Skip to main content
GET
/
v1
/
auth
/
orgs
/
audit-logs
List audit-log entries for the active organization. Owner/admin only.
curl --request GET \
  --url http://127.0.0.1:8787/v1/auth/orgs/audit-logs \
  --header 'Authorization: Bearer <token>'
{
  "data": [
    {
      "id": "<string>",
      "event": "<string>",
      "actor": {
        "id": "<string>",
        "name": "<string>",
        "email": "<string>",
        "apiKeyId": "<string>",
        "apiKeyName": "<string>"
      },
      "targetId": "<string>",
      "targetType": "<string>",
      "metadata": {},
      "createdAt": "<string>"
    }
  ],
  "error": null,
  "pagination": {
    "limit": 10,
    "has_more": false,
    "next_cursor": null
  }
}

Authorizations

Authorization
string
header
required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Query Parameters

limit
integer
Required range: 1 <= x <= 100
starting_after
string
event
string

Single event name or comma-separated list of event names to include. Unknown names are ignored; pass none to include every event type.

actor_user_id
string<uuid>

Restrict to entries whose actor is this user.

actor_api_key_id
string<uuid>

Restrict to entries whose actor is this API key. Useful when investigating what a single key did.

actor_type
enum<string>

Restrict to entries whose actor type matches. system covers cron/background work; api_key covers programmatic calls; user covers dashboard sessions.

Available options:
user,
system,
api_key
created_from
string<date-time>

Return entries created at or after this ISO 8601 timestamp.

created_to
string<date-time>

Return entries created at or before this ISO 8601 timestamp.

q
string

Free-text search across event name, target id, and actor name/email.

Required string length: 1 - 200

Response

Paginated list of audit-log entries.

data
object[]
required
error
null
required
pagination
object
required