Review tenant security events and API access
Review your workspace's recent security events and API access posture, so you can spot unusual access early and confirm your API keys are in the state you expect.
Purpose
Review your workspace's recent security events and API access posture, so you can notice unusual access, understand what was recorded, and decide whether anything needs your attention.
Who this is for
Workspace owners and admins who want a clear, regular way to review security events and confirm API access is in the state they expect.
Prerequisites
- An owner or workspace admin role, since the security view is admin-only.
- A signed-in workspace session for the tenant you want to review.
- A few minutes set aside regularly, so reviews stay routine rather than reactive.
Steps
- Open Tenant Admin and select the Security section.
- Read the posture summary: whether API access is enabled, and how many keys are active or revoked.
- Review the list of recent security events, noting each one's severity and outcome.
- Open any event that looks unusual and read its plain-language reason and the time it was recorded.
- Check the abnormal events count to see whether anything was flagged for attention.
- If an event points to a member or role, use the Users and Roles sections to confirm access is correct.
Expected result
You can see your workspace's recent security events with their severity and outcome, confirm whether API access is enabled, and tell at a glance whether anything needs follow-up.
Verification
- The Security section lists recent events, or clearly states none were recorded.
- Each event shows a severity, an outcome, and the time it was recorded.
- The API access state and the active and revoked key counts match what you expect for your workspace.
If something goes wrong
- The Security section is empty
- An empty list means no unusual events were recorded; refresh the tenant data to confirm you are seeing the latest view.
- You cannot open the Security section
- Confirm you are signed in with an owner or workspace admin role, since this view is admin-only.
- An event looks unfamiliar or concerning
- Read its reason, then use the Users and Roles sections to confirm memberships and access are correct before deciding on next steps.
Permissions
Reviewing security events and API access posture needs an owner or workspace admin role; the view is read-only and stays within your tenant, separate from platform administration.
Related articles
Support
If an event is unclear or you are unsure how to respond, ask LumenReach support; they can help you interpret your security posture without exposing private setup details or credentials.