API Reference

Welcome to AuditLog's API! The API enables you to submit Events, query customized Views and Events with Event Queries, and satisfy privacy needs with the Actor API.

The API is organized around REST. All requests should be made over SSL. All request and response bodies, including errors, support JSON and XML. Standard content type headers should be used to indicate application/json or text/xml.

Authentication to the API is performed via a custom X-API-KEY header and is required for all requests.

Just getting started?

This may be more detail than you were looking for. Check out the First Time Through guide if you're looking to get up and running quickly.

Authentication

Authentication is done via the Consumer Id and Secret which can be managed in the Configure API Keys section of the application.

Requests are authentications using a custom X-API-KEY header containing the Consumer Id and Secret as a colon-seperated string: {consumer id}:{secret}

You can see generated Consumer Id's and create and roll Consumer Secrets from the application.

Authentication using X-API-KEY HTTP Header.
                    curl 'https://app.auditlog.co/api/v1/actors/{user uuid}' \
                        -H 'x-api-key: {consumer id}:{secret}'
                        -H 'accept: application/json'
                    

Errors

The API returns standard HTTP success and error codes. For errors, it will also include extra information about what went wrong in structured JSON or XML. Standard HTTP status codes are listed below and called out on API operations further below.

HTTP Status Codes

CodeTitleDescription
200OKThe request was successful
400Bad RequestBad request, typically missing or invalid inputs
401UnauthorizedAPI key details not provided
402Over quotaYour request has been rate limited
403UnauthorizedCould not validate your API key
404Not FoundRequested resource was not found
50xInternal Server ErrorAn error occurred in our service

ApiError Type

Additional details are returned with many errors, encoded in either JSON or XML (per the provided ACCEPTS HTTP header).

PropertyDescription
statusCodeintHTTP Status code
messagestringHuman-readable error message
detailskey/valuesKey/value list of additional details

Example response when POSTing without a required field.
                    {
                        "statusCode": 400,
                        "message": "Bad Request",
                        "details": {
                            "[0].uuid": "The UUID field is required."
                        }
                    }
                    

Immutability and Events

Immutability is a tricky topic for audit logs. An Auditable Event is an Action against a Target by an Actor at a given Time. We then layer on some additional information for readabaility, augmenting an Actors unique id with a human readable name, for instance.

Most of the fields from a reported Event will be stored as an immutable part of the event. The primary exception is Actors. On the Event, we store the UUID for the actor, but store the Actor's name, email, or other provided information on a single unique record for the Actor.

Keeping a seperate Actor record enables a few key things:

  • Readability - The Actor UUID is part of the immutable record, the mispelling in John's name 3 years ago when he first logged in is not
  • Privacy - These fields are potentially personally identifiable, this makes it easy to identify and redact them
  • Immutable Log - Separating these fields means there is no need for an Update operation on Events

Warning: Personally Identifiable Data

Do not include personally identifiable data outside the fields for Actor and Target.

Data for Actors and Targets submitted with Target Type of User will be stored beside the immutable record, where it can be reported back and redacted. No other Event fields currently support this reporting or redaction.

Example of an Actor record
                    {
                        "uuid": "bd275099-e808-4c1a-bd32-57a589b7cf93",
                        "name": "Roberta Wharton",
                        "email": "rwharton@great-client.test",
                        "isForgotten": false
                    }
                    
Example after /actor/{UUID}/forget
                    {
                        "uuid": "bd275099-e808-4c1a-bd32-57a589b7cf93",
                        "name": "[forgotten]",
                        "email": "[forgotten]",
                        "isForgotten": true
                    }
                    

Versioning

When we make backwards-incompatible changes to the API, we release a new version. The current version is v1.

The API Version is provided as part of the URL for each endpoint. Responses return data structured for the provided version.

Submitting Data

Submitting Events to the API is the primary method of populating your Audit Log. The API assumes you are submitting them relatively soon after they happened in your system.

Need to backfill historical data? Send a request and we'll work with you to upload it.

Events API - POST

The Events API allows you to submit Events from your system to be included in your Audit Log. Events have several fields that are required for all entries in the Audit Log and several that are optional for your particular use case and the Action that has taken place.

