Access Control Auditing

When a user tries to access a page in the Management Portal or an APIClosed A set of functions to allow creation of applications. Keyfactor offers the Keyfactor API, which allows third-party software to integrate with the advanced certificate enrollment and management features of Keyfactor Command. endpointClosed An endpoint is a URL that enables the API to gain access to resources on a server. that they don’t have access to, they will receive an error and a warning will be logged in the audit log.

Figure 379: Management Portal Access Denied Message

The audit log shows the level as Warning and the category as Authorization Failure with a message detailing the user and the requested page.

Figure 380: Audit Log Authorization Failure Messages

Click View to see the details dialog:

  • Username
    The user making the page request.
  • Request Route
    The page the user requested.
  • Request Type
    Either API Endpoint or Portal Page.
  • HTTP Verb
    This appears for both API requests and portal requests. For API requests, this can help to determine which action was denied.
  • User's Roles
    The security role or roles that the user holds (see Security Roles and Identities). A role will not be listed if the user denied access is not a user in Keyfactor Command.

For more information about the audit log details, see Audit Log Details.

Figure 381: Authorization Failure Audit Log Detail