Add ASP.NET Core identity metrics (#2508)

.chloggen/2508.yaml

@@ -0,0 +1,4 @@
+change_type: enhancement
+component: aspnetcore
+note: Add ASP.NET Core Identity metrics and update the registry.
+issues: [2509]

docs/dotnet/dotnet-aspnetcore-metrics.md

@@ -21,6 +21,19 @@ This article defines semantic conventions for ASP.NET Core metrics.
   - [Metric: `aspnetcore.rate_limiting.queued_requests`](#metric-aspnetcorerate_limitingqueued_requests)
   - [Metric: `aspnetcore.rate_limiting.request.time_in_queue`](#metric-aspnetcorerate_limitingrequesttime_in_queue)
   - [Metric: `aspnetcore.rate_limiting.requests`](#metric-aspnetcorerate_limitingrequests)
+- [Identity](#identity)
+  - [Metric: `aspnetcore.identity.user.create.duration`](#metric-aspnetcoreidentityusercreateduration)
+  - [Metric: `aspnetcore.identity.user.update.duration`](#metric-aspnetcoreidentityuserupdateduration)
+  - [Metric: `aspnetcore.identity.user.delete.duration`](#metric-aspnetcoreidentityuserdeleteduration)
+  - [Metric: `aspnetcore.identity.user.check_password_attempts`](#metric-aspnetcoreidentityusercheck_password_attempts)
+  - [Metric: `aspnetcore.identity.user.generated_tokens`](#metric-aspnetcoreidentityusergenerated_tokens)
+  - [Metric: `aspnetcore.identity.user.verify_token_attempts`](#metric-aspnetcoreidentityuserverify_token_attempts)
+  - [Metric: `aspnetcore.identity.sign_in.authenticate.duration`](#metric-aspnetcoreidentitysign_inauthenticateduration)
+  - [Metric: `aspnetcore.identity.sign_in.check_password_attempts`](#metric-aspnetcoreidentitysign_incheck_password_attempts)
+  - [Metric: `aspnetcore.identity.sign_in.sign_ins`](#metric-aspnetcoreidentitysign_insign_ins)
+  - [Metric: `aspnetcore.identity.sign_in.sign_outs`](#metric-aspnetcoreidentitysign_insign_outs)
+  - [Metric: `aspnetcore.identity.sign_in.two_factor_clients_remembered`](#metric-aspnetcoreidentitysign_intwo_factor_clients_remembered)
+  - [Metric: `aspnetcore.identity.sign_in.two_factor_clients_forgotten`](#metric-aspnetcoreidentitysign_intwo_factor_clients_forgotten)
 
 <!-- tocstop -->
 
@@ -89,31 +102,11 @@ Exceptions Metric is reported by the `Microsoft.AspNetCore.Diagnostics` meter.
 
 | Attribute  | Type | Description  | Examples  | [Requirement Level](https://opentelemetry.io/docs/specs/semconv/general/attribute-requirement-level/) | Stability |
 |---|---|---|---|---|---|
-| [`aspnetcore.diagnostics.exception.result`](/docs/registry/attributes/aspnetcore.md) | string | ASP.NET Core exception middleware handling result | `handled`; `unhandled` | `Required` | ![Stable](https://img.shields.io/badge/-stable-lightgreen) |
+| [`aspnetcore.diagnostics.exception.result`](/docs/registry/attributes/aspnetcore.md) | string | ASP.NET Core exception middleware handling result. | `handled`; `unhandled` | `Required` | ![Stable](https://img.shields.io/badge/-stable-lightgreen) |
-| [`error.type`](/docs/registry/attributes/error.md) | string | The full name of exception type. [1] | `System.OperationCanceledException`; `Contoso.MyException` | `Required` | ![Stable](https://img.shields.io/badge/-stable-lightgreen) |
+| [`error.type`](/docs/registry/attributes/error.md) | string | The full name of exception type. | `System.OperationCanceledException`; `Contoso.MyException` | `Required` | ![Stable](https://img.shields.io/badge/-stable-lightgreen) |
-| [`aspnetcore.diagnostics.handler.type`](/docs/registry/attributes/aspnetcore.md) | string | Full type name of the [`IExceptionHandler`](https://learn.microsoft.com/dotnet/api/microsoft.aspnetcore.diagnostics.iexceptionhandler) implementation that handled the exception. | `Contoso.MyHandler` | `Conditionally Required` [2] | ![Stable](https://img.shields.io/badge/-stable-lightgreen) |
+| [`aspnetcore.diagnostics.handler.type`](/docs/registry/attributes/aspnetcore.md) | string | Full type name of the [`IExceptionHandler`](https://learn.microsoft.com/dotnet/api/microsoft.aspnetcore.diagnostics.iexceptionhandler) implementation that handled the exception. | `Contoso.MyHandler` | `Conditionally Required` [1] | ![Stable](https://img.shields.io/badge/-stable-lightgreen) |
 
-**[1] `error.type`:** The `error.type` SHOULD be predictable, and SHOULD have low cardinality.
+**[1] `aspnetcore.diagnostics.handler.type`:** if and only if the exception was handled by this handler.
-
-When `error.type` is set to a type (e.g., an exception type), its
-canonical class name identifying the type within the artifact SHOULD be used.
-
-Instrumentations SHOULD document the list of errors they report.
-
-The cardinality of `error.type` within one instrumentation library SHOULD be low.
-Telemetry consumers that aggregate data from multiple instrumentation libraries and applications
-should be prepared for `error.type` to have high cardinality at query time when no
-additional filters are applied.
-
-If the operation has completed successfully, instrumentations SHOULD NOT set `error.type`.
-
-If a specific domain defines its own set of error identifiers (such as HTTP or gRPC status codes),
-it's RECOMMENDED to:
-
-- Use a domain-specific attribute
-- Set `error.type` to capture all errors, regardless of whether they are defined within the domain-specific set or not.
-
-**[2] `aspnetcore.diagnostics.handler.type`:** if and only if the exception was handled by this handler.
 
 ---
 
@@ -310,4 +303,576 @@ Meter name: `Microsoft.AspNetCore.RateLimiting`; Added in: ASP.NET Core 8.0
 <!-- END AUTOGENERATED TEXT -->
 <!-- endsemconv -->
 
