Yandex Audit Trails event reference
Written by
Updated at April 3, 2026
Audit Trails supports monitoring of both control plane (configuration level) and data plane (service level) events for Yandex Identity Hub.
The general format of the event_type field value is as follows:
yandex.cloud.audit.organizationmanager.<event_name>
Control plane event reference
| Event name | Description |
|---|---|
AcceptInvitation |
Accepting an invitation |
ActivateMfaEnforcement |
Activating an MFA policy |
AttachRegion |
Connecting a region |
BindOrganizationAccessPolicy |
Binding an authorization policy in an organization |
CreateGroup |
Creating a user group |
CreateGroupMapping |
Configuring a federated user group mapping |
CreateInvitations |
Creating an invitation |
CreateMembership |
Adding a user to an organization |
CreateMfaEnforcement |
Creating an MFA policy |
CreateOrganization |
Creating an organization |
CreateOsLoginProfile |
Creating a profile OS Login |
CreateUserSshKey |
Creating an SSH user key |
DeactivateMfaEnforcement |
Deactivating an MFA policy |
DeleteGroup |
Deleting a user group |
DeleteGroupMapping |
Deleting a federated user group mapping |
DeleteInvitation |
Deleting an invite |
DeleteMembership |
Deleting a user from an organization |
DeleteMfaEnforcement |
Deleting an MFA policy |
DeleteOrganization |
Deleting an organization |
DeleteOsLoginProfile |
Deleting an OS Login profile |
DeleteUserSshKey |
Deleting an SSH user key |
idp.AddUserpoolDomain |
Associating a domain with a user pool |
idp.branding.CreateAsset |
Uploading a resource for branding |
idp.branding.CreateBranding |
Creating branding |
idp.branding.DeleteAsset |
Deleting a resource for branding |
idp.branding.DeleteBranding |
Deleting branding |
idp.branding.UpdateBranding |
Updating branding settings |
idp.ChangeOneTimePassword |
Updating a one-time password |
idp.ConvertUserToExternal |
Assigning a user an external folder synchronization flag |
idp.CreateUser |
Creating a local user |
idp.CreateUserpool |
Creating a user pool |
idp.DeleteUser |
Deleting a local user |
idp.DeleteUserpool |
Deleting a user pool |
idp.DeleteUserpoolDomain |
Deleting domain's association with a user pool |
idp.ReactivateUser |
Activating a local user |
idp.RemoveUserBlock |
Unblocking a user |
idp.SetUserPassword |
Setting a password for a local user |
idp.SetUserpoolAccessBindings |
Assigning access permissions for a user pool |
idp.SuspendUser |
Deactivating a local user |
idp.UpdateSubscriptionLimit |
Updating the subscription limit |
idp.UpdateUser |
Updating a local user |
idp.UpdateUserpool |
Updating a user pool |
idp.UpdateUserpoolAccessBindings |
Updating access permissions for a user pool |
idp.ValidateUserpoolDomain |
Validating a domain to associate with a user pool |
oauth.CreateApplication |
Creating an OIDC app |
oauth.DeleteApplication |
Deleting an OIDC app |
oauth.ReactivateApplication |
Activating an OIDC app |
oauth.SetApplicationAccessBindings |
Assigning access permissions for an OIDC app |
oauth.SuspendApplication |
Deactivating an OIDC app |
oauth.UpdateApplication |
Updating an OIDC app |
oauth.UpdateApplicationAccessBindings |
Updating access permissions for an OIDC app |
oauth.UpdateApplicationAssignments |
Updating a list of OIDC app users |
RejectInvitation |
Rejecting an invitation |
ResendInvitation |
Resending an invite |
SetDefaultProfile |
Setting the default profile |
SetGroupAccessBindings |
Assigning access permissions for a user group |
SetOrganizationAccessBindings |
Assigning access permissions for an organization |
saml.AddFederationDomain |
Associating a domain with a federation |
saml.AddFederatedUserAccounts |
Adding a user to a federation |
saml.CreateApplication |
Creating a SAML app |
saml.CreateFederation |
Creating an identity federation |
saml.CreateSignatureCertificate |
Creating a signature certificate |
saml.DeleteApplication |
Deleting a SAML app |
saml.DeleteFederation |
Deleting an identity federation |
saml.DeleteFederationDomain |
Deleting a domain |
saml.DeleteFederatedUserAccounts |
Deleting a user from a federation |
saml.DeleteSignatureCertificate |
Deleting a signature certificate |
saml.ReactivateApplication |
Activating a SAML app |
saml.ReactivateFederatedUserAccounts |
Activating a federated user |
saml.SetApplicationAccessBindings |
Assigning access permissions for a SAML app |
saml.SuspendApplication |
Suspending a SAML app |
saml.SuspendFederatedUserAccounts |
Deactivating a federated user |
saml.UpdateApplication |
Updating a SAML app |
saml.UpdateApplicationAccessBindings |
Updating access permissions for a SAML app |
saml.UpdateApplicationAssignments |
Updating a list of SAML app users |
saml.UpdateFederation |
Updating an identity federation |
saml.UpdateSignatureCertificate |
Updating a signature certificate |
saml.UploadSignatureCertificate |
Uploading a signature certificate |
saml.ValidateFederationDomain |
Validating a domain to associate with a federation |
UnbindOrganizationAccessPolicy |
Detaching an authorization policy in an organization |
UpdateGroup |
Updating a user group |
UpdateGroupAccessBindings |
Updating access permissions for a user group |
UpdateGroupMapping |
Updating a federated user group mapping |
UpdateGroupMembers |
Changing user group members |
UpdateMfaEnforcement |
Updating an MFA policy |
UpdateMfaEnforcementAudience |
Updating target users for an MFA policy |
UpdateOrganization |
Updating an organization |
UpdateOrganizationAccessBindings |
Updating access permissions for an organization |
UpdateOrganizationAccessPolicyBindingParameters |
Editing authorization policy parameters in an organization |
UpdateOsLoginProfile |
Updating an OS Login profile |
UpdateOsLoginSettings |
Editing OS Login settings |
UpdateSubscribers |
Updating a subscription list |
UpdateUserSshKey |
Updating an SSH user key |
Data plane event reference
| Event name | Description |
|---|---|
idp.AuthenticateByPassword |
Password authentication. |