Skip to main content
GET
/
audit-logs
Error
A valid request URL is required to generate request examples
{
  "next_cursor": "<string>",
  "items": [
    {
      "id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
      "admin_id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
      "admin_display_name": "<string>",
      "action": "admin.login",
      "resource_type": "case",
      "resource_id": "<string>",
      "ip_address": "<string>",
      "created_at": "2023-11-07T05:31:56Z"
    }
  ]
}

Authorizations

X-API-Key
string
header
required

Domain-scoped API key. Generate and manage keys from the API Keys page in Settings. Pass via the X-API-Key header.

Query Parameters

action
enum<string>

Action recorded in the audit log

Available options:
admin.login,
admin.deprovisioned,
admin.reactivated,
api_key.created,
api_key.revoked,
case.triage.safe,
case.triage.investigate,
case.triage.monitor,
case.triage.skip,
case.closed,
investigation.created,
investigation.assigned,
investigation.actions_selected,
investigation.note_added,
investigation.note_edited,
investigation.finalized,
enforcement.self_police,
enforcement.watchlist_add,
enforcement.escalate_manager,
enforcement.escalate_hr,
scim.identity.provisioned,
scim.identity.updated,
scim.identity.deleted,
scim.group.provisioned,
scim.group.updated,
scim.group.member_changed,
scim.group.deleted
resource_type
enum<string>

Type of resource the audit action was performed on

Available options:
case,
investigation,
admin,
api_key,
scim_identity,
directory_group
admin_id
string<uuid>
created_after
string<date-time>
created_before
string<date-time>
page_size
integer
default:50
Required range: x <= 200
next_cursor
string

Response

Paginated audit log entries

next_cursor
string | null
items
object[]