I am using Audit Log APIs to pull Audit Log Events from the enterprise account. Can I use OAuth 2.0 app for authentication?
The access token I received from the token exchange endpoint gives me error code 403 (forbidden) with a message that the access token does not belong to a Service Account. Does it mean the enterprise accounts only support authentication with Personal Access Token created from their Service account?
I don’t see any option to create/use OAuth 2.0 app while creating a Service Account.
I believe you are right, and the error seems quite clear: only service accounts can be used to query audit logs, and you would need to use their PAT indeed. Why use Oauth when you have a PAT available?
2 Likes
Hi @Bastien_Siebman
Thanks for the response. I can surely use PAT for authentication but wanted to support OAuth2.0 as well in my tool
They have mentioned it in their announcement as well and I missed it. The Audit Log API endpoint is accessible to the Enterprise account and is authenticated via Service Account.
Thanks again for the clarification!
1 Like