To ensure that transaction approvals can only be performed by valid delegating entities (e.g. the e-banking system) the delegating entity must be authenticated by configuring a Request Authentication plugin.
See Authentication of REST requests for more information about request authentication.
The delegating entity (e.g. e-banking system) executes actions in the name of the user. The logs are prefixed with Transaction Approval by 'entity name': , where 'entity name' is the name of the authenticated delegating entity.
Example Log Transaction Approval
2018-11-09 16:29:24,443 INFO [TRC - auth - transaction-approval - SID: 818812557146449435 - RID: 991480948611470148] | 001 UserTrailLogger: uid:jdoe - Transaction Approval by ebankwebsrv1: Successful username check for user 'jdoe'. 2018-11-09 16:37:48,701 INFO [TRC - auth - transaction-approval - SID: 818812557146449435 - RID: 211156898333224989] | 001 UserTrailLogger: uid:jdoe - Transaction Approval by ebankwebsrv1: Sending mTAN OTP for user 'jdoe' to mobile number '+41765403428'