I have some events based on /validate/check but I noticed that they do not trigger when a user authenticates directly to the privacyIDEA interface via /auth. Is there a setting or something that I am missing to get be able to get the same behavior or auth as well as a validate?
/auth is another endpoint than /validate/check. So auth will not trigger events you attach to validate/check.
Is this something that could be/will be added to the event handler in the future?
Hm, yes, the /auth endpoint has no event handler.
Actually doing this is just a matter of one line of code. I am not sure of the effect. But with all event handlers you can create very unique effects! 
I think I will add an issue at github for it.