+## Identity
+
+All ASP.NET Core Identity metrics are reported by the `Microsoft.AspNetCore.Identity` meter.
+
+### Metric: `aspnetcore.identity.user.create.duration`
+
+<!-- semconv metric.aspnetcore.identity.user.create.duration -->
+<!-- NOTE: THIS TEXT IS AUTOGENERATED. DO NOT EDIT BY HAND. -->
+<!-- see templates/registry/markdown/snippet.md.j2 -->
+<!-- prettier-ignore-start -->
+<!-- markdownlint-capture -->
+<!-- markdownlint-disable -->
+
+| Name     | Instrument Type | Unit (UCUM) | Description    | Stability | Entity Associations |
+| -------- | --------------- | ----------- | -------------- | --------- | ------ |
+| `aspnetcore.identity.user.create.duration` | Histogram | `s` | The duration of user creation operations. [1] | ![Development](https://img.shields.io/badge/-development-blue) |  |
+
+**[1]:** Meter name: `Microsoft.AspNetCore.Identity`; Added in: ASP.NET Core 10.0
+
+| Attribute  | Type | Description  | Examples  | [Requirement Level](https://opentelemetry.io/docs/specs/semconv/general/attribute-requirement-level/) | Stability |
+|---|---|---|---|---|---|
+| [`aspnetcore.identity.user_type`](/docs/registry/attributes/aspnetcore.md) | string | The full name of the identity user type. | `Contoso.ContosoUser` | `Required` | ![Development](https://img.shields.io/badge/-development-blue) |
+| [`aspnetcore.identity.error_code`](/docs/registry/attributes/aspnetcore.md) | string | The error code for a failed identity operation. | `DefaultError`; `PasswordMismatch` | `Conditionally Required` if an error was set on a failed identity result. | ![Development](https://img.shields.io/badge/-development-blue) |
+| [`aspnetcore.identity.result`](/docs/registry/attributes/aspnetcore.md) | string | The result of the identity operation. | `success`; `failure` | `Conditionally Required` if no exception was thrown. | ![Development](https://img.shields.io/badge/-development-blue) |
+| [`error.type`](/docs/registry/attributes/error.md) | string | The full name of exception type or the identity error code. | `System.OperationCanceledException`; `PasswordMismatch` | `Conditionally Required` if and only if an error has occurred. | ![Stable](https://img.shields.io/badge/-stable-lightgreen) |
+
+---
+
+`aspnetcore.identity.result` has the following list of well-known values. If one of them applies, then the respective value MUST be used; otherwise, a custom value MAY be used.
+
+| Value  | Description | Stability |
+|---|---|---|
+| `failure` | Identity operation failed. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `success` | Identity operation was successful. | ![Development](https://img.shields.io/badge/-development-blue) |
+
+---
+
+`error.type` has the following list of well-known values. If one of them applies, then the respective value MUST be used; otherwise, a custom value MAY be used.
+
+| Value  | Description | Stability |
+|---|---|---|
+| `_OTHER` | A fallback error value to be used when the instrumentation doesn't define a custom value. | ![Stable](https://img.shields.io/badge/-stable-lightgreen) |
+
+<!-- markdownlint-restore -->
+<!-- prettier-ignore-end -->
+<!-- END AUTOGENERATED TEXT -->
+<!-- endsemconv -->
+
+### Metric: `aspnetcore.identity.user.update.duration`
+
+<!-- semconv metric.aspnetcore.identity.user.update.duration -->
+<!-- NOTE: THIS TEXT IS AUTOGENERATED. DO NOT EDIT BY HAND. -->
+<!-- see templates/registry/markdown/snippet.md.j2 -->
+<!-- prettier-ignore-start -->
+<!-- markdownlint-capture -->
+<!-- markdownlint-disable -->
+
+| Name     | Instrument Type | Unit (UCUM) | Description    | Stability | Entity Associations |
+| -------- | --------------- | ----------- | -------------- | --------- | ------ |
+| `aspnetcore.identity.user.update.duration` | Histogram | `s` | The duration of user update operations. [1] | ![Development](https://img.shields.io/badge/-development-blue) |  |
+
+**[1]:** Meter name: `Microsoft.AspNetCore.Identity`; Added in: ASP.NET Core 10.0
+
+| Attribute  | Type | Description  | Examples  | [Requirement Level](https://opentelemetry.io/docs/specs/semconv/general/attribute-requirement-level/) | Stability |
+|---|---|---|---|---|---|
+| [`aspnetcore.identity.user.update_type`](/docs/registry/attributes/aspnetcore.md) | string | The user update type. | `update`; `user_name`; `reset_password` | `Required` | ![Development](https://img.shields.io/badge/-development-blue) |
+| [`aspnetcore.identity.user_type`](/docs/registry/attributes/aspnetcore.md) | string | The full name of the identity user type. | `Contoso.ContosoUser` | `Required` | ![Development](https://img.shields.io/badge/-development-blue) |
+| [`aspnetcore.identity.error_code`](/docs/registry/attributes/aspnetcore.md) | string | The error code for a failed identity operation. | `DefaultError`; `PasswordMismatch` | `Conditionally Required` if an error was set on a failed identity result. | ![Development](https://img.shields.io/badge/-development-blue) |
+| [`aspnetcore.identity.result`](/docs/registry/attributes/aspnetcore.md) | string | The result of the identity operation. | `success`; `failure` | `Conditionally Required` if no exception was thrown. | ![Development](https://img.shields.io/badge/-development-blue) |
+| [`error.type`](/docs/registry/attributes/error.md) | string | The full name of exception type or the identity error code. | `System.OperationCanceledException`; `PasswordMismatch` | `Conditionally Required` if and only if an error has occurred. | ![Stable](https://img.shields.io/badge/-stable-lightgreen) |
+
+---
+
+`aspnetcore.identity.result` has the following list of well-known values. If one of them applies, then the respective value MUST be used; otherwise, a custom value MAY be used.
+
+| Value  | Description | Stability |
+|---|---|---|
+| `failure` | Identity operation failed. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `success` | Identity operation was successful. | ![Development](https://img.shields.io/badge/-development-blue) |
+
+---
+
+`aspnetcore.identity.user.update_type` has the following list of well-known values. If one of them applies, then the respective value MUST be used; otherwise, a custom value MAY be used.
+
+| Value  | Description | Stability |
+|---|---|---|
+| `_OTHER` | Any update type that the instrumentation has no prior knowledge of. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `access_failed` | Identity user access failure recorded. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `add_claims` | Identity user claims added. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `add_login` | Identity user login added. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `add_password` | Identity user password added. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `add_to_roles` | Identity user added to roles. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `change_email` | Identity user email changed. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `change_password` | Identity user password changed. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `change_phone_number` | Identity user phone number changed. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `confirm_email` | Identity user email confirmed. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `generate_new_two_factor_recovery_codes` | Identity user new two-factor recovery codes generated. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `password_rehash` | Identity user password rehashed. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `redeem_two_factor_recovery_code` | Identity user two-factor recovery code redeemed. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `remove_authentication_token` | Identity user authentication token removed. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `remove_claims` | Identity user claims removed. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `remove_from_roles` | Identity user removed from roles. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `remove_login` | Identity user login removed. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `remove_passkey` | Identity user passkey removed. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `remove_password` | Identity user password removed. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `replace_claim` | Identity user claim replaced. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `reset_access_failed_count` | Identity user access failure count reset. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `reset_authenticator_key` | Identity user authenticator key reset. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `reset_password` | Identity user password reset. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `security_stamp` | Identity user security stamp updated. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `set_authentication_token` | Identity user authentication token set. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `set_email` | Identity user email set. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `set_lockout_enabled` | Identity user lockout enabled or disabled. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `set_lockout_end_date` | Identity user lockout end date set. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `set_passkey` | Identity user passkey set. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `set_phone_number` | Identity user phone number set. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `set_two_factor_enabled` | Identity user two-factor authentication enabled or disabled. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `update` | Identity user updated. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `user_name` | Identity user name updated. | ![Development](https://img.shields.io/badge/-development-blue) |
+
+---
+
+`error.type` has the following list of well-known values. If one of them applies, then the respective value MUST be used; otherwise, a custom value MAY be used.
+
+| Value  | Description | Stability |
+|---|---|---|
+| `_OTHER` | A fallback error value to be used when the instrumentation doesn't define a custom value. | ![Stable](https://img.shields.io/badge/-stable-lightgreen) |
+
+<!-- markdownlint-restore -->
+<!-- prettier-ignore-end -->
+<!-- END AUTOGENERATED TEXT -->
+<!-- endsemconv -->
+
+### Metric: `aspnetcore.identity.user.delete.duration`
+
+<!-- semconv metric.aspnetcore.identity.user.delete.duration -->
+<!-- NOTE: THIS TEXT IS AUTOGENERATED. DO NOT EDIT BY HAND. -->
+<!-- see templates/registry/markdown/snippet.md.j2 -->
+<!-- prettier-ignore-start -->
+<!-- markdownlint-capture -->
+<!-- markdownlint-disable -->
+
+| Name     | Instrument Type | Unit (UCUM) | Description    | Stability | Entity Associations |
+| -------- | --------------- | ----------- | -------------- | --------- | ------ |
+| `aspnetcore.identity.user.delete.duration` | Histogram | `s` | The duration of user deletion operations. [1] | ![Development](https://img.shields.io/badge/-development-blue) |  |
+
+**[1]:** Meter name: `Microsoft.AspNetCore.Identity`; Added in: ASP.NET Core 10.0
+
+| Attribute  | Type | Description  | Examples  | [Requirement Level](https://opentelemetry.io/docs/specs/semconv/general/attribute-requirement-level/) | Stability |
+|---|---|---|---|---|---|
+| [`aspnetcore.identity.user_type`](/docs/registry/attributes/aspnetcore.md) | string | The full name of the identity user type. | `Contoso.ContosoUser` | `Required` | ![Development](https://img.shields.io/badge/-development-blue) |
+| [`aspnetcore.identity.error_code`](/docs/registry/attributes/aspnetcore.md) | string | The error code for a failed identity operation. | `DefaultError`; `PasswordMismatch` | `Conditionally Required` if an error was set on a failed identity result. | ![Development](https://img.shields.io/badge/-development-blue) |
+| [`aspnetcore.identity.result`](/docs/registry/attributes/aspnetcore.md) | string | The result of the identity operation. | `success`; `failure` | `Conditionally Required` if no exception was thrown. | ![Development](https://img.shields.io/badge/-development-blue) |
+| [`error.type`](/docs/registry/attributes/error.md) | string | The full name of exception type or the identity error code. | `System.OperationCanceledException`; `PasswordMismatch` | `Conditionally Required` if and only if an error has occurred. | ![Stable](https://img.shields.io/badge/-stable-lightgreen) |
+
+---
+
+`aspnetcore.identity.result` has the following list of well-known values. If one of them applies, then the respective value MUST be used; otherwise, a custom value MAY be used.
+
+| Value  | Description | Stability |
+|---|---|---|
+| `failure` | Identity operation failed. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `success` | Identity operation was successful. | ![Development](https://img.shields.io/badge/-development-blue) |
+
+---
+
+`error.type` has the following list of well-known values. If one of them applies, then the respective value MUST be used; otherwise, a custom value MAY be used.
+
+| Value  | Description | Stability |
+|---|---|---|
+| `_OTHER` | A fallback error value to be used when the instrumentation doesn't define a custom value. | ![Stable](https://img.shields.io/badge/-stable-lightgreen) |
+
+<!-- markdownlint-restore -->
+<!-- prettier-ignore-end -->
+<!-- END AUTOGENERATED TEXT -->
+<!-- endsemconv -->
+
+### Metric: `aspnetcore.identity.user.check_password_attempts`
+
+<!-- semconv metric.aspnetcore.identity.user.check_password_attempts -->
+<!-- NOTE: THIS TEXT IS AUTOGENERATED. DO NOT EDIT BY HAND. -->
+<!-- see templates/registry/markdown/snippet.md.j2 -->
+<!-- prettier-ignore-start -->
+<!-- markdownlint-capture -->
+<!-- markdownlint-disable -->
+
