TenantSecurityCredentialStuffing

Stores when a user successfully logs in to Salesforce during an identified credential stuffing attack. For more information, see Threat Detection. This object is available to Security Center subscribers in API version 53.0 and later.

Threat Detection is available only for Event Monitoring subscribers.

Note

Supported Calls

describeSObjects(), getDeleted(), getUpdated(), query(), retrieve()

Special Access Rules

Read only

Fields

Field	Details
AcceptLanguage	Type string Properties Filter, Group, Nillable, Sort Description List of HTTP headers that specify the natural language, such as English, that the client understands.
DetailIdentifier	Type string Properties Filter, Group, idLookup, Sort Description The ID of the individual detail record. This field is unique within your org.
EventDate	Type dateTime Properties Filter, Nillable, Sort Description The date when the hijacking event was reported. For example, 2020-01-20T19:12:26.965Z. Milliseconds are the most granular setting.
EventIdentifier	Type string Properties Filter, Group, idLookup, Nillable, Sort Description The unique ID of the event.
EventName	Type string Properties Filter, Group, idLookup, Nillable, Sort Description The name of the event, which is Credential Stuffing.
LoginType	Type string Properties Filter, Group, Nillable, Sort Description The type of login used to access the session. For the list of possible values, see the LoginType field of LoginHistory in the Object Reference.
LoginUrl	Type string Properties Filter, Group, Nillable, Sort Description The URL of the login page. For example, login.salesforce.com.
MetricIdentifier	Type string Properties Filter, Group, Sort Description The ID of the type of metric that was counted.
MetricsType	Type picklist Properties Filter, Group, Restricted picklist, Sort Description The type of data collected.
Name	Type string Properties Filter, Group, idLookup, Sort Description The name of the metric for the data collected.
Score	Type double Properties Filter, idLookup, Nillable, Sort Description Indicates that a user successfully logged in to Salesforce during an identified credential stuffing attack. The value of this field is always 1.
Summary	Type textarea Properties Nillable Description A summary of the threat that caused this event to be created.
Tenant	Type string Properties Filter, Group, idLookup, Sort Description The ID of the tenant that was targeted in the event.
TenantName	Type string Properties Filter, Group, idLookup, Nillable, Sort Description The name of the tenant that was targeted in the event.
UserAgent	Type textarea Properties Nillable Description UserAgent used in the HTTP request, post-processed by the server.
UserIdentifier	Type string Properties Filter, Group, Nillable, Sort Description The origin user’s unique ID.
Username	Type string Properties Filter, Group, idLookup, Nillable, Sort Description The origin username in the format of user@company.com at the time the event was created.

Object Reference for Salesforce and Lightning Platform

TenantSecurityCredentialStuffing

Supported Calls

Special Access Rules

Fields