Skip to main content
GET
/
api
/
v1
/
organization
/
audit-logs
cURL
curl --request GET \
  --url https://us.infisical.com/api/v1/organization/audit-logs
{
  "auditLogs": [
    {
      "id": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
      "createdAt": "2023-11-07T05:31:56Z",
      "updatedAt": "2023-11-07T05:31:56Z",
      "event": {
        "type": "<string>",
        "metadata": "<unknown>"
      },
      "actor": {
        "type": "<string>",
        "metadata": "<unknown>"
      },
      "ipAddress": "<string>",
      "userAgent": "<string>",
      "userAgentType": "<string>",
      "expiresAt": "2023-11-07T05:31:56Z",
      "orgId": "3c90c3cc-0d44-4b50-8888-8dd25736052a",
      "projectId": "<string>",
      "projectName": "<string>"
    }
  ]
}

Query Parameters

projectId
string

Optionally filter logs by project ID. If not provided, logs from the entire organization will be returned.

environment
string

The environment to filter logs by. If not provided, logs from all environments will be returned. Note that the projectId parameter must also be provided.

actorType
enum<string>
Available options:
platform,
kmipClient,
user,
service,
identity,
scimClient,
acmeProfile,
acmeAccount,
estAccount,
unknownUser
secretPath
string

The path of the secret to query audit logs for. Note that the projectId parameter must also be provided.

secretKey
string

The key of the secret to query audit logs for. Note that the projectId parameter must also be provided.

