ThisData.NET is a .NET / C# client for the ThisData Login Intelligence API (https://thisdata.com).
Install the latest ThisData.NET package from Nuget
Install-Package ThisData.Net
Create a ThisData client
var thisdata = new ThisData.Client("YOUR API KEY FROM THISDATA");
Find the point in your code just after a login success, failure or password reset .
We recommend you use the TrackAsync
method to send data to the ThisData API
public void Track(string verb, string userId = "", string name = "", string email = "",
string mobile = "", string source = "", string logoUrl = "", string sessionId = "",
bool cookieExpected = false, string deviceId = "")
To track a successful log-in
thisdata.TrackAsync("log-in", userId: "john12345", name: "John Titor", email: "john+titor@thisdata.com");
userId
- string - A unique identifier for the username
- string The full name of the useremail
- string - An email address for sending unusual activity alerts tomobile
- E.164 format - A mobile number for sending unusual activity SMS alerts to. e.g. +15555555555source
- Used to indicate the source of the event and override company or app name in audit log and notificationslogoUrl
- Used to override logo used in email notificationssessionId
- If you use a database to track sessions, you can send us the session IDcookieExpected
- Send true when using our optional Javascript tracking library, and we'll know to expect a cookiedeviceId
- A unique device identifier. Typically used for tracking mobile devices
Event types are called Verbs
and are available as constants e.g. AuditMessageVerbs.LOG_IN
For a full list of supported verbs see http://help.thisdata.com/v1.0/docs/verbs
Use the Verify
method to enable contextual authentication in your app. It accepts the same parameters as the Track
event with the exception of the event type/verb.
public VerifyResult Verify(string userId = "", string name = "", string email = "", string mobile = "",
string source = "", string sessionId = "", bool cookieExpected = false)
Verify will return a risk score between 0->1 which indicates our level confidence that the user is who they say they are.
0.0 - low risk/high confidence it's the real user
1.0 - high risk/low confidence it's the real user
VerifyResult res = thisdata.Verify(userId: "john12345", deviceId: "xxx-xxx-xxx");
if(res.Score > 0.9){
// Step authentication, prompt for password or 2FA code
}
You can get a list of events enriched with their risk score and location data for use in custom audit logs.
public EventsResult GetEvents(string userId = "", string[] verbs = null, string source = "",
int limit = 50, int offset = 0, DateTime? after = null, DateTime? before = null);
Get last successful log-in time and location for a user.
EventsResult = thisdata.GetEvents(userId: "john12345", limit:1, verbs: new string[]{"log-in"});
string lastLoginCountry = EventsResult.Results[0].Location.Address.CountryName;
To extract the webhook body use the GetWebhookPayload
method which will return a ThisData.Models.WebhookPayload
object.
public WebhookPayload GetWebhookPayload(string secret = "")
Validates the webhook signature using a shared secret. If no secret is provided it defaults to your API Key
WebhookPayload payload = client.GetWebhookPayload("your-secret");
if (payload.WasUser.HasValue) // Its a user responding to a was this you notification
{
if (!payload.WasUser.Value)
{
// The user confirmed it was not them
ResetUserSession(payload.User.Id);
}
}
For more information about types of webhooks you can receive see http://help.thisdata.com/docs/webhooks
API Documentation is available at http://help.thisdata.com/docs/apiv1events.
Bug reports and pull requests are welcome on GitHub at https://github.com/thisdata/thisdata-dotnet