Microsoft-Windows-Security-UserConsentVerifier

2 events across 1 channel

Event ID 100: A user consent verification request using a biometric fingerprint succeeded.

#
Provider
Microsoft-Windows-Security-UserConsentVerifier
Channel
Audit
Task
Verification
Opcode
Result

Description

A user consent verification request using a biometric fingerprint succeeded.

Message #

A user consent verification request using a biometric fingerprint succeeded.

Application: %1
Purpose for consent: %2

Fields #

NameDescription
AppName UnicodeString
AppMessage UnicodeString

Event ID 101: A user consent verification request using a biometric fingerprint failed.

#
Provider
Microsoft-Windows-Security-UserConsentVerifier
Channel
Audit
Task
Verification
Opcode
Result

Description

A user consent verification request using a biometric fingerprint failed.

Message #

A user consent verification request using a biometric fingerprint failed.

Application: %1
Purpose for consent: %2
Reason for consent failure: %3

Fields #

NameDescription
AppName UnicodeString
AppMessage UnicodeString
VerificationResult UInt32

Provenance

Where this provider's schema came from, and which Windows build it was observed on. Windows can change a provider's event schema between builds, so use this to judge whether it matches the build you collect from.

ETW provider GUID 40783728-8921-45d0-b231-919037b4b4fd

Defined in Windows.Security.Credentials.UI.UserConsentVerifier.dll, which carries the event manifest.

Observed on:

  • WS2022-20348.4893 · schema read from the registered manifest · binary version 10.0.20348.1 · captured 2026-06-02
  • Win11-26200.6584 · schema read from the registered manifest · binary version 10.0.26100.1 · captured 2026-06-02

Downloads

Credits

  • Microsoft - authored the ETW manifests and PDBs the schema comes from
  • jdu2600 - the event-schema TSV format this catalog adopted
  • nasbench - the tool that dumps registered providers and manifests