What the auth events mean, in normal language.
This guide explains common sign-in, recovery, and certificate events without changing trust, recovery, or certificate semantics. Use it when an event label appears in auth history, security brief, support screenshots, or privacy exports and you want the human explanation behind it.
—Explained events
—Recent local matches
—Recovery terms
—Trust terms
Signed-out safe: reading this glossary does not confirm whether any account, passkey, SSO link, or recovery contact exists for a specific email address.
How to read these event names
Event labels are compact on purpose. The explainer below translates them into plain language and calls out the safety boundary around each one.
Descriptive, not authoritativeAn event can explain what happened without granting or revoking trust. Canonical trust decisions still live in the underlying auth and certificate systems.
Signed-out copy stays non-enumeratingRecovery and sign-in wording should never reveal whether a specific account exists before the user is authenticated.
Audit terms can be groupedUI pages often group multiple raw events into a single summary like “recent auth changes” or “session posture”. This page helps unpack those groupings.
Recent local event matches
If this browser has cached auth events, the list below shows which glossary entries match recent activity. It is browser-local and may be incomplete.
Loading recent matches…This section checks cached browser audit data only.