API Monitoring

Each API request is logged. To monitor the API activity, select Develop->API Monitoring.

API requests can be searched either by using the filter box, and/or by time.

Each API request logs the following information:

• Time: The time the request was made.
• Request: API endpoint being contacted and its request parameters.
• Response HTTP Status: HTTP status code returned from the request.
• Time Taken To Reponse: The time it took for the AMM to response in milliseconds.
• User: User who made the request.
• Client: Client where request was made from.

When API requests are made without valid authentications, they are managed differently.

On the API Monitoring page, the following API requests without valid authentications can only be viewed by users with admin privileges:

1. OAuth2 request using “Resource Owner Flow”, valid API client_id & secret, but invalid AMM username or password.
2. OAuth2 request using “Implicit Flow”, valid AMM username & password, but invalid API client_id.
3. OAuth2 request using “Authorization Code Flow”, valid AMM username & password, but invalid API client_id or secret.

The following API requests without valid authentications are not logged in AMM:

1. OAuth2 request using “Resource Owner Flow”, valid AMM username & password, but invalid API client_id or secret.
2. OAuth2 request using “Implicit Flow”, valid API client_id, but invalid AMM username or password.
3. OAuth2 request using “Authorization Code Flow”, valid API client_id, but invalid AMM username or password.
4. API data endpoint requests do not include an access token or include an invalid access token.