passkey_authentication_succeeded
This page is auto-generated from
src/auth/stytch-invite.ts. Do not edit by hand — seedocs/dev/docs-auto-sync.md.
Event string
Section titled “Event string”passkey_authentication_succeeded
Emitting helpers
Section titled “Emitting helpers”| Function | Source |
|---|---|
encodePasskeyAuthenticationSucceededAuditReason | src/auth/stytch-invite.ts:346 |
Context fields
Section titled “Context fields”| Field | Type | Required | Notes |
|---|---|---|---|
member_id | string | yes | — |
credential_row_id | string | yes | — |
credential_id | string | yes | — |
counter_before | number | yes | — |
counter_after | number | yes | — |
sign_in_mode | "button" | "autofill" | no | #464 PR #4 — conditional-UI / autofill discriminator. Distinguishes the explicit “Sign in with passkey” button path (“button”) from the WebAuthn conditional-mediation autofill path (“autofill”) the browser triggers from the username field. Optional + defaults to “button” when absent so PR #3’s existing call sites (which predate the conditional-UI route) keep type-checking unchanged. |
Documentation
Section titled “Documentation”Emitted from POST /admin/ui/login/passkey/complete after a successful verifyAuthenticationResponse + counter UPDATE. Replaces the deprecated {@link encodePasskeyLoginSucceededAuditReason}; event string renamed passkey_login_succeeded → passkey_authentication_succeeded to match the W3C “authentication ceremony” term — SIEM consumers should update their saved searches when PR #3 flips PASSKEY_ENABLED=true.
This envelope is stored in audit_log.decision_reason (varchar(256)) as a JSON object with the shape { event, ...ctx }. The audit_log row carries tenant_id, actor_user_id, and timestamp as columns alongside — those are not duplicated in the envelope.