Correlation-ID support for Management API is now available!

Correlation-ID support for Management API is now available!

It allows you to inject an identifier in management API calls related to changes to their account. The same identifier is then available in event logs, allowing for an audit trail for such changes.

Audit and traceability is a key requirement for most large scale enterprises, particularly in regulated industries. While we already provided coverage for audit trails for Management API in terms of what had changed as we logged relevant operations (only read operations are not logged today), what we didn’t support was a means for allowing you to identify which client made that change.

Such a feature may not appear as a conventional need for all of you as Management API access is limited to trusted clients. Still, it does become a key feature if we have a situation where our direct customer manages multiple customers on their side (B2B), and they have built their layer on top of our APIs. Under such circumstances, the Correlation ID’s existence in the header of incoming requests, which is then propagated downstream in our event logs, allows for easy mapping of Management API changes to relevant clients.

Try it out!

We’ve added instructions on using Request Correlation to the Management API Explorer.

Details

  • We support up to 64 characters by default as a value for Correlation-ID in public cloud, whereas private cloud customers can go up to 128.
  • While you can include a Correlation-ID in your GET requests, it would not make any difference as currently GET requests (read operations) are not captured in event logs. The same applies to failed API calls, which are generally not included in logs.
1 Like

This is pretty fantastic! I do a lot of scripting against the Management API … this will be very helpful.

2 Likes

Glad we were able to help!

Previous message deleted due to SPAM reasons

When I pull the logs using the ManagementApi (via client.Logs.GetAllAsync ), we get a PagedList of LogEntry objects (from Auth0.ManagementApi.Models namespace). The LogEntry class does not expose the references property, so how do I read this property?