Kaur, How do you know they are using the API?....I assumed that you knew who it was....so, if you have investigation going on....there are a few ways...
One could be your User log....if I remember correctly, that identifies the client used for connection....if they haven't spoofed it, or haven't set it at all, it would show up as unknown client which would be one way to see it you could also setup some sort of 'filter trap'.....an api client doesn't fire active links...so, the only workflow you could use would be filters.....you could try setting up a filter that fires on get for various forms you believe they are querying....this would only work if they were issuing 'getEntry' calls...but not if they were issuing 'getListEntry' calls, because that doesn't trigger each individual record....but a filter on get that checks the client string and logs somewhere if it's not in a pre-prescribed list...user, mid-tier, and such.... You say they are just using it to generate reports?.....what sort of problem are you trying to solve exactly....they are a valid user of your system (they would need to be otherwise they wouldn't be able to log in) and they have valid access to the data (otherwise they wouldn't be able to query it)....are they causing performance issues in your system or something? On Mon, Mar 20, 2017 at 9:22 AM, Kaur <[email protected]> wrote: > Client have been using it for years and we have no idea what credentials > are being used. > Of course, we can't ask that from client and we don't have at > documentation. > > Any way we can identify/find the user id? > > Thanks! > Kaur > > ____________________________________________________________ > ___________________ > UNSUBSCRIBE or access ARSlist Archives at www.arslist.org > "Where the Answers Are, and have been for 20 years" > _______________________________________________________________________________ UNSUBSCRIBE or access ARSlist Archives at www.arslist.org "Where the Answers Are, and have been for 20 years"
