This site requires JavaScript to be enabled
External Customer KB > General > Notifications
Notifications
Article: KB0010459 Published: 04/01/2024 Last modified: 04/01/2024

OneLogin notifications are automated emails sent to users or administrators whenever certain conditions are fulfilled, such as alerting an account owner when their organization has run out of seat licenses, or notifying a locked-out user when their account has been unlocked. Your OneLogin account comes preconfigured with several existing notifications, but you can customize these for your organization's needs or create new notifications for various other events, such as when an Active Directory Connector fails.

 


 

Default Notifications

When your OneLogin tenant is created, it has the following notification emails prewritten and ready to send. Most are active by default, but some must be manually enabled before you or your users receive them.

Notify account owner of locked user

Sent to the account owner when a user has been locked out of OneLogin, providing a link for the user record where their account can be unlocked

*Disabled by default

Notify account owner for certificates about to expire

Sent to the account owner when a OneLogin certificate is due to expire, providing the certificate's name and link, the days remaining before expiration, and information on how to update certificates in OneLogin

Notify user of unlocked account

Sent to a user when their account has been unlocked, providing a sign-in link where they can access their account

*Disabled by default

Account approaching seat limit

Sent to the account owner when their OneLogin subscription is close to running out of seat licenses, providing the current and maximum number of seats on the current subscription and a link to their subscription management portal

Account at seat limit

Sent to the account owner when their OneLogin subscription has run out of seat licenses, providing a link to their subscription management portal

Notification for broken provisioning apps

Sent to the account owner when any application encounters a configuration error causing a provisioning failure, providing the app's error message and a link to configure the app's provisioning settings in OneLogin

Notification for throttled provisioning apps

Sent to the account owner when an app experiences temporary provisioning issues due to application throttling

 


 

Managing Notifications

To view and manage your notifications, go to Activity > Notifications in your OneLogin admin portal. Select any notification to view its details, and go to the More Actions menu for additional settings:

Enable/Disable

Activates or deactivates the current notification

Clone

Creates a new notification as a duplicate of the current notification

Delete

Permanently removes the current notification

 


 

Configuring Notifications

Click New Notification or select any existing notification to configure its conditions or message contents. You can also select the notification's title to rename it if desired; titles appear in your notification management but are not displayed to recipients, so should be descriptive of the notification's purpose.

Conditions

Use the + icon to add one or more conditions that will allow the notification email to be sent. There are four possible conditions to select, which can be thought of in two categories:

Event and Status conditions act as triggers that prompt the notification email when a user's event or status is changed, while Group and Roles conditions act as contingencies that can be used to narrow the scope of a notification to only users who are or are not assigned to given groups or roles.

All notifications must use at least one Event or Status condition. Notifications with only Group or Roles as conditions will not perform any actions.

Event

Select any event, and the notification will be triggered whenever the event occurs.

  • Event conditions cannot be combined with Status conditions. If both an Event and a Status condition are selected, the notification will not correctly trigger.
  • The is not selector cannot be used with Event conditions. If any condition displays Event is not, the notification will not trigger.
  • When adding multiple Event conditions to a single notification, the notification is triggered when any one of the chosen events is fulfilled.
  • When using an Event condition in combination with any other condition, the notification is sent only when all other conditions are fulfilled.
    • For example, if you add both a Group is condition and a Roles include condition, the notification will trigger only for members of that group who are also assigned to the selected role.

Status

Select any user status with the changed to or changed from conditional to trigger the notification when a user's status changes to or from that selection.

  • Status conditions cannot be combined with Event conditions. If both an Event and a Status condition are selected, the notification will not correctly trigger.
  • Only one each of the Status changed to and Status changed from conditions may apply.
    • For example, you may limit a notification to occur only when a user is changed from one selected status to another, but the notification will not trigger if you add multiple changed to or multiple changed from conditions.
  • When using a Status condition in combination with any other condition, the notification is sent only when all other conditions are fulfilled.
    • For example, if you add both a Group is condition and a Roles include condition, the notification will trigger only for members of that group who are also assigned to the selected role.

Group

Select any group with the is or is not conditional to include or exclude users already in that group from the Status notification conditions.

  • Affected users must already be in the given group to be considered in the notification. Changing a user's group, either manually or with a mapping, will not trigger the notification.
  • Group conditions must be paired with at least one Status or Event condition; if no status change or event is selected, the notification will not be triggered.
  • You may only configure one Group is condition. If multiple Group is conditions are selected, the notification will not be triggered.
  • When adding multiple Group is not conditions to a single notification, the notification is triggered only when the affected user is not a member of any selected group.
  • When combining a Group condition with a Role condition, the notification is only sent when all conditions are fulfilled.
    • For example, if you add both a Group is condition and a Roles include condition, the notification will trigger only for members of that group who are also assigned to the selected role.

Roles

Select any role with the include or do not include conditional to include or exclude users already assigned to that role from the Status notification conditions.

  • Roles conditions must be paired with at least one Status or Event condition; if no status change or event is selected, the notification will not be triggered.
  • Affected users must already have been assigned to the given role to be considered in the notification. Roles assigned simultaneously with a status change may not trigger the notification.
  • When adding multiple Roles conditions to a single notification, the notification is triggered only when all Roles selections apply to the user's role assignments.
  • When combining a Group condition with a Role condition, the notification is only sent when all conditions are fulfilled.
    • For example, if you add both a Group is condition and a Roles include condition, the notification will trigger only for members of that group who are also assigned to the selected role.

 


 

Example Conditions

Event is Created user AND Status changed to Active

This notification will not send, as Event and Status conditions cannot be combined.

Event is Create user failed AND Event is Failed to provision user to directory

This notification will send whenever any user creation or provisioning fails.

Status changed from Suspended AND Status changed to Active

This notification will send whenever any previously Suspended users have their status changed to Active.

It will not send when a previously Suspended user is changed to any other status, or when a user with a user who previously had any other status is changed to Active.

Status changed to Unactivated AND Status changed to Suspended

This notification will not send, as multiple Status changed to conditions cannot be selected.

Status changed to Password expired AND Group is Seasonal Contractors AND Roles do not include geo-amer

This notification will send whenever any seasonal contractor allows their password to expire unless they are currently assigned to the geo-amer role.

It will not send for users who are not in the Seasonal Contractors group, regardless of their role assignment, or for any users who have been assigned to the geo-amer role, regardless of their group membership.

Group is On-Site Employees AND Roles include dept-finance

This notification will not send, as Group and Roles conditions can only modify the scope of notifications triggered by the Status condition and cannot independently trigger notifications.

Actions

All notifications have one action configured by default, but more can be added with the + icon. For example, you may wish to include additional actions if you would like one email sent to the account owner and a different email simultaneously sent to the user when a particular event occurs.

Recipient

Select the email's recipient in the dropdown menu to the right of Email user. In addition to group admins for any specific groups you have configured, you can also choose from the following options:

Account owner

Notifies the owner of your organization's OneLogin tenant

Custom

Provides a text field for you to enter one or more email addresses, separated by commas

Tip! You can also use this field to indicate a custom field such as a secondary email address by entering {{user.custom_attribute_shortname}} with the shortname of your desired custom attribute.

Group admin

Notifies the administrator of the affected group

Super users

Notifies all users with super user privileges or above

User

Notifies the affected or acting user

Message

Customize the Subject and Body fields with your desired content. Notification emails are compatible with markdown formatting and template macros, and styled according to the email template customized in Branding.


Expand/Collapse Comments
:     
Was this helpful?
YesYesNoNo