Answered

Unable to call Audit log API due to insufficient Permission

  • 9 April 2024
  • 3 replies
  • 50 views

Badge +1

I have created an App and gave myself “auditlogs:read” permission. However, when I’m trying to make a GET API call, I received the following response.

I’m the owner of the project and Team Admin.

 

https://api.miro.com/v2/audit/logs?createdAfter=2024-04-06T05:34:08.000Z&createdBefore=2024-04-07T05:34:08.000Z
{
"code": "insufficientPermissions",
"message": "User is not authorized to read logs",
"status": 403,
"type": "error"
}

Within the company my role is Member. Will I need to request for User Admin or Content Admin to be able to make the Audit log API request?

icon

Best answer by Horea Porutiu 10 April 2024, 08:23

View original

3 replies

Userlevel 3
Badge

Hi @Thyme 

A Company Admin must install the app in order for you to generate an access token which will work to call the audit log endpoint. You can read the full steps needed to access audit logs on our docs.
 

To access audit logs:

  1. Create an application and set it to use the read:audit-logs scope.
  2. Install the application on any team in the organisation.
    Important: The installer must be a Company Admin in this organisation.
  3. Use the access_token you received from the installation to retrieve audit logs via the audit logs endpoint.

❗️

Apps that use audit logs must be installed by the Company Admin.

 
Please let me know if this answers your question. 

Badge +1

Hi @Horea Porutiu,

 

Thank you for your respond.

 

In addition, the app I created was approved by a Company Admin. Within the app permission page, I selected 

auditlogs:read

under "Enterprise plan only".

 

After submitted (Install app and get OAuth token), I received the access token. This access token doesn't allow me to call the audit log API. 

 

Just to confirm, the app MUST be installed by a Company Admin, then generate an access_token from the app (I'm assuming anyone with the access to the app will be able to request the access_token?) and I will be able to call the audit log endpoint? 

 

Thanks

Userlevel 3
Badge

Just to confirm, the app MUST be installed by a Company Admin, then generate an access_token from the app (I'm assuming anyone with the access to the app will be able to request the access_token?) and I will be able to call the audit log endpoint? 

 

Hi @Thyme that is correct. Since you are team owner, that permission is not enough. Someone which is company owner must install the app (and therefore generate the access token themselves). 

Once they generate the access token, that token should be able to call the audit log endpoint successfully. 

Please let me know if you have further questions.  

Reply