Appointment Audit Events

Review appointment lifecycle audit events for support, operational dashboards, and booking issue investigation.

Environment tip: All examples use v3.onsched.com for production. Replace the host with api-stage.onsched.com when calling the staging environment.

When to Use

  • Investigate why an appointment was booked, rejected, rescheduled, cancelled, or deleted.
  • Build support tooling that shows a timeline of appointment lifecycle attempts.
  • Correlate an appointment event with API logs by request correlation ID.
  • Review high-level validation evidence without exposing customer PII.

Authentication

GET /v3/appointment/:id/audit is a private company endpoint. It is not available from public booking routes.

Use either:

  • OAuth2 client credentials with read scope for the company.
  • A dashboard session token plus company context. Dashboard users must have read access to the appointment's location and service.

The appointment must belong to the authenticated company. If the appointment is not found in that company, the API returns 404.

Endpoint

GET /v3/appointment/:id/audit

Audit events are returned newest first and scoped to the appointment ID in the path.

Query Parameters

ParameterDescription
eventTypeOptional lifecycle event filter. Values include create, hold, reserve, book, reschedule, cancel, delete, and validate_resources.
outcomeOptional result filter: success or rejected.
reqIdOptional request correlation ID. Use this to match an API response or log line to audit events.
fromOptional start date in YYYY-MM-DD format. Filters events created on or after that date in the company timezone.
toOptional end date in YYYY-MM-DD format. Filters events created on or before that date in the company timezone.
limitOptional page size. Defaults to 20; maximum 100.
pageOptional page number. Defaults to 1.

Example Request

curl "https://v3.onsched.com/v3/appointment/<appointment-id>/audit?eventType=reschedule&outcome=rejected&limit=20" \
  -H "Authorization: Bearer <token>" \
  -H "x-api-key: <company-key>"

Response Shape

Successful responses include a total count and a page of audit rows:

{
  "success": true,
  "count": 1,
  "data": [
    {
      "id": "audit-event-id",
      "CompanyId": "company-id",
      "AppointmentId": "appointment-id",
      "LocationId": "location-id",
      "ServiceId": "service-id",
      "ResourceIds": ["resource-id"],
      "eventType": "reschedule",
      "outcome": "rejected",
      "reasonCode": "slot_unavailable",
      "reqId": "request-correlation-id",
      "actorType": "dashboard_user",
      "actorId": "user-id",
      "slotStart": "2025-03-14T15:00:00.000Z",
      "slotEnd": "2025-03-14T15:30:00.000Z",
      "timezone": "America/New_York",
      "statusBefore": "BK",
      "statusAfter": null,
      "snapshot": {
        "validation": {
          "isAvailable": false
        }
      },
      "createdAt": "2025-03-01T18:12:34.000Z",
      "updatedAt": "2025-03-01T18:12:34.000Z"
    }
  ]
}

Field availability depends on the lifecycle action. For example, a cancellation may include status changes, while a slot validation failure may include resource IDs, slot times, and high-level validation evidence.

PII-Safe Snapshots

Audit snapshot values are designed for support diagnosis, not customer profile review. They can include scheduling configuration, selected resource IDs, slot timing, status changes, and summary validation gates.

Snapshots deliberately avoid customer PII and sensitive request material such as email, phone, customer names, notes, custom fields, request headers, API keys, access tokens, and refresh tokens. Use appointment and customer endpoints for authorized customer data workflows.

Troubleshooting

  • 401 Unauthorized: Confirm the request includes a valid bearer token and company authentication.
  • 403 Forbidden: The token is valid, but the caller does not have read access for this appointment's location or service.
  • 404 Appointment not found: The appointment ID does not exist in the authenticated company.
  • No rows returned: Narrow filters may exclude events. Retry without eventType, outcome, or date filters.

Did this page help you?