This article provides a comprehensive reference guide for identity management event logs related to credential synchronization, manual updates, and registration flows within the Identity Security Platform (IDSP) and AuthHub platforms. Use this guide to troubleshoot credential lifecycle events and audit user activity.

Symantec Identity Security Platform - IDSP (formerly VIP Authentication Hub)

Event Log Reference

1. Automated Credential Synchronization (Authoritative Source to IDSP)

These events are automatically triggered when changes occur in your primary, authoritative identity store and are synced down to IDSP.

• user.cred.sync.add.success

  • Description: Triggered when a brand-new credential is successfully created for a user in IDSP, mirroring a new addition in the authoritative source.

• user.cred.sync.update.success

  • Description: Triggered when an existing credential's attributes (such as its origin or status) are successfully updated in IDSP to match changes made in the authoritative source.

• user.cred.sync.delete.success

  • Description: Triggered when an existing credential is successfully removed from IDSP because it was deleted from the authoritative source.

2. Self-Service Credential Management (API Actions)

These events log direct, manual actions taken by users interacting with the Credential Management API to manage their own profiles.

📘 Note on Naming Conventions While these logs begin with the admin. prefix, they specifically denote actions performed by the authenticated user (me) on their own account via the API.

• admin.me.cred.update.success

  • Description: Triggered when a user successfully updates their own credential details using the credential management API.

• admin.me.cred.delete.success

  • Description: Triggered when a user successfully deletes one of their own credentials using the credential management API.

3. Inline Registration & MFA Flows

Events associated with setting up Multi-Factor Authentication (MFA) factors during the login or enrollment process.

• factor.me.register.complete.success

  • Description: Raised during an MFA authentication flow when a user successfully completes an inline credential registration as part of their factor setup.

  • ⚠️ Deprecation Notice: This event completely replaces admin.me.cred.register.success, which is obsolete and no longer used by the system.

4. Edge-Case Sync Transactions

Specialized logs designed to capture complex, atomic synchronization states.

• user.deleted.cred.notify.add.success

  • Description: Raised during identity store synchronization to AuthHub when a single transaction performs a "replace" action. Specifically, it logs instances where an existing communication credential (Email or SMS) is deleted and a new one is added for the same user simultaneously.