> ## Documentation Index
> Fetch the complete documentation index at: https://docs.authsignal.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Server SDKs - Actions

> Use Authsignal's server-side SDK methods for actions.

## Track Action

<Card title="API schema" icon="file-code" href="/api-reference/server-api/track-action" horizontal />

This method lets you track authentication actions performed by users and initiate challenges via the [Authsignal pre-built UI](/implementation-options/prebuilt-ui/overview), [Web SDK](/sdks/client/web/setup) or [Mobile SDK](/sdks/client/mobile/setup).

<CodeGroup>
  ```ts Node.js theme={null}
  const request = {
    userId: "dc58c6dc-a1fd-4a4f-8e2f-846636dd4833",
    action: "signIn",
    attributes: {
      redirectUrl: "https://yourapp.com/callback",
    },
  };

  const response = await authsignal.track(request);

  if (response.state === "CHALLENGE_REQUIRED") {
    // Present challenge via Authsignal pre-built UI URL
    const url = response.url;
  } else if (response.state === "ALLOW") {
    // Allow the user to sign in
  } else if (response.state === "BLOCK") {
    // Block the user from signing in
  }
  ```

  ```csharp C# theme={null}
  var request = new TrackRequest(
      UserId: "dc58c6dc-a1fd-4a4f-8e2f-846636dd4833",
      Action: "signIn",
      Attributes: new TrackAttributes(
          RedirectUrl: "https://yourapp.com/callback"
      )
  );

  var response = await authsignal.Track(request);

  if (response.State == UserActionState.CHALLENGE_REQUIRED) {
      // Present challenge via Authsignal pre-built UI URL
      var url = response.Url;
  } else if (response.State == UserActionState.ALLOW) {
      // Allow the user to sign in
  } else if (response.State == UserActionState.BLOCK) {
      // Block the user from signing in
  }
  ```

  ```java Java theme={null}
  TrackRequest request = new TrackRequest();
  request.userId = "dc58c6dc-a1fd-4a4f-8e2f-846636dd4833";
  request.action = "signIn";
  request.attributes = new TrackAttributes();
  request.attributes.redirectUrl = "https://yourapp.com/callback";

  TrackResponse response = authsignal.track(request).get();

  if (response.state == UserActionState.CHALLENGE_REQUIRED) {
      // Present challenge via Authsignal pre-built UI URL
      String url = response.url;
    } else if (response.state == UserActionState.ALLOW) {
      // Allow the user to sign in
    } else if (response.state == UserActionState.BLOCK) {
      // Block the user from signing in
    }
  ```

  ```ruby Ruby theme={null}
  response = Authsignal.track(
    user_id: "dc58c6dc-a1fd-4a4f-8e2f-846636dd4833",
    action: "signIn",
    attributes: {
      redirect_url: "https://yourapp.com/callback",
    }
  )

  case response[:state]
  when "CHALLENGE_REQUIRED"
      # Present challenge via Authsignal pre-built UI URL
      url = response[:url]
  when "ALLOW"
      # Allow the user to sign in
  when "BLOCK"
      # Block the user from signing in
  end
  ```

  ```python Python theme={null}
    response = authsignal.track(
      user_id="dc58c6dc-a1fd-4a4f-8e2f-846636dd4833",
      action="signIn",
      attributes={
        "redirectUrl": "https://yourapp.com/callback"
      }
    )

    if response["state"] == "CHALLENGE_REQUIRED":
      # Present challenge via Authsignal pre-built UI URL
      url = response["url"]
    elif response["state"] == "ALLOW":
      # Allow the user to sign in
      pass
    elif response["state"] == "BLOCK":
      # Block the user from signing in
      pass
  ```

  ```php PHP theme={null}
  $response = Authsignal::track([
      'userId' => "dc58c6dc-a1fd-4a4f-8e2f-846636dd4833",
      'action' => "signIn",
      'attributes' => [
          'redirectUrl' => "https://yourapp.com/callback"
      ]
  ]);

  switch ($response["state"]) {
      case "CHALLENGE_REQUIRED":
          // Present challenge via Authsignal pre-built UI URL
          $url = $response["url"]
          break;
      case "ALLOW":
          // Allow the user to sign in
          break;
      case "BLOCK":
          // Block the user from signing in
          break;
  }
  ```

  ```go Go theme={null}
  response, err := client.Track(
      TrackRequest{
          UserId: "dc58c6dc-a1fd-4a4f-8e2f-846636dd4833",
          Action: "signIn",
          Attributes: &TrackAttributes{
              RedirectUrl: "https://yourapp.com/callback",
          },
      },
  )

  switch response.State {
  case "CHALLENGE_REQUIRED":
      // Present challenge via Authsignal pre-built UI URL
      url := response.Url
      // Use url for redirect
  case "ALLOW":
      // Allow the user to sign in
  case "BLOCK":
      // Block the user from signing in
  default:
      // Handle unexpected state
  }
  ```
</CodeGroup>

Learn more about how to track actions to implement [MFA](/actions-rules/actions/implementing-mfa) or [passwordless login flows](/actions-rules/actions/passwordless-login).

