Using APIs

User Event API Overview

The User Event application programming interface (User Event API) allows you to import your users' security-related events or training activities from external sources and push them into your KSAT console. Once imported, any of your custom events will appear on the Events Timeline of affected users and may impact users' Personal Risk Score. You can influence the Risk Score of your users by adding custom events that carry a positive, negative, or neutral risk value.

For full details about the User Event API, as well as sample requests, visit our User Event API developer documentation. If you decide to use KnowBe4's User Event API, review the sections below to see how you can manage your API usage and how custom events can strengthen your security awareness training.

Note: A Platinum/Diamond subscription level is required for access to the User Event API Management Console.

User Event API Management Console

The User Event API management console is a central location for you to monitor, create, and track the usage of any of your User Event API keys. You can access the management console from the Account Integrations section of your KSAT Account Settings page. The management console is divided into three main tabs: Call History, Stats, and API Key. For more information about each tab, see below:

The Call History tab will display a table of all of the API calls that were processed using your KSAT console.

Status ID API Key Events Created Errors Date Processed
A unique identifier generated for each API call. The name of the API key used to make the API call. The number of user events created as a result of the API call. All of the errors received during the API call.

The date and time the API request was processed.Format:mm/dd/yyyy, h:mm a

Visit the Stats tab to monitor your monthly and annual API usage.

  • Monthly Quota: This progress circle chart shows your monthly API usage. The chart shows the percentage of API calls made in relation to the number of API calls allowed. You are allowed 10 calls per seat per day each month.
  • Annual Quota: This bar graph shows your annual API usage. The data is broken down by your monthly quota for each month over a 12-month time period.

Use the API Key tab to create one or more API keys. Your API key will be used to authenticate your KSAT console when making an API call or request. To create an API key, follow the steps below:

  1. In the Name field, enter a unique name for your API key. If you plan on creating multiple API keys, we recommend using a meaningful name to best reflect the intended use of the key.
  2. Click the Create API Key button. The User Events API Token pop-up window will open.
  3. Click the User Events API token to copy the token. Make sure to save your copied API token somewhere that you can easily access. After you close this window, you will not be able to view this token again.
  4. Click OK.

Repeat the steps above to create as many API keys as you would like. Once created, any of your API keys will be listed in a table under the API Key tab.

Key Name Actions
A unique identifier used to authenticate an API request associated with your KSAT console. To copy the key string, click on the clipboard icon to the right. The custom name you assigned to your API key when it was created. You have the option to permanently delete an API key. To delete a key, click on the trash can icon.
Note: If you delete an API key, a record of the key's usage will still be available under the Call History tab.
Note: Reporting APIs and User Event APIs do not share an API key. Reporting API keys can be generated in your KSAT Account Settings under the API section.

User Event API Use Cases

Listed below are examples of how custom events can be used to strengthen your security awareness training. To create a Smart Group with custom events, see the Custom Event Criteria section of our Smart Groups Overview.

Event Type Example Events Use Case
Physical Security


Unlocked ComputerLost/Stolen Equipment

Enroll users in an event-specific training campaign. For example, you can assign a physical security training module from the ModStore to all users involved in a physical security event.
Social Engineering


Out of Office

Enroll users in a custom phishing campaign based on employee information. For example, you can send an email template with a coupon to a local restaurant to all users with a birthday in the current month.
Third-Party Security

Non-simulated Phishing Incidents

Attempts to Visit Blocked Websites

Password Lockouts

Track a user's involvement in a third-party security incident. You can use this information to select event-specific training content from the ModStore for enrollment or to influence a user's Personal Risk Score.
Professional Development CertificationsTraining from another LMS Track a user's external training and accomplishments that contribute to their security awareness. This information can be used to influence a user's Personal Risk Score.

Can't find what you're looking for?

Contact Support