We propose an enhancement to the iSAMS REST API to include endpoints for accessing Audit Logs associated with Student and HR records. Currently, while audit logs are visible within the iSAMS interface, the inability to retrieve this data programmatically via the REST API limits automation, integration, and reporting capabilities for administrators and third-party systems.
Audit logs are critical for:
Compliance & Accountability: Tracking changes to sensitive student and staff data (e.g., personal details, permissions, or HR records) to meet regulatory requirements.
Security Monitoring: Identifying unauthorized or anomalous modifications.
Operational Transparency: Auditing workflows, troubleshooting discrepancies, and maintaining data integrity.
Automation: Enabling real-time alerts or integrations with SIEM (Security Information and Event Management) tools.
Without API access to audit logs, institutions must manually extract this information, which is time-consuming and prone to human error.
Add REST API endpoints such as:
/audit/students
(with filters for student ID, date range, modified fields, etc.)
/audit/hr
(with filters for staff ID, department, action type, etc.)
Ensure each audit log entry includes:
Timestamp of change
User/role responsible for the action
Type of action (created, updated, deleted)
Before/after values of modified fields (where applicable)
Support query parameters for filtering by date, user, entity ID, or action type.
Efficiency: Automate audit reporting and monitoring processes.
Enhanced Security: Integrate audit data with external security tools for proactive threat detection.
Compliance Readiness: Simplify adherence to GDPR, CCPA, or other data protection regulations.
Transparency: Provide administrators and auditors with programmatic access to critical change histories.
Including audit logs in the REST API would significantly elevate the platform’s value for institutions prioritizing data governance, security, and automation. This feature would align iSAMS with modern API standards and empower clients to build robust, compliant ecosystems around your platform.
We appreciate your consideration and would welcome the opportunity to discuss this idea further. Thank you for your ongoing commitment to improving iSAMS!