Activity History
Persistent audit log of every admin and API-token action with actor identity, structured diffs, and AI prompt capture.
Every create, update, delete, and toggle performed through the admin UI or via an API token is recorded in the Activity History log. Each entry captures who did it (session user or API token name), what changed (structured old → new diff), the affected object, IP address, and a timestamp. The log is browsable and filterable by action type, object type, object ID, actor, and date range.
Covered actions
Webhooks (create, update, delete, toggle), API tokens (create, delete, rotate), settings, delivery logs (bulk delete), queue jobs (execute, retry), trigger schemas (save), chains and chain links (create, update, delete), cron token regeneration, and — with the Pro plugin — snippet CRUD and per-trigger snippet assignments.
AI prompt and reasoning capture
When an AI agent (Claude Code, Cursor, or any programmatic client) performs an action via an API token, it can annotate the request with `X-FSWA-Prompt` and `X-FSWA-Reason` headers. These are stored in the activity log context as `_prompt` and `_reason` and surfaced in the Activity view as a highlighted card above the change diff — making it easy to trace exactly which instruction caused a change.
REST access
Activity entries are accessible via `GET /wp-json/fswa/v1/activity` (requires `read` scope) with filters for `action`, `action_prefix`, `user_id`, `object_type`, `object_id`, `date_from`, and `date_to`. Bulk delete via `DELETE /wp-json/fswa/v1/activity?older_than_days=N` requires `full` scope.