+| Name     | Instrument Type | Unit (UCUM) | Description    | Stability | Entity Associations |
+| -------- | --------------- | ----------- | -------------- | --------- | ------ |
+| `aspnetcore.identity.user.check_password_attempts` | Counter | `{attempt}` | The number of check password attempts. Only checks whether the password is valid and not whether the user account is in a state that can log in. [1] | ![Development](https://img.shields.io/badge/-development-blue) |  |
+
+**[1]:** Meter name: `Microsoft.AspNetCore.Identity`; Added in: ASP.NET Core 10.0
+
+| Attribute  | Type | Description  | Examples  | [Requirement Level](https://opentelemetry.io/docs/specs/semconv/general/attribute-requirement-level/) | Stability |
+|---|---|---|---|---|---|
+| [`aspnetcore.identity.user_type`](/docs/registry/attributes/aspnetcore.md) | string | The full name of the identity user type. | `Contoso.ContosoUser` | `Required` | ![Development](https://img.shields.io/badge/-development-blue) |
+| [`aspnetcore.identity.password_check_result`](/docs/registry/attributes/aspnetcore.md) | string | The result from checking the password. | `success`; `failure` | `Conditionally Required` if no exception was thrown. | ![Development](https://img.shields.io/badge/-development-blue) |
+| [`error.type`](/docs/registry/attributes/error.md) | string | The full name of exception type. | `System.OperationCanceledException` | `Conditionally Required` if and only if an error has occurred. | ![Stable](https://img.shields.io/badge/-stable-lightgreen) |
+
+---
+
+`aspnetcore.identity.password_check_result` has the following list of well-known values. If one of them applies, then the respective value MUST be used; otherwise, a custom value MAY be used.
+
+| Value  | Description | Stability |
+|---|---|---|
+| `failure` | Password check failed. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `password_missing` | Password check couldn't proceed because the password was missing from the user. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `success` | Password check was successful. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `success_rehash_needed` | Password check was successful however the password was encoded using a deprecated algorithm and should be rehashed and updated. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `user_missing` | Password check couldn't proceed because the user was missing. | ![Development](https://img.shields.io/badge/-development-blue) |
+
+---
+
+`error.type` has the following list of well-known values. If one of them applies, then the respective value MUST be used; otherwise, a custom value MAY be used.
+
+| Value  | Description | Stability |
+|---|---|---|
+| `_OTHER` | A fallback error value to be used when the instrumentation doesn't define a custom value. | ![Stable](https://img.shields.io/badge/-stable-lightgreen) |
+
+<!-- markdownlint-restore -->
+<!-- prettier-ignore-end -->
+<!-- END AUTOGENERATED TEXT -->
+<!-- endsemconv -->
+
+### Metric: `aspnetcore.identity.user.generated_tokens`
+
+<!-- semconv metric.aspnetcore.identity.user.generated_tokens -->
+<!-- NOTE: THIS TEXT IS AUTOGENERATED. DO NOT EDIT BY HAND. -->
+<!-- see templates/registry/markdown/snippet.md.j2 -->
+<!-- prettier-ignore-start -->
+<!-- markdownlint-capture -->
+<!-- markdownlint-disable -->
+
+| Name     | Instrument Type | Unit (UCUM) | Description    | Stability | Entity Associations |
+| -------- | --------------- | ----------- | -------------- | --------- | ------ |
+| `aspnetcore.identity.user.generated_tokens` | Counter | `{count}` | The total number of token generations. [1] | ![Development](https://img.shields.io/badge/-development-blue) |  |
+
+**[1]:** Meter name: `Microsoft.AspNetCore.Identity`; Added in: ASP.NET Core 10.0
+
+| Attribute  | Type | Description  | Examples  | [Requirement Level](https://opentelemetry.io/docs/specs/semconv/general/attribute-requirement-level/) | Stability |
+|---|---|---|---|---|---|
+| [`aspnetcore.identity.token_purpose`](/docs/registry/attributes/aspnetcore.md) | string | What the token will be used for. | `success`; `failure` | `Required` | ![Development](https://img.shields.io/badge/-development-blue) |
+| [`aspnetcore.identity.user_type`](/docs/registry/attributes/aspnetcore.md) | string | The full name of the identity user type. | `Contoso.ContosoUser` | `Required` | ![Development](https://img.shields.io/badge/-development-blue) |
+| [`error.type`](/docs/registry/attributes/error.md) | string | The full name of exception type. | `System.OperationCanceledException` | `Conditionally Required` if and only if an error has occurred. | ![Stable](https://img.shields.io/badge/-stable-lightgreen) |
+
+---
+
+`aspnetcore.identity.token_purpose` has the following list of well-known values. If one of them applies, then the respective value MUST be used; otherwise, a custom value MAY be used.
+
+| Value  | Description | Stability |
+|---|---|---|
+| `_OTHER` | Any token purpose that the instrumentation has no prior knowledge of. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `change_email` | The token is for changing the user email address. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `change_phone_number` | The token is for changing a user phone number. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `email_confirmation` | The token is for confirming user email address. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `reset_password` | The token is for resetting a user password. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `two_factor` | The token is for changing user two factor settings. | ![Development](https://img.shields.io/badge/-development-blue) |
+
+---
+
+`error.type` has the following list of well-known values. If one of them applies, then the respective value MUST be used; otherwise, a custom value MAY be used.
+
+| Value  | Description | Stability |
+|---|---|---|
+| `_OTHER` | A fallback error value to be used when the instrumentation doesn't define a custom value. | ![Stable](https://img.shields.io/badge/-stable-lightgreen) |
+
+<!-- markdownlint-restore -->
+<!-- prettier-ignore-end -->
+<!-- END AUTOGENERATED TEXT -->
+<!-- endsemconv -->
+
+### Metric: `aspnetcore.identity.user.verify_token_attempts`
+
+<!-- semconv metric.aspnetcore.identity.user.verify_token_attempts -->
+<!-- NOTE: THIS TEXT IS AUTOGENERATED. DO NOT EDIT BY HAND. -->
+<!-- see templates/registry/markdown/snippet.md.j2 -->
+<!-- prettier-ignore-start -->
+<!-- markdownlint-capture -->
+<!-- markdownlint-disable -->
+
+| Name     | Instrument Type | Unit (UCUM) | Description    | Stability | Entity Associations |
+| -------- | --------------- | ----------- | -------------- | --------- | ------ |
+| `aspnetcore.identity.user.verify_token_attempts` | Counter | `{attempt}` | The total number of token verification attempts. [1] | ![Development](https://img.shields.io/badge/-development-blue) |  |
+
+**[1]:** Meter name: `Microsoft.AspNetCore.Identity`; Added in: ASP.NET Core 10.0
+
+| Attribute  | Type | Description  | Examples  | [Requirement Level](https://opentelemetry.io/docs/specs/semconv/general/attribute-requirement-level/) | Stability |
+|---|---|---|---|---|---|
+| [`aspnetcore.identity.token_purpose`](/docs/registry/attributes/aspnetcore.md) | string | What the token will be used for. | `success`; `failure` | `Required` | ![Development](https://img.shields.io/badge/-development-blue) |
+| [`aspnetcore.identity.user_type`](/docs/registry/attributes/aspnetcore.md) | string | The full name of the identity user type. | `Contoso.ContosoUser` | `Required` | ![Development](https://img.shields.io/badge/-development-blue) |
+| [`aspnetcore.identity.token_verified`](/docs/registry/attributes/aspnetcore.md) | string | The result of token verification. | `success`; `failure` | `Conditionally Required` if no exception was thrown. | ![Development](https://img.shields.io/badge/-development-blue) |
+| [`error.type`](/docs/registry/attributes/error.md) | string | The full name of exception type. | `System.OperationCanceledException` | `Conditionally Required` if and only if an error has occurred. | ![Stable](https://img.shields.io/badge/-stable-lightgreen) |
+
+---
+
+`aspnetcore.identity.token_purpose` has the following list of well-known values. If one of them applies, then the respective value MUST be used; otherwise, a custom value MAY be used.
+
+| Value  | Description | Stability |
+|---|---|---|
+| `_OTHER` | Any token purpose that the instrumentation has no prior knowledge of. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `change_email` | The token is for changing the user email address. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `change_phone_number` | The token is for changing a user phone number. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `email_confirmation` | The token is for confirming user email address. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `reset_password` | The token is for resetting a user password. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `two_factor` | The token is for changing user two factor settings. | ![Development](https://img.shields.io/badge/-development-blue) |
+
+---
+
+`aspnetcore.identity.token_verified` has the following list of well-known values. If one of them applies, then the respective value MUST be used; otherwise, a custom value MAY be used.
+
+| Value  | Description | Stability |
+|---|---|---|
+| `failure` | Token verification failed. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `success` | Token verification was successful. | ![Development](https://img.shields.io/badge/-development-blue) |
+
+---
+
+`error.type` has the following list of well-known values. If one of them applies, then the respective value MUST be used; otherwise, a custom value MAY be used.
+
+| Value  | Description | Stability |
+|---|---|---|
+| `_OTHER` | A fallback error value to be used when the instrumentation doesn't define a custom value. | ![Stable](https://img.shields.io/badge/-stable-lightgreen) |
+
+<!-- markdownlint-restore -->
+<!-- prettier-ignore-end -->
+<!-- END AUTOGENERATED TEXT -->
+<!-- endsemconv -->
+
+### Metric: `aspnetcore.identity.sign_in.authenticate.duration`
+
+<!-- semconv metric.aspnetcore.identity.sign_in.authenticate.duration -->
+<!-- NOTE: THIS TEXT IS AUTOGENERATED. DO NOT EDIT BY HAND. -->
+<!-- see templates/registry/markdown/snippet.md.j2 -->
+<!-- prettier-ignore-start -->
+<!-- markdownlint-capture -->
+<!-- markdownlint-disable -->
+
+| Name     | Instrument Type | Unit (UCUM) | Description    | Stability | Entity Associations |
+| -------- | --------------- | ----------- | -------------- | --------- | ------ |
+| `aspnetcore.identity.sign_in.authenticate.duration` | Histogram | `s` | The duration of authenticate attempts. The authenticate metrics is recorded by sign in methods such as PasswordSignInAsync and TwoFactorSignInAsync. [1] | ![Development](https://img.shields.io/badge/-development-blue) |  |
+
+**[1]:** Meter name: `Microsoft.AspNetCore.Identity`; Added in: ASP.NET Core 10.0
+
+| Attribute  | Type | Description  | Examples  | [Requirement Level](https://opentelemetry.io/docs/specs/semconv/general/attribute-requirement-level/) | Stability |
+|---|---|---|---|---|---|
+| [`aspnetcore.authentication_scheme`](/docs/registry/attributes/aspnetcore.md) | string | The authentication scheme to sign in with. | `Identity.Application` | `Required` | ![Development](https://img.shields.io/badge/-development-blue) |
+| [`aspnetcore.identity.sign_in.type`](/docs/registry/attributes/aspnetcore.md) | string | The authentication type. | `password`; `two_factor` | `Required` | ![Development](https://img.shields.io/badge/-development-blue) |
+| [`aspnetcore.identity.user_type`](/docs/registry/attributes/aspnetcore.md) | string | The full name of the identity user type. | `Contoso.ContosoUser` | `Required` | ![Development](https://img.shields.io/badge/-development-blue) |
+| [`aspnetcore.identity.sign_in.result`](/docs/registry/attributes/aspnetcore.md) | string | Whether the sign in result was success or failure. | `password`; `two_factor` | `Conditionally Required` if no exception was thrown. | ![Development](https://img.shields.io/badge/-development-blue) |
+| [`aspnetcore.sign_in.is_persistent`](/docs/registry/attributes/aspnetcore.md) | boolean | A flag indicating whether the sign in is persistent. |  | `Conditionally Required` if no exception was thrown. | ![Development](https://img.shields.io/badge/-development-blue) |
+| [`error.type`](/docs/registry/attributes/error.md) | string | The full name of exception type. | `System.OperationCanceledException` | `Conditionally Required` if and only if an error has occurred. | ![Stable](https://img.shields.io/badge/-stable-lightgreen) |
+
+---
+
+`aspnetcore.identity.sign_in.result` has the following list of well-known values. If one of them applies, then the respective value MUST be used; otherwise, a custom value MAY be used.
+
+| Value  | Description | Stability |
+|---|---|---|
+| `failure` | Sign in failed. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `locked_out` | User is locked out. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `not_allowed` | User is not allowed to sign in. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `requires_two_factor` | User requires two factory authentication to sign in. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `success` | Sign in was successful. | ![Development](https://img.shields.io/badge/-development-blue) |
+
+---
+
+`aspnetcore.identity.sign_in.type` has the following list of well-known values. If one of them applies, then the respective value MUST be used; otherwise, a custom value MAY be used.
+
+| Value  | Description | Stability |
