List Audit Events

Beta
GET/v1/core/audit-events

This endpoint is idempotent. Learn more

Returns a paginated list of audit events for the current account.

Permissions requiredValues:audit_events:read
The role behind your API key or agent must grant every one of these permissions.
cursoroptional string

Opaque cursor token identifying where the page of results starts.

Use the cursor value embedded in a previous response's next_page_url or previous_page_url to fetch the adjacent page. Omit to start from the first page.

limitoptional integer

Maximum number of results to return in a single page.

qoptional string

Free-text search term used to filter results.

Which fields are matched against the term varies by endpoint.

start_dateoptional string (date-time)

Restricts results to audit events on or after this timestamp.

end_dateoptional string (date-time)

Restricts results to audit events on or before this timestamp.

resource_types[]optional arrayenumValues:accountactorentity

Filter by the resource type of the audited entity.

The full set of valid values is available from the List Audit Event Resource Types endpoint.

resource_ids[]optional array

Filter by the audited resource IDs.

actor_ids[]optional array

Filter by the actor identifier.

Matches the event's actor.id: a user ID for user actors or an API key ID for api_key actors.

actor_types[]optional arrayenumValues:userapi_keyagent

Filter by the actor type.

actions[]optional arrayenumValues:createupdatedelete

Filter by the mutation type recorded on the event.

actor_account_ids[]optional array

Filter by the acting account: the account that performed the mutation.

Results are always scoped to events where your account is either the acting account or the target account; this narrows that set to specific acting accounts — for example a specific customer's account that mutated a resource on your account.

target_account_ids[]optional array

Filter by the target account the mutation was performed against (the event's account).

Results are always scoped to events where your account is either the acting account or the target account; this narrows that set to specific target accounts — for example a specific customer's or supplier's account.

include[]optional arrayenumValues:accountactorchanges

Sub-objects to expand in the response. When omitted, sub-objects are returned as null.

objectstringenumValues:list

Resource type identifier.

page_infoobject

Pagination metadata.

next_page_urlstringnullable

Relative URL that fetches the next page of results.

null when the last page has been reached.

previous_page_urlstringnullable

Relative URL that fetches the previous page of results.

null while on the first page.

has_next_pageboolean

Whether more results exist after this page.

has_prev_pageboolean

Whether results exist before this page.

dataarray of audit_event

Resources in this page.

idstring

Audit event ID.

objectstringenumValues:audit_event

Resource type identifier.

actionstringenumValues:createupdatedelete

The type of action this event records.

  • create: the resource was created.
  • update: one or more fields were changed.
  • delete: the resource was deleted.
  • restore: a previously deleted resource was restored.
  • archive: the resource was archived.
  • approve: a human approved a gated action, such as allowing a review-gated agent tool to run.
  • deny: a human denied a gated action, such as rejecting a review-gated agent tool.
resource_typestringenumValues:accountactorentity

Resource type of the audited entity.

resource_idstring

Audited resource ID.

actoractorExpandablenullable

Actor who performed the mutation.

idstring

Unique identifier of the actor.

objectstringenumValues:actor

Resource type identifier.

typestringenumValues:userapi_keyagent

Actor type.

  • user: a human user account.
  • api_key: a programmatic caller authenticating with an API key.
  • agent: an automated agent acting on the account's behalf.
  • group: a shared group identity, such as a "Customer Service" persona, rather than a single individual.
namestringnullable

The actor's display name.

handlestringnullable

Human-readable handle identifying the actor.

  • For user actors: the user's email address.
  • For api_key actors: the redacted key value.

Other actor types carry no handle.

avatar_urlstringnullable

URL of the actor's profile photo, if one is set.

Only populated for user actors.

rolerolenullable

Assigned role.

Always returned as null in this endpoint.
accountaccountExpandablenullable

Account the audited mutation was performed against.

For a mutation on one of your own resources this is your account; when you act on a customer's or supplier's account, it is that account.

idstring

Account ID.

objectstringenumValues:account

Resource type identifier.

namestring

The account's display name.

default_billing_addressaddressnullable

Default billing address.