HTTP Request

POST https://app.auditlog.co/api/v1/events

HTTP POST Payload

Post an array of Event entries, each with a unique identifier (UUID).

Represents an Event that you are reporting from your system to be logged in the AuditLog. Events that you receive back from the API will include richer information, including a unique Id and Reception Time, but otherwise match the same properties you sent.

Properties for child objects are shown with dot notation.

uuid
string required
A unique identifier you generate for the event to ensure idempotent storage of the event.
client
object optional
Information about the Client using your system, assuming users belong to more than one installation or customer.
client.uuid
string required
A Unique Identifier for this client that you can map back to your internal systems.
client.name
string optional
A human-readable description of the client for easy identification at a glance.
time
string required
The time the Event occurred, provided in ISO8601 format.
action
string required
The Action that occurred.
description
string optional
A human readable description of the action/event.
url
string optional
A URL to link to a change record or additional information for this Action/Event.
actor
object optional
The Actor that made the change, either a user or artificial SYSTEM record.
actor.uuid
string required
A universally unique ID you can use to identify the actor against your own records.
actor.name
string optional
A human-readable name for the Actor for easy identification at a glance.
actor.email
string optional
A human-readable email address for the Actor for easy identification at a glance.
context
object required
Context from the Actor and your service for additional log detail.
context.client
object optional
Properties of the Actor's client/system for audit purposes.
context.client.ipAddress
string optional
IP Address that Actor is connecting from, if applicable.
context.client.browserAgent
string optional
Actor's browser User Agent, if applicable.
context.server
object required
Properties of your software/server that they are interacting with.
context.server.serverId
string required
A server Id for the server the Actor is connected to, if applicable.
context.server.version
string required
The version of your software the Actor is connected to, if applicable.
target
object optional
The Target that the Actor performed the Action against. Send a `TargetUser` if it is a User/Actor instead.
target.type
string required
The Type of the Target being affected.
target.uuid
string required
A universally unique Id for the Target being affected that you can connect back to the record on your systems.
target.label
string optional
A human-readable description of the target being affected, for at a glance information.
target.url
string optional
A URL reference back to the target being affected, if useful.
targetUser
object optional
The Target User that the Actor performed the Action against. Send a `Target` if it is not a User/Actor instead.
targetUser.uuid
string required
A universally unique ID you can use to identify the actor against your own records.
targetUser.name
string optional
A human-readable name for the Actor for easy identification at a glance.
targetUser.email
string optional
A human-readable email address for the Actor for easy identification at a glance.

Example POSTed Event with all optional fields
                        curl 'https://app.auditlog.co/api/v1/events' \
                            -X POST \
                            -H 'x-api-key: {consumer id}:{secret}' \
                            -H 'content-type: application/json' \
                            -d '[
                                    {
                                        "uuid": "sample-event-001",
                                        "client": {
                                            "uuid": "1234567890",
                                            "name": "Great Client"
                                        },
                                        "time": "2018-06-30T16:35:52",
                                        "action": "user.invite",
                                        "description": "Invited new user, QA role",
                                        "url": "http://blah.example.com/95c102ae-5930-413f-b794-8f0934fdb136",
                                        "actor": {
                                            "uuid": "bd275099-e808-4c1a-bd32-57a589b7cf93",
                                            "name": "Roberta Wharton",
                                            "email": "rwharton@great-client.test"
                                        },
                                        "context": {
                                            "client": {
                                                "ipAddress": "192.168.105.23",
                                                "browserAgent": "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/536.6 (KHTML, like Gecko) Chrome/20.0.1092.0 Safari/536.6"
                                            },
                                            "server": {
                                                "serverId": "prod-01-us-appfarm",
                                                "version": "20180325-01"
                                            }
                                        },
                                        "targetUser": {
                                            "uuid": "95c102ae-5930-413f-b794-8f0934fdb136",
                                            "name": "Salman Randall",
                                            "email": "srandall@great-client.test"
                                        }
                                    },
                                    {
                                        "uuid": "sample-event-004",
                                        "client": {
                                            "uuid": "1234567890",
                                            "name": "Great Client"
                                        },
                                        "time": 1522315212,
                                        "action": "batch.logSamples",
                                        "description": "Entered QA samples for batch",
                                        "url": null,
                                        "actor": {
                                            "uuid": "95c102ae-5930-413f-b794-8f0934fdb136",
                                            "name": "Salman Randall",
                                            "email": "srandall@great-client.test"
                                        },
                                        "context": {
                                            "client": {
                                                "ipAddress": "192.168.105.68",
                                                "browserAgent": "Mozilla/5.0 (Windows NT 6.2; rv:20.0) Gecko/20121202 Firefox/20.0"
                                            },
                                            "server": {
                                                "serverId": "prod-01-us-appfarm",
                                                "version": "20180325-01"
                                            }
                                        },
                                        "target": {
                                            "type": "batch",
                                            "uuid": "5a61a8f0-1390-46bd-a4c7-d5381955d807",
                                            "label": "Batch 20180329-003",
                                            "url": null
                                        }
                                    }
                            ]'
                    

