client_ip\": \"string\",\n  \"app\": \"authentik.tenants\",\n  \"model\": \"authentik_tenants.domain\"\n}", null, "application/json");
request.Content = content;
var response = await client.SendAsync(request);
response.EnsureSuccessStatusCode();
Console.WriteLine(await response.Content.ReadAsStringAsync());

Request Collapse all

Base URL

/api/v3

Auth

Bearer Token

Body required

{
  "name": "string",
  "execution_logging": true,
  "action": "login",
  "client_ip": "string",
  "app": "authentik.tenants",
  "model": "authentik_tenants.domain"
}