For AI agents: a documentation index is available at the root level at /llms.txt and /llms-full.txt. Append /llms.txt to any URL for a page-level index, or .md for the markdown version of any page.
Contact UsSign In
HomeIntegrationsGuidesBrand Assets
HomeIntegrationsGuidesBrand Assets
    • Overview
  • IAM Platforms
  • OIDC
    • Overview
    • Configuration
    • Integration
    • Best Practices
    • PKCE
  • SAML
    • Overview
    • Configuration
    • Integration
    • Best Practices
  • OAuth 2.0
    • Overview
    • Integration
    • PKCE
    • Error Codes
  • Shared Signals Framework
    • Registration and Transmission
  • Mobile SDK
    • Overview
    • Android
    • iOS
    • Video Demos
  • API
    • Applications API
    • Document Passback API
      • Overview
        • GETGet an event by ID
  • Learn More
    • Language Support
LogoLogo
Contact UsSign In
On this page
  • What is an event?
  • Event categories
  • Why use the Events API?
  • How to receive events
  • Getting started
  • Related resources
APIEvents API

Events API overview

Was this page helpful?
Edit this page
Previous

Get an event by ID

Next
Built with

ID.me Events give your organization a structured, consent-gated record of every member interaction with your integration, from first authentication through ongoing account activity and security signals. For developers, this means a queryable event log you can use to build audit trails, trigger workflows, and detect anomalies. For compliance and security teams, it means a tamper-evident record that satisfies regulatory reporting requirements and supports fraud investigation.

What is an event?

Every meaningful action a member takes within an ID.me-integrated application generates an event record. Each record captures the full context of that action:

FieldDescription
eventThe event type name
identifierThe member’s unique ID.me identifier
emailThe member’s email address
applicationThe integration the event occurred within
sessionSession identifier for the interaction
fingerprintDevice fingerprint
ipaddressMember’s IP address at the time of the event
useragentBrowser or client user agent string
tracked_atISO 8601 timestamp of when the event occurred
Example response
1{
2  "event": "session.signin",
3  "identifier": "a1b2c3d4e5f6",
4  "email": "member@example.com",
5  "application": "Your Integration Name",
6  "session": "sess_abc123",
7  "fingerprint": "fp_xyz789",
8  "ipaddress": "203.0.113.42",
9  "useragent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36",
10  "tracked_at": "2024-03-15T14:32:10+00:00"
11}

Event categories

Events are organized into four high-level categories:

CategoryWhat’s captured
AuthenticationSign-in attempts, sign-out actions, session state changes, and failed or timed-out sessions
VerificationIdentity verification initiation, progress milestones, and completion — including liveness checks
MFA and security signalsMulti-factor authentication delivery and responses, recovery actions, forced credential resets, and account suspension or reinstatement
ConsentMember consent grants, denials, and revocations for sharing identity data with your integration

Events are only available for members who have explicitly granted consent to your integration. Events that occur before consent is recorded are held and released together once consent is confirmed, ensuring your integration always receives a complete picture.

Why use the Events API?

Audit and compliance

Maintain a tamper-evident, time-stamped record of every member interaction with your integration. Meet regulatory reporting requirements and support legal hold without building your own logging infrastructure.

Fraud detection

Access near-real-time signals when a member’s account is suspended, their credentials are force-reset, or account recovery is triggered — so your system can immediately gate access or flag the session for review.

Account lifecycle management

Know when a member’s verified status or consent changes. Use these signals to update access permissions, prompt for re-authentication, or archive stale identity data in compliance with your data retention policies.

Session forensics

Access IP address, device fingerprint, and user agent data for every interaction. Correlate events across sessions to detect anomalies and support security investigations.

How to receive events

ID.me provides three mechanisms for accessing event data:

Events API (this guide)
Query a specific event by its unique ID using a bearer token. Suited for on-demand lookups, audit log retrieval, and verification workflows where you already have a reference to the event.

Webhooks
Push-based delivery of events to your endpoint as they occur. ID.me routes matching events to your configured receiver in near real time. Contact your account team to configure webhook delivery for your integration.

Shared Signals Framework (SSF/RISC)
OpenID-standard push delivery scoped to account security signals — account suspension, credential resets, and recovery events. Designed for security-critical workflows where low latency matters. See the SSF Overview for details.

Getting started

1

Create a developer account

Sign in to the ID.me Developer Portal to create your account. If you already have an account, sign in and navigate to your integration dashboard.

2

Request API credentials

Work with your ID.me account team to provision Events API credentials for your integration. Your credentials are scoped to your specific integration — you only receive events generated within your application.

3

Make your first request

Retrieve a specific event by its ID using your bearer token:

Example
$GET https://events-api.idme.cc/private/v0/events/{id}
$Authorization: Bearer <your-api-token>

A successful response returns the full event record for that ID. See the ID.me Events API reference in this section for the complete response schema and error codes.

Related resources

  • SSF Overview — Push-based delivery for account security signals using the OpenID RISC standard
  • Contact us — Get in touch with your account team to provision credentials or configure webhook delivery