HTTP Response

A successful response will provide an array of the UUIDs you POSTed with server-generated id's to confirm the Events have been received and are being processed.

CodeTypeDescription
200EventAcceptedResponseSuccess
400ApiErrorBad Request
401Unauthorized
403Forbidden
404ApiErrorNot Found

Example Response
                        {
                            ReceivedEvents: [
                                {
                                    "id": "c61a728a-4dae-4e26-b884-8ba5caae892d",
                                    "uuid": "sample-event-001"
                                },
                                {
                                    "id": "4c9d8476-d80e-4d78-b791-53f1ccfa2842",
                                    "uuid": "sample-event-002"
                                }
                            ]
                        }
                    
Example 400 Error
                        {
                            "statusCode": 400,
                            "message": "Bad Request",
                            "details": {
                                "[0].client.uuid": "The UUID field is required."
                            }
                        }
                    

Querying Data

Your Audit Log data can be embedded using the drop-in or you can directly query the Events API. Stored Events are often called Entries (seomthing that has been stored) and include several fields not present when you submit the original Event:

  • id - A unique AuditLog id for the entry
  • receptionTime - utc timestamp when the Event was received

Views API - GET

The Views API GET endpoint enables you to query for the same data the Drop-In display uses, to allow for deeper customization. The viewId is located on the View Customization screen.

HTTP Request

GET https://app.auditlog.co/api/v1/views/{viewId}/{clientUUId}

HTTP GET Parameters

ParametersTypeDescription
viewId string View Id for your customized View
clientUUId string Your unique Id for your client
page
optional
string Page name to retrieve (or empty for most recent)

Example Request
                        curl -X GET \
                            'https://app.auditlog.co/api/v1/views/{ viewId }/1234567890?page=201806' \
                            -H 'x-api-key: {consumer id}:{secret}' \
                            -H 'accept: application/json' 
                    

HTTP Response

CodeTypeDescription
200PagedViewResultSuccess
400ApiErrorBad Request
401Unauthorized
403Forbidden
404ApiErrorNot Found

PagedViewResult

A search response with information about the current page, other available pages, and an array of Entries that match the properties for an Event, with additional properties for the AuditLog id, Event URL, and time it was received.

A paged set of events for a pre-configured View. The view is configured in the application to serve data to the drop-in component or your own custom component.

Properties for child objects are shown with dot notation.

_id
object optional
A generated "id" that represents this unique response
_id.timestamp
string optional
Timestamp that the results were put together
_id.type
string optional
The type of request
_id.href
string optional
The Href for this specific response
_id.label
string optional
A human-readable label for an end user looking at this dataset
_links
object optional
Links to other pages of data you can navigate to from this set.
entries
array optional
The relevant Event Entries for this View

Links

Properties for child objects are shown with dot notation.

