Document Audit Logging

content/en/docs/apidocs-mxsdk/apidocs/audit-logs-api.md

@@ -0,0 +1,37 @@
+---
+title: "API for Audit Logging"
+url: /apidocs-mxsdk/apidocs/apis-for-audit-logs/
+type: swagger
+restapi: true
+no_list: false
+description_list: true
+description: "Provides the documentation of Audit Logging API."
+linktitle: "Audit Logs"
+beta: true
+---
+
+{{% alert color="warning" %}}
+This feature is in Public Beta. For more information, refer to [Release Status](/releasenotes/release-status/).
+{{% /alert %}}
+
+## Introduction
+
+You can use the Audit Logging API to manage and download audit logs. This API is particularly useful in scenarios where you want to download audit logs that are over 90 days old, but no more than one year old.
+
+## Authentication
+
+Two types of Authorization headers are supported: `Bearer` (Client credentials or Mendix SSO) and `MXToken` (Personal Access Tokens).
+
+* **Client Credentials**: bearer JWT token obtained for a clientId and secret pair.     
+    Scope required: `mx:audit-logging:write`     
+    Authorization header example: `Authorization: Bearer <token>`
+* **Mendix SSO Tokens**: bearer token obtained via Mendix SSO login flow.     
+    Scope required: `mx:audit-logging:read`     
+    Authorization header example: `Authorization: Bearer <token>`
+* **Personal Access Tokens (PATs)**: PAT created by you. For details on how to generate a PAT, refer to the [Personal Access Tokens](/portal/user-settings/#pat) section in *User Settings*.    
+    Scope required: `mx:audit-logging:read`     
+    Authorization header example: `Authorization: MxToken <token>`
+
+The following API reference includes information on which scope and token type is required for each endpoint.
+
+{{< swaggerui src="/openapi-spec/audit-logging-v1.yaml"  >}}

content/en/docs/control-center/security/audit-logs.md

@@ -0,0 +1,75 @@
+---
+title: "Audit Logs"
+url: /control-center/audit-logs/
+description: "Describes the Audit Logs page in the Mendix Control Center."
+weight: 30
+beta: true
+---
+
+{{% alert color="warning" %}}
+This feature is in Public Beta. For more information, refer to [Release Status](/releasenotes/release-status/).
+{{% /alert %}}
+
+## Introduction
+
+## Audit Logs
+
+The **Audit Logs** tab displays a list of all activities over the past 90 days. It includes the following details:
+
+* **Date** – The date when the activity was logged.
+* **Email** – The email of the user who performed the activity.
+* **Action** – The activity that was performed.
+* **Service** – 
+* **Description** – 
+* **Outcome** – 
+* **Resource Name** –
+* **Resource Type** –
+* **Details** – The following information is displayed and can be downloaded for each audit log item:
+
+    * **Log ID** – The unique identifier of the log.
+    * **Date** – The date when the log was generated.
+    * **Owner ID** –  
+    * **Owner ID Type** – 
+    * **User Email** – The email address of the user who performed the action that generated the log.
+    * **User Name** – The name of the user who performed the action that generated the log.
+    * **User ID** – The unique identifier of the user who performed the action that generated the log.
+    * **IP Address** – The IP address corresponding to the user who performed the action that generated the log.
+    * **Action** – The action that generated the log.
+    * **Description** – 
+    * **Outcome** – 
+    * **Error Message** –
+    * **Old Value** – The state of the entity prior to the change that generated the log.
+    * **New Value** – The state of the entity after the change that generated the log.
+    * **Resource Name** – The name of the resource that was changed.
+    * **Resource Type** – The type of resource that was changed.   
+
+You can use the **Filters** option to only display the audit logs that meet the criteria you are interested in, or you can use the search field to search for a specific log.
+
+### Exporting Audit Logs
+
+You can export audit logs in a CSV format. This is available for logs that are no older than 90 days old.     
+You can choose between these options:
+
+* Export all logs. To do that, click **Export All**.
+* Export a selection of logs. To do that, select the log items you are interested in, then click **Export Selection**.
+* Export logs from a specific timeframe. To do that, click **Export from Selected Date Range**, then select the start and end dates and times.
+* Export filtered logs. To do that, filter by the criteria you are interested in, then click **Export All**. 
+* Export from archive.
+
+Once the logs are ready for export, a download link is displayed on the [Downloads](#downloads) tab.
+
+## Downloads {#downloads}
+
+When you export audit logs, a download link is displayed on this tab once the export CSV is ready for download.    
+These are details available on the this tab:
+
+* **Submitted on** – 
+* **Requester** – The user who requested the export.
+* **Expires in** – The number of days that the exported CSV is available for download.
+* **Status** – The status of the CSV generation. Once the CSV export is fully generated, the status becomes **Completed**.
+* **Time Frame of Export** – 
+* **Download** – This link is displayed if the export CSV is ready for download.
+
+## Retrieving Audit Logs via API
+
+You can use the [Audit Logging API](/apidocs-mxsdk/apidocs/apis-for-audit-logs/) to manage and download audit logs. This API is particularly useful in scenarios where you want to download audit logs that are over 90 days old, but no more than one year old.

content/en/docs/control-center/security/private-connectivity/_index.md

@@ -3,7 +3,7 @@ title: "Private Connectivity"
 linktitle: "Private Connectivity"
 url: /control-center/private-connectivity/
 description: "Describes the Private Connectivity section in the Mendix Control Center."
-weight: 30
+weight: 40
 beta: true
 ---
 

content/en/docs/control-center/security/set-up-sso-byoidp.md

@@ -1,7 +1,7 @@
 ---
 title: "Setting Up an SSO (BYOIDP)"
 url: /control-center/security/set-up-sso-byoidp/
-weight: 40
+weight: 50
 description: "Describes how you can use your company IdP to authenticate to Mendix."
 aliases:
     - /developerportal/control-center/set-up-sso-byoidp/