eventType
Available options:
get-secrets,
get-secret,
reveal-secret,
create-secret,
create-secrets,
update-secret,
update-secrets,
move-secrets,
delete-secret,
delete-secrets,
redact-secret-version-value,
get-project-key,
authorize-integration,
update-integration-auth,
unauthorize-integration,
create-integration,
delete-integration,
manual-sync-integration,
add-trusted-ip,
update-trusted-ip,
delete-trusted-ip,
create-service-token,
delete-service-token,
create-sub-organization,
update-sub-organization,
delete-sub-organization,
join-sub-organization,
create-identity,
update-identity,
delete-identity,
create-identity-org-membership,
update-identity-org-membership,
delete-identity-org-membership,
create-identity-project-membership,
update-identity-project-membership,
delete-identity-project-membership,
machine-identity-auth-template-create,
machine-identity-auth-template-update,
machine-identity-auth-template-delete,
login-identity-universal-auth,
add-identity-universal-auth,
update-identity-universal-auth,
get-identity-universal-auth,
revoke-identity-universal-auth,
create-token-identity-token-auth,
update-token-identity-token-auth,
get-tokens-identity-token-auth,
get-token-identity-token-auth,
add-identity-token-auth,
update-identity-token-auth,
get-identity-token-auth,
revoke-identity-token-auth,
login-identity-kubernetes-auth,
add-identity-kubernetes-auth,
update-identity-kubernetes-auth,
get-identity-kubernetes-auth,
revoke-identity-kubernetes-auth,
login-identity-oidc-auth,
add-identity-oidc-auth,
update-identity-oidc-auth,
get-identity-oidc-auth,
revoke-identity-oidc-auth,
login-identity-jwt-auth,
add-identity-jwt-auth,
update-identity-jwt-auth,
get-identity-jwt-auth,
revoke-identity-jwt-auth,
login-identity-spiffe-auth,
add-identity-spiffe-auth,
update-identity-spiffe-auth,
get-identity-spiffe-auth,
revoke-identity-spiffe-auth,
refresh-identity-spiffe-auth-bundle,
create-identity-universal-auth-client-secret,
revoke-identity-universal-auth-client-secret,
clear-identity-universal-auth-lockouts,
clear-identity-ldap-auth-lockouts,
get-identity-universal-auth-client-secret,
get-identity-universal-auth-client-secret-by-id,
login-identity-gcp-auth,
add-identity-gcp-auth,
update-identity-gcp-auth,
revoke-identity-gcp-auth,
get-identity-gcp-auth,
login-identity-alicloud-auth,
add-identity-alicloud-auth,
update-identity-alicloud-auth,
revoke-identity-alicloud-auth,
get-identity-alicloud-auth,
login-identity-tls-cert-auth,
add-identity-tls-cert-auth,
update-identity-tls-cert-auth,
revoke-identity-tls-cert-auth,
get-identity-tls-cert-auth,
login-identity-aws-auth,
add-identity-aws-auth,
update-identity-aws-auth,
revoke-identity-aws-auth,
get-identity-aws-auth,
login-identity-oci-auth,
add-identity-oci-auth,
update-identity-oci-auth,
revoke-identity-oci-auth,
get-identity-oci-auth,
login-identity-azure-auth,
add-identity-azure-auth,
update-identity-azure-auth,
get-identity-azure-auth,
revoke-identity-azure-auth,
login-identity-ldap-auth,
add-identity-ldap-auth,
update-identity-ldap-auth,
get-identity-ldap-auth,
revoke-identity-ldap-auth,
create-environment,
update-environment,
delete-environment,
get-environment,
add-project-member,
add-project-members,
remove-project-member,
create-folder,
update-folder,
delete-folder,
create-webhook,
update-webhook-status,
delete-webhook,
webhook-triggered,
get-secret-imports,
get-secret-import,
create-secret-import,
update-secret-import,
delete-secret-import,
update-user-project-role,
update-user-project-denied-permissions,
secret-approval-merged,
secret-approval-request,
secret-approval-closed,
secret-approval-reopened,
secret-approval-request-review,
sign-ssh-key,
issue-ssh-creds,
create-ssh-certificate-authority,
get-ssh-certificate-authority,
update-ssh-certificate-authority,
delete-ssh-certificate-authority,
get-ssh-certificate-authority-certificate-templates,
create-ssh-certificate-template,
update-ssh-certificate-template,
delete-ssh-certificate-template,
get-ssh-certificate-template,
get-azure-ad-templates,
get-ssh-host,
create-ssh-host,
update-ssh-host,
delete-ssh-host,
issue-ssh-host-user-cert,
issue-ssh-host-host-cert,
get-ssh-host-group,
create-ssh-host-group,
update-ssh-host-group,
delete-ssh-host-group,
get-ssh-host-group-hosts,
add-host-to-ssh-host-group,
remove-host-from-ssh-host-group,
create-certificate-authority,
get-certificate-authority,
get-certificate-authorities,
update-certificate-authority,
delete-certificate-authority,
