Risk Cloud API: View User Access Audits
Updated on: January 17, 2022
This article details 3 endpoints for obtaining access logs for All Login Attempts, Successful Logins, and Login Failures. The results from these endpoints are only accessible to access keys belonging to users with the Admin > All module entitlement.
Login Attempts
Retrieve a log of login successes and failures for a Risk Cloud user, using their email.
Parameters
- email: a valid user email (e.g. [email protected], or for Postman syntax admin%[email protected])
- size: the size of the paged response
- page: the number of the page in the response
Result
A paginated response of all login logs ordered from newest to oldest containing the following info:
- Type: Login or LoginFail
- Timestamp: time stamp to determine time of Login
- Message: details on reason for LoginFail, null for Login
- Remote Address: remote IP of Login user
Logins (Successes)
Retrieve a log of successful login attempts for all users.
Parameters
- email: a valid user email (e.g. [email protected], or for Postman syntax admin%[email protected])
- size: the size of the paged response
- page: the number of the page in the response
Result
A paginated response of all login logs ordered from newest to oldest containing the following info:
- Type: Login
- Timestamp: time stamp to determine time of Login
- Message: null for Login
- Remote Address: remote IP of login user
Logins (Failures)
Retrieve a log of failed login attempts.
Parameters
- email: a valid user email (e.g. [email protected], or for Postman syntax admin%[email protected])
- size: the size of the paged response
- page: the number of the page in the response
Result
A paginated response of all login logs ordered from newest to oldest containing the following info:
- Type: LoginFail
- Timestamp: time stamp to determine time of LoginFail
- Message: details on reason of LoginFail
- Remote Address: remote IP of Login user