-
Bug
-
Resolution: Duplicate
-
Low
-
None
-
2
-
Minor
-
Issue Summary
Audit logs do not capture events for two scenarios:
- Email address or Full name change of a user directly via managed accounts is not captured in Audit logs.
- IDP synced user removed from the group at IDP deactivates the account. The user's group removal is logged in the audit log but the user's deactivation event is not logged.
Steps to Reproduce
- Change the email address or full name of the user under the managed account for a user and check audit logs.
- For scenario 2: remove an IDP synced user from all IDP synced groups, this will deactivate the user, deactivated account event is not logged in audit logs through the user's group membership removal is logged.
Expected Results
The above-explained scenarios should be captured in audit logs.
Actual Results
Events for the explained scenarios are not captured in audit logs.
Workaround
Currently, there is no known workaround for this behavior. A workaround will be added here when available
- duplicates
-
ACCESS-1129 Add audit log when IDP synced user is removed from group in idp
- Gathering Interest
-
ID-8153 Add org-level audit log when name or email change is made to a managed user
- Gathering Interest
- is related to
-
ACCESS-1763 [Tracking in Issue Links] Organisation-level audit log feature requests
- Gathering Interest