Almost from the beginning, the Akamai Identity Cloud Console has provided a way to track, and to audit, changes to user profiles. For example, suppose Maria Fuentes – who used to get marketing and promotional materials for people who live in the Portland, OR area – has suddenly started getting marketing and promotional materials for people who live in the Seattle, WA area. By checking Maria’s profile change audit data, you can see that, on May 29th, an agent mistakenly changed her address (city, state, and zip code) to one in the Seattle area:
As this example shows, the ability to monitor audit logs for user profile changes is a very useful tool.
At the same time, however, the Console has evolved to be being more than just a repository for user profiles: the Console is also used for everything from managing properties (API clients) and applications to restoring and promoting flows. It’s definitely useful to know who has made an update to a user profile; however, it’s equally useful to know who has created a new API client, deleted a flow, or assigned a new role to a Console agent.
And now, thanks to the addition of Console Audit Logs, you can do just that. With Audit Logs, you can still monitor changes to your user profiles. However, you can also monitor such things as:
- Creating and deleting API clients
- Updating API client permissions
- Accessing and resetting client secrets
- Updating global settings and API client settings
- Sending password reset and verification emails
- Searching and exporting user profiles
- Inviting, removing, or changing a Console user's access to an application
- Managing flows
In other words, you can now audit pretty much anything that an agent does in the Identity Cloud Console.