• Type: Suggestion
• Resolution: Unresolved
• Component/s: Administration - Audit Log, Permissions - REST API authorisation
• Labels:

  • jsw-s11

[JRACLOUD-79552] Record all the activities done via Rest API in Audit Log

Collapse comment: Steven Lees-Smith added a comment - 16/Oct/2022 10:40 PM

Steven Lees-Smith added a comment - 16/Oct/2022 10:40 PM

With recent data breaches in the news and API being potentially the issue to one of them a few customers now would like visibility of when an API call is made.  We can of course track this through automation rule logs, or a scheduled task on a server that may be calling a script that calls the API but the concern is if there is an outside process that manages to fire the API and make calls to the dataset not controlled by known processes.  This is really forefront now in the eyes of cyber teams for some customers.

Expand comment: Steven Lees-Smith added a comment - 16/Oct/2022 10:40 PM

Steven Lees-Smith added a comment - 16/Oct/2022 10:40 PM With recent data breaches in the news and API being potentially the issue to one of them a few customers now would like visibility of when an API call is made.  We can of course track this through automation rule logs, or a scheduled task on a server that may be calling a script that calls the API but the concern is if there is an outside process that manages to fire the API and make calls to the dataset not controlled by known processes.  This is really forefront now in the eyes of cyber teams for some customers.