+|---|---|---|
+| `external` | Sign in with a previously registered third-party login. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `passkey` | Sign in with passkey. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `password` | Sign in with password. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `two_factor` | Sign in with a two factor provider. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `two_factor_authenticator` | Sign in with two factor authenticator app. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `two_factor_recovery_code` | Sign in with two factory recovery code. | ![Development](https://img.shields.io/badge/-development-blue) |
+
+---
+
+`error.type` has the following list of well-known values. If one of them applies, then the respective value MUST be used; otherwise, a custom value MAY be used.
+
+| Value  | Description | Stability |
+|---|---|---|
+| `_OTHER` | A fallback error value to be used when the instrumentation doesn't define a custom value. | ![Stable](https://img.shields.io/badge/-stable-lightgreen) |
+
+<!-- markdownlint-restore -->
+<!-- prettier-ignore-end -->
+<!-- END AUTOGENERATED TEXT -->
+<!-- endsemconv -->
+
+### Metric: `aspnetcore.identity.sign_in.check_password_attempts`
+
+<!-- semconv metric.aspnetcore.identity.sign_in.check_password_attempts -->
+<!-- NOTE: THIS TEXT IS AUTOGENERATED. DO NOT EDIT BY HAND. -->
+<!-- see templates/registry/markdown/snippet.md.j2 -->
+<!-- prettier-ignore-start -->
+<!-- markdownlint-capture -->
+<!-- markdownlint-disable -->
+
+| Name     | Instrument Type | Unit (UCUM) | Description    | Stability | Entity Associations |
+| -------- | --------------- | ----------- | -------------- | --------- | ------ |
+| `aspnetcore.identity.sign_in.check_password_attempts` | Counter | `{attempt}` | The total number of check password attempts. Checks that the account is in a state that can log in and that the password is valid using the UserManager.CheckPasswordAsync method. [1] | ![Development](https://img.shields.io/badge/-development-blue) |  |
+
+**[1]:** Meter name: `Microsoft.AspNetCore.Identity`; Added in: ASP.NET Core 10.0
+
+| Attribute  | Type | Description  | Examples  | [Requirement Level](https://opentelemetry.io/docs/specs/semconv/general/attribute-requirement-level/) | Stability |
+|---|---|---|---|---|---|
+| [`aspnetcore.identity.user_type`](/docs/registry/attributes/aspnetcore.md) | string | The full name of the identity user type. | `Contoso.ContosoUser` | `Required` | ![Development](https://img.shields.io/badge/-development-blue) |
+| [`aspnetcore.identity.sign_in.result`](/docs/registry/attributes/aspnetcore.md) | string | Whether the sign in result was success or failure. | `password`; `two_factor` | `Conditionally Required` if no exception was thrown. | ![Development](https://img.shields.io/badge/-development-blue) |
+| [`error.type`](/docs/registry/attributes/error.md) | string | The full name of exception type. | `System.OperationCanceledException` | `Conditionally Required` if and only if an error has occurred. | ![Stable](https://img.shields.io/badge/-stable-lightgreen) |
+
+---
+
+`aspnetcore.identity.sign_in.result` has the following list of well-known values. If one of them applies, then the respective value MUST be used; otherwise, a custom value MAY be used.
+
+| Value  | Description | Stability |
+|---|---|---|
+| `failure` | Sign in failed. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `locked_out` | User is locked out. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `not_allowed` | User is not allowed to sign in. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `requires_two_factor` | User requires two factory authentication to sign in. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `success` | Sign in was successful. | ![Development](https://img.shields.io/badge/-development-blue) |
+
+---
+
+`error.type` has the following list of well-known values. If one of them applies, then the respective value MUST be used; otherwise, a custom value MAY be used.
+
+| Value  | Description | Stability |
+|---|---|---|
+| `_OTHER` | A fallback error value to be used when the instrumentation doesn't define a custom value. | ![Stable](https://img.shields.io/badge/-stable-lightgreen) |
+
+<!-- markdownlint-restore -->
+<!-- prettier-ignore-end -->
+<!-- END AUTOGENERATED TEXT -->
+<!-- endsemconv -->
+
+### Metric: `aspnetcore.identity.sign_in.sign_ins`
+
+<!-- semconv metric.aspnetcore.identity.sign_in.sign_ins -->
+<!-- NOTE: THIS TEXT IS AUTOGENERATED. DO NOT EDIT BY HAND. -->
+<!-- see templates/registry/markdown/snippet.md.j2 -->
+<!-- prettier-ignore-start -->
+<!-- markdownlint-capture -->
+<!-- markdownlint-disable -->
+
+| Name     | Instrument Type | Unit (UCUM) | Description    | Stability | Entity Associations |
+| -------- | --------------- | ----------- | -------------- | --------- | ------ |
+| `aspnetcore.identity.sign_in.sign_ins` | Counter | `{sign_in}` | The total number of calls to sign in user principals. [1] | ![Development](https://img.shields.io/badge/-development-blue) |  |
+
+**[1]:** Meter name: `Microsoft.AspNetCore.Identity`; Added in: ASP.NET Core 10.0
+
+| Attribute  | Type | Description  | Examples  | [Requirement Level](https://opentelemetry.io/docs/specs/semconv/general/attribute-requirement-level/) | Stability |
+|---|---|---|---|---|---|
+| [`aspnetcore.authentication_scheme`](/docs/registry/attributes/aspnetcore.md) | string | The authentication scheme to sign in with. | `Identity.Application` | `Required` | ![Development](https://img.shields.io/badge/-development-blue) |
+| [`aspnetcore.identity.user_type`](/docs/registry/attributes/aspnetcore.md) | string | The full name of the identity user type. | `Contoso.ContosoUser` | `Required` | ![Development](https://img.shields.io/badge/-development-blue) |
+| [`aspnetcore.sign_in.is_persistent`](/docs/registry/attributes/aspnetcore.md) | boolean | A flag indicating whether the sign in is persistent. |  | `Conditionally Required` if no exception was thrown. | ![Development](https://img.shields.io/badge/-development-blue) |
+| [`error.type`](/docs/registry/attributes/error.md) | string | The full name of exception type. | `System.OperationCanceledException` | `Conditionally Required` if and only if an error has occurred. | ![Stable](https://img.shields.io/badge/-stable-lightgreen) |
+
+---
+
+`error.type` has the following list of well-known values. If one of them applies, then the respective value MUST be used; otherwise, a custom value MAY be used.
+
+| Value  | Description | Stability |
+|---|---|---|
+| `_OTHER` | A fallback error value to be used when the instrumentation doesn't define a custom value. | ![Stable](https://img.shields.io/badge/-stable-lightgreen) |
+
+<!-- markdownlint-restore -->
+<!-- prettier-ignore-end -->
+<!-- END AUTOGENERATED TEXT -->
+<!-- endsemconv -->
+
+### Metric: `aspnetcore.identity.sign_in.sign_outs`
+
+<!-- semconv metric.aspnetcore.identity.sign_in.sign_outs -->
+<!-- NOTE: THIS TEXT IS AUTOGENERATED. DO NOT EDIT BY HAND. -->
+<!-- see templates/registry/markdown/snippet.md.j2 -->
+<!-- prettier-ignore-start -->
+<!-- markdownlint-capture -->
+<!-- markdownlint-disable -->
+
+| Name     | Instrument Type | Unit (UCUM) | Description    | Stability | Entity Associations |
+| -------- | --------------- | ----------- | -------------- | --------- | ------ |
+| `aspnetcore.identity.sign_in.sign_outs` | Counter | `{sign_out}` | The total number of calls to sign out user principals. [1] | ![Development](https://img.shields.io/badge/-development-blue) |  |
+
+**[1]:** Meter name: `Microsoft.AspNetCore.Identity`; Added in: ASP.NET Core 10.0
+
+| Attribute  | Type | Description  | Examples  | [Requirement Level](https://opentelemetry.io/docs/specs/semconv/general/attribute-requirement-level/) | Stability |
+|---|---|---|---|---|---|
+| [`aspnetcore.authentication_scheme`](/docs/registry/attributes/aspnetcore.md) | string | The authentication scheme to sign in with. | `Identity.Application` | `Required` | ![Development](https://img.shields.io/badge/-development-blue) |
+| [`aspnetcore.identity.user_type`](/docs/registry/attributes/aspnetcore.md) | string | The full name of the identity user type. | `Contoso.ContosoUser` | `Required` | ![Development](https://img.shields.io/badge/-development-blue) |
+| [`error.type`](/docs/registry/attributes/error.md) | string | The full name of exception type. | `System.OperationCanceledException` | `Conditionally Required` if and only if an error has occurred. | ![Stable](https://img.shields.io/badge/-stable-lightgreen) |
+
+---
+
+`error.type` has the following list of well-known values. If one of them applies, then the respective value MUST be used; otherwise, a custom value MAY be used.
+
+| Value  | Description | Stability |
+|---|---|---|
+| `_OTHER` | A fallback error value to be used when the instrumentation doesn't define a custom value. | ![Stable](https://img.shields.io/badge/-stable-lightgreen) |
+
+<!-- markdownlint-restore -->
+<!-- prettier-ignore-end -->
+<!-- END AUTOGENERATED TEXT -->
+<!-- endsemconv -->
+
+### Metric: `aspnetcore.identity.sign_in.two_factor_clients_remembered`
+
+<!-- semconv metric.aspnetcore.identity.sign_in.two_factor_clients_remembered -->
+<!-- NOTE: THIS TEXT IS AUTOGENERATED. DO NOT EDIT BY HAND. -->
+<!-- see templates/registry/markdown/snippet.md.j2 -->
+<!-- prettier-ignore-start -->
+<!-- markdownlint-capture -->
+<!-- markdownlint-disable -->
+
+| Name     | Instrument Type | Unit (UCUM) | Description    | Stability | Entity Associations |
+| -------- | --------------- | ----------- | -------------- | --------- | ------ |
+| `aspnetcore.identity.sign_in.two_factor_clients_remembered` | Counter | `{client}` | The total number of two factor clients remembered. [1] | ![Development](https://img.shields.io/badge/-development-blue) |  |
+
+**[1]:** Meter name: `Microsoft.AspNetCore.Identity`; Added in: ASP.NET Core 10.0
+
+| Attribute  | Type | Description  | Examples  | [Requirement Level](https://opentelemetry.io/docs/specs/semconv/general/attribute-requirement-level/) | Stability |
+|---|---|---|---|---|---|
+| [`aspnetcore.authentication_scheme`](/docs/registry/attributes/aspnetcore.md) | string | The authentication scheme to sign in with. | `Identity.Application` | `Required` | ![Development](https://img.shields.io/badge/-development-blue) |
+| [`aspnetcore.identity.user_type`](/docs/registry/attributes/aspnetcore.md) | string | The full name of the identity user type. | `Contoso.ContosoUser` | `Required` | ![Development](https://img.shields.io/badge/-development-blue) |
+| [`error.type`](/docs/registry/attributes/error.md) | string | The full name of exception type. | `System.OperationCanceledException` | `Conditionally Required` if and only if an error has occurred. | ![Stable](https://img.shields.io/badge/-stable-lightgreen) |
+
+---
+
+`error.type` has the following list of well-known values. If one of them applies, then the respective value MUST be used; otherwise, a custom value MAY be used.
+
+| Value  | Description | Stability |
+|---|---|---|
+| `_OTHER` | A fallback error value to be used when the instrumentation doesn't define a custom value. | ![Stable](https://img.shields.io/badge/-stable-lightgreen) |
+
+<!-- markdownlint-restore -->
+<!-- prettier-ignore-end -->
+<!-- END AUTOGENERATED TEXT -->
+<!-- endsemconv -->
+
+### Metric: `aspnetcore.identity.sign_in.two_factor_clients_forgotten`
+
+<!-- semconv metric.aspnetcore.identity.sign_in.two_factor_clients_forgotten -->
+<!-- NOTE: THIS TEXT IS AUTOGENERATED. DO NOT EDIT BY HAND. -->
+<!-- see templates/registry/markdown/snippet.md.j2 -->
+<!-- prettier-ignore-start -->
+<!-- markdownlint-capture -->
+<!-- markdownlint-disable -->
+
+| Name     | Instrument Type | Unit (UCUM) | Description    | Stability | Entity Associations |
+| -------- | --------------- | ----------- | -------------- | --------- | ------ |
+| `aspnetcore.identity.sign_in.two_factor_clients_forgotten` | Counter | `{client}` | The total number of two factor clients forgotten. [1] | ![Development](https://img.shields.io/badge/-development-blue) |  |
+
+**[1]:** Meter name: `Microsoft.AspNetCore.Identity`; Added in: ASP.NET Core 10.0
+
+| Attribute  | Type | Description  | Examples  | [Requirement Level](https://opentelemetry.io/docs/specs/semconv/general/attribute-requirement-level/) | Stability |
+|---|---|---|---|---|---|
+| [`aspnetcore.authentication_scheme`](/docs/registry/attributes/aspnetcore.md) | string | The authentication scheme to sign in with. | `Identity.Application` | `Required` | ![Development](https://img.shields.io/badge/-development-blue) |
+| [`aspnetcore.identity.user_type`](/docs/registry/attributes/aspnetcore.md) | string | The full name of the identity user type. | `Contoso.ContosoUser` | `Required` | ![Development](https://img.shields.io/badge/-development-blue) |
+| [`error.type`](/docs/registry/attributes/error.md) | string | The full name of exception type. | `System.OperationCanceledException` | `Conditionally Required` if and only if an error has occurred. | ![Stable](https://img.shields.io/badge/-stable-lightgreen) |
+
+---
+
+`error.type` has the following list of well-known values. If one of them applies, then the respective value MUST be used; otherwise, a custom value MAY be used.
+
+| Value  | Description | Stability |
+|---|---|---|
+| `_OTHER` | A fallback error value to be used when the instrumentation doesn't define a custom value. | ![Stable](https://img.shields.io/badge/-stable-lightgreen) |
+
+<!-- markdownlint-restore -->
+<!-- prettier-ignore-end -->
+<!-- END AUTOGENERATED TEXT -->
+<!-- endsemconv -->
+
 [DocumentStatus]: https://opentelemetry.io/docs/specs/otel/document-status

