# Stolen credentials added A set of stolen credentials have been added. Endpoint: POST stolen-credentials-added Version: v1 Security: X-Signature ## Header parameters: - `X-Signature` (string, required) Example: "X-Signature: t=1492774577,v1=5257a869..." ## Request fields (application/json): - `version` (string, required) The version of the event. Example: "1" - `id` (string, required) The unique identifier for the event. This can be used as an idempotency key. Example: "c478966c-f927-411c-b919-179832d3d50c" - `timestamp` (integer, required) When the event occurred, formatted as a UNIX timestamp (in seconds). Example: 1698604061 - `category` (string, required) The category of the event. Enum: "AUDIT" - `object` (string, required) The object that was created. Enum: "STOLEN_CREDENTIALS_ADDED" - `actor` (object, required) This object contains details about the API Key used in the API request that triggered the audit log. - `actor.source` (string, required) The source of the action that generated the event. Enum: "API" - `actor.apiKeyName` (string, required) The name given to the API Key at creation time. - `actor.apiKeyCreatedBy` (string, required) The email address of the admin user that created the API Key. - `actor.sourceIpAddress` (string, required) The IP address of the actor. - `actor.userAgent` (string,null, required) The user agent of the actor, if available. - `new` (object, required) - `new.count` (integer, required) The number of stolen credentials added. Example: 10 - `description` (string) The description of the event. Note: this is subject to change and should not be used to match on this object. Example: "user@example.com added new stolen credentials" - `friendlyName` (string) The friendly name of this object. Note: this is subject to change and should not be used to match on this object. Example: "Stolen credentials added" ## Response 2XX fields