Hi Folks,
I’m trying to use the management API to sift through logs to detect user-initiated password resets. I believe the appropriate event code is “scp”.
Request
api/v2/logs?fields=type,user_id,description&q=type:scp
This does not seem to be filtering results for events that are exclusively type “scp”. Any obvious issue with the request format?
Hi @sms,
Welcome tot he Community!
The query below seems to work ok for me. What other log types are you seeing?
https://{{auth0_domain}}/api/v2/logs?fields=type,user_id,description&include_fields=true&q=type:scp
Mark
Hey Mark,
I’m seeing results that include other event types, for example “type”:“w”.
Is it correct that filtering like this can only be applied to the api/v2/logs endpoint and not api/v2/users/{userId}/logs?
I believe that is the case.
I don’t see anything wrong with your query. I can’t explain why you are seeing log types other than scp. Unless one of the Auziros here can explain it, I’d suggest opening a support ticket if you can.