docs/registry/attributes/aspnetcore.md

@@ -9,13 +9,24 @@ ASP.NET Core attributes
 
 | Attribute | Type | Description | Examples | Stability |
 |---|---|---|---|---|
-| <a id="aspnetcore-diagnostics-exception-result" href="#aspnetcore-diagnostics-exception-result">`aspnetcore.diagnostics.exception.result`</a> | string | ASP.NET Core exception middleware handling result | `handled`; `unhandled` | ![Stable](https://img.shields.io/badge/-stable-lightgreen) |
+| <a id="aspnetcore-authentication-scheme" href="#aspnetcore-authentication-scheme">`aspnetcore.authentication_scheme`</a> | string | The authentication scheme to sign in with. | `Identity.Application` | ![Development](https://img.shields.io/badge/-development-blue) |
+| <a id="aspnetcore-diagnostics-exception-result" href="#aspnetcore-diagnostics-exception-result">`aspnetcore.diagnostics.exception.result`</a> | string | ASP.NET Core exception middleware handling result. | `handled`; `unhandled` | ![Stable](https://img.shields.io/badge/-stable-lightgreen) |
 | <a id="aspnetcore-diagnostics-handler-type" href="#aspnetcore-diagnostics-handler-type">`aspnetcore.diagnostics.handler.type`</a> | string | Full type name of the [`IExceptionHandler`](https://learn.microsoft.com/dotnet/api/microsoft.aspnetcore.diagnostics.iexceptionhandler) implementation that handled the exception. | `Contoso.MyHandler` | ![Stable](https://img.shields.io/badge/-stable-lightgreen) |
+| <a id="aspnetcore-identity-error-code" href="#aspnetcore-identity-error-code">`aspnetcore.identity.error_code`</a> | string | The error code for a failed identity operation. | `DefaultError`; `PasswordMismatch` | ![Development](https://img.shields.io/badge/-development-blue) |
+| <a id="aspnetcore-identity-password-check-result" href="#aspnetcore-identity-password-check-result">`aspnetcore.identity.password_check_result`</a> | string | The result from checking the password. | `success`; `failure` | ![Development](https://img.shields.io/badge/-development-blue) |
+| <a id="aspnetcore-identity-result" href="#aspnetcore-identity-result">`aspnetcore.identity.result`</a> | string | The result of the identity operation. | `success`; `failure` | ![Development](https://img.shields.io/badge/-development-blue) |
+| <a id="aspnetcore-identity-sign-in-result" href="#aspnetcore-identity-sign-in-result">`aspnetcore.identity.sign_in.result`</a> | string | Whether the sign in result was success or failure. | `password`; `two_factor` | ![Development](https://img.shields.io/badge/-development-blue) |
+| <a id="aspnetcore-identity-sign-in-type" href="#aspnetcore-identity-sign-in-type">`aspnetcore.identity.sign_in.type`</a> | string | The authentication type. | `password`; `two_factor` | ![Development](https://img.shields.io/badge/-development-blue) |
+| <a id="aspnetcore-identity-token-purpose" href="#aspnetcore-identity-token-purpose">`aspnetcore.identity.token_purpose`</a> | string | What the token will be used for. | `success`; `failure` | ![Development](https://img.shields.io/badge/-development-blue) |
+| <a id="aspnetcore-identity-token-verified" href="#aspnetcore-identity-token-verified">`aspnetcore.identity.token_verified`</a> | string | The result of token verification. | `success`; `failure` | ![Development](https://img.shields.io/badge/-development-blue) |
+| <a id="aspnetcore-identity-user-update-type" href="#aspnetcore-identity-user-update-type">`aspnetcore.identity.user.update_type`</a> | string | The user update type. | `update`; `user_name`; `reset_password` | ![Development](https://img.shields.io/badge/-development-blue) |
+| <a id="aspnetcore-identity-user-type" href="#aspnetcore-identity-user-type">`aspnetcore.identity.user_type`</a> | string | The full name of the identity user type. | `Contoso.ContosoUser` | ![Development](https://img.shields.io/badge/-development-blue) |
 | <a id="aspnetcore-rate-limiting-policy" href="#aspnetcore-rate-limiting-policy">`aspnetcore.rate_limiting.policy`</a> | string | Rate limiting policy name. | `fixed`; `sliding`; `token` | ![Stable](https://img.shields.io/badge/-stable-lightgreen) |
 | <a id="aspnetcore-rate-limiting-result" href="#aspnetcore-rate-limiting-result">`aspnetcore.rate_limiting.result`</a> | string | Rate-limiting result, shows whether the lease was acquired or contains a rejection reason | `acquired`; `request_canceled` | ![Stable](https://img.shields.io/badge/-stable-lightgreen) |
 | <a id="aspnetcore-request-is-unhandled" href="#aspnetcore-request-is-unhandled">`aspnetcore.request.is_unhandled`</a> | boolean | Flag indicating if request was handled by the application pipeline. | `true` | ![Stable](https://img.shields.io/badge/-stable-lightgreen) |
 | <a id="aspnetcore-routing-is-fallback" href="#aspnetcore-routing-is-fallback">`aspnetcore.routing.is_fallback`</a> | boolean | A value that indicates whether the matched route is a fallback route. | `true` | ![Stable](https://img.shields.io/badge/-stable-lightgreen) |
 | <a id="aspnetcore-routing-match-status" href="#aspnetcore-routing-match-status">`aspnetcore.routing.match_status`</a> | string | Match result - success or failure | `success`; `failure` | ![Stable](https://img.shields.io/badge/-stable-lightgreen) |
+| <a id="aspnetcore-sign-in-is-persistent" href="#aspnetcore-sign-in-is-persistent">`aspnetcore.sign_in.is_persistent`</a> | boolean | A flag indicating whether the sign in is persistent. |  | ![Development](https://img.shields.io/badge/-development-blue) |
 
