TsgcWSAPIKeyManager › Properties › Audit
Ring-buffer and file-backed audit log of every key-lifecycle action with configurable retention.
property Audit: TsgcAPIKeyAudit read FAudit write SetAudit;—
Records every key-lifecycle action (issued, validated, revoked, rotated, expired, scope granted/revoked, validation failed) to an in-memory ring buffer capped at MaxMemoryEntries. When LogFile is set the same entries are appended to the file so they survive a restart. IncludeIP records the requester's IP on every entry; IncludePayload fills the Details field with additional context such as failure reasons and scope diffs. RetentionDays prunes older entries on the background sweep. OnAuditEvent fires synchronously for every recorded entry, so you can also ship them to a SIEM or message bus.
// Compliance: 12-month retention, log to file, include IP + payload
sgcWSAPIKeyManager1.Audit.Enabled := True;
sgcWSAPIKeyManager1.Audit.LogFile := 'apikeys-audit.log';
sgcWSAPIKeyManager1.Audit.IncludeIP := True;
sgcWSAPIKeyManager1.Audit.IncludePayload := True;
sgcWSAPIKeyManager1.Audit.RetentionDays := 365;
sgcWSAPIKeyManager1.Audit.MaxMemoryEntries := 50000;