renew-certificate-authority,
get-certificate-authority-csr,
get-certificate-authority-certs,
get-certificate-authority-cert,
sign-intermediate,
import-certificate-authority-cert,
get-certificate-authority-crls,
generate-ca-certificate,
install-ca-cert-venafi,
create-ca-signing-config,
get-ca-signing-config,
update-ca-signing-config,
get-ca-auto-renewal-config,
update-ca-auto-renewal-config,
issue-cert,
import-cert,
sign-cert,
get-ca-certificate-templates,
get-cert,
delete-cert,
revoke-cert,
get-cert-body,
get-cert-private-key,
get-cert-bundle,
export-cert-pkcs12,
create-pki-alert,
get-pki-alert,
update-pki-alert,
delete-pki-alert,
create-pki-collection,
get-pki-collection,
update-pki-collection,
delete-pki-collection,
get-pki-collection-items,
add-pki-collection-item,
delete-pki-collection-item,
create-pki-subscriber,
update-pki-subscriber,
delete-pki-subscriber,
get-pki-subscriber,
issue-pki-subscriber-cert,
sign-pki-subscriber-cert,
automated-renew-subscriber-cert,
automated-renew-certificate,
automated-renew-certificate-failed,
list-pki-subscriber-certs,
get-subscriber-active-cert-bundle,
create-kms,
update-kms,
delete-kms,
get-kms,
update-project-kms,
get-project-kms-backup,
load-project-kms-backup,
org-admin-accessed-project,
org-admin-bypassed-sso,
user-login,
select-organization,
select-sub-organization,
create-certificate-policy,
update-certificate-policy,
delete-certificate-policy,
get-certificate-policy,
list-certificate-policies,
create-certificate-template-est-config,
update-certificate-template-est-config,
get-certificate-template-est-config,
create-certificate-profile,
update-certificate-profile,
delete-certificate-profile,
get-certificate-profile,
list-certificate-profiles,
issue-certificate-from-profile,
sign-certificate-from-profile,
order-certificate-from-profile,
renew-certificate,
get-certificate-profile-latest-active-bundle,
update-certificate-renewal-config,
update-certificate-metadata,
update-certificate-cleanup-config,
certificate-cleanup-completed,
disable-certificate-renewal-config,
create-certificate-request,
get-certificate-request,
get-certificate-from-request,
list-certificate-requests,
attempt-create-slack-integration,
attempt-reinstall-slack-integration,
get-project-slack-config,
update-project-slack-config,
get-slack-integration,
update-slack-integration,
delete-slack-integration,
get-project-workflow-integration-config,
update-project-workflow-integration-config,
get-project-ssh-config,
update-project-ssh-config,
integration-synced,
create-cmek,
update-cmek,
delete-cmek,
get-cmeks,
get-cmek,
cmek-encrypt,
cmek-decrypt,
cmek-sign,
cmek-verify,
cmek-list-signing-algorithms,
cmek-get-public-key,
cmek-get-private-key,
update-external-group-org-role-mapping,
get-external-group-org-role-mapping,
get-project-templates,
get-project-template,
create-project-template,
update-project-template,
delete-project-template,
get-app-connections,
get-available-app-connections-details,
get-app-connection,
create-app-connection,
update-app-connection,
delete-app-connection,
get-app-connection-usage,
migrate-app-connection,
rotate-app-connection-credentials,
create-shared-secret,
create-secret-request,
delete-shared-secret,
read-shared-secret,
get-secret-syncs,
get-secret-sync,
create-secret-sync,
update-secret-sync,
delete-secret-sync,
secret-sync-sync-secrets,
secret-sync-import-secrets,
secret-sync-remove-secrets,
get-pki-syncs,
get-pki-sync,
get-pki-sync-certificates,
create-pki-sync,
update-pki-sync,
delete-pki-sync,
pki-sync-sync-certificates,
pki-sync-import-certificates,
pki-sync-remove-certificates,
pki-sync-set-default-certificate,
pki-sync-clear-default-certificate,
oidc-group-membership-mapping-assign-user,
oidc-group-membership-mapping-remove-user,
create-kmip-client,
update-kmip-client,
delete-kmip-client,
get-kmip-client,
get-kmip-clients,
create-kmip-client-certificate,
setup-kmip,
get-kmip,
register-kmip-server,
kmip-operation-create,
kmip-operation-get,
kmip-operation-destroy,
kmip-operation-get-attributes,
kmip-operation-activate,
kmip-operation-revoke,
kmip-operation-locate,
kmip-operation-register,
get-secret-rotations,
get-secret-rotation,
get-secret-rotation-generated-credentials,
create-secret-rotation,
update-secret-rotation,
delete-secret-rotation,
secret-rotation-rotate-secrets,
reconcile-secret-rotation,
project-access-request,
microsoft-teams-workflow-integration-create,
microsoft-teams-workflow-integration-delete,
microsoft-teams-workflow-integration-update,
