I’m curious as to why the security audit logs are missing entries for trunk credential updates? we use genesys cloud api v2 to rotate sip passwords for our 15 byoc trunks in apac. the api returns 200 ok but the audit trail shows nothing. is this a known issue with the compliance module or did we miss a step in the config? need this for our internal security review.
{
“api_call”: {
“method”: “PUT”,
“endpoint”: “/api/v2/architect/flows/{flowId}”,
“headers”: {
“Authorization”: “Bearer <access_token>”,
“Content-Type”: “application/json”
},
“body”: {
“id”: “”,
“description”: “Updated flow”,
“type”: “routing”,
“version”: “”,
“entryPoints”: […]
}
}
}
This looks like a classic case of expecting Genesys Cloud to behave exactly like our old Zendesk ticketing system, where metadata just magically appeared alongside the interaction record. In Zendesk, updating a ticket field was a single atomic action that immediately triggered an audit event in the admin console. Here, the architecture is different. The `/api/v2/architect/flows` endpoint handles routing logic, not infrastructure credentials. When you rotate SIP passwords for BYOC trunks, you are interacting with the Telephony management layer, specifically `/api/v2/telephony/providers/edges`. The 200 OK confirms the credential update succeeded on the trunk object itself, but because this is a configuration change rather than a flow execution or a user action, it often bypasses the standard "Security Audit" view depending on how your admin role is scoped. You might be looking at the wrong log table.
Try querying the specific Telephony audit logs via the Admin API instead of the general Security Audit. Use `GET /api/v2/admin/auditlogs?resource=telephony` to filter for trunk modifications. In our migration from Zendesk to Genesys Cloud, we found that Zendesk’s unified audit trail doesn’t have a direct one-to-one equivalent in Genesys Cloud’s initial setup. You may need to enable specific audit logging options in the Organization Settings under "Audit Logging" to ensure trunk credential rotations are captured. Also, check if the API token used has the `Telephony:Trunk:Update` permission; sometimes, if the permission is granted via a group that was recently modified, the audit context might be incomplete. This usually resolves the missing entry issue for compliance reviews.