Get audit events

get/v1/organizations/{organizationId}/audit-events

Page View

Audit endpoints allow you to review audit event metadata, including relevant timestamps and statuses, or the actual payload.

Currently, you can retrieve a list of audit events.

Get audit events

Retrieve audit events with their related metadata and payloads based on the criteria you specify with query parameters. Typically, you can use this if you're monitoring user activity within your organization and want to get an idea of what happened and when.

Only Redox organization owners or admins can use this endpoint.

Request parameters

cURL request example

bash

1
curl 'https://api.redoxengine.com/platform/v1/organizations/{organizationId}/audit-events' \
2
--request GET \
3
--header 'Authorization: Bearer $API_TOKEN' \
4
--header 'accept: application/json'

Path Parameters

organizationId
required, string
Identifies the Redox organization that you're operating in.

Query Parameters

userId
number
Filter all audit events to a specific user based on the Redox user id.
startDateTime
string
Contains the date-time in ISO 8601 format to define the beginning of the date range for the audit events you want to review.
stopDateTime
string
Contains the date-time in ISO 8601 format to define the end of the date range for the audit events you want to review.
status
string
Specifies that you want to search for audit events with the indicated status.
actionType
array
Specifies the type of audit event to search for.
_page
number
Identifies a specific page of results to return. This value typically comes from a previous response's page object.
_count
number
Defines the number of results to return per page. The maximum value per page is 50.

Response fields and example

Example payload generated from schema

1
{
2
  "meta": {
3
    "version": "1.0.0",
4
    "page": {
5
      "currentPage": 1,
6
      "pageType": "offset",
7
      "pageSize": 50,
8
      "links": {
9
        "self": "/organizations/12345/logs",
10
        "next": "/organizations/12345/logs?_page=2&_count=50",
11
        "first": "/organizations/12345/logs?_page=1&_count=50"
12
      }
13
    }
14
  },
15
  "payload": {
16
    "results": [
17
      {
18
        "id": "ec126522-7d0f-4c5d-a65c-9ff2c0156d8a",
19
        "organizationId": 122,
20
        "userId": 3363,
21
        "requestIp": "8.8.8.8",
22
        "route": "/organization/122",
23
        "createdAt": "2023-09-29T15:19:34.815+00:00",
24
        "type": "user-invited",
25
        "status": "successful",
26
        "details": {
27
          "method": "fetched",
28
          "invitor": 3363,
29
          "inviteeEmail": "an.email@email.com"
30
        }
31
      }
32
    ]
33
  }
34
}

Contains the payload and metadata returned for Get Audit Events.

meta
object
Contains the metadata information for the returned results, including version and pagination information.
- version
  string
  Lists the major and minor version number for the format of the returned payload. The payload format or shape may change between minor versions, like including additional or extended fields in later versions. We include the version data in each response so that you have the option to handle the signaled differences.
- page
  object
  Contains the pagination data for the returned results.
  currentPage
  integer
  Displays the current page number of returned results you're viewing.
  pageType
  string
  Displays the type of pagination supported for the returned results. Currently, we only support the offset type, which determines the page number by taking the page size and offsetting the number of records from the start.
  pageSize
  integer
  Displays the number of results included in each page.
  links
  object
  Contains the related pagination links for the returned results.
  self
  string
  Links to the current page of results.
  next
  string
  Links to the next page of results.
  first
  string
  Links to the first page of results.
payload
object
- results
  Array of object
  id
  string
  Displays the unique identifier of the audit event.
  organizationId
  number
  Identifies the specific Redox organization where the audit event occurred. This field matches the organization ID specified in the request.
  userId
  number
  Displays the unique identifier of the user that performed the audit event.
  requestIp
  string
  Specifies the IP of the client that performed the audit event.
  route
  string
  The original request route that resulted in this auditable event.
  createdAt
  string
  Displays the date-time in ISO 8601 format for when the audit event occurred.
  type
  string
  Indicates the type of audit event that occurred.
  Possible Values: auth-credential-operation, auth-credential-viewed, configuration-modifier-link-operation, configuration-modifier-link-viewed, configuration-modifier-operation, configuration-modifier-viewed, configurations-operation, customer-alert-link-operation, customer-alert-link-viewed, customer-alert-operation, customer-alert-viewed, endpoint-operation, legacy-api-key-operation, log-inspected, log-payload-viewed, log-search, oauth2-api-key-operation, organization-loaded, translation-set-link-operation, translation-set-link-viewed, translation-set-operation, translation-set-viewed, user-env-role-changed, user-env-role-removed, user-invited, user-joined, user-org-role-changed, user-removed, value-set-operation, value-set-viewed
  status
  string
  Defines the current status of the audit event.
  Possible Values: attempted, successful, unauthorized, unauthenticated, failed
  details
  object
  Contains any extra details about the audit event. Different audit types may include a different set of details.

FHIR® is a registered trademark of Health Level Seven International (HL7) and is used with the permission of HL7. Use of this trademark does not constitute an endorsement of products/services by HL7®.