Audit Logs
View the audit trail of all administrative actions. Every credential, admin key, and user account operation is logged.
Permission Required
Requires the view_audit_logs permission.
Request
http
GET /v1/admin/audit-logs
Authorization: Bearer {admin_key}Query Parameters
| Parameter | Type | Default | Description |
|---|---|---|---|
limit | integer | 50 | Results per page (1-100) |
offset | integer | 0 | Pagination offset |
action | string | - | Filter by action type |
admin_key_id | UUID | - | Filter by admin who performed action |
target_id | UUID | - | Filter by target resource ID |
Example Request
Get recent audit logs:
bash
curl -X GET "https://api.insight.iagon.com/v1/admin/audit-logs" \
-H "Authorization: Bearer YOUR_ADMIN_KEY"Filter by action type:
bash
curl -X GET "https://api.insight.iagon.com/v1/admin/audit-logs?action=credential.created" \
-H "Authorization: Bearer YOUR_ADMIN_KEY"Filter by target (e.g., a specific credential):
bash
curl -X GET "https://api.insight.iagon.com/v1/admin/audit-logs?target_id=660e8400-e29b-41d4-a716-446655440001" \
-H "Authorization: Bearer YOUR_ADMIN_KEY"Response
Success (200 OK)
json
{
"success": true,
"data": [
{
"id": "880e8400-e29b-41d4-a716-446655440010",
"action": "credential.created",
"admin_key_id": "770e8400-e29b-41d4-a716-446655440002",
"admin_entity_name": "PartnerCompany",
"target_id": "660e8400-e29b-41d4-a716-446655440001",
"target_type": "credential",
"ip_address": "192.168.1.100",
"details": {
"name": "Acme Production Key"
},
"created_at": "2026-01-26T12:00:00Z"
},
{
"id": "880e8400-e29b-41d4-a716-446655440011",
"action": "user_account.created",
"admin_key_id": "770e8400-e29b-41d4-a716-446655440002",
"admin_entity_name": "PartnerCompany",
"target_id": "550e8400-e29b-41d4-a716-446655440000",
"target_type": "user_account",
"ip_address": "192.168.1.100",
"details": {
"name": "Acme Corp",
"external_id": "customer_12345"
},
"created_at": "2026-01-26T11:30:00Z"
}
],
"pagination": {
"limit": 50,
"offset": 0,
"total": 156
}
}Audit Log Entry
| Field | Type | Description |
|---|---|---|
id | UUID | Unique log entry ID |
action | string | The action that was performed |
admin_key_id | UUID | Admin key that performed the action |
admin_entity_name | string | Entity name of the admin |
target_id | UUID | null | ID of the affected resource |
target_type | string | Type of resource (credential, user_account, admin_key) |
ip_address | string | null | IP address of the request |
details | object | Additional action-specific details |
created_at | ISO 8601 | When the action occurred |
Action Types
Credential Actions
| Action | Description |
|---|---|
credential.created | New API credential was created |
credential.revoked | API credential was revoked |
credential.viewed | Single credential was viewed |
credential.listed | Credentials list was accessed |
User Account Actions
| Action | Description |
|---|---|
user_account.created | New user account was created |
user_account.updated | User account was updated |
user_account.suspended | User account was suspended |
user_account.reactivated | User account was reactivated |
user_account.viewed | Single user account was viewed |
user_account.listed | User accounts list was accessed |
Admin Key Actions
| Action | Description |
|---|---|
admin_key.created | New admin key was created |
admin_key.revoked | Admin key was revoked |
Use Cases
Security Investigation
Find all actions by a specific admin key:
bash
curl -X GET "https://api.insight.iagon.com/v1/admin/audit-logs?admin_key_id=770e8400-e29b-41d4-a716-446655440002" \
-H "Authorization: Bearer YOUR_ADMIN_KEY"Track Resource History
See all actions affecting a specific credential:
bash
curl -X GET "https://api.insight.iagon.com/v1/admin/audit-logs?target_id=660e8400-e29b-41d4-a716-446655440001" \
-H "Authorization: Bearer YOUR_ADMIN_KEY"Monitor Revocations
Track credential and admin key revocations:
bash
curl -X GET "https://api.insight.iagon.com/v1/admin/audit-logs?action=credential.revoked" \
-H "Authorization: Bearer YOUR_ADMIN_KEY"