Always returned as null in this endpoint.
default_shipping_addressaddressnullable

Default shipping address.

Always returned as null in this endpoint.
brandingaccount_brandingnullable

Customer-facing branding for the account, such as the logo, support contacts, and social links.

Always returned as null in this endpoint.
portalaccount_portalnullable

The account's customer portal settings, including the portal URL slug.

Always returned as null in this endpoint.
created_atstring (date-time)

Creation timestamp.

updated_atstring (date-time)

Last updated timestamp.

changeslistExpandablenullable

Field-level changes recorded for this event.

objectstringenumValues:list

Resource type identifier.

page_infoobject

Pagination metadata.

next_page_urlstringnullable

Relative URL that fetches the next page of results.

null when the last page has been reached.

previous_page_urlstringnullable

Relative URL that fetches the previous page of results.

null while on the first page.

has_next_pageboolean

Whether more results exist after this page.

has_prev_pageboolean

Whether results exist before this page.

dataarray of audit_field_change

Resources in this page.

objectstringenumValues:audit_field_change

Resource type identifier.

fieldstring

Name of the changed field.

old_valueobjectnullable

Previous value as a JSON fragment.

null for creation events.

Encoded as a JSON value (object, array, string, number, boolean, or null), not a JSON-encoded string.

new_valueobjectnullable

New value as a JSON fragment.

null for deletion events.

Encoded as a JSON value (object, array, string, number, boolean, or null), not a JSON-encoded string.

metadataobjectExpandablenullable

Arbitrary JSON metadata for the mutation (e.g. reason, source, tags).

Encoded as a JSON value (object, array, string, number, boolean, or null), not a JSON-encoded string.

requestrequest_logExpandablenullable

Log of the API request that caused the mutation.

null when the change did not originate from an API request.

idstring

Request log ID.

objectstringenumValues:request_log

Resource type identifier.

methodstring

HTTP method.

hoststring

Request host.

Usually api.augno.com.

pathstring

The exact path the request was made to, including path parameter values.

normalized_routestring

The route template the request matched, with path parameters left as placeholders.

For example /v1/sales/customers/{id} is the normalized route for the request path /v1/sales/customers/ac_.... Falls back to the raw path when the request did not match a registered route.

query_paramsobjectnullable

Query parameters.

Encoded as a JSON value (object, array, string, number, boolean, or null), not a JSON-encoded string.

status_codeinteger

HTTP response status code (e.g. 200, 404).

latency_usinteger

Request latency in microseconds.

api_versionstringnullable

API version used.

client_ipstringnullable

Client IP address.

user_agentstringnullable

User agent.

referrerstringnullable

Referrer header.

error_codestringnullable

Machine-readable API error code.

Populated only for failed requests.

error_messagestringnullable

Human-readable error message.

Populated only for failed requests.

occurred_atstring (date-time)

When the request occurred.

created_atstring (date-time)

When the log entry was created.

accountaccountnullable

Account targeted by the request: the account the request acted upon.

Results are scoped to logs where your account is either the acting account or the target account. Use the target_account_ids query parameter to filter by which account was acted upon, and actor_account_ids to filter by who acted.

Always returned as null in this endpoint.
actoractornullable

Actor who made the request.

Always returned as null in this endpoint.
idempotency_keystringnullable

User-provided idempotency key.

request_bodyobjectnullable

Request body.

Encoded as a JSON value (object, array, string, number, boolean, or null), not a JSON-encoded string.

response_bodyobjectnullable

Response body.

Encoded as a JSON value (object, array, string, number, boolean, or null), not a JSON-encoded string.

idempotency_keystringnullable

Idempotency key of the originating request.

source_ipstringnullable

Originating client IP address.

occurred_atstring (date-time)

When the audited mutation occurred.

created_atstring (date-time)

When the audit event record was created.

Responses

200

Successful response for List Audit Events