2020-02 New Auditlog and Security Events API
This update provides two related APIs, which can be used to audit activity on a Lightspeed Retail (X-Series) retailer account.
Security Events API
The Security Events API, /api/2.0/security_events, has been added to the 2.0 documentation.
This endpoint returns information in the system about the following events for the current user:
- terms_accepted
- signin
- signout
- change_email
- change_password
- reset_password_confirm
- user_switching_sucess
- user_switching_denied
- new_personal_token
- update_personal_token
- delete_personal_token
- issue_oauth_token
Note: This is a subset of the auditlog entries with type set to security and user_id set to the current user.
Audit Log API (Beta)
The Audit Log Events API, /api/2.0/auditlog_events, has been added to the 2.0-beta documentation.
This endpoint is mainly concerned with capturing more critical changes in the system relating to products, customers, registers and outlets, as well as the security events documented above.
It is by no means an extensive logging of all changes in the system, though many of the events not logged here are logged in other parts of the system.
| Object | Action | Notes |
|---|---|---|
| customer | form create/update/delete | |
| customer | api create/update/delete | |
| customer | csv import | |
| register | form create/update/delete | |
| outlet | form create/update/delete | |
| csv import | init | Tracks CSV import requests and includes data about the import type (customer, product) and the CSV file line count. |
| product* | create/update/delete | All actions on products. |
| security | terms_accepted, signin, signout, change_email, change_password, reset_password_confirm, user_switching_success, user_switching_denied, new_personal_token, update_personal_token, delete_personal_token, issue_oauth_token |
Note: Being beta this is subject to change.