label
string optional
type
string optional
href
string optional

Example Response
                        {
                            "_id": {
                                "timestamp": "2018-07-15T18:50:07.1337274Z",
                                "type": "GET",
                                "href": "/api/v1/views/{viewId}/1234567890?page=201806",
                                "label": "June 2018"
                            },
                            "_links": {
                                "previous": {
                                    "label": "May 2018",
                                    "type": "GET",
                                    "href": "/api/v1/views/{viewId}/1234567890?page=201805"
                                },
                                "next": {
                                    "label": "July 2018",
                                    "type": "GET",
                                    "href": "/api/v1/views/{viewId}/1234567890?page=201807"
                                }
                            },
                            "entries": [
                                {
                                    "_links": {
                                        "href": "/api/v1/events/b0db0eea-9a3f-4b86-8f5d-012617b14d0a"
                                    },
                                    "id": "b0db0eea-9a3f-4b86-8f5d-012617b14d0a",
                                    "receptionTime": "2018-06-30T19:07:51.7733333",
                                    "uuid": "sample-event-000",
                                    "client": {
                                        "uuid": "1234567890",
                                        "name": "Great Client"
                                    },
                                    "time": "2018-06-30T16:35:52",
                                    "action": "user.login",
                                    "description": null,
                                    "url": null,
                                    "actor": {
                                        "uuid": "bd275099-e808-4c1a-bd32-57a589b7cf93",
                                        "name": "Roberta Wharton",
                                        "email": "rwharton@great-client.test"
                                    },
                                    "context": {
                                        "client": {
                                            "ipAddress": "192.168.105.23",
                                            "browserAgent": "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/536.6 (KHTML, like Gecko) Chrome/20.0.1092.0 Safari/536.6"
                                        },
                                        "server": {
                                            "serverId": "prod-01-us-appfarm",
                                            "version": "20180325-01"
                                        }
                                    },
                                    "target": {
                                        "type": null,
                                        "uuid": null,
                                        "label": null,
                                        "url": null
                                    }
                                },
                                ...
                            ]
                        }
                    

Events API - GET

The Events API GET endpoint enables you to query for a set of events, typically to enable you to enrich and provide directly to your clients or to download into a secondary data warehouse.

The Events API currently allows you to filter your query by Client UUID, from date, and through date. Send a message if you're interested in more flexible capabilities.

HTTP Request

GET /api/v1/events

HTTP GET Parameters

ParametersTypeDescription
clientID
optional
string UUID for one of your clients
fromDate
optional
string Starting date to filter for
throughDate
optional
string End date to filter through

Example query with all 3 optional filters
                        curl -X GET \
                            'https://app.auditlog.co/api/v1/events?clientID=1234567890&fromDate=2018-06-03T17%3A01%3A10&throughDate=2018-06-30'
                            -H 'x-api-key: {consumer id}:{secret}' \
                            -H 'accept: application/json' 
                        

HTTP Response

CodeTypeDescription
200EventSearchResponseSuccess
400ApiErrorBad Request
401Unauthorized
403Forbidden
404ApiErrorNot Found

EventSearchResponse

A search response with an array of Entries that match the properties for an Event, with additional properties for the AuditLog id, Event URL, and time it was received.

Properties for child objects are shown with dot notation.

_id
object optional
_id.timestamp
string optional
Timestamp that the results were put together
_id.type
string optional
The type of request
_id.href
string optional
The Href for this specific response
_id.label
string optional
A human-readable label for an end user looking at this dataset
entries
array optional

