Skip to Content

Documentation

Risk Cloud API: View User Access Audits

A guide to the API endpoints that allow you to track user login attempts

This article details 3 endpoints for obtaining access logs for All Login Attempts, Successful Logins, and Login Failures. The results from these endpoints are only accessible to access keys belonging to users with the Admin > All module entitlement.

Login Attempts

Retrieve a log of login successes and failures for a Risk Cloud user, using their email.

Parameters

  • email: a valid user email (e.g. [email protected], or for Postman syntax admin%[email protected])
  • size: the size of the paged response
  • page: the number of the page in the response

Result

A paginated response of all login logs ordered from newest to oldest containing the following info:

  • Type: Login or LoginFail
  • Timestamp: time stamp to determine time of Login
  • Message: details on reason for LoginFail, null for Login
  • Remote Address: remote IP of Login user

Logins (Successes)

Retrieve a log of successful login attempts for all users.

Parameters

  • email: a valid user email (e.g. [email protected], or for Postman syntax admin%[email protected])
  • size: the size of the paged response
  • page: the number of the page in the response

Result

A paginated response of all login logs ordered from newest to oldest containing the following info:

  • Type: Login
  • Timestamp: time stamp to determine time of Login
  • Message: null for Login
  • Remote Address: remote IP of login user

Logins (Failures)

Retrieve a log of failed login attempts.

Parameters

  • email: a valid user email (e.g. [email protected], or for Postman syntax admin%[email protected])
  • size: the size of the paged response
  • page: the number of the page in the response

Result

A paginated response of all login logs ordered from newest to oldest containing the following info:

  • Type: LoginFail
  • Timestamp: time stamp to determine time of LoginFail
  • Message: details on reason of LoginFail
  • Remote Address: remote IP of Login user