 ---
 
@@ -30,6 +41,114 @@ ASP.NET Core attributes
 
 ---
 
+`aspnetcore.identity.password_check_result` has the following list of well-known values. If one of them applies, then the respective value MUST be used; otherwise, a custom value MAY be used.
+
+| Value  | Description | Stability |
+|---|---|---|
+| `failure` | Password check failed. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `password_missing` | Password check couldn't proceed because the password was missing from the user. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `success` | Password check was successful. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `success_rehash_needed` | Password check was successful however the password was encoded using a deprecated algorithm and should be rehashed and updated. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `user_missing` | Password check couldn't proceed because the user was missing. | ![Development](https://img.shields.io/badge/-development-blue) |
+
+---
+
+`aspnetcore.identity.result` has the following list of well-known values. If one of them applies, then the respective value MUST be used; otherwise, a custom value MAY be used.
+
+| Value  | Description | Stability |
+|---|---|---|
+| `failure` | Identity operation failed. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `success` | Identity operation was successful. | ![Development](https://img.shields.io/badge/-development-blue) |
+
+---
+
+`aspnetcore.identity.sign_in.result` has the following list of well-known values. If one of them applies, then the respective value MUST be used; otherwise, a custom value MAY be used.
+
+| Value  | Description | Stability |
+|---|---|---|
+| `failure` | Sign in failed. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `locked_out` | User is locked out. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `not_allowed` | User is not allowed to sign in. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `requires_two_factor` | User requires two factory authentication to sign in. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `success` | Sign in was successful. | ![Development](https://img.shields.io/badge/-development-blue) |
+
+---
+
+`aspnetcore.identity.sign_in.type` has the following list of well-known values. If one of them applies, then the respective value MUST be used; otherwise, a custom value MAY be used.
+
+| Value  | Description | Stability |
+|---|---|---|
+| `external` | Sign in with a previously registered third-party login. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `passkey` | Sign in with passkey. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `password` | Sign in with password. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `two_factor` | Sign in with a two factor provider. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `two_factor_authenticator` | Sign in with two factor authenticator app. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `two_factor_recovery_code` | Sign in with two factory recovery code. | ![Development](https://img.shields.io/badge/-development-blue) |
+
+---
+
+`aspnetcore.identity.token_purpose` has the following list of well-known values. If one of them applies, then the respective value MUST be used; otherwise, a custom value MAY be used.
+
+| Value  | Description | Stability |
+|---|---|---|
+| `_OTHER` | Any token purpose that the instrumentation has no prior knowledge of. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `change_email` | The token is for changing the user email address. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `change_phone_number` | The token is for changing a user phone number. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `email_confirmation` | The token is for confirming user email address. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `reset_password` | The token is for resetting a user password. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `two_factor` | The token is for changing user two factor settings. | ![Development](https://img.shields.io/badge/-development-blue) |
+
+---
+
+`aspnetcore.identity.token_verified` has the following list of well-known values. If one of them applies, then the respective value MUST be used; otherwise, a custom value MAY be used.
+
+| Value  | Description | Stability |
+|---|---|---|
+| `failure` | Token verification failed. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `success` | Token verification was successful. | ![Development](https://img.shields.io/badge/-development-blue) |
+
+---
+
+`aspnetcore.identity.user.update_type` has the following list of well-known values. If one of them applies, then the respective value MUST be used; otherwise, a custom value MAY be used.
+
+| Value  | Description | Stability |
+|---|---|---|
+| `_OTHER` | Any update type that the instrumentation has no prior knowledge of. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `access_failed` | Identity user access failure recorded. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `add_claims` | Identity user claims added. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `add_login` | Identity user login added. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `add_password` | Identity user password added. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `add_to_roles` | Identity user added to roles. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `change_email` | Identity user email changed. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `change_password` | Identity user password changed. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `change_phone_number` | Identity user phone number changed. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `confirm_email` | Identity user email confirmed. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `generate_new_two_factor_recovery_codes` | Identity user new two-factor recovery codes generated. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `password_rehash` | Identity user password rehashed. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `redeem_two_factor_recovery_code` | Identity user two-factor recovery code redeemed. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `remove_authentication_token` | Identity user authentication token removed. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `remove_claims` | Identity user claims removed. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `remove_from_roles` | Identity user removed from roles. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `remove_login` | Identity user login removed. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `remove_passkey` | Identity user passkey removed. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `remove_password` | Identity user password removed. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `replace_claim` | Identity user claim replaced. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `reset_access_failed_count` | Identity user access failure count reset. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `reset_authenticator_key` | Identity user authenticator key reset. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `reset_password` | Identity user password reset. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `security_stamp` | Identity user security stamp updated. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `set_authentication_token` | Identity user authentication token set. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `set_email` | Identity user email set. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `set_lockout_enabled` | Identity user lockout enabled or disabled. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `set_lockout_end_date` | Identity user lockout end date set. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `set_passkey` | Identity user passkey set. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `set_phone_number` | Identity user phone number set. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `set_two_factor_enabled` | Identity user two-factor authentication enabled or disabled. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `update` | Identity user updated. | ![Development](https://img.shields.io/badge/-development-blue) |
+| `user_name` | Identity user name updated. | ![Development](https://img.shields.io/badge/-development-blue) |
+
+---
+
 `aspnetcore.rate_limiting.result` has the following list of well-known values. If one of them applies, then the respective value MUST be used; otherwise, a custom value MAY be used.
 
 | Value  | Description | Stability |

model/aspnetcore/metrics.yaml

@@ -6,6 +6,12 @@ groups:
       - ref: aspnetcore.rate_limiting.policy
         requirement_level:
           conditionally_required: if the matched endpoint for the request had a rate-limiting policy.
+  - id: aspnetcore.common.identity.metrics.attributes
+    type: attribute_group
+    brief: Common ASP.NET Core Identity metrics attributes
+    attributes:
+      - ref: aspnetcore.identity.user_type
+        requirement_level: required
 
