Audited API Gateway events
API Gateway audits all actions that modify its configuration or operational data. This topic lists the API Gateway events that are tracked and recorded as audit entries.
Audit events are generated whenever an action changes the current state of API Gateway data. Examples include updating an API suite name, adding a policy to an endpoint, downloading the credentials of an authorized application, or changing TLS configuration settings.
The table lists all event types that are audited in API Gateway.
| Entity type | Audit transaction | Description |
|---|---|---|
| API Suite | Activate or Deactivate API Suite | Audits when an API Suite is activated or deactivated. |
| API Suite | Create Infor Non-Provisioned API Suite | Audits creation of an Infor Non-Provisioned API Suite. |
| API Suite | Create Non-Infor Suite | Audits creation of a Non-Infor API Suite. |
| API Suite | Delete API Suite | Audits deletion of an API Suite, including Non-Infor, Non-Provisioned, or Third-Party Suites. |
| API Suite | Export Non-Infor Suite | Audits when a Non-Infor Suite is exported. |
| API Suite | Import Non-Infor Suite | Audits when a Non-Infor Suite is imported. |
| API Suite | Register IRN With Namespace | Audits when a namespace is added to an API Suite. |
| API Suite | Update API Suite | Audits when an API Suite is updated, such as when a description or policy is modified. |
| API Suite | Update Suite Tracing | Audits when tracing is enabled for a Suite in Monitoring. |
| API Suite Deployment | Update Deployment Profile | Audits when a deployment profile is added or updated for a Third-Party or Infor Non-Provisioned API Suite. |
| API Suite Proxy Endpoint | Create Non-Infor Endpoint | Audits creation of a proxy endpoint. |
| API Suite Proxy Endpoint | Create, Update, or Delete API Policy | Audits creation, modification, or deletion of an API policy. |
| API Suite Proxy Endpoint | Enable or Disable Endpoint Reindexing | Audits when endpoint reindexing is started or stopped. |
| API Suite Proxy Endpoint | Update Non-Infor Endpoint | Audits updates to the endpoint description, proxy URL, or target authentication settings. |
| API Suite Proxy Endpoint | Create, Delete, or Update Documentation | Audits upload, update, or deletion of endpoint documentation. |
| Authorized Application | Create, Delete, or Update Authorized Application | Audits creation, modification, or deletion of an authorized application. |
| Authorized Application | Download Authorized Application Credentials | Audits when a user downloads a credential file. |
| Authorized Application | Enable or Disable Authorized Application | Audits when a user enables or disables an authorized application. |
| Authorized Application | Lock or Unlock Authorized Application | Audits when a user locks or unlocks an authorized application. |
| Authorized Application | Register IRN with Namespace | Audits when a namespace is added to an authorized application. |
| Authorized Application | Reset Secret Key | Audits when a user resets the secret key. |
| Authorized Application | Reset Secret Key with Smooth Rollover | Audits when a user resets the secret while keeping the previous key valid during rollover. |
| Authorized Application | Revoke Old Secret | Audits when a user revokes the old secret key. |
| Configuration | Create Associations to Namespace | Audits when a user associates configurations with a global package namespace. |
| Configuration | Create Associations to Tag | Audits when a user associates configurations with a local package tag. |
| Configuration | Create or Delete JWK Key Pair | Audits when a user creates or deletes a JWK key pair for ION API Bridge authentication. |
| Configuration | Update Include Target Endpoint Credentials Flag | Audits when a user enables or disables the option to export target security credentials in API Suite exports. |
| Configuration | Update OAuth2 Scopes Flag | Audits when a user enables or disables the OAuth2 scopes option for authorized applications. |
| Configuration | Update TLS Version | Audits when a user changes the minimum TLS version setting. |
| Custom Scopes | Create Custom Scope | Audits when a custom scope is created. |
| Custom Scopes | Create, Update, or Delete Scope Mapping | Audits when custom scopes are associated or updated with scope mappings. |
| Metadata | Reindexing API Metadata | Audits when a user starts an API metadata refresh. |
| Monitoring | Update Detailed Logging | Audits when a user enables detailed logging for a Non-Infor API Suite. |
| Monitoring | Download Detailed Logging | Audits when a user downloads a detailed transaction log. |
| BaaS Service | Export or Redeploy Service | Audits when a BaaS service is exported or redeployed. |
| Authorizations | Authenticate or Revoke Authorization Code | Audits when a user authorizes or revokes API authorizations. |