All Products
Document Center

ActionTrail:Audit events of STS

Last Updated:Apr 23, 2023

Security Token Service (STS) is integrated with ActionTrail. In the ActionTrail console, you can query the management events that are generated when you manage STS resources. ActionTrail can deliver management events to Logstores in Log Service or Object Storage Service (OSS) buckets. This way, you can audit the events in real time and locate the causes of issues.

ActionTrail generates management events when you manage cloud resources by using APIs or the Alibaba Cloud Management Console. The following table describes the management events of STS that you can query in the ActionTrail console.

Event name



Obtains a temporary identity credential to assume a role.


Obtains a temporary identity credential that is used to assume a role during Security Assertion Markup Language (SAML) role-based single sign-on (SSO).


Queries the identity information about the current caller.