   # routing
   - id: metric.aspnetcore.routing.match_attempts
@@ -48,6 +54,7 @@ groups:
         brief: The full name of exception type.
         examples: ['System.OperationCanceledException', 'Contoso.MyException']
         requirement_level: required
+        note: ""
       - ref: aspnetcore.diagnostics.handler.type
         requirement_level:
           conditionally_required: if and only if the exception was handled by this handler.
@@ -135,3 +142,310 @@ groups:
     attributes:
       - ref: aspnetcore.rate_limiting.result
         requirement_level: required
+
+  # identity
+  - id: metric.aspnetcore.identity.user.create.duration
+    type: metric
+    metric_name: aspnetcore.identity.user.create.duration
+    annotations:
+      code_generation:
+        metric_value_type: int
+    stability: development
+    brief: The duration of user creation operations.
+    instrument: histogram
+    unit: "s"
+    note: |
+      Meter name: `Microsoft.AspNetCore.Identity`; Added in: ASP.NET Core 10.0
+    extends: aspnetcore.common.identity.metrics.attributes
+    attributes:
+      - ref: aspnetcore.identity.result
+        requirement_level:
+          conditionally_required: if no exception was thrown.
+      - ref: aspnetcore.identity.error_code
+        requirement_level:
+          conditionally_required: if an error was set on a failed identity result.
+      - ref: error.type
+        brief: The full name of exception type or the identity error code.
+        requirement_level:
+          conditionally_required: if and only if an error has occurred.
+        examples: ['System.OperationCanceledException', 'PasswordMismatch']
+        note: ""
+
+  - id: metric.aspnetcore.identity.user.update.duration
+    type: metric
+    metric_name: aspnetcore.identity.user.update.duration
+    annotations:
+      code_generation:
+        metric_value_type: int
+    stability: development
+    brief: The duration of user update operations.
+    instrument: histogram
+    unit: "s"
+    note: |
+      Meter name: `Microsoft.AspNetCore.Identity`; Added in: ASP.NET Core 10.0
+    extends: aspnetcore.common.identity.metrics.attributes
+    attributes:
+      - ref: aspnetcore.identity.user.update_type
+        requirement_level: required
+      - ref: aspnetcore.identity.result
+        requirement_level:
+          conditionally_required: if no exception was thrown.
+      - ref: aspnetcore.identity.error_code
+        requirement_level:
+          conditionally_required: if an error was set on a failed identity result.
+      - ref: error.type
+        brief: The full name of exception type or the identity error code.
+        requirement_level:
+          conditionally_required: if and only if an error has occurred.
+        examples: ['System.OperationCanceledException', 'PasswordMismatch']
+        note: ""
+
+  - id: metric.aspnetcore.identity.user.delete.duration
+    type: metric
+    metric_name: aspnetcore.identity.user.delete.duration
+    annotations:
+      code_generation:
+        metric_value_type: int
+    stability: development
+    brief: The duration of user deletion operations.
+    instrument: histogram
+    unit: "s"
+    note: |
+      Meter name: `Microsoft.AspNetCore.Identity`; Added in: ASP.NET Core 10.0
+    extends: aspnetcore.common.identity.metrics.attributes
+    attributes:
+      - ref: aspnetcore.identity.result
+        requirement_level:
+          conditionally_required: if no exception was thrown.
+      - ref: aspnetcore.identity.error_code
+        requirement_level:
+          conditionally_required: if an error was set on a failed identity result.
+      - ref: error.type
+        brief: The full name of exception type or the identity error code.
+        requirement_level:
+          conditionally_required: if and only if an error has occurred.
+        examples: ['System.OperationCanceledException', 'PasswordMismatch']
+        note: ""
+
+  - id: metric.aspnetcore.identity.user.check_password_attempts
+    type: metric
+    metric_name: aspnetcore.identity.user.check_password_attempts
+    annotations:
+      code_generation:
+        metric_value_type: int
+    stability: development
+    brief: The number of check password attempts. Only checks whether the password is valid and not whether the user account is in a state that can log in.
+    instrument: counter
+    unit: "{attempt}"
+    note: |
+      Meter name: `Microsoft.AspNetCore.Identity`; Added in: ASP.NET Core 10.0
+    extends: aspnetcore.common.identity.metrics.attributes
+    attributes:
+      - ref: aspnetcore.identity.password_check_result
+        requirement_level:
+          conditionally_required: if no exception was thrown.
+      - ref: error.type
+        brief: The full name of exception type.
+        requirement_level:
+          conditionally_required: if and only if an error has occurred.
+        examples: ['System.OperationCanceledException']
+        note: ""
+
+  - id: metric.aspnetcore.identity.user.verify_token_attempts
+    type: metric
+    metric_name: aspnetcore.identity.user.verify_token_attempts
+    annotations:
+      code_generation:
+        metric_value_type: int
+    stability: development
+    brief: The total number of token verification attempts.
+    instrument: counter
+    unit: "{attempt}"
+    note: |
+      Meter name: `Microsoft.AspNetCore.Identity`; Added in: ASP.NET Core 10.0
+    extends: aspnetcore.common.identity.metrics.attributes
+    attributes:
+      - ref: aspnetcore.identity.token_purpose
+        requirement_level: required
+      - ref: aspnetcore.identity.token_verified
+        requirement_level:
+          conditionally_required: if no exception was thrown.
+      - ref: error.type
+        brief: The full name of exception type.
+        requirement_level:
+          conditionally_required: if and only if an error has occurred.
+        examples: ['System.OperationCanceledException']
+        note: ""
+
+  - id: metric.aspnetcore.identity.user.generated_tokens
+    type: metric
+    metric_name: aspnetcore.identity.user.generated_tokens
+    annotations:
+      code_generation:
+        metric_value_type: int
+    stability: development
+    brief: The total number of token generations.
+    instrument: counter
+    unit: "{count}"
+    note: |
+      Meter name: `Microsoft.AspNetCore.Identity`; Added in: ASP.NET Core 10.0
+    extends: aspnetcore.common.identity.metrics.attributes
+    attributes:
+      - ref: aspnetcore.identity.token_purpose
+        requirement_level: required
+      - ref: error.type
+        brief: The full name of exception type.
+        requirement_level:
+          conditionally_required: if and only if an error has occurred.
+        examples: ['System.OperationCanceledException']
+        note: ""
+
+  - id: metric.aspnetcore.identity.sign_in.authenticate.duration
+    type: metric
+    metric_name: aspnetcore.identity.sign_in.authenticate.duration
+    annotations:
+      code_generation:
+        metric_value_type: int
+    stability: development
+    brief: The duration of authenticate attempts. The authenticate metrics is recorded by sign in methods such as PasswordSignInAsync and TwoFactorSignInAsync.
+    instrument: histogram
+    unit: "s"
+    note: |
+      Meter name: `Microsoft.AspNetCore.Identity`; Added in: ASP.NET Core 10.0
+    extends: aspnetcore.common.identity.metrics.attributes
+    attributes:
+      - ref: aspnetcore.authentication_scheme
+        requirement_level: required
+      - ref: aspnetcore.sign_in.is_persistent
+        requirement_level:
+          conditionally_required: if no exception was thrown.
+      - ref: aspnetcore.identity.sign_in.type
+        requirement_level: required
+      - ref: aspnetcore.identity.sign_in.result
+        requirement_level:
+          conditionally_required: if no exception was thrown.
+      - ref: error.type
+        brief: The full name of exception type.
+        requirement_level:
+          conditionally_required: if and only if an error has occurred.
+        examples: ['System.OperationCanceledException']
+        note: ""
+
+  - id: metric.aspnetcore.identity.sign_in.two_factor_clients_remembered
+    type: metric
+    metric_name: aspnetcore.identity.sign_in.two_factor_clients_remembered
+    annotations:
+      code_generation:
+        metric_value_type: int
+    stability: development
+    brief: The total number of two factor clients remembered.
+    instrument: counter
+    unit: "{client}"
+    note: |
+      Meter name: `Microsoft.AspNetCore.Identity`; Added in: ASP.NET Core 10.0
+    extends: aspnetcore.common.identity.metrics.attributes
+    attributes:
+      - ref: aspnetcore.authentication_scheme
+        requirement_level: required
+      - ref: error.type
+        brief: The full name of exception type.
+        requirement_level:
+          conditionally_required: if and only if an error has occurred.
+        examples: ['System.OperationCanceledException']
+        note: ""
+
+  - id: metric.aspnetcore.identity.sign_in.two_factor_clients_forgotten
+    type: metric
+    metric_name: aspnetcore.identity.sign_in.two_factor_clients_forgotten
+    annotations:
+      code_generation:
+        metric_value_type: int
+    stability: development
+    brief: The total number of two factor clients forgotten.
+    instrument: counter
+    unit: "{client}"
+    note: |
+      Meter name: `Microsoft.AspNetCore.Identity`; Added in: ASP.NET Core 10.0
+    extends: aspnetcore.common.identity.metrics.attributes
+    attributes:
+      - ref: aspnetcore.authentication_scheme
+        requirement_level: required
+      - ref: error.type
+        brief: The full name of exception type.
+        requirement_level:
+          conditionally_required: if and only if an error has occurred.
+        examples: ['System.OperationCanceledException']
+        note: ""
+
+  - id: metric.aspnetcore.identity.sign_in.check_password_attempts
+    type: metric
+    metric_name: aspnetcore.identity.sign_in.check_password_attempts
+    annotations:
+      code_generation:
+        metric_value_type: int
+    stability: development
+    brief: The total number of check password attempts. Checks that the account is in a state that can log in and that the password is valid using the UserManager.CheckPasswordAsync method.
+    instrument: counter
+    unit: "{attempt}"
+    note: |
+      Meter name: `Microsoft.AspNetCore.Identity`; Added in: ASP.NET Core 10.0
+    extends: aspnetcore.common.identity.metrics.attributes
+    attributes:
+      - ref: aspnetcore.identity.sign_in.result
+        requirement_level:
+          conditionally_required: if no exception was thrown.
+      - ref: error.type
+        brief: The full name of exception type.
+        requirement_level:
+          conditionally_required: if and only if an error has occurred.
+        examples: ['System.OperationCanceledException']
+        note: ""
+
+  - id: metric.aspnetcore.identity.sign_in.sign_ins
+    type: metric
+    metric_name: aspnetcore.identity.sign_in.sign_ins
+    annotations:
+      code_generation:
+        metric_value_type: int
+    stability: development
+    brief: The total number of calls to sign in user principals.
+    instrument: counter
+    unit: "{sign_in}"
+    note: |
+      Meter name: `Microsoft.AspNetCore.Identity`; Added in: ASP.NET Core 10.0
+    extends: aspnetcore.common.identity.metrics.attributes
+    attributes:
+      - ref: aspnetcore.authentication_scheme
+        requirement_level: required
+      - ref: aspnetcore.sign_in.is_persistent
+        requirement_level:
+          conditionally_required: if no exception was thrown.
+      - ref: error.type
+        brief: The full name of exception type.
+        requirement_level:
+          conditionally_required: if and only if an error has occurred.
+        examples: ['System.OperationCanceledException']
+        note: ""
+
+  - id: metric.aspnetcore.identity.sign_in.sign_outs
+    type: metric
+    metric_name: aspnetcore.identity.sign_in.sign_outs
+    annotations:
+      code_generation:
+        metric_value_type: int
+    stability: development
+    brief: The total number of calls to sign out user principals.
+    instrument: counter
+    unit: "{sign_out}"
+    note: |
+      Meter name: `Microsoft.AspNetCore.Identity`; Added in: ASP.NET Core 10.0
+    extends: aspnetcore.common.identity.metrics.attributes
+    attributes:
+      - ref: aspnetcore.authentication_scheme
+        requirement_level: required
+      - ref: error.type
+        brief: The full name of exception type.
+        requirement_level:
+          conditionally_required: if and only if an error has occurred.
+        examples: ['System.OperationCanceledException']
+        note: ""

