Is there any way to identify an API call from a script vs other?
I’d like to build a logging interface upon GET/POST/UPDATE/DELETE and if I need the script to do any form of lookup for the logging action, it’ll create an indefinite loop. I’ve considered placing a custom attribute into the payload for those requests, but from a security standpoint, I’d need a way for users to not be able to spoof that to prevent logging.
A couple Ideas to start:
- Add a custom value to the payload array.
- Find a value that is only known internally and changes upon each request so that I can validate it.
- Some referrer or other identifiable variable in the platform or event objects that would indicate the source.
Thank you in advance for your help.