Skip to main content
Solved

Regarding recording the executing account in AdminEvents

  • February 25, 2026
  • 6 replies
  • 54 views
K
Do Gooder (Partner)
Forum|alt.badge.img+3

The following URL states: [Any action an Administrator performs within IAM can be recorded for auditing purposes.]
https://docs.ifs.com/techdocs/24r2/030_administration/010_security/040_iam_settings/080_authentication_auditing/030_auditing_events/

We need to explain AdminEvents logs to customers, but there is no clear explanation.
Customers cannot understand AdminEvents logs.

[Confirmation Point 1]
Does “Administrator” refer to a specific account in the Users function?
Example: IFSADMIN

[Confirmation Point 2]
Does “Administrator” refer to an account possessing the permissionset: FND_ADMIN in the Users function?

[Confirmation Point 3]
Does the AdminEvents log record information identifying the executing account?

Best Regards.

Best answer by Janitha Jinarajadasa

@KeyYasusW

Yes. There is no way to get the user account which performed the action.

[Points to Confirm]
>AdminEvents does not record which account executed the event. Is this correct? YES
>There is no way to track which account executed the event. Is this correct? YES

6 replies

Dharmendra
Hero (Employee)
  • Dharmendra
  • Hero (Employee)
  • February 25, 2026

Hi ​@KeyYasusW,
 

You will see the entry when someone performs any of the activities listed below. For example, if an IAM client user is created, updated, deleted, if you set temp password for a user or Expire Password…..etc, this action will be recorded in the Admin Events screen, as described in the IFS technical documentation.

Admin Event types:

  • CLIENT_DELETE
  • CLIENT_INFO
  • CLIENT_INITIATED_ACCOUNT_LINKING
  • CLIENT_LOGIN
  • CLIENT_REGISTER
  • CLIENT_UPDATE
  • CUSTOM_REQUIRED_ACTION
  • DELETE_ACCOUNT
  • EXECUTE_ACTIONS
  • EXECUTE_ACTION_TOKEN
  • FEDERATED_IDENTITY_LINK
  • GRANT_CONSENT
  • INVALID_SIGNATURE
  • REMOVE_FEDERATED_IDENTITY
  • REVOKE_GRANT


I hope this information is helpful. Thank you!


Best Regards,
Dharmendra

Follow: linkedin.com/in/dharmendaribc
K
Do Gooder (Partner)
Forum|alt.badge.img+3
  • KeyYasusW
  • Author
  • Do Gooder (Partner)
  • February 26, 2026

Thank you for sharing this information.

I understand that logs are recorded when these events occur, as described in the manual.

However, I still do not understand because [Confirmation Point 1] through [Confirmation Point 3] remain unclear.
Please share information regarding [Confirmation Point 1] through [Confirmation Point 3].

Best Regards.

J
Superhero (Employee)
Forum|alt.badge.img+16

Hi ​@KeyYasusW 

Admin Events are an audit trail of administrative actions performed inside the IAM and They record what kind of IAM operation occurred.

The term Administrator refers to an actor performing IAM administration, but does not define this as a specific user account or permission set.
Admin Events are therefore best interpreted as IAM activity tracking, not a full Who did what security audit comparable to database or application audit logs.

K
Do Gooder (Partner)
Forum|alt.badge.img+3
  • KeyYasusW
  • Author
  • Do Gooder (Partner)
  • March 17, 2026

Thank you for the information.

However, it’s disappointing that I haven’t received a clear answer.
I would really appreciate a response.


AdminEvents:
 Records of events that have occurred, as listed in the manual and treated as administrative events.

[Points to Confirm]
>AdminEvents does not record which account executed the event. Is this correct? YES or NO?
>There is no way to track which account executed the event. Is this correct? YES or NO?


Best Regards.

J
Superhero (Employee)
Forum|alt.badge.img+16

@KeyYasusW

Yes. There is no way to get the user account which performed the action.

[Points to Confirm]
>AdminEvents does not record which account executed the event. Is this correct? YES
>There is no way to track which account executed the event. Is this correct? YES

K
Do Gooder (Partner)
Forum|alt.badge.img+3
  • KeyYasusW
  • Author
  • Do Gooder (Partner)
  • March 17, 2026

Thank you for providing such clear confirmation.

Now that we understand the specifications of IFSCloud’s AdminEvents,
we will discuss the operational procedures regarding logs with the customer based on this information.

Thank you very much for your assistance with these detailed clarifications.

Terms & ConditionsCookie settingsAccessibility statement