How to approach de-anonymising events from the events API?
We'd like to be able to create alerts based on access patterns to sensitive users accounts however are restricted because of the response from the events API for ItemUsage events. As can be seen in the sample taken from https://support.1password.com/events-api-reference/#itemusage-object the object contains a reference to item_uuid and a vault_uuid.
We'd need to get these uuid's into name of the item/vault to be able to create alerts. For example "abcd1234" => "test@test.com".
It seems that the only way to do this is by deploying a connect server which periodically generates a mapping from item_uuid => name. It seems like a lot of work for a reasonably small piece of information and abusing the intended purpose of the connect server which is more for secrets automation. Has anyone done something like this before?
1Password Version: Not Provided
Extension Version: Not Provided
OS Version: Not Provided
Referrer: forum-search:events api
Comments
-
Hi @wezham,
Our integrations specialists will be happy to help. First, to get in contact with them, please send an email to
support@1password.com
using the email address associated with your 1Password account. After you send the email, please feel free to post the ticket number you receive so we can locate your message and connect it with this Community discussion.0