Connecting audit log, login history, and Studio adoption APIs to Celonis Platform

In Admin & Settings you can view your audit log, team login history, and studio adoption statistics. However, these views are limited with standardized user interfaces. To run a more in-depth analysis of this data, connect to the respective APIs and then use a data extractor to feed this information back into the Celonis Platform. This lets you create your own views in Studio.

To connect to the APIs and create an extractor, follow these procedures in order:

Creating an application and granting it API permissions
Test OAuth Credentials
Migrating to OAuth 2.0

Once the data is extracted, you can then create a data model using this data. You are then ready to go to Studio and create a view using the data from the API.

Creating an application and granting it API permissions

To start, create an OAuth client in your team and grant this client API permissions.

Go to Admin & Settings and select "Applications".
Click the Add New Application button and then select "OAuth client" to create your OAuth client.

Screenshot of the Applications screen with the Add New Application menu expanded.

When creating your OAuth client, use the following configurations: * Authentication method: Client secret post * Scopes to select: * audit.log:read (for the Audit Log API) * platform-adoption.tracking-events:read (for the Studio Adoption API) * team.login-history:read (for the Login History API)

Screenshot showing Step 2 of the New OAuth Client screen.

Click Create and then copy the client ID and client secret for later use.
Click Permissions and then edit the Team permissions.

Screenshot showing the Team tile with the Edit link highlighted.

Assign Audit Log API, Login History API, and Studio Adoption APIs permissions to your newly created application as required.

Screenshot showing an example of the selected permissions.

Click Save .
The OAuth client now has the relevant API permissions, but you also need to request an OAuth access token.
Tip

Alternatively, you can create an application key and assign the following permissions: Audit Log API, Login History API, and Studio Adoption APIs.

For more information, see: Registering Application Keys in Celonis Platform.

Test OAuth credentials

The created OAuth credentials can be best tested in Postman or via the command line tool curl (it is installed on most workstations or can be found in the machine learning workbench in Celonis).

Follow the steps outlined here while using the required scope:

Copy

Copied

{
    "access-token": "randomizedAccessToken",
    "scope": "scope1 scope2 scopeN",
    "token_type": "Bearer",
    "expires_in": 899
}

Migrating to OAuth 2.0

If you already have an application or an extractor built that is calling one or all of these APIs and you want to migrate this application to take advantage of OAuth 2.0, see Migrating to OAuth 2.0.