Example Response
                            {
                                "_id": {
                                    "timestamp": "2018-07-15T18:29:00.5701598Z",
                                    "type": "GET",
                                    "href": "/api/v1/events?clientID=1234567890&fromDate=2018-06-03T17:01:10&throughDate=2018-06-30",
                                    "label": "Event Search"
                                },
                                "entries": [
                                    {
                                        "_links": {
                                            "href": "/api/v1/events/b0db0eea-9a3f-4b86-8f5d-012617b14d0a"
                                        },
                                        "id": "b0db0eea-9a3f-4b86-8f5d-012617b14d0a",
                                        "receptionTime": "2018-06-30T19:07:51.7733333",
                                        "uuid": "sample-event-000",
                                        "client": {
                                            "uuid": "1234567890",
                                            "name": "Great Client"
                                        },
                                        "time": "2018-06-30T16:35:52",
                                        "action": "user.login",
                                        "description": null,
                                        "url": null,
                                        "actor": {
                                            "uuid": "bd275099-e808-4c1a-bd32-57a589b7cf93",
                                            "name": "Roberta Wharton",
                                            "email": "rwharton@great-client.test"
                                        },
                                        "context": {
                                            "client": {
                                                "ipAddress": "192.168.105.23",
                                                "browserAgent": "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/536.6 (KHTML, like Gecko) Chrome/20.0.1092.0 Safari/536.6"
                                            },
                                            "server": {
                                                "serverId": "prod-01-us-appfarm",
                                                "version": "20180325-01"
                                            }
                                        },
                                        "target": {
                                            "type": null,
                                            "uuid": null,
                                            "label": null,
                                            "url": null
                                        }
                                    },
                                    ...
                                ]
                            }
                    

Users / Actors - Supporting Privacy

Personally identifiable information, like name and email address, make an AuditLog a much friendlier and easier to use experience. However, you also need the freedom to know specifically what you've stored and have the ability to redact it without dumping your entire log. This is where the Actor API comes in.

Note: You aren't required to store personally identifiable information in the AuditLog, but should you do so our aim is to provide you the tools you need to easily comply with internal and external regulations on this data.

The Actors API search assumes you are looking for a User / Actor that exists in your system. Use the UUID for a user to see what information is stored about that user in your AuditLog.

HTTP Request

GET https://app.auditlog.co/api/v1/actors/{uuid}

HTTP GET Parameters

ParametersTypeDescription
uuid string Your UUID for the given user

Example GET Request
                            curl -X GET \
                                https://app.auditlog.co/api/v1/actors/{uuid} \
                                -H 'accept: application/json' 
                                -H 'x-api-key: {consumer id}:{secret}' \
                    

HTTP Response

A successful response will provide an array of the UUIDs you POSTed with server-generated id's to confirm the Events have been received and are being processed.

CodeTypeDescription
200ActorQueryResponseSuccess
401Unauthorized
403Forbidden

Example Response
                        {
                            "actors": [
                                {
                                    "uuid": "{uuid}",
                                    "name": "Roberta Wharton",
                                    "email": "rwharton@great-client.test",
                                    "isForgotten": false
                                }
                            ]
                        }
                    
Example Not Found Response
                            {
                                "actors": []
                            }
                    

Actors API - Update - POST

People's names change, company email domains evolve, and mispellings happen. Use the Actors API to minimize confusion by keeping these records up to date.

HTTP Request

POST https://app.auditlog.co/api/v1/actors/{uuid}

HTTP POST Payload

Post an updated Actor to update it's properties.

Properties for child objects are shown with dot notation.

name
string optional
email
string optional

Example POST Request
                            curl -X POST \
                                https://app.auditlog.co/api/v1/actors/{uuid} \
                                -H 'accept: application/json' \
                                -H 'content-type: application/json' \
                                -H 'x-api-key: {consumer id}:{secret}' \
                                -d '{
                                    name: "test name",
                                    email: "test@email.test"
                                    }'
                    

HTTP Response

A successful response will return the updated Actor.

CodeTypeDescription
200ActorQueryResponseSuccess
204Success
400ApiErrorBad Request
401Unauthorized
403Forbidden
404ApiErrorNot Found

Example Response - 200
                        {
                            "actors": [
                                {
                                    "uuid": "{uuid}",
                                    "name": "test name",
                                    "email": "test@email.test",
                                    "isForgotten": false
                                }
                            ]
                        }
                    

Forgotten users are a special case. Once a user has been forgotten, attempts to update it will acknowledge the update without performing it.

Example Response - 204 - Forgotten User
                            {
                                "actors": [
                                    {
                                        "uuid": "{uuid}",
                                        "name": "[forgotten]",
                                        "email": "[forgotten]",
                                        "isForgotten": true
                                    }
                                ]
                            }
                    

Actors API - Forget - POST

For privacy reasons, you need the ability to redact personal information without impacting the AuditLog. The Forget operation redacts personal information from Actors / Users, leaving the non-personal audit informaiton untouched.

