Skip to main content
The Logs page shows API request history for the account. This feature is separate from Activity, which tracks account actions such as key changes and webhook changes. Request logs help you:
  • Debug integration issues by tracing which requests returned errors.
  • Monitor API usage to see which endpoints your keys are calling.
  • Audit access patterns by reviewing which API keys are active and when.
  • Investigate incidents using status codes, error codes, and timestamps.

What is captured

FieldTypeDescription
API keystringKey name and key prefix from the joined API key record
MethodstringHTTP method (GET, POST, PUT, DELETE)
EndpointstringFull API path
ParamsstringSanitized query string when URL parameters are present
Status codeintegerHTTP response status code (200, 400, 401, 500, etc.)
Error codestringBabySea error code when the request failed
IP hashstringSHA-256 hash of the client IP address (never raw IP)
User agentstringUsed for request logging, though not shown in the main table
TimestampdatetimeTimestamp recorded for the request

How logging works

When a request uses an API key, BabySea records the request outcome in the API key log:
1

Request arrives

The request reaches a public /v1 route with an API key in the Authorization header.
2

Request processes

The route handler returns a status code and may attach an error code.
3

Log entry is written

BabySea records the endpoint, method, status code, optional error code, optional query string, IP hash, user agent, and timestamp.
4

Dashboard shows request history

When you open Logs, the dashboard shows those rows together with the key name, prefix, and key status fields.

IP privacy

BabySea never stores raw IP addresses. Every IP is hashed with SHA-256 before being stored. This means:
PropertyDetails
Storage formatSHA-256 hex digest
ReversibilityOne-way hash. The original IP cannot be recovered
DisplayThe table shows the first 12 characters followed by
You can use the hashed value to correlate requests from the same source without exposing the actual IP address. For the legal and privacy-policy context behind this handling, see the Privacy policy on the BabySea Terms site.

Access control

Request logs are visible to all roles on the account:
RoleView logsExport logs
Primary OwnerYesYes
OwnerYesYes
MemberYesYes
There are no create, edit, or delete actions for individual rows in the dashboard.

Log immutability

Log entries cannot be edited or manually deleted through the dashboard. They are:
PropertyDetails
ImmutableNo update operations available after creation
Auto-cleanupRemoved by the retention system based on the account plan
Key deletionRemoved if the associated API key is deleted
Reporting keptDashboard reporting remains available after detailed rows expire

Next steps

  • Viewing - Dashboard table, columns, search, and filtering
  • Retention - Plan-based retention periods and automatic cleanup
  • Export - Batch select and export logs as CSV or JSON
  • Best practices - Monitoring, debugging, and security patterns