User Activity API
The BindID Service exposes an HTTP /user/activity/fetch endpoint, which can be used to retrieve user authentication and transaction events.
Note: Each query is limited to a 30 day period and up to 100 results are returned in each response. However, multiple requests can be used to fetch additional results and cover multiple timeframes. Also, note that access token is valid for 60 minutes from the time it is issued.
HTTP Request
The API is invoked as a POST request to the following endpoint:
where <host-name> has the following value depending on the environment:
- Sandbox:
api.bindid-sandbox.io - Production:
api.bindid.io - Production EU:
api.eu.bindid.io
Request Headers
The POST request must include the following HTTP headers:
| Header Name | Description |
|---|---|
Authorization | Includes authorization for API access. For the header structure, see Introduction. |
Content-Type | Should be set to application/json. |
Request Parameters
The body for this POST request is a JSON object, with the following fields:
| Parameter | Description | Type |
|---|---|---|
fromTime | Required. Time from which user events are retrieved (inclusive), in unix-epoch milliseconds. | Number |
toTime | Required. Time to which user events are retrieved (exclusive), in unix-epoch milliseconds. The maximum value between the fromTime and toTime cannot be more than 30 days. | Number |
skip | Optional. Determines the number of events which are not retrieved, starting from the newest events. The maximum allowed value is 10,000. | Number |
subject_session_at | Optional. Access token for the BindID session. | String |
Request Example
Response Headers
The POST response includes the following HTTP headers:
| Header Name | Description |
|---|---|
Content-Type | Returns application/json |
Response Body
The JSON object in the body has the following structure:
| Field Name | Description | Type |
|---|---|---|
status_code | Indicates call success. | String |
data | Object containing user event information. | data |
data Object
| Field Name | Description | Type |
|---|---|---|
count | The number of returned user events (the maximum number of returned events is 100). | Number |
total | The total number of user events found during the specified timeframe (including events that were not retrieved). | Number |
events | Array containing the returned user events. | Array of events objects |
events Objects
| Field Name | Description | Type |
|---|---|---|
accessingDevice | Object that contains a description field (string) with details of the device used to create the event (OS type, OS version, browser type, and browser version). | accessingDevice |
app | Application ID of the app in which the event was created | String |
authenticatingDevice | Object that contains a description field (string) with details of the device used to authenticate the user (OS type, OS version, browser type, and browser version). | authenticatingDevice |
location | Object containing location details of the device used to create the event: city (string), state (string), and country (string). | location |
status | Indicates event success, can be success, failure, or incomplete (for events that were not completed). | String |
sub | Unique ID of the user who created the event. | String |
timestamp | Time the event occurred, in unix-epoch milliseconds. | Number |
userAlias | Alias of the user who created the event, if one was set. | String |