Authenticating Audit Log API with Oauth 2.0 for Enterprise Account

I am using Audit Log APIs to pull Audit Log Events from the enterprise account. Can I use OAuth 2.0 app for authentication?

The access token I received from the token exchange endpoint gives me error code 403 (forbidden) with a message that the access token does not belong to a Service Account. Does it mean the enterprise accounts only support authentication with Personal Access Token created from their Service account?

I don’t see any option to create/use OAuth 2.0 app while creating a Service Account.

I believe you are right, and the error seems quite clear: only service accounts can be used to query audit logs, and you would need to use their PAT indeed. Why use Oauth when you have a PAT available?

2 Likes

Hi @Bastien_Siebman

Thanks for the response. I can surely use PAT for authentication but wanted to support OAuth2.0 as well in my tool

They have mentioned it in their announcement as well and I missed it. The Audit Log API endpoint is accessible to the Enterprise account and is authenticated via Service Account.

Thanks again for the clarification!

1 Like