2020-02 New Auditlog and Security Events API

This update provides two related APIs, which can be used to audit activity on a Lightspeed Retail (X-Series) retailer account.

Security Events API

The Security Events API, /api/2.0/security_events, has been added to the 2.0 documentation.

This endpoint returns information in the system about the following events for the current user:

  • terms_accepted
  • signin
  • signout
  • change_email
  • change_password
  • reset_password_confirm
  • user_switching_sucess
  • user_switching_denied
  • new_personal_token
  • update_personal_token
  • delete_personal_token
  • issue_oauth_token

Note: This is a subset of the auditlog entries with type set to security and user_id set to the current user.

Audit Log API (Beta)

The Audit Log Events API, /api/2.0/auditlog_events, has been added to the 2.0-beta documentation.

This endpoint is mainly concerned with capturing more critical changes in the system relating to products, customers, registers and outlets, as well as the security events documented above.

It is by no means an extensive logging of all changes in the system, though many of the events not logged here are logged in other parts of the system.

customerform create/update/delete
customerapi create/update/delete
customercsv import
registerform create/update/delete
outletform create/update/delete
csv importinitTracks CSV import requests and includes data about the import type (customer, product) and the CSV file line count.
product*create/update/deleteAll actions on products.
securityterms_accepted, signin, signout, change_email, change_password, reset_password_confirm, user_switching_success, user_switching_denied, new_personal_token, update_personal_token, delete_personal_token, issue_oauth_token

Note: Being beta this is subject to change.