REST API - Logging


I’ve got a REST API set-up with JWT authentication. I would like to add an audit trail of who is making the requests to the API. Perhaps log IP addresses of hosts connecting or better again parse the JWT payload to pull out the name of the owner of the token.

I’m not aware of an internal log in UD that will capture this so wondering if I can build this functionality into the REST API instance I have.



There are some predifined variables in everyendpoint you can check this link

I build a small function that parses the $request object, fetch infos that i want, then insert in a table… ! :slight_smile:
$User being the username !

Hi @micmaher
As @LxLechat said, the $User variable will contain the username for the client.

As for logging: Write-UDLog function should allow you to write whatever you’d like to the log defined with “Enable-UDLogging”

Thanks yes $User works.

$ClaimsPrincipal gives a little more data

$($ClaimsPrincipal | Select-Object -ExpandProperty Claims) testuser 12345 UniversalDashboard nbf: 1581071431 exp: 1612607431 iss: aud: UniversalDashboard

There isn’t a way to see the the tokens an online JWT issuer has issued for you is there?

And from what I have read so fr revoking JWTs can be difficult too.

I’d be interested to see that function LxLechat, wondering if you stripped out the token from the headers before logging it?

Just to be clear i’m parsing the $Request object not the claimsparincipal …
it’s something really basic … i just pass the $request object to a simple function then extract datas that are of interest for me, like that
Just wrap that in a function, then adapat at your will :slight_smile: here is an example of what i’m interested in … (there are more but, this might help you )

$Request.HttpContext.Request.Method #do something with that
$Request.HttpContext.Request.QueryString.Value #do something with that

        If ( $Request.HttpContext.Request.Method -eq "GET" ) {
1 Like