Event Center


The Akeyless Event Center is your hub for everything event-related. This document will detail where you can access the Event Center, what it does, and how you can benefit from using it.

The Event Center can be accessed, by default, by Admins only, as well as users with explicit permissions, by clicking the bell icon at the top right-hand corner of the console screen, next to your user icon. Selecting the bell will also show you any pending notifications you might have from the Event Center, based on your settings. Setting up notification triggers will also be explained later in this guide.

Using the Event Center

The Akeyless Event Center shows your event logs in the form of a table and allows you to monitor, filter, and search through the different events that occur in your Akeyless account.

On the upper left-hand side of the table, you will see a few interactive buttons, including a refresh button, a filter button, and a forwarder button, which allow you to use your event data to your benefit or to search through it.

Event Types

Akeyless events are defined by object types, supporting:

For each object type, a Forwarder can be set to forward all events for a folder, path, and even a specific item inside Akeyless.

The following Events are currently supported:

For items-event-source-locations:

  • certificate-pending-expiration When a certificate is about to expire, users set and control this event directly from the PKI Issuer or from the Certificate item.
  • certificate-expired When a certificate is expired.
  • rotated-secret-success Upon successful automatic rotation.
  • rotated-secret-failure Upon automatic rotation failure, including the error details.
  • rotated-secret-partial-failure Upon automatic rotation partial failure, relevant for clusters, or Linked Target mode.
  • dynamic-secret-failure On general failure of a Dynamic Secret.
  • static-secret-updated When a Static Secret is set to trigger events on value changes.
  • usage_unused When a global event is set in the Account settings, for secrets that have not been used or changed within the defined interval.
  • usage_unrotated When a global event is set in the Account settings, for Rotated Secrets that have not been rotated within the defined interval.
  • request-access When a user requests access, either for privilege permission or for a Secure Remote Access session. Note: Relevant also for targets-event-source-locations.
  • apply-justification When the user provides a connection justification as part of the Secure Remote Access session.

For auth-methods-event-source-locations :

  • uid-rotation-failure On Universal Identity rotation failure, to track the automatic rotation.
  • auth-method-pending-expiration 30 days in advance before an Authentication Methods is about to expire.
  • auth-method-expired When an Authentication Methods is expired.
  • email-auth-method-approved When the invite of user based on Email Auth Method is approved.
  • multi-auth-failure When an auth attempt keeps failing, once blocked (after 5 consecutive attempts)

For gateways-event-source-locations:

  • gateway-inactive When a Gateway changes its state to inactive, must be set on the Gateway.

Event Forwarders

Event forwarders are tools you can configure through the Event Center to get notified on other platforms (e.g. email) when a certain event type happens. For example, one might want to be notified every time a certain Certificate is about to expire or when a user requests to access an item you have in your Akeyless Platform.

Event Forwarders can only be managed by Admins or by users with explicit permissions.



Event Forwarders require a running Gateway. Both Admins and authorized users need to have Access Permissions on at least one Gateway to create and manage Event Forwarders.

Forwarded Events Format

The following JSON structure describes the forwarded event's format:

	"Akeyless_Events": {
		"Certificate_Expired": [{
				"name": "<cert A name>"
				"name": "<cert b name>"
		"certificate_pending_expiration": [{
				"name": "<cert c name>"
				"name": "<cert D name>"
		"Request_Access": [{...}]
  "Certificate_Expired": [
      "name": "<Item Full Name>",
      "item_id": "<Item ID>",
      "payload": {
        "certificate_details": {
          "expires_at": "<Full Date>",
          "description": "<Item Description>"

For more information about creating and configuring event forwarders, refer to:

Email Event Forwarder

Webhook Event Forwarder

ServiceNow Event Forwarder