Docs/Event Types

Event Types Reference

All audit and system events tracked by SatGate. Visible in the Audit Log and available via webhooks.

Events are recorded to the audit log with tenant isolation. Configure notification channels to receive real-time alerts for critical events like budget.exceeded or token.banned.

Configuration

5 events

config.createdNew gateway configuration created

config.updatedConfiguration updated

config.appliedConfiguration applied to running gateway

config.deletedConfiguration deleted

config.rollbackConfiguration rolled back to previous version

Routes

3 events

route.createdNew API route added

route.updatedRoute configuration updated

route.deletedRoute removed

Tokens

4 events

token.mintedNew capability token (macaroon) minted via admin API

token.revokedToken revoked by admin — all child tokens also invalidated

token.bannedToken banned by identifier

token.expiredToken expired (TTL reached)

Mint (Trust Broker)

12 events

mint.enabledMint service enabled for tenant

mint.disabledMint service disabled

mint.key.rotatedMint root key rotated

mint.provider.createdIdentity provider added

mint.provider.updatedIdentity provider configuration updated

mint.provider.deletedIdentity provider removed

mint.policy.createdAgent policy created

mint.policy.updatedAgent policy updated

mint.policy.deletedAgent policy deleted

mint.policy.activatedAgent policy activated

mint.token.issuedMacaroon issued via Mint exchange (identity → macaroon)

mint.token.deniedMint exchange denied (no matching policy, invalid JWT, etc.)

Delegation

2 events

delegation.createdChild token delegated from parent

delegation.revokedDelegated token revoked (cascade from parent or direct)

Budget

3 events

budget.createdBudget allocation created for agent/token

budget.updatedBudget allocation modified

budget.exceededAgent exceeded budget limit — requests now return HTTP 402

Users & Sessions

10 events

user.invitedUser invited to tenant

user.joinedUser accepted invite and joined tenant

user.removedUser removed from tenant

user.role_changedUser role changed (e.g., member → admin)

user.loginUser logged in

user.logoutUser logged out

user.invite_cancelledPending invite cancelled

session.createdNew session created

session.revokedSession revoked

session.expiredSession expired

API Keys

2 events

apikey.createdAPI key created for programmatic access

apikey.revokedAPI key revoked

Billing

3 events

billing.plan_changedSubscription plan changed (e.g., Free → Pro)

billing.payment_failedPayment failed

billing.invoice_paidInvoice paid successfully

Security

4 events

security.setting_changedSecurity setting modified

security.ip_allowlistIP allowlist updated

security.mfa_enabledMulti-factor authentication enabled

security.mfa_disabledMulti-factor authentication disabled

Notifications

4 events

notification.channel.createdNotification channel added (Slack, Discord, email, etc.)

notification.channel.updatedNotification channel configuration updated

notification.channel.deletedNotification channel removed

notification.channel.testedTest notification sent to channel

Audit

4 events

audit.exportedAudit log exported

billing.exportedBilling data exported

impersonation.startedAdmin started impersonating another user

impersonation.endedAdmin ended impersonation session

56 event types across 12 categories