Skip to main content

Get Audit logs

GET 
/ext/v1/audit/list

The Audit Log API allows you to programmatically access and retrieve logs of access and activity within your organization. You have the capability to utilize this API to fetch logs within a defined date range. The API delivers paginated responses, each containing up to 100 records per page.

Supported Audit log events

Audit log EventDescription
app_it_owner_assignedAn IT owner was assigned to an application.
connect_errorAn error occurred during a connection attempt.
user_type_changedThe type of a user account was changed.
integration_sync_completedA synchronization process with an integration was completed.
playbook_publishedA playbook was published successfully.
user_identified_from_an_integrationA user was identified through an integration.
app_archivedAn application was archived.
disconnectA disconnection from a service or integration occurred.
invite_userA user was invited to the system.
auth_errorAn authentication error occurred.
user_application_archivedA user's application was archived.
app_finance_owner_assignedA finance owner was assigned to an application.
user_archivedA user account was archived.
transactions_identified_manuallyTransactions were identified manually.
department_created_via_integrationA department was created through an integration.
connect_successA successful connection to a service or integration was made.
user_role_changedThe role of a user was changed.
integration_sync_startedThe synchronization process with an integration started.
vendor_updatedA vendor's information was updated.
user_reset_passwordA user reset their password.
app_requestedAn application was requested.
rule_triggeredA rule was triggered within the system.
user_application_role_changedA user's role within an application was changed.
playbook_created_manuallyA playbook was created manually.
app_note_reminder_addedA reminder note was added to an application.
user_note_addedA note was added to a user's account.
user_designation_changedA user's designation was changed.
user_added_manuallyA user was added to the system manually.
app_note_addedA note was added to an application.
app_department_split_category_changedA department's split category within an application was changed.
payment_method_assigned_to_transactionA payment method was assigned to a transaction.
notification_setting_changedA user's notification settings were changed.
connect_initiatedThe initiation of a connection to a service or integration.
transactions_archivedTransactions were archived.
app_identified_from_integrationAn application was identified through an integration.
app_authorisation_status_changedThe authorization status of an application was changed.
user_status_changedThe status of a user was changed.
user_application_status_changedThe status of a user's application was changed.
department_created_manuallyA department was created manually.
org_integration_deletedAn organization's integration was deleted.
user_soure_addedA user source was added.
user_marked_for_offboardingA user was marked for offboarding.
license_requestedA license for an application or service was requested.
user_marked_for_onboardingA user was marked for onboarding.
app_risk_changedThe risk level of an application was changed.
app_contract_editedAn application's contract was edited.
run_workflowA workflow was executed.
data_update_startedA data update process was initiated.
app_added_manuallyAn application was added to the system manually.
user_department_changedA user's department was changed.
app_license_addedA license was added to an application.
user_reporting_manager_changedA user's reporting manager was changed.
users_added_to_appUsers were added to an application.
user_loginA user login event occurred.
contract_it_owner_assignedAn IT owner was assigned to a contract.
department_archivedA department was archived.
app_contract_addedA contract was added to an application.
reconnect_initiatedThe re-initiation of a connection to a service or integration.
app_owner_assignedAn owner was assigned to an application.
vendor_addedA new vendor was added to the system.
department_owner_updatedThe owner of a department was updated.

Request

Query Parameters

    page string

    The page parameter determines which set of data is returned in a paginated response. It's usually paired with the pageSize parameter to manage the number of records shown per page. By default, the page value is set to 1. To browse through the entire response, begin with page 1 and keep making requests until you receive no results.

    page_size string

    The pageSize parameter specifies how many records are displayed per page in a paginated response. It's commonly used alongside the page parameter to navigate through paginated results. The default value for pageSize is 100.

    start_date string

    The startDate parameter indicates the beginning of the date range for retrieving audit logs. If not provided, it defaults to seven days before the current date. The startDate must be earlier than the endDate and should be sent as a string in ISO-8601 format, such as 2023-12-01T22:00:00.000Z.

    end_date string

    The endDate parameter specifies the end date of the audit log date range you wish to retrieve. If not provided, it defaults to the current date. The endDate value must follow the startDate value and be sent as a string in ISO-8601 format, for example, 2023-03-01T22:00:00.000Z. Note that logs can be retrieved for a maximum range of 7 days. If the specified range exceeds 7 days, the platform automatically adjusts the range and outputs logs from 7 days before the specified endDate.

Responses

Success

Schema

    count number
    end_date string

    items

    object[]

  • Array [

    • _id string
    actor string
    actor_id string
    actor_name string
    actor_role stringnullable
    entity string
    event string
    event_description string
    event_timestamp string
    event_title string
    event_type string

  • ]

    • page number
    page_size number
    start_date string
Loading...