At the moment it can be unclear when users are downloading data from Domo.
For example requests against this API https://{{domo_instance}}.domo.com/api/query/v1/execute/{{dataset_id}} , do not hit the activity log; however, savy users could use this to download datasets to their computer.
I appreciate that this same query might be the query that feeds a Dataset View or a Card in Analyzer; however, when the query does not originate from the Domo UI (and instead python, postman or visual studio code), that may be a time to capture this query request in the Logs.
Similarly, if users are blind guessing at developer_token authentication (x-domo-developer-token) or using expired tokens, it would be ideal if the Activity Log surfaced that an invalid token was being used.
If an object is altered in Domo (an ETL, security settings, a certified card) it would be ideal to know how the user authorized the command - via UI or a which authentication header.