model/aspnetcore/registry.yaml

@@ -81,5 +81,302 @@ groups:
               brief: "Exception handling didn't run because the request was aborted."
               stability: stable
         stability: stable
-        brief: ASP.NET Core exception middleware handling result
+        brief: ASP.NET Core exception middleware handling result.
         examples: ["handled", "unhandled"]
+      - id: aspnetcore.identity.user_type
+        type: string
+        brief: The full name of the identity user type.
+        stability: development
+        examples: ["Contoso.ContosoUser"]
+      - id: aspnetcore.identity.result
+        type:
+          members:
+            - id: success
+              value: 'success'
+              brief: "Identity operation was successful."
+              stability: development
+            - id: failure
+              value: 'failure'
+              brief: "Identity operation failed."
+              stability: development
+        stability: development
+        brief: The result of the identity operation.
+        examples: ["success", "failure"]
+      - id: aspnetcore.identity.error_code
+        type: string
+        stability: development
+        brief: The error code for a failed identity operation.
+        examples: ["DefaultError", "PasswordMismatch"]
+      - id: aspnetcore.identity.user.update_type
+        type:
+          members:
+            - id: update
+              value: 'update'
+              brief: "Identity user updated."
+              stability: development
+            - id: user_name
+              value: 'user_name'
+              brief: "Identity user name updated."
+              stability: development
+            - id: add_password
+              value: 'add_password'
+              brief: "Identity user password added."
+              stability: development
+            - id: change_password
+              value: 'change_password'
+              brief: "Identity user password changed."
+              stability: development
+            - id: security_stamp
+              value: 'security_stamp'
+              brief: "Identity user security stamp updated."
+              stability: development
+            - id: reset_password
+              value: 'reset_password'
+              brief: "Identity user password reset."
+              stability: development
+            - id: remove_login
+              value: 'remove_login'
+              brief: "Identity user login removed."
+              stability: development
+            - id: add_login
+              value: 'add_login'
+              brief: "Identity user login added."
+              stability: development
+            - id: add_claims
+              value: 'add_claims'
+              brief: "Identity user claims added."
+              stability: development
+            - id: replace_claim
+              value: 'replace_claim'
+              brief: "Identity user claim replaced."
+              stability: development
+            - id: remove_claims
+              value: 'remove_claims'
+              brief: "Identity user claims removed."
+              stability: development
+            - id: add_to_roles
+              value: 'add_to_roles'
+              brief: "Identity user added to roles."
+              stability: development
+            - id: remove_from_roles
+              value: 'remove_from_roles'
+              brief: "Identity user removed from roles."
+              stability: development
+            - id: set_email
+              value: 'set_email'
+              brief: "Identity user email set."
+              stability: development
+            - id: confirm_email
+              value: 'confirm_email'
+              brief: "Identity user email confirmed."
+              stability: development
+            - id: password_rehash
+              value: 'password_rehash'
+              brief: "Identity user password rehashed."
+              stability: development
+            - id: remove_password
+              value: 'remove_password'
+              brief: "Identity user password removed."
+              stability: development
+            - id: change_email
+              value: 'change_email'
+              brief: "Identity user email changed."
+              stability: development
+            - id: set_phone_number
+              value: 'set_phone_number'
+              brief: "Identity user phone number set."
+              stability: development
+            - id: change_phone_number
+              value: 'change_phone_number'
+              brief: "Identity user phone number changed."
+              stability: development
+            - id: set_two_factor_enabled
+              value: 'set_two_factor_enabled'
+              brief: "Identity user two-factor authentication enabled or disabled."
+              stability: development
+            - id: set_lockout_enabled
+              value: 'set_lockout_enabled'
+              brief: "Identity user lockout enabled or disabled."
+              stability: development
+            - id: set_lockout_end_date
+              value: 'set_lockout_end_date'
+              brief: "Identity user lockout end date set."
+              stability: development
+            - id: access_failed
+              value: 'access_failed'
+              brief: "Identity user access failure recorded."
+              stability: development
+            - id: reset_access_failed_count
+              value: 'reset_access_failed_count'
+              brief: "Identity user access failure count reset."
+              stability: development
+            - id: set_authentication_token
+              value: 'set_authentication_token'
+              brief: "Identity user authentication token set."
+              stability: development
+            - id: remove_authentication_token
+              value: 'remove_authentication_token'
+              brief: "Identity user authentication token removed."
+              stability: development
+            - id: reset_authenticator_key
+              value: 'reset_authenticator_key'
+              brief: "Identity user authenticator key reset."
+              stability: development
+            - id: generate_new_two_factor_recovery_codes
+              value: 'generate_new_two_factor_recovery_codes'
+              brief: "Identity user new two-factor recovery codes generated."
+              stability: development
+            - id: redeem_two_factor_recovery_code
+              value: 'redeem_two_factor_recovery_code'
+              brief: "Identity user two-factor recovery code redeemed."
+              stability: development
+            - id: set_passkey
+              value: 'set_passkey'
+              brief: "Identity user passkey set."
+              stability: development
+            - id: remove_passkey
+              value: 'remove_passkey'
+              brief: "Identity user passkey removed."
+              stability: development
+            - id: other
+              value: '_OTHER'
+              brief: "Any update type that the instrumentation has no prior knowledge of."
+              stability: development
+        stability: development
+        brief: The user update type.
+        examples: ["update", "user_name", "reset_password"]
+      - id: aspnetcore.identity.password_check_result
+        type:
+          members:
+            - id: success
+              value: 'success'
+              brief: "Password check was successful."
+              stability: development
+            - id: success_rehash_needed
+              value: 'success_rehash_needed'
+              brief: "Password check was successful however the password was encoded using a deprecated algorithm and should be rehashed and updated."
+              stability: development
+            - id: failure
+              value: 'failure'
+              brief: "Password check failed."
+              stability: development
+            - id: password_missing
+              value: 'password_missing'
+              brief: "Password check couldn't proceed because the password was missing from the user."
+              stability: development
+            - id: user_missing
+              value: 'user_missing'
+              brief: "Password check couldn't proceed because the user was missing."
+              stability: development
+        stability: development
+        brief: The result from checking the password.
+        examples: ["success", "failure"]
+      - id: aspnetcore.identity.token_purpose
+        type:
+          members:
+            - id: reset_password
+              value: 'reset_password'
+              brief: "The token is for resetting a user password."
+              stability: development
+            - id: change_phone_number
+              value: 'change_phone_number'
+              brief: "The token is for changing a user phone number."
+              stability: development
+            - id: email_confirmation
+              value: 'email_confirmation'
+              brief: "The token is for confirming user email address."
+              stability: development
+            - id: change_email
+              value: 'change_email'
+              brief: "The token is for changing the user email address."
+              stability: development
+            - id: two_factor
+              value: 'two_factor'
+              brief: "The token is for changing user two factor settings."
+              stability: development
+            - id: other
+              value: '_OTHER'
+              brief: "Any token purpose that the instrumentation has no prior knowledge of."
+              stability: development
+        stability: development
+        brief: What the token will be used for.
+        examples: ["success", "failure"]
+      - id: aspnetcore.identity.token_verified
+        type:
+          members:
+            - id: success
+              value: 'success'
+              brief: "Token verification was successful."
+              stability: development
+            - id: failure
+              value: 'failure'
+              brief: "Token verification failed."
+              stability: development
+        stability: development
+        brief: The result of token verification.
+        examples: ["success", "failure"]
+      - id: aspnetcore.authentication_scheme
+        type: string
+        stability: development
+        brief: The authentication scheme to sign in with.
+        examples: ["Identity.Application"]
+      - id: aspnetcore.identity.sign_in.type
+        type:
+          members:
+            - id: password
+              value: 'password'
+              brief: "Sign in with password."
+              stability: development
+            - id: two_factor_recovery_code
+              value: 'two_factor_recovery_code'
+              brief: "Sign in with two factory recovery code."
+              stability: development
+            - id: two_factor_authenticator
+              value: 'two_factor_authenticator'
+              brief: "Sign in with two factor authenticator app."
+              stability: development
+            - id: two_factor
+              value: 'two_factor'
+              brief: "Sign in with a two factor provider."
+              stability: development
+            - id: external
+              value: 'external'
+              brief: "Sign in with a previously registered third-party login."
+              stability: development
+            - id: passkey
+              value: 'passkey'
+              brief: "Sign in with passkey."
+              stability: development
+        stability: development
+        brief: The authentication type.
+        examples: ["password", "two_factor"]
+      - id: aspnetcore.sign_in.is_persistent
+        type: boolean
+        stability: development
+        brief: A flag indicating whether the sign in is persistent.
+      - id: aspnetcore.identity.sign_in.result
+        type:
+          members:
+            - id: success
+              value: 'success'
+              brief: "Sign in was successful."
+              stability: development
+            - id: locked_out
+              value: 'locked_out'
+              brief: "User is locked out."
+              stability: development
+            - id: not_allowed
+              value: 'not_allowed'
+              brief: "User is not allowed to sign in."
+              stability: development
+            - id: requires_two_factor
+              value: 'requires_two_factor'
+              brief: "User requires two factory authentication to sign in."
+              stability: development
+            - id: failure
+              value: 'failure'
+              brief: "Sign in failed."
+              stability: development
+        stability: development
+        brief: Whether the sign in result was success or failure.
+        examples: ["password", "two_factor"]