Is there an OOTB way to audit API access?

Go to solution
rogerburns
Tera Expert

‎11-16-2022 12:58 PM

Hello -

We have several API accounts using REST calls within our instances.  Our security team asked us to audit what is being done by the API accounts.  They have the ITIL role, which gives them base access to all ITSM tables, and some other tables due to roles embedded into ITIL.  Is there an OOTB way or simple way to identify what tables, and what transactions the API accounts are doing in those tables?  We do not provide them roles to scoped applications with privileged data, but are still interested in what might be happening and how to monitor it, as needed.  Thanks for any suggestions. 

0 Helpfuls
  • 836 Views
1 ACCEPTED SOLUTION

Go to solution
Tony Chatfield1
Kilo Patron

‎11-16-2022 02:31 PM

In the menu there is a module 'REST & SOAP API Analytics'
This would be a good starting point, with Usage by Requester providing account specific details of tables accessed.

View solution in original post

1 REPLY 1

Go to solution
Tony Chatfield1
Kilo Patron

‎11-16-2022 02:31 PM

In the menu there is a module 'REST & SOAP API Analytics'
This would be a good starting point, with Usage by Requester providing account specific details of tables accessed.