API for Audit Logging
Last modified: April 20, 2026
This feature is in Public Beta. For more information, refer to Release Status.
Introduction
You can use the Audit Logging API to integrate with security information and event management tools.
Authentication
Two types of Authorization headers are supported: Bearer (Client credentials or Mendix SSO) and MXToken (Personal Access Tokens).
- Client Credentials: bearer JWT token obtained for a clientId and secret pair.
Scope required:mx:audit-logging:write
Authorization header example:Authorization: Bearer <token> - Mendix SSO Tokens: bearer token obtained via Mendix SSO login flow.
Scope required:mx:audit-logging:read
Authorization header example:Authorization: Bearer <token> - Personal Access Tokens (PATs): PAT created by you. For details on how to generate a PAT, refer to the Personal Access Tokens section in User Settings.
Scope required:mx:audit-logging:read
Authorization header example:Authorization: MxToken <token>
The following API reference includes information on which scope and token type is required for each endpoint.