Details
Assignee
UnassignedUnassignedReporter
radoslaw.szulgoradoslaw.szulgoLabels
Needs QA
YesNeeds Doc
YesPriority
Medium
Details
Details
Assignee
Unassigned
UnassignedReporter
radoslaw.szulgo
radoslaw.szulgo
Labels
Needs QA
Yes
Needs Doc
Yes
Priority
MediumSmart Checklist
Smart Checklist
Smart Checklist
Created February 14, 2025 at 2:18 PM
Updated February 24, 2025 at 5:33 PM
User story
As a security administrator,
I want to log and audit OIDC authentication events,
So that I can monitor and troubleshoot authentication-related issues.
Problem description
It is difficult to track authentication attempts and troubleshoot issues without proper logging.
Acceptance criteria
Authentication attempts (success/failure) are logged.
Logs include relevant details such as user identity, token expiration, and roles.
Logs are compatible with existing Percona auditing mechanisms (schema).
Ensure logs comply with security best practices (no sensitive data leakage).
Integrate with MongoDB audit logging mechanisms.
Design / Solution Proposal
Implement structured logging for OIDC authentication events - based on current implementation