Skip to Main Content
Status Awaiting Review
Categories REST API
Created by Guest
Created on Mar 19, 2025

Enhance REST API to Include Access to Audit Logs for Students and HR Entities

We propose an enhancement to the iSAMS REST API to include endpoints for accessing Audit Logs associated with Student and HR records. Currently, while audit logs are visible within the iSAMS interface, the inability to retrieve this data programmatically via the REST API limits automation, integration, and reporting capabilities for administrators and third-party systems.

Why This Matters

Audit logs are critical for:

  1. Compliance & Accountability: Tracking changes to sensitive student and staff data (e.g., personal details, permissions, or HR records) to meet regulatory requirements.

  2. Security Monitoring: Identifying unauthorized or anomalous modifications.

  3. Operational Transparency: Auditing workflows, troubleshooting discrepancies, and maintaining data integrity.

  4. Automation: Enabling real-time alerts or integrations with SIEM (Security Information and Event Management) tools.

Without API access to audit logs, institutions must manually extract this information, which is time-consuming and prone to human error.

Suggested Implementation

  • Add REST API endpoints such as:

    • /audit/students (with filters for student ID, date range, modified fields, etc.)

    • /audit/hr (with filters for staff ID, department, action type, etc.)

  • Ensure each audit log entry includes:

    • Timestamp of change

    • User/role responsible for the action

    • Type of action (created, updated, deleted)

    • Before/after values of modified fields (where applicable)

  • Support query parameters for filtering by date, user, entity ID, or action type.

Benefits to iSAMS Clients

  • Efficiency: Automate audit reporting and monitoring processes.

  • Enhanced Security: Integrate audit data with external security tools for proactive threat detection.

  • Compliance Readiness: Simplify adherence to GDPR, CCPA, or other data protection regulations.

  • Transparency: Provide administrators and auditors with programmatic access to critical change histories.

Closing

Including audit logs in the REST API would significantly elevate the platform’s value for institutions prioritizing data governance, security, and automation. This feature would align iSAMS with modern API standards and empower clients to build robust, compliant ecosystems around your platform.

We appreciate your consideration and would welcome the opportunity to discuss this idea further. Thank you for your ongoing commitment to improving iSAMS!

  • Attach files