> ## Documentation Index > Fetch the complete documentation index at: https://auth0.com/llms.txt > Use this file to discover all available pages before exploring further. > Learn about the password-reset-post-challenge Action trigger's event object, which provides contextual information about the trigger execution. # Actions Triggers: password-reset-post-challenge - Event Object The `event` object for the password-reset-post-challenge Actions trigger provides contextual information about the trigger execution. ## `event.authentication` Details about authentication obtained during the password reset flow. Contains the authentication methods a user has completed during their session. Array elements can be one of the following schemas: The name of the first factor that was completed. Values include the following: * `federated` A social or enterprise connection was used to authenticate the user as the first factor. * `pwd` A password was used to authenticate a database connection user as the first factor. * `passkey` A passkey was used to authenticate a database connection user as the first factor. * `sms` A Passwordless SMS connection was used to authenticate the user as the first factor. * `email` A Passwordless Email connection was used to authenticate the user as the first factor or verify email for password reset. * `phone_number` A phone number was used for password reset. * `mock` Used for internal testing. * May also be a URL denoting a custom authentication method (as second or later factor). The user completed multi-factor authentication (second or later factors). Allowed values: `mfa` Supplemental risk assessment. This is available only if the Akamai Integration is enabled and Akamai forwards the headers for the transaction. Supplemental signals sent from third party providers to assist in risk assessments. \[Early Access] Supplemental risk assessment. This is available only if Akamai Account Protector is enabled and Akamai forwards the headers for the transaction. The bot detection results as forwarded by Akamai Bot Manager. The type of the Akamai bot manager results. The action of the Akamai bot manager results. The bot category of the Akamai bot manager results. The bot score of the Akamai bot manager results. The bot score response segment of the Akamai bot manager results. The botnet ID of the Akamai bot manager results. The user risk detection results as forwarded by Akamai Account Protector. The action of the Akamai user risk assessment. The allowed status of the Akamai user risk assessment. The email domain of the user. The general risk of the Akamai user risk assessment. The OUID of the user. The request ID of the user. The risk of the Akamai user risk assessment. The score of the Akamai user risk assessment. The status of the Akamai user risk assessment. The trust of the Akamai user risk assessment. The username of the user. The UUID of the Akamai user risk assessment. ## `event.authorization` An object containing information describing the authorization granted to the user who is logging in. An array containing the names of a user's assigned roles. ## `event.client` Information about the Client with which this password reset transaction was initiated. The client id of the application the user is logging in to. An object for holding other application properties. The name of the application (as defined in the Dashboard). ## `event.connection` Details about the Connection that was used to authenticate the user. The connection's unique identifier. Metadata associated with the connection. The name of the connection used to authenticate the user (such as `twitter` or `some-g-suite-domain`). The type of connection. For social connections, `event.connection.strategy === event.connection.name`. For enterprise connections, the strategy is `waad` (Windows Azure AD), `ad` (Active Directory/LDAP), `auth0` (database connections), and so on. ## `event.custom_domain` Details about the custom domain associated with the current transaction. The custom domain name. Custom domain metadata as key-value pairs. ## `event.organization` Details about the Organization associated with the current transaction. The Organization identifier. The friendly name of the Organization. Metadata associated with the Organization. The name of the Organization. ## `event.prompt` Collected data from rendered custom prompts. The prompt ID. Fields and hidden fields data. Shared variables data. ## `event.request` Details about the request that initiated the transaction. The body of the POST request. This data will only be available during refresh token and Client Credential Exchange flows and Post Login Action. The hostname that is being used for the authentication flow. The originating IP address of the request. The language requested by the browser. The HTTP method used for the request The query string parameters sent to the authorization request. The value of the `User-Agent` header received when initiating the transaction. ## `event.secrets` Secret values securely associated with this Action. ## `event.stats` Login statistics for the current user. The number of times this user has logged in. ## `event.tenant` Details about the Tenant associated with the current transaction. The name of the tenant. ## `event.transaction` Details about the current transaction. Correlation ID can be provided in the initial authentication request when the application redirects to Universal Login. You can use value to correlate logs and requests from your Action code with the user flow. The locale to be used for this transaction as determined by comparing the browser's requested languages to the tenant's language settings. Hint to the Authorization Server about the login identifier the End-User might use to log in (if necessary). An opaque arbitrary alphanumeric string your app adds to the initial request that Auth0 includes when redirecting back to your application. The ui\_locales provided in the original authentication request. ## `event.user` An object describing the user on whose behalf the current transaction was initiated. Custom fields that store info about a user that influences the user's access, such as support plan, security roles, or access control groups. Timestamp indicating when the user profile was first created. (unique) User's email address. Indicates whether the user has verified their email address. User's family name. User's given name. Timestamp indicating the last time the user's password was reset/changed. At user creation, this field does not exist. This property is only available for Database connections. User's full name. User's nickname. User's phone number. Indicates whether the user has verified their phone number. URL pointing to the [user's profile picture](https://auth0.com/docs/users/change-user-picture). Timestamp indicating when the user's profile was last updated/modified. (unique) User's unique identifier. Custom fields that store info about a user that does not impact what they can or cannot access, such as work address, home address, or user preferences. (unique) User's username. An array of authentication factors that the user has enrolled. Empty array means the user has no enrolled factors. If enrolledFactors is undefined, the system was unable fetch the information, the user may or may not have enrolled factors. The type of authentication factor such as `push-notification`, `phone`, `email`, `otp`, `webauthn-roaming` and `webauthn-platform`. Additional options describing this instance of the enrolled factor. Contains info retrieved from the identity provider with which the user originally authenticated. Users may also link their profile to multiple identity providers; those identities will then also appear in this array. The contents of an individual identity provider object varies by provider. Name of the Auth0 connection used to authenticate the user. Indicates whether the connection is a social one. User information associated with the connection. When profiles are linked, it is populated with the associated user info for secondary accounts. Name of the entity that is authenticating the user, such as Facebook, Google, SAML, or your own provider. User's unique identifier for this connection/provider.