microsoft-teams-workflow-integration-check-installation-status,
microsoft-teams-workflow-integration-get-teams,
microsoft-teams-workflow-integration-get,
microsoft-teams-workflow-integration-list,
project-assume-privileges-session-start,
project-assume-privileges-session-end,
get-project-pit-commits,
get-project-pit-commit-changes,
get-project-pit-commit-count,
pit-rollback-commit,
pit-revert-commit,
pit-get-folder-state,
pit-compare-folder-states,
pit-process-new-commit-raw,
secret-scanning-data-source-list,
secret-scanning-data-source-create,
secret-scanning-data-source-update,
secret-scanning-data-source-delete,
secret-scanning-data-source-get,
secret-scanning-data-source-trigger-scan,
secret-scanning-data-source-scan,
secret-scanning-resource-list,
secret-scanning-scan-list,
secret-scanning-finding-list,
secret-scanning-finding-update,
secret-scanning-config-get,
secret-scanning-config-update,
update-org,
create-project,
update-project,
delete-project,
create-project-role,
update-project-role,
delete-project-role,
create-org-role,
update-org-role,
delete-org-role,
create-secret-reminder,
get-secret-reminder,
delete-secret-reminder,
dashboard-list-secrets,
dashboard-get-secret-value,
dashboard-get-secret-version-value,
pam-session-credentials-get,
pam-session-start,
pam-session-logs-update,
pam-session-end,
pam-session-get,
pam-session-list,
pam-folder-create,
pam-folder-update,
pam-folder-delete,
pam-account-list,
pam-account-get,
pam-account-access,
pam-account-create,
pam-account-update,
pam-account-delete,
pam-account-credential-rotation,
pam-account-credential-rotation-failed,
pam-web-access-session-ticket-created,
pam-resource-list,
pam-resource-get,
pam-resource-create,
pam-resource-update,
pam-resource-delete,
pam-discovery-source-list,
pam-discovery-source-get,
pam-discovery-source-create,
pam-discovery-source-update,
pam-discovery-source-delete,
pam-discovery-scan,
pam-discovery-source-run-list,
pam-discovery-source-run-get,
pam-discovery-source-resource-list,
pam-discovery-source-account-list,
approval-policy-create,
approval-policy-update,
approval-policy-delete,
approval-policy-list,
approval-policy-get,
approval-request-get,
approval-request-list,
approval-request-create,
approval-request-approve,
approval-request-reject,
approval-request-cancel,
approval-request-grant-list,
approval-request-grant-get,
approval-request-grant-revoke,
create-acme-account,
retrieve-acme-account,
create-acme-order,
finalize-acme-order,
download-acme-certificate,
respond-to-acme-challenge,
pass-acme-challenge,
attempt-acme-challenge,
fail-acme-challenge,
mcp-endpoint-create,
mcp-endpoint-update,
mcp-endpoint-delete,
mcp-endpoint-get,
mcp-endpoint-list,
mcp-endpoint-list-tools,
mcp-endpoint-enable-tool,
mcp-endpoint-disable-tool,
mcp-endpoint-bulk-update-tools,
mcp-endpoint-oauth-client-register,
mcp-endpoint-oauth-authorize,
mcp-endpoint-connect,
mcp-endpoint-save-user-credential,
mcp-server-create,
mcp-server-update,
mcp-server-delete,
mcp-server-get,
mcp-server-list,
mcp-server-list-tools,
mcp-server-sync-tools,
mcp-activity-log-list,
create-dynamic-secret,
update-dynamic-secret,
delete-dynamic-secret,
get-dynamic-secret,
list-dynamic-secrets,
create-dynamic-secret-lease,
delete-dynamic-secret-lease,
renew-dynamic-secret-lease,
list-dynamic-secret-leases,
get-dynamic-secret-lease,
create-pki-discovery,
update-pki-discovery,
delete-pki-discovery,
get-pki-discovery,
get-pki-discoveries,
trigger-pki-discovery-scan,
get-pki-installation,
get-pki-installations,
update-pki-installation,
delete-pki-installation,
create-pki-signer,
update-pki-signer,
delete-pki-signer,
get-pki-signer,
get-pki-signers,
get-pki-signer-public-key,
get-pki-signing-operations,
pki-signer-sign
userAgentType
enum<string>

Choose which consuming application to export audit logs for.

Available options:
web,
cli,
k8-operator,
terraform,
other,
InfisicalPythonSDK,
InfisicalNodeSDK
eventMetadata
string

Filter by event metadata key-value pairs. Formatted as key1=value1,key2=value2, with comma-separation.

startDate
string<date-time>

The date to start the export from.

endDate
string<date-time>

The date to end the export at.

offset
number
default:0

The offset to start from. If you enter 10, it will start from the 10th audit log.

limit
number
default:20

The number of audit logs to return.

Required range: x <= 1000
actor
string

The actor to filter the audit logs by.

Response

Default Response

auditLogs
object[]
required