## Get Action

<Card title="API schema" icon="file-code" href="/api-reference/server-api/get-action" horizontal />

This method lets you retrieve information about an action which was previously tracked.

<CodeGroup>
  ```ts Node.js theme={null}
  const request = {
    userId: "dc58c6dc-a1fd-4a4f-8e2f-846636dd4833",
    action: "signIn",
    idempotencyKey: "83d07321-9bba-4f08-a871-02e2af813b72",
  };

  const response = await authsignal.getAction(request);
  ```

  ```csharp C# theme={null}
  var request = new GetActionRequest(
      UserId: "dc58c6dc-a1fd-4a4f-8e2f-846636dd4833",
      Action: "signIn",
      IdempotencyKey: "83d07321-9bba-4f08-a871-02e2af813b72"
  );

  var response = await authsignal.GetAction(request);
  ```

  ```java Java theme={null}
  GetActionRequest request = new GetActionRequest();
  request.userId = "dc58c6dc-a1fd-4a4f-8e2f-846636dd4833";
  request.action = "signIn";
  request.idempotencyKey = "83d07321-9bba-4f08-a871-02e2af813b72";

  GetActionResponse response = authsignal.getAction(request).get();
  ```

  ```ruby Ruby theme={null}
  response = Authsignal.get_action(
      user_id: "dc58c6dc-a1fd-4a4f-8e2f-846636dd4833",
      action: "signIn",
      idempotency_key: "83d07321-9bba-4f08-a871-02e2af813b72")
  ```

  ```python Python theme={null}
  response = authsignal.get_action(
      user_id="dc58c6dc-a1fd-4a4f-8e2f-846636dd4833",
      action="signIn",
      idempotency_key="83d07321-9bba-4f08-a871-02e2af813b72"
  )
  ```

  ```PHP PHP theme={null}
  $response = Authsignal::getAction([
      'userId' => "dc58c6dc-a1fd-4a4f-8e2f-846636dd4833",
      'action' => "signIn",
      'idempotencyKey' => "83d07321-9bba-4f08-a871-02e2af813b72"
  ]);
  ```

  ```go Go theme={null}
  response, err := client.GetAction(
      GetActionRequest{
          UserId:         "dc58c6dc-a1fd-4a4f-8e2f-846636dd4833",
          Action:         "signIn",
          IdempotencyKey: "83d07321-9bba-4f08-a871-02e2af813b72",
      },
  )
  ```
</CodeGroup>

## Query Actions

<Card title="API schema" icon="file-code" href="/api-reference/server-api/query-actions" horizontal />

This method lets you retrieve a list of actions for a user, with optional filters for action codes and date range.

