Does Loyalife maintain an activity log for Admin UI changes? - Xoxoday

Xoxoday Loyalife automatically records every action performed through the Admin UI — including additions, edits, and deletions — in an immutable audit log that captures the user identity, timestamp, and full details of each change.

Xoxoday Loyalife maintains a comprehensive audit and activity log that captures every action taken through the Admin UI. Whether an administrator creates a new loyalty tier, modifies earning rules, updates a reward catalogue entry, or removes a member segment, each action is logged automatically with no manual intervention required. What each log entry contains Every entry in the audit log records the identity of the user who performed the action, a precise timestamp, and a structured description of what was changed. This covers the full range of Admin UI operations — programme configuration, rule edits, member management, and deletions. The log is immutable; entries cannot be altered or removed after they are written, which preserves the integrity of the audit trail. This makes it straightforward to answer questions like “who modified the points expiry rule on 14 June?” or “which admin removed this member from the VIP tier?” — without raising a support ticket or cross-referencing external tools. Supporting governance and compliance requirements Enterprises operating under frameworks such as ISO 27001 or holding SOC 2 Type II certification require demonstrable controls over who can access and modify system configuration. Xoxoday Loyalife’s activity log directly supports these requirements by providing a time-stamped, user-attributed record of all administrative activity. For organisations running loyalty programmes alongside HR platforms like Workday, SAP SuccessFactors, or Darwinbox, the audit trail also fits into internal change-management processes. When a data integration triggers a bulk member update, the log records the initiating admin account and the scope of changes applied — giving IT and compliance teams a clear, auditable picture of system activity. Accountability across roles and teams Xoxoday Loyalife supports role-based access control across the Admin UI, with different team members holding different permission levels. The activity log respects this structure — each entry is tied to the specific user account that performed the action, regardless of their role. Programme managers can act independently knowing their changes are recorded, while IT administrators and auditors retain full visibility into what was done, when, and by whom. Organisations with multiple regional admins or externally managed programme teams particularly benefit from this transparency, as it removes ambiguity around configuration changes without creating bottlenecks in day-to-day operations. Querying the log Authorised administrators can access and filter the audit log directly within the Admin UI. This avoids dependence on third-party logging tools or manual exports for routine compliance checks. Audit log data is retained in line with Xoxoday Loyalife’s data retention policies, ensuring historical records remain available when needed for internal reviews or external audits. Learn more: [Xoxoday Loyalife Help Centre — General](

Role-based access control in Loyalife

Learn how Xoxoday Loyalife assigns permissions across admin roles to control who can view, edit, and manage programme configuration.

Data security and compliance standards

Understand how Xoxoday Loyalife meets enterprise security requirements, including support for ISO 27001 and SOC 2 Type II compliance frameworks.