Access logs will tell you who accessed what information within Identity Panel.
You can access Identity Panel access logs when access logging is enabled.
- HTTP Method, Path, and Query
- Active Security roles,
- User identifier (objectSid for on-prem, Azure Guid for the Azure Marketplace Edition)
The access log activation is an advanced option, and therefore, it can only be enabled for on premise by setting the Auth:AccessLogDays parameter in config.json.
The Azure Marketplace Edition makes 30 days of log data available via the API.
Access log entries may be queried from the /accesslog endpoint of the REST API.
All API requests must have either a CSRF token (typical in the web browser), or an APIKey header (typical in Panel service).
The API supports limit, skip, and sort parameters as well as filtering and file disposition. For example, to download all entries after a given timestamp as sample.json:
GET /accesslog?filter=TimeStamp gt 2017-07-28T05:00:00Z&limit=0&file=sample&mediaType=json
With appropriate access credentials and an API key header:
X-Api-Key: <api key from tools installation>