Observe

API Request Logs

HTTP requests against the Agent Handler API, captured for debugging.

API Request Logs capture the HTTP requests your backend makes against the Agent Handler API itself - POST /registered-users, GET /tool-packs, POST /credentials/export, and so on. Different from Tool Call Logs, which capture what the agent does once it’s connected to the MCP server.

You’ll mostly use these when you’re debugging your own integration code rather than the agent’s behavior.

When to look at API logs vs Tool Call Logs

QuestionLook here
The agent called the wrong tool.Tool Call Logs
The agent’s tool call returned an error.Tool Call Logs
My backend’s request to create a Registered User is failing.API Request Logs
Why did my Link token request return 400?API Request Logs
A webhook subscription update isn’t taking effect.API Request Logs
A tool call was redacted unexpectedly.Tool Call Logs

What’s captured

Per request:

  • Method and path - POST /api/v1/registered-users, GET /api/v1/tool-packs, etc.
  • Status code.
  • Latency - total wall-clock time from receipt to response.
  • Request body - sensitive values (API keys, secrets) redacted.
  • Response body - full, post-redaction.
  • API key prefix - the first few characters of the key used (so you can correlate against your secret store without exposing the full key).
  • Source IP - useful when you have multiple backends sharing one key.
  • Timestamp.

Filtering

The filter bar covers:

  • Method (GET / POST / PATCH / DELETE).
  • Path pattern - glob-style, like /registered-users/*.
  • Status - success only, errors only, or specific codes.
  • API key - narrow to one key (production, or a specific test key).
  • Date range.

A common debugging shape: “all 4xx and 5xx responses on /registered-users/* in the last hour.”

Drilling into a request

Click any row to open the full detail. You see:

  • The full request URL with query parameters.
  • The full request headers (Authorization redacted to its prefix).
  • The full request body.
  • The full response status, headers, and body.
  • The trace ID - useful when you want to file a support ticket; including this lets us find your request in our backend logs in seconds.

Common debugging flows

“My backend is creating Registered Users that aren’t appearing in the dashboard.”

Filter to POST /api/v1/registered-users, look at the response codes. If they’re 200, check whether you’re looking at the right environment in the dashboard (test vs production). If they’re 4xx, the response body says exactly what’s wrong.

“My API calls were working an hour ago and now everything is 401.”

Someone rotated the API key. Filter by API key prefix; if the prefix you’re using doesn’t appear, the key was regenerated. Update your secret store.

“My webhook deliveries stopped.”

Filter to the webhook subscription endpoints. If recent calls show 200 responses but no events are flowing, the issue is on the receiving side, not Agent Handler’s side. The webhook delivery log has more detail on individual delivery attempts.

Retention

90 days on standard plans, longer on Enterprise. Bulk export is available for any filtered view. The logs aren’t webhook-streamed today; for SIEM forwarding, pull via export or the API listing endpoints.

Next

Track admin actions across your organization with the Audit Trail.