<CodeGroup>
  ```ts Node.js theme={null}
  const request = {
    userId: "dc58c6dc-a1fd-4a4f-8e2f-846636dd4833",
    // Optional filters
    codes: "signIn,withdrawFunds", // Comma-separated list of action codes
    fromDate: "2024-01-01T00:00:00Z", // ISO 8601 format
  };

  const actions = await authsignal.queryActions(request);
  ```

  ```csharp C# theme={null}
  var request = new QueryActionsRequest(
      UserId: "dc58c6dc-a1fd-4a4f-8e2f-846636dd4833",
      Codes: "signIn,withdrawFunds", // Comma-separated list of action codes
      FromDate: "2024-01-01T00:00:00Z" // ISO 8601 format
  );

  var actions = await authsignal.QueryActions(request);
  ```

  ```java Java theme={null}
  QueryActionsRequest request = new QueryActionsRequest();
  request.userId = "dc58c6dc-a1fd-4a4f-8e2f-846636dd4833";
  request.codes = "signIn,withdrawFunds"; // Comma-separated list of action codes
  request.fromDate = "2024-01-01T00:00:00Z"; // ISO 8601 format

  QueryActionsResponse actions = authsignal.queryActions(request).get();
  ```

  ```ruby Ruby theme={null}
  actions = Authsignal.query_actions(
    user_id: "dc58c6dc-a1fd-4a4f-8e2f-846636dd4833",
    codes: "signIn,withdrawFunds", # Comma-separated list of action codes
    from_date: "2024-01-01T00:00:00Z" # ISO 8601 format
  )
  ```

  ```python Python theme={null}
  actions = authsignal.query_actions(
      user_id="dc58c6dc-a1fd-4a4f-8e2f-846636dd4833",
      codes="signIn,withdrawFunds",  # Comma-separated list of action codes
      from_date="2024-01-01T00:00:00Z"  # ISO 8601 format
  )
  ```

  ```php PHP theme={null}
  $actions = Authsignal::queryActions([
      'userId' => "dc58c6dc-a1fd-4a4f-8e2f-846636dd4833",
      'codes' => "signIn,withdrawFunds", // Comma-separated list of action codes
      'fromDate' => "2024-01-01T00:00:00Z" // ISO 8601 format
  ]);
  ```

  ```go Go theme={null}
  actions, err := client.QueryActions(
      QueryActionsRequest{
          UserId: "dc58c6dc-a1fd-4a4f-8e2f-846636dd4833",
          Codes: "signIn,withdrawFunds", // Comma-separated list of action codes
          FromDate: "2024-01-01T00:00:00Z", // ISO 8601 format
      },
  )
  ```
</CodeGroup>

## Update Action

<Card title="API schema" icon="file-code" href="/api-reference/server-api/update-action" horizontal />

This method lets you manually update the state of an action that was previously tracked.

<CodeGroup>
  ```ts Node.js theme={null}
  const request = {
    userId: "dc58c6dc-a1fd-4a4f-8e2f-846636dd4833",
    action: "signIn",
    idempotencyKey: "83d07321-9bba-4f08-a871-02e2af813b72",
    attributes: {
      state: "REVIEW_REQUIRED",
    },
  };

  const updatedAttributes = await authsignal.updateAction(request);
  ```

  ```csharp C# theme={null}
  var request = new UpdateActionRequest(
      UserId: "dc58c6dc-a1fd-4a4f-8e2f-846636dd4833",
      Action: "signIn",
      IdempotencyKey: "83d07321-9bba-4f08-a871-02e2af813b72",
      Attributes: new ActionAttributes(
          state: UserActionState.REVIEW_REQUIRED
      )
  );

  var updatedAttributes = await authsignal.UpdateAction(request);
  ```

  ```java Java theme={null}
  UpdateActionRequest request = new UpdateActionRequest();
  request.userId = "dc58c6dc-a1fd-4a4f-8e2f-846636dd4833";
  request.action = "signIn";
  request.idempotencyKey = "83d07321-9bba-4f08-a871-02e2af813b72";
  request.attributes = new ActionAttributes();
  request.attributes.state = UserActionState.REVIEW_REQUIRED;

  ActionAttributes updatedAttributes = authsignal.updateAction(request).get();
  ```

  ```ruby Ruby theme={null}
  updatedAttributes = Authsignal.update_action(
      user_id: "dc58c6dc-a1fd-4a4f-8e2f-846636dd4833",
      action: "signIn",
      idempotency_key: "83d07321-9bba-4f08-a871-02e2af813b72",
      attributes: {
          state: "REVIEW_REQUIRED"
      })
  ```

  ```python Python theme={null}
  updatedAttributes = authsignal.update_action(
      user_id="dc58c6dc-a1fd-4a4f-8e2f-846636dd4833",
      action="signIn",
      idempotency_key="83d07321-9bba-4f08-a871-02e2af813b72",
      attributes={
          "state": "REVIEW_REQUIRED"
      }
  )
  ```

  ```PHP PHP theme={null}
  $attributes = array(
      "state" => "REVIEW_REQUIRED",
  );

  $updatedAttributes = Authsignal::updateAction(
      userId: "dc58c6dc-a1fd-4a4f-8e2f-846636dd4833",
      action: "signIn",
      idempotencyKey: "83d07321-9bba-4f08-a871-02e2af813b72",
      attributes: $attributes);
  ```

  ```go Go theme={null}
  updatedAttributes, err := client.UpdateAction(
      UpdateActionRequest{
          UserId: "dc58c6dc-a1fd-4a4f-8e2f-846636dd4833",
          Action: "signIn",
          IdempotencyKey: "83d07321-9bba-4f08-a871-02e2af813b72",
          Attributes: &ActionAttributes{
              State: "REVIEW_REQUIRED",
          },
      },
  )


  ```
</CodeGroup>
