Sever API Audit

The API Audit is where you can view all incoming requests that have been made to the API endpoints, even if they were not made by the Evo.NET application. It will log the time and duration, the endpoint the request was made to, the originating external IP address (even if the request was forwarded by an internal proxy), the HTTP request method, the full request message (headers as well as the full request body), any server error captured and the HTTP response status code returned and reason. Additionally, information included in any authentication token the request is carrying may be logged, such and the User's ID (if logged into a company, this will be the User's Agent ID in that company) and e-mail address if included.

NOTE

For sensitive information, such as passwords in login username and password payloads which are sent in plain text (albeit encrypted on the wire with HTTPS), these values will be [Redacted] in the log record.

Currently the API Audit will just return all the log records for the last 24 hours and these can be searched/filtered/grouped using the provided mechanisms. Future versions will make the API Audit retrievable and searchable over an indefinite time range.