Appointment Audit Events
Review appointment lifecycle audit events for support, operational dashboards, and booking issue investigation.
Environment tip: All examples use
v3.onsched.comfor production. Replace the host withapi-stage.onsched.comwhen calling the staging environment.
When to Use
- Investigate why an appointment was booked, rejected, rescheduled, cancelled, or deleted.
- Build support tooling that shows a timeline of appointment lifecycle attempts.
- Correlate an appointment event with API logs by request correlation ID.
- Review high-level validation evidence without exposing customer PII.
Authentication
GET /v3/appointment/:id/audit is a private company endpoint. It is not available from public booking routes.
Use either:
- OAuth2 client credentials with read scope for the company.
- A dashboard session token plus company context. Dashboard users must have read access to the appointment's location and service.
The appointment must belong to the authenticated company. If the appointment is not found in that company, the API returns 404.
Endpoint
GET /v3/appointment/:id/auditAudit events are returned newest first and scoped to the appointment ID in the path.
Query Parameters
| Parameter | Description |
|---|---|
eventType | Optional lifecycle event filter. Values include create, hold, reserve, book, reschedule, cancel, delete, and validate_resources. |
outcome | Optional result filter: success or rejected. |
reqId | Optional request correlation ID. Use this to match an API response or log line to audit events. |
from | Optional start date in YYYY-MM-DD format. Filters events created on or after that date in the company timezone. |
to | Optional end date in YYYY-MM-DD format. Filters events created on or before that date in the company timezone. |
limit | Optional page size. Defaults to 20; maximum 100. |
page | Optional page number. Defaults to 1. |
Example Request
curl "https://v3.onsched.com/v3/appointment/<appointment-id>/audit?eventType=reschedule&outcome=rejected&limit=20" \
-H "Authorization: Bearer <token>" \
-H "x-api-key: <company-key>"Response Shape
Successful responses include a total count and a page of audit rows:
{
"success": true,
"count": 1,
"data": [
{
"id": "audit-event-id",
"CompanyId": "company-id",
"AppointmentId": "appointment-id",
"LocationId": "location-id",
"ServiceId": "service-id",
"ResourceIds": ["resource-id"],
"eventType": "reschedule",
"outcome": "rejected",
"reasonCode": "slot_unavailable",
"reqId": "request-correlation-id",
"actorType": "dashboard_user",
"actorId": "user-id",
"slotStart": "2025-03-14T15:00:00.000Z",
"slotEnd": "2025-03-14T15:30:00.000Z",
"timezone": "America/New_York",
"statusBefore": "BK",
"statusAfter": null,
"snapshot": {
"validation": {
"isAvailable": false
}
},
"createdAt": "2025-03-01T18:12:34.000Z",
"updatedAt": "2025-03-01T18:12:34.000Z"
}
]
}Field availability depends on the lifecycle action. For example, a cancellation may include status changes, while a slot validation failure may include resource IDs, slot times, and high-level validation evidence.
PII-Safe Snapshots
Audit snapshot values are designed for support diagnosis, not customer profile review. They can include scheduling configuration, selected resource IDs, slot timing, status changes, and summary validation gates.
Snapshots deliberately avoid customer PII and sensitive request material such as email, phone, customer names, notes, custom fields, request headers, API keys, access tokens, and refresh tokens. Use appointment and customer endpoints for authorized customer data workflows.
Troubleshooting
401 Unauthorized: Confirm the request includes a valid bearer token and company authentication.403 Forbidden: The token is valid, but the caller does not have read access for this appointment's location or service.404 Appointment not found: The appointment ID does not exist in the authenticated company.- No rows returned: Narrow filters may exclude events. Retry without
eventType,outcome, or date filters.
Updated 10 days ago
