> ## Documentation Index > Fetch the complete documentation index at: https://docs.base44.com/llms.txt > Use this file to discover all available pages before exploring further. # Event Types > All audit log event types available for filtering Every audit log event has an event type that identifies what happened. Event types follow a dot-separated naming convention: `..`. Below is the full list of event types, grouped by category. The **Metadata** column lists the keys that may appear in the `metadata` field for each event type. See [Metadata key reference](#metadata-key-reference) for descriptions. ## Authentication | Event type | Description | Metadata | | ----------------------- | ---------------------------- | --------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | `auth.login` | User login attempt. | [`auth_method`](#auth_method), [`auth_provider`](#auth_provider), [`email_domain`](#email_domain), [`email_hash`](#email_hash), [`failure_reason`](#failure_reason), [`is_new_user`](#is_new_user), [`mcp_oauth`](#mcp_oauth), [`mfa_method`](#mfa_method), [`oauth_error_type`](#oauth_error_type), [`sso_provider`](#sso_provider), [`turnstile_result`](#turnstile_result), [`user_id`](#user_id), [`visitor_cookie`](#visitor_cookie) | | `auth.signup` | User signup. | [`auth_method`](#auth_method), [`auth_provider`](#auth_provider), [`email_domain`](#email_domain), [`email_hash`](#email_hash), [`failure_reason`](#failure_reason), [`is_new_user`](#is_new_user), [`mcp_oauth`](#mcp_oauth), [`oauth_error_type`](#oauth_error_type), [`signup_stage`](#signup_stage), [`sso_provider`](#sso_provider), [`turnstile_result`](#turnstile_result), [`user_id`](#user_id), [`visitor_cookie`](#visitor_cookie) | | `auth.mfa.sent` | MFA challenge sent. | [`auth_method`](#auth_method), [`auth_provider`](#auth_provider), [`email_domain`](#email_domain), [`email_hash`](#email_hash), [`is_new_user`](#is_new_user), [`sso_provider`](#sso_provider), [`turnstile_result`](#turnstile_result), [`user_id`](#user_id), [`visitor_cookie`](#visitor_cookie) | | `auth.mfa` | MFA verification attempt. | [`auth_method`](#auth_method) | | `auth.password_changed` | User changed their password. | | ## API | Event type | Description | Metadata | | ------------------- | --------------------------------- | ---------------------------------------------------------------- | | `api.function.call` | Backend function invoked via API. | [`function_name`](#function_name), [`status_code`](#status_code) | | `api.code.editing` | Code editing action via API. | [`file_path`](#file_path) | ## Entity CRUD | Event type | Description | Metadata | | -------------------------------- | ------------------------------------ | --------------------------------------------------------------------- | | `app.entity.created` | Entity record created. | [`entity_name`](#entity_name), [`entity_id`](#entity_id) | | `app.entity.updated` | Entity record updated. | [`entity_name`](#entity_name), [`entity_id`](#entity_id) | | `app.entity.deleted` | Entity record deleted (soft delete). | [`entity_name`](#entity_name), [`entity_id`](#entity_id) | | `app.entity.bulk_created` | Multiple entity records created. | [`entity_name`](#entity_name), [`method`](#method), [`count`](#count) | | `app.entity.bulk_deleted` | Multiple entity records deleted. | [`entity_name`](#entity_name), [`method`](#method), [`count`](#count) | | `app.entity.restored` | Soft-deleted entity record restored. | [`entity_name`](#entity_name), [`entity_id`](#entity_id) | | `app.entity.permanently_deleted` | Entity record permanently deleted. | [`entity_name`](#entity_name), [`entity_id`](#entity_id) | ## Entity schema | Event type | Description | Metadata | | -------------------- | ---------------------- | ----------------------------------------------------------------------------------- | | `app.schema.created` | Entity schema created. | [`entity_name`](#entity_name), [`has_rls`](#has_rls) | | `app.schema.updated` | Entity schema updated. | [`entity_name`](#entity_name), [`has_rls`](#has_rls), [`rls_changed`](#rls_changed) | | `app.schema.deleted` | Entity schema deleted. | [`entity_name`](#entity_name) | ## Workspace members | Event type | Description | Metadata | | ---------------------------------- | ------------------------- | --------------------------------------------------------------------------------- | | `workspace.member.role_updated` | Member role changed. | [`target_email`](#target_email), [`new_role`](#new_role), [`old_role`](#old_role) | | `workspace.member.invited` | Member invited. | [`invitee_email`](#invitee_email), [`role`](#role) | | `workspace.member.bulk_invited` | Multiple members invited. | [`invitation_count`](#invitation_count), [`invitee_emails`](#invitee_emails) | | `workspace.member.invite_accepted` | Invitation accepted. | | | `workspace.member.invite_declined` | Invitation declined. | [`invitation_email`](#invitation_email) | | `workspace.member.removed` | Member removed. | [`target_email`](#target_email) | ## Workspace billing | Event type | Description | Metadata | | ---------------------------------- | -------------------------------------- | ---------------------------------------------------------------- | | `workspace.invoice.read` | Invoice accessed. | [`count`](#count) | | `workspace.stripe.session_created` | Stripe billing portal session created. | [`stripe_customer_id`](#stripe_customer_id), [`domain`](#domain) | ## Workspace SSO | Event type | Description | Metadata | | -------------------------------- | --------------------------- | -------------------------------------------------------------------- | | `workspace.sso.enabled` | SSO enabled for workspace. | | | `workspace.sso.disabled` | SSO disabled for workspace. | | | `workspace.sso.settings_updated` | SSO settings updated. | [`sso_provider`](#sso_provider), [`updated_fields`](#updated_fields) | ## Workspace settings | Event type | Description | Metadata | | ----------------------------- | --------------------------- | ----------------------------------------------------------------------------------------------------------------- | | `workspace.settings.updated` | Workspace settings updated. | [`fields_changed`](#fields_changed) | | `workspace.admin.created` | Workspace created by admin. | [`workspace_name`](#workspace_name), [`subscription_tier`](#subscription_tier), [`is_enterprise`](#is_enterprise) | | `workspace.admin.migrated_v2` | Workspace migrated to v2. | [`target_tier`](#target_tier), [`is_enterprise`](#is_enterprise) | ## Domains | Event type | Description | Metadata | | ----------------------- | ---------------------------- | --------------------------------------------------------------------------------------------- | | `domain.created` | Custom domain created. | [`domain`](#domain), [`domain_id`](#domain_id) | | `domain.deleted` | Custom domain deleted. | [`domain`](#domain), [`domain_id`](#domain_id) | | `domain.linked` | Domain linked to an app. | [`domain`](#domain), [`domain_id`](#domain_id) | | `domain.unlinked` | Domain unlinked from an app. | [`domain`](#domain), [`domain_id`](#domain_id) | | `domain.verified` | Domain verified. | [`domain`](#domain), [`domain_id`](#domain_id), [`verification_status`](#verification_status) | | `domain.disabled` | Domain disabled. | [`domain`](#domain), [`domain_id`](#domain_id) | | `domain.enabled` | Domain enabled. | [`domain`](#domain), [`domain_id`](#domain_id) | | `domain.email.enabled` | Email domain enabled. | [`domain`](#domain), [`domain_id`](#domain_id) | | `domain.email.updated` | Email domain updated. | [`domain`](#domain), [`domain_id`](#domain_id) | | `domain.email.disabled` | Email domain disabled. | [`domain`](#domain), [`domain_id`](#domain_id) | ## App lifecycle | Event type | Description | Metadata | | ----------------- | ---------------- | ------------------------------------------------ | | `app.created` | App created. | [`app_name`](#app_name), [`app_type`](#app_type) | | `app.deleted` | App deleted. | [`app_name`](#app_name) | | `app.published` | App published. | [`checkpoint_id`](#checkpoint_id) | | `app.unpublished` | App unpublished. | | ## App users | Event type | Description | Metadata | | ----------------------- | ---------------------- | ----------------------------------------------------------------------------------------------- | | `app.user.registered` | App user registered. | [`target_email`](#target_email), [`role`](#role), [`registration_method`](#registration_method) | | `app.user.deleted` | App user deleted. | [`target_user_id`](#target_user_id), [`target_email`](#target_email) | | `app.user.updated` | App user updated. | [`target_user_id`](#target_user_id), [`target_email`](#target_email) | | `app.user.role_changed` | App user role changed. | [`target_email`](#target_email), [`old_role`](#old_role), [`new_role`](#new_role) | | `app.auth.login` | App user login. | [`auth_method`](#auth_method) | | `app.user.invited` | App user invited. | [`invitee_email`](#invitee_email), [`role`](#role) | | `app.access.requested` | App access requested. | [`requester_email`](#requester_email) | | `app.access.approved` | App access approved. | [`target_email`](#target_email) | | `app.access.denied` | App access denied. | [`target_email`](#target_email) | ## Integrations | Event type | Description | Metadata | | --------------------------------------- | ------------------------------- | --------------------------------------------------------------------------------------------------------------------- | | `integration.custom.created` | Custom integration created. | [`integration_slug`](#integration_slug), [`integration_name`](#integration_name), [`endpoint_count`](#endpoint_count) | | `integration.custom.updated` | Custom integration updated. | [`integration_slug`](#integration_slug), [`fields_changed`](#fields_changed) | | `integration.custom.deleted` | Custom integration deleted. | [`integration_slug`](#integration_slug), [`integration_name`](#integration_name) | | `integration.stripe.sandbox_claimed` | Stripe sandbox claimed. | [`sandbox_id`](#sandbox_id) | | `integration.stripe.live_configured` | Stripe live mode configured. | | | `integration.stripe.removed` | Stripe integration removed. | | | `integration.wix_payments.connected` | Wix Payments connected. | | | `integration.wix_payments.disconnected` | Wix Payments disconnected. | | | `integration.oauth.connected` | OAuth integration connected. | [`integration_type`](#integration_type) | | `integration.oauth.disconnected` | OAuth integration disconnected. | [`integration_type`](#integration_type) | ## App runtime | Event type | Description | Metadata | | -------------------------- | ---------------------- | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | `app.entity.query` | Entity data queried. | [`filter_fields`](#filter_fields), [`sort`](#sort), [`limit`](#limit), [`skip`](#skip), [`fields`](#fields), [`entity_name`](#entity_name) | | `app.user.query` | App