Skip to main content
Xoxoday Loyalife maintains detailed authentication and activity logs covering every sign-in event, user action, and integration-triggered operation, making them available for export, review, and compliance audits.
Authentication and activity logs are a core requirement for enterprise security governance. Xoxoday Loyalife records every authentication event and user action within the platform, giving IT and security teams the data they need for compliance reviews, incident investigations, and integration audits. Every login attempt — successful or failed — is timestamped and attributed to a specific user identity. Xoxoday Loyalife captures authentication events across all supported sign-in methods, including SSO providers connected via SAML 2.0 or OAuth 2.0. Organisations using identity providers such as Okta, Azure AD, or Google Workspace can trace authentication activity end to end without gaps in the audit trail. Activity logs go beyond sign-ins. Xoxoday Loyalife records point transactions, reward redemptions, programme rule changes, admin configuration updates, and API calls made by integrated systems. When Loyalife is connected to an HRIS such as Workday, SAP SuccessFactors, or Darwinbox, integration-triggered events — for example, automated point allocations on employee milestones — are captured with full attribution so your security and operations teams can verify exactly what happened and when. These logs are available for export and review, making them directly useful for audit processes aligned with standards such as ISO 27001 and SOC 2 Type II. Security teams can cross-reference Loyalife activity logs with SIEM tooling or export them for periodic compliance reviews without relying on manual record-keeping. For organisations running loyalty notifications through communication platforms like Slack or Microsoft Teams, Xoxoday Loyalife logs the trigger events and delivery metadata associated with those integrations. This gives IT administrators a clear view of how the loyalty programme interacts with other tools across the enterprise stack. Access to authentication and activity logs within Xoxoday Loyalife is governed by role-based permissions. Only authorised administrators can retrieve or export log data, ensuring the audit trail itself is protected from unauthorised access or tampering. Log retention is configurable to meet enterprise compliance requirements, so your security team has access to historical data when an audit window opens. Combined with Xoxoday Loyalife’s broader security posture — encryption at rest and in transit, MFA support, and regular third-party security assessments — the logging infrastructure forms a reliable foundation for enterprise-grade governance. Learn more: Xoxoday Loyalife Help Centre — Security

SSO and Authentication

Learn how Xoxoday Loyalife supports SAML 2.0, OAuth 2.0, and enterprise SSO providers for secure, centralised sign-in.

Compliance Certifications

Explore the compliance standards Xoxoday Loyalife meets, including ISO 27001 and SOC 2 Type II.