HTTP Request

POST https://app.auditlog.co/api/v1/actors/{uuid}/forget

HTTP POST Parameters

ParametersTypeDescription
uuid string

Example POST Request
                            curl -X POST \
                                https://app.auditlog.co/api/v1/actors/{uuid}/forget \
                                -H 'accept: application/json' \
                                -H 'x-api-key: {consumer id}:{secret}'
                    

HTTP Response

A successful response will return the updated Actor with redacted fields, for confirmation.

CodeTypeDescription
200ActorQueryResponseSuccess
400ApiErrorBad Request
401Unauthorized
403Forbidden
404ApiErrorNot Found

Example Response - 200
                        {
                            "actors": [
                                {
                                    "uuid": "{uuid}",
                                    "name": "[forgotten]",
                                    "email": "[forgotten]",
                                    "isForgotten": true
                                }
                            ]
                        }
                    

Core Type Reference

There are 4 Core Types of objects used frequently with the AuditLog API. They cover the use cases of reporting Events from your system, querying for them either for adhoc use or a pre-defined Custom View, and interacting with Actor records.

Event

Represents an Event that you are reporting from your system to be logged in the AuditLog. Events that you receive back from the API will include richer information, including a unique Id and Reception Time, but otherwise match the same properties you sent.

Properties for child objects are shown with dot notation.

uuid
string required
A unique identifier you generate for the event to ensure idempotent storage of the event.
client
object optional
Information about the Client using your system, assuming users belong to more than one installation or customer.
client.uuid
string required
A Unique Identifier for this client that you can map back to your internal systems.
client.name
string optional
A human-readable description of the client for easy identification at a glance.
time
string required
The time the Event occurred, provided in ISO8601 format.
action
string required
The Action that occurred.
description
string optional
A human readable description of the action/event.
url
string optional
A URL to link to a change record or additional information for this Action/Event.
actor
object optional
The Actor that made the change, either a user or artificial SYSTEM record.
actor.uuid
string required
A universally unique ID you can use to identify the actor against your own records.
actor.name
string optional
A human-readable name for the Actor for easy identification at a glance.
actor.email
string optional
A human-readable email address for the Actor for easy identification at a glance.
context
object required
Context from the Actor and your service for additional log detail.
context.client
object optional
Properties of the Actor's client/system for audit purposes.
context.client.ipAddress
string optional
IP Address that Actor is connecting from, if applicable.
context.client.browserAgent
string optional
Actor's browser User Agent, if applicable.
context.server
object required
Properties of your software/server that they are interacting with.
context.server.serverId
string required
A server Id for the server the Actor is connected to, if applicable.
context.server.version
string required
The version of your software the Actor is connected to, if applicable.
target
object optional
The Target that the Actor performed the Action against. Send a `TargetUser` if it is a User/Actor instead.
target.type
string required
The Type of the Target being affected.
target.uuid
string required
A universally unique Id for the Target being affected that you can connect back to the record on your systems.
target.label
string optional
A human-readable description of the target being affected, for at a glance information.
target.url
string optional
A URL reference back to the target being affected, if useful.
targetUser
object optional
The Target User that the Actor performed the Action against. Send a `Target` if it is not a User/Actor instead.
targetUser.uuid
string required
A universally unique ID you can use to identify the actor against your own records.
targetUser.name
string optional
A human-readable name for the Actor for easy identification at a glance.
targetUser.email
string optional
A human-readable email address for the Actor for easy identification at a glance.