user data queried. | [`filter_fields`](#filter_fields), [`sort`](#sort), [`limit`](#limit), [`skip`](#skip), [`fields`](#fields) | | `app.integration.executed` | Integration executed. | [`function_name`](#function_name), [`credit_count`](#credit_count), [`duration_ms`](#duration_ms) | | `app.automation.executed` | Automation executed. | [`automation_id`](#automation_id), [`automation_name`](#automation_name), [`automation_type`](#automation_type), [`duration_ms`](#duration_ms), [`credit_count`](#credit_count) | | `app.agent.conversation` | AI agent conversation. | [`agent_name`](#agent_name), [`conversation_id`](#conversation_id), [`message_count`](#message_count), [`credit_count`](#credit_count) | | `app.user.page_visit` | App user page visit. | [`page_name`](#page_name) | ## Security | Event type | Description | Metadata | | ------------------------ | ------------------------ | ------------------------------------------------------------------------------------------------------------------------------------------------------------------------------------- | | `app.security.check_run` | Security check executed. | [`rls_recommendations_count`](#rls_recommendations_count), [`hardcoded_secrets_count`](#hardcoded_secrets_count), [`backend_functions_issues_count`](#backend_functions_issues_count) | *** ## Metadata key reference All metadata values are strings. #### `agent_name` Name of the AI agent. #### `app_name` Name of the app. #### `app_type` Type of the app. #### `auth_method` Authentication method (e.g. `email_password`, `google`). #### `auth_provider` OAuth provider name, if applicable. #### `automation_id` ID of the automation. #### `automation_name` Name of the automation. #### `automation_type` Type of automation (e.g. scheduled, triggered). #### `backend_functions_issues_count` Number of backend function issues found in security scan. #### `checkpoint_id` Deployment checkpoint ID. #### `conversation_id` ID of the AI agent conversation. #### `count` Number of affected records, invoices, or other items. #### `credit_count` Credits consumed by the operation. #### `domain` The domain name. #### `domain_id` The domain ID. #### `duration_ms` Execution time in milliseconds. #### `email_domain` Domain portion of the user's email address. #### `email_hash` SHA-256 hash of the user's email address. #### `endpoint_count` Number of endpoints on the custom integration. #### `entity_id` ID of the affected entity record. #### `entity_name` Name of the entity. #### `failure_reason` Reason for failure when status is `"failure"`. #### `fields` Fields included in a query response. #### `fields_changed` Comma-separated list of fields that were changed. #### `file_path` Path of the file being edited. #### `filter_fields` Field names being filtered on in a query (e.g. `data.status, data.user_id`). #### `function_name` Name of the backend function or integration function. #### `hardcoded_secrets_count` Number of hardcoded secrets found in security scan. #### `has_rls` Whether row-level security is enabled on the entity schema. #### `integration_name` Name of the custom integration. #### `integration_slug` Slug identifier of the custom integration. #### `integration_type` Type of OAuth integration. #### `invitation_count` Number of invitations sent in a bulk invite. #### `invitation_email` Email associated with the invitation. #### `invitee_email` Email of the invited user. #### `invitee_emails` Comma-separated emails of invited users (bulk invite). #### `is_enterprise` Whether the workspace is on an enterprise plan. #### `is_new_user` Whether this is the user's first login. #### `limit` Maximum number of records requested in a query. #### `mcp_oauth` Whether the login was initiated via an MCP OAuth flow. #### `message_count` Number of messages in an AI agent conversation. #### `method` Bulk operation method. #### `mfa_method` MFA method used (e.g. `totp`, `sms`). #### `new_role` New role after a role change. #### `oauth_error_type` Type of OAuth error on failure. #### `old_role` Previous role before a role change. #### `page_name` Name of the visited page. #### `registration_method` How the app user registered. #### `requester_email` Email of the user requesting access. #### `rls_changed` Whether row-level security settings changed. #### `rls_recommendations_count` Number of RLS recommendations from security scan. #### `role` Role assigned to a user. #### `sandbox_id` Stripe sandbox ID. #### `signup_stage` Signup progress indicator (e.g. `otp_pending`, `otp_verified`). #### `skip` Number of records skipped in a query. #### `sort` Sort parameters used in a query. #### `sso_provider` SSO provider name. #### `status_code` HTTP status code returned by a backend function call. #### `stripe_customer_id` Stripe customer ID. #### `subscription_tier` Subscription tier of the workspace. #### `target_email` Email of the user affected by the action. #### `target_tier` Target subscription tier for a migration. #### `target_user_id` ID of the app user affected by the action. #### `turnstile_result` Cloudflare Turnstile verification result. #### `updated_fields` SSO settings fields that were updated. #### `user_id` ID of the authenticated user. #### `verification_status` Domain verification result. #### `visitor_cookie` Marketing visitor cookie identifier. #### `workspace_name` Name of the workspace.