Devices Documents
Veridium server maintains internally the list of devices. Each device gets an unique internal ID in form of UUID.
Each device is linked to an account, this being modeled by two fields: accountID (the internal Veridium account ID) and accountExternalID (the account ID imported from the Active Directory). Also, each device also has a deviceType, which can be
phone
desktop
friend – used for devices which are part of the infrastructure and use the Veridium Server API
admin – used for the devices which allow users to connect to Veridium Admin
Devices are linked to a certificate, by the fields representing the Certificate UUID (the internal Veridium ID of the certificate), Certificate Expiration Time and Certificate Fingerprint. Also, they carry information about the OS they are running on (OS name, OS version, OS patch) and the App and SDK version they are using.
Another aspect is that Veridium Server has an internal device management policy with groups and roles.
Each device is part of one or more groups and each group has a list of associated roles. The internal roles are used to gain access for certain internal Veridium resources.
Lastly, each device has a set of biometric capabilities which can be used during authentications, such as TOTP, 4F, PIN, TOUCHID, VFACE, etc
Other fields:
Device name, commercial name, description, manufacturer
Device registration time
Whether the device is a system device or not
Whether the device is dormant or not
The device status, which can be NONE, ACTIVATED, BLOCKED_BY_ADMIN, BLOCKED_BY_OWNER, LOST, etc.
Storage format in Elasticsearch
In Elastic, device related data is stored in two index aliases:
devices - holds the current state of each device (serialized as JSON) together with a compact array of history logs.
device_history - holds each history log of a device in a separate document. It contains information about the action, the entire state of the device in that moment and the set of field changes brought by that specific action.
Devices Index
Devices are distributed in multiple indices, using an elasticsearch rollover policy that automatically creates and writes into a new index when the size of the current index goes beyond 50GB. The first index will be called devices-000001, the second devices-000002 and so on. The first index is manually created by the ElasticSearchSettingsUpdate migration task.
A document in an device index contains two main fields: device (holding the current state of the device) and actionLogs (compact array of history logs, NOT indexed). It can be used for searching data related to the current state of devices.
The device field contains the following searchable fields:
Field path | Functional Meaning | Mapping types | Notes | Example Values |
|---|---|---|---|---|
|
| searchable as keyword only |
| |
|
| searchable as keyword only |
| |
|
| searchable as keyword only |
| |
|
| searchable as keyword or text (individual/partial terms) |
| |
|
| searchable as keyword only |
| |
|
| searchable as keyword only (lowercase value) |
| |
|
| array of keyword searchable terms |
| |
|
| searchable as keyword only |
| |
|
| |||
|
| searchable as keyword only |
| |
|
| searchable as keyword only |
| |
|
| searchable as keyword or text (individual/partial terms) |
| |
|
| searchable as keyword |
| |
|
| searchable as keyword only (lowercase value) |
| |
|
|
| ||
|
| searchable as keyword only |
| |
|
| searchable as keyword only |
| |
|
| array of keyword searchable terms |
| |
|
| searchable as keyword only |
| |
|
|
| ||
|
| searchable as keyword only |
| |
|
| searchable as keyword or text (individual/partial terms) |
| |
|
| searchable as keyword or text (individual/partial terms) |
| |
|
| searchable as keyword or text (individual/partial terms) |
| |
|
| searchable as keyword or text (individual/partial terms) |
| |
|
| searchable as keyword or text (individual/partial terms) |
| |
|
| searchable as keyword only (lowercase value) |
| |
|
|
| ||
|
| searchable as keyword or text (individual/partial terms) |
|
Example of document:
{
"device": {
"id": "298cedef-d78b-4f40-9579-2637343144f6",
"accountExternalID": "johndoe@veridiumid.com",
"accountID": "ad27868d-0baf-4d70-85eb-0ae3d3bb7ff0",
"appVersion": "3.6",
"applicationId": "AD",
"authenticatorType": "CLIENT_FULL",
"biometricCapabilities": [
"TOTP",
"4F",
"NULL",
"PIN",
"TOUCHID",
"VFACE"
],
"bundleID": "com.veridiumid.authenticator",
"certExpirationTime": "2025-04-11T09:43:55.544+00:00",
"certUUID": "63425300-ECBD-4636-8924-6895792CF226",
"certificateFingerprint": "8E:74:B6:ED:07:B2:60:42:2A:38:93:69:2E:63:B0:5C:FE:F9:72:D9",
"commercialName": "Apple iPhone 13 Pro Max",
"description": "iPhone14,3 ' 17.4.1",
"deviceType": "PHONE",
"dormant": false,
"enrolmentRequestUUID": "6b6b2420-5b8d-4184-ac5a-105f635c19fc",
"externalId": "61865D1F-2BB5-4FA9-A064-6E2C2A0B5667",
"groups": [
"Administrators",
"Users"
],
"httpContextIP": "80.97.13.78",
"isSystemDevice": false,
"locale": "en",
"manufacturer": "Apple",
"name": "iPhone",
"os": "iOS",
"osPatch": "21E236",
"osVersion": "17.4.1",
"previousStatus": "NONE",
"status": "ACTIVATED",
"registrationTime": "2024-04-11T07:57:55.820+00:00",
"sdkVersion": "5.11.4",
}
},
"actionLogs": [...] // NOT INDEXED
}Devices History Index
Device history documents are distributed in indices using time window pattern. An index for each month following the pattern veridium.device_history-YYYY-MM (veridium.device_history-2024-02).
The index is automatically created when the first device history index request is received for the current month.
Documents are never individually deleted, only the entire index gets deleted according to the lifecycle policy.
A document in the device history index contains searchable fields related to the action itself (actionId, type, time, location, authorAccountId, authorDeviceId). Also, it contains the entire state of the device in that moment (the device field, which has the same searchable fields as above) and a set of searchable fieldChanges, storing all the fields that have changed compared to the previous version, with their previous and current value. It can be used for searching data related to specific mutations of a device.
An example of document:
{
"id": "ac03cfd9-1528-422e-b5e3-b72f0fdcaa3d",
"actionTime": "2024-04-11T09:43:55.580+00:00",
"actionType": "UPDATED",
"location": {
"ip": "80.91.11.71",
"countryCode": "RO",
"countryName": "Romania",
"regionCode": "IF",
"regionName": "Ilfov",
"city": "Dobroeşti",
"postalCode": "123456",
"coordinates": {
"lat": 12.3456,
"lon": 34.5678
}
},
"authorAccountId": "ad27868d-0baf-4d70-85eb-0ae3d3bb7ff0",
"authorDeviceId": "ad27868d-0baf-4d70-85eb-0ae3d3bb7ff0",
"device": {...} // the current state of the device, having the same structure as above
"fieldChanges": {
"certExpirationTime": {
"previousValue": "2025-04-11T09:31:16.437+00:00",
"currentValue": "2025-04-11T09:43:55.544+00:00"
},
"certificateFingerprint": {
"previousValue": "1D:5F:BA:95:0D:7C:86:96:52:7E:60:CC:B9:7D:87:96:5F:70:BD:42",
"currentValue": "69:9A:13:D8:AD:D4:5A:7B:E9:5E:0E:50:5C:A8:BC:27:09:EA:01:02"
},
"certUUID": {
"previousValue": "B4392F8B-7B9D-4A98-AF24-27F1EADA6E2A",
"currentValue": "63425300-ECBD-4636-8924-6895792CF226"
},
"osVersion": {
"previousValue": "17.4.0",
"currentValue": "17.4.1"
}
,... //other fields from the state that have changed in this specific history event
},
}