Example POSTed Event with most optional fields
                        {
                            "uuid": "sample-event-001",
                            "client": {
                                "uuid": "1234567890",
                                "name": "Great Client"
                            },
                            "time": "2018-06-30T16:35:52",
                            "action": "user.invite",
                            "description": "Invited new user, 'QA' role",
                            "url": "http://blah.example.com/95c102ae-5930-413f-b794-8f0934fdb136",
                            "actor": {
                                "uuid": "bd275099-e808-4c1a-bd32-57a589b7cf93",
                                "name": "Roberta Wharton",
                                "email": "rwharton@great-client.test"
                            },
                            "context": {
                                "client": {
                                    "ipAddress": "192.168.105.23",
                                    "browserAgent": "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/536.6 (KHTML, like Gecko) Chrome/20.0.1092.0 Safari/536.6"
                                },
                                "server": {
                                    "serverId": "prod-01-us-appfarm",
                                    "version": "20180325-01"
                                }
                            },
                            "targetUser": {
                                "uuid": "95c102ae-5930-413f-b794-8f0934fdb136",
                                "name": "Salman Randall",
                                "email": "srandall@great-client.test"
                            }
                        }
                    
Example Queried Event: `targetUser` becomes `target`
                        {
                            "id": "e4602584-95f1-4d9d-a4ec-c35a5d392510",
                            "receptionTime": "2018-07-25T01:37:05.86",
                            "uuid": "sample-event-001",
                            "client": {
                                "uuid": "1234567890",
                                "name": "Great Client"
                            },
                            "time": "2018-06-30T16:35:52",
                            "action": "user.invite",
                            "description": "Invited new user, 'QA' role",
                            "url": "http://blah.example.com/95c102ae-5930-413f-b794-8f0934fdb136",
                            "actor": {
                                "uuid": "bd275099-e808-4c1a-bd32-57a589b7cf93",
                                "name": "Roberta Wharton",
                                "email": "rwharton@great-client.test"
                            },
                            "context": {
                                "client": {
                                    "ipAddress": "192.168.105.23",
                                    "browserAgent": "Mozilla/5.0 (Windows NT 6.1; WOW64) AppleWebKit/536.6 (KHTML, like Gecko) Chrome/20.0.1092.0 Safari/536.6"
                                },
                                "server": {
                                    "serverId": "prod-01-us-appfarm",
                                    "version": "20180325-01"
                                }
                            },
                            "target": {
                                "type": "User",
                                "uuid": "95c102ae-5930-413f-b794-8f0934fdb136",
                                "label": "Salman Randall",
                                "url": null
                            }
                        }
                    

Actor

Represents the latest data for an Actor in the system, including GDPR "Forgotten" status.

Properties for child objects are shown with dot notation.

uuid
string optional
A universally unique Id that identifies the user in your system.
name
string optional
A human-readable name for at a glance information.
email
string optional
A human-readable email address for at a glance information.
isForgotten
boolean optional
Indicator that the personally identifiable information on this record has been redacted.

Example Actor
                        {
                            "uuid": "bd275099-e808-4c1a-bd32-57a589b7cf93",
                            "name": "Roberta Wharton",
                            "email": "rwharton@great-client.test",
                            "isForgotten": false
                        }
                    

Client

Properties for child objects are shown with dot notation.

uuid
string required
A Unique Identifier for this client that you can map back to your internal systems.
name
string optional
A human-readable description of the client for easy identification at a glance.

Example Client
                        {
                            "uuid": "1234567890",
                            "name": "Great Client"
                        }
                    

View

A paged set of events for a pre-configured View. The view is configured in the application to serve data to the drop-in component or your own custom component.

Properties for child objects are shown with dot notation.

_id
object optional
A generated "id" that represents this unique response
_id.timestamp
string optional
Timestamp that the results were put together
_id.type
string optional
The type of request
_id.href
string optional
The Href for this specific response
_id.label
string optional
A human-readable label for an end user looking at this dataset
_links
object optional
Links to other pages of data you can navigate to from this set.
entries
array optional
The relevant Event Entries for this View

Example View Response (without Events)
                        {
                            "_id": {
                                "timestamp": "2018-07-14T22:34:06.7933405Z",
                                "type": "GET",
                                "href": "/api/v1/views/{viewId}/1234567890?page=201807",
                                "label": "July 2018"
                            },
                            "_links": {
                                "previous": {
                                    "label": "June 2018",
                                    "type": "GET",
                                    "href": "/api/v1/views/{viewId}/1234567890?page=201806"
                                }
                            },
                            "entries": [ ... ]
                        }