Skip to main content
The Audit Logs API provides workspace-scoped access to audit events for security monitoring, compliance, and SIEM integrations. Use the Audit Logs API to:
  • Stream audit events into your SIEM or security tooling.
  • Investigate user activity across all apps in a workspace.
  • Monitor authentication events, entity changes, and administrative actions.
  • Build compliance reports with full event detail.

Prerequisites

  • An Enterprise plan workspace.
  • A workspace API key. See Authentication to create one.

Workspaces

A workspace is a shared environment where teams collaborate on apps. The Audit Logs API returns events across all apps in a workspace.

Workspace ID

The endpoints in the Audit Logs API require a workspace_id in the URL path. You must have admin or owner role in that workspace. To get your workspace_id:
  1. Click your profile icon at the top right of your account.
  2. Hover over the relevant workspace and click Manage.
  3. The workspace ID is the last part of the workspace management page URL.