event object for the password-reset-post-challenge Actions trigger provides contextual information about the trigger execution.
{
"user": { "user_id": "auth0|abc123", "email": "jane.doe@example.com", "email_verified": true },
"authentication": { "methods": [{ "name": "pwd", "timestamp": "2026-06-05T12:00:00.000Z" }] },
"authorization": { "roles": ["admin"] },
"connection": { "id": "con_abc123", "name": "Username-Password-Authentication", "strategy": "auth0" },
"client": { "client_id": "AaiyAPdpYdesoKnqjj8HJqRn4T5titww", "name": "My Web App" },
"organization": { "id": "org_abc123", "name": "acme" },
"request": { "ip": "13.33.86.1", "method": "POST", "language": "en" },
"transaction": { "locale": "en" },
"tenant": { "id": "your-tenant" },
"secrets": {}
}
event.authentication
Details about authentication obtained during the password reset flow.
Hide authentication properties
Hide authentication properties
Contains the authentication methods a user has completed during their session.Array elements can be one of the following schemas:
- First Factor
- Multi-factor Authentication
The name of the first factor that was completed. Values include the following:
federatedA social or enterprise connection was used to authenticate the user as the first factor.pwdA password was used to authenticate a database connection user as the first factor.passkeyA passkey was used to authenticate a database connection user as the first factor.smsA Passwordless SMS connection was used to authenticate the user as the first factor.emailA Passwordless Email connection was used to authenticate the user as the first factor or verify email for password reset.phone_numberA phone number was used for password reset.mockUsed for internal testing.- May also be a URL denoting a custom authentication method (as second or later factor).
Supplemental risk assessment. This is available only if the Akamai Integration is enabled and Akamai forwards the headers for the transaction.
Hide riskAssessment properties
Hide riskAssessment properties
Supplemental signals sent from third party providers to assist in risk assessments.
Show supplemental properties
Show supplemental properties
[Early Access] Supplemental risk assessment. This is available only if Akamai Account Protector is enabled and Akamai forwards the headers for the transaction.
Show akamai properties
Show akamai properties
The bot detection results as forwarded by Akamai Bot Manager.
Show akamaiBot properties
Show akamaiBot properties
The type of the Akamai bot manager results.
The action of the Akamai bot manager results.
The bot category of the Akamai bot manager results.
The bot score of the Akamai bot manager results.
The bot score response segment of the Akamai bot manager results.
The botnet ID of the Akamai bot manager results.
The user risk detection results as forwarded by Akamai Account Protector.
Show akamaiUserRisk properties
Show akamaiUserRisk properties
The action of the Akamai user risk assessment.
The allowed status of the Akamai user risk assessment.
The email domain of the user.
The general risk of the Akamai user risk assessment.
The OUID of the user.
The request ID of the user.
The risk of the Akamai user risk assessment.
The score of the Akamai user risk assessment.
The status of the Akamai user risk assessment.
The trust of the Akamai user risk assessment.
The username of the user.
The UUID of the Akamai user risk assessment.
event.authorization
An object containing information describing the authorization granted to the user who is logging in.
Hide authorization properties
Hide authorization properties
An array containing the names of a user’s assigned roles.
event.client
Information about the Client with which this password reset transaction was initiated.
event.connection
Details about the Connection that was used to authenticate the user.
Hide connection properties
Hide connection properties
The connection’s unique identifier.
Metadata associated with the connection.
The name of the connection used to authenticate the user (such as
twitter or some-g-suite-domain).The type of connection. For social connections,
event.connection.strategy === event.connection.name. For enterprise connections, the strategy is waad (Windows Azure AD), ad (Active Directory/LDAP), auth0 (database connections), and so on.event.custom_domain
event.organization
event.prompt
event.request
Details about the request that initiated the transaction.
Hide request properties
Hide request properties
The body of the POST request. This data will only be available during refresh token and Client Credential Exchange flows and Post Login Action.
The hostname that is being used for the authentication flow.
The originating IP address of the request.
The language requested by the browser.
The HTTP method used for the request
The query string parameters sent to the authorization request.
The value of the
User-Agent header received when initiating the transaction.event.secrets
Secret values securely associated with this Action.
event.stats
Login statistics for the current user.
Hide stats properties
Hide stats properties
The number of times this user has logged in.
event.tenant
Details about the Tenant associated with the current transaction.
Hide tenant properties
Hide tenant properties
The name of the tenant.
event.transaction
Details about the current transaction.
Hide transaction properties
Hide transaction properties
Correlation ID can be provided in the initial authentication request when the application redirects to Universal Login. You can use value to correlate logs and requests from your Action code with the user flow.
The locale to be used for this transaction as determined by comparing the browser’s requested languages to the tenant’s language settings.
Hint to the Authorization Server about the login identifier the End-User might use to log in (if necessary).
An opaque arbitrary alphanumeric string your app adds to the initial request that Auth0 includes when redirecting back to your application.
The ui_locales provided in the original authentication request.
event.user
An object describing the user on whose behalf the current transaction was initiated.
Hide user properties
Hide user properties
Custom fields that store info about a user that influences the user’s access, such as support plan, security roles, or access control groups.
Timestamp indicating when the user profile was first created.
(unique) User’s email address.
Indicates whether the user has verified their email address.
User’s family name.
User’s given name.
Timestamp indicating the last time the user’s password was reset/changed. At user creation, this field does not exist. This property is only available for Database connections.
User’s full name.
User’s nickname.
User’s phone number.
Indicates whether the user has verified their phone number.
URL pointing to the user’s profile picture.
Timestamp indicating when the user’s profile was last updated/modified.
(unique) User’s unique identifier.
Custom fields that store info about a user that does not impact what they can or cannot access, such as work address, home address, or user preferences.
(unique) User’s username.
An array of authentication factors that the user has enrolled. Empty array means the user has no enrolled factors. If enrolledFactors is undefined, the system was unable fetch the information, the user may or may not have enrolled factors.
Contains info retrieved from the identity provider with which the user originally authenticated. Users may also link their profile to multiple identity providers; those identities will then also appear in this array. The contents of an individual identity provider object varies by provider.
Hide identities element properties
Hide identities element properties
Name of the Auth0 connection used to authenticate the user.
Indicates whether the connection is a social one.
User information associated with the connection. When profiles are linked, it is populated with the associated user info for secondary accounts.
Name of the entity that is authenticating the user, such as Facebook, Google, SAML, or your own provider.
User’s unique identifier for this connection/provider.