# Audit Logs API #### Introduction / Overview The **Audit Logs API** provides a structured way to retrieve audit log records for a given organization. It is designed to help administrators **track and review actions performed within the system** by capturing detailed event data. This API returns audit events based on **filter criteria provided in the request body**, allowing users to narrow down results using: * Organization identifier (organizationKey) * User who performed the action (userLogin) * Audit category (category) * Operation performed (operation) * Event timestamp (createdAt)D * Trigger source (userTriggered)x\` Each audit log entry includes: * The **user or system** that initiated the action * The **type of operation performed** * The **category of the event** * The **timestamp of occurrence** * The **resulting value or change (**newValue**)** The API supports **pagination via query parameters**, enabling efficient retrieval of large audit datasets. #### Permissions Required Access to this API is restricted to: * **Organization Admin** * **Super Admin** #### Endpoint Details * **HTTP Method:** POST * **URL:** \/\_codescan/audit/logs?p=\\&ps=\ *** #### Request Body {% code lineNumbers="true" %} ``` { "organizationKey": "", "userLogin": "", "category": "", "operation": "", "createdAt": "", "userTriggered": } ``` {% endcode %} #### Request Field Details


Field	Type	Required	Description	Possible Values
`organizationKey`	string	Yes	Organization key	—
`userLogin`	string	No	Login of user who triggered the action	—
`category`	string	No	Audit log category	PROJECT, USER_TOKEN, GROUP_PERMISSION, PERMISSION_TEMPLATE, PLUGIN, PROPERTY, QUALITY_GATE, QUALITY_PROFILE, USER, USER_GROUP, USER_PERMISSION
`operation`	enum	No	Operation performed	ADD, ADD_CHARACTERISTIC, ADD_EDITOR, ADD_GROUP, ADD_USER, DEACTIVATE, DELETE, DELETE_EDITOR, DELETE_GROUP, DELETE_USER, COMPONENT_KEY_UPDATE, COMPONENT_KEY_BRANCH_UPDATE, SET, SET_LICENSE, UPDATE, UPDATE_CHARACTERISTIC, UPDATE_COMPONENT_VISIBILITY
`createdAt`	string	No	Creation date or datetime of the audit event	Format: yyyy-MM-dd or yyyy-MM-dd'T'HH:mm:ssZExample: 2017-10-19 or 2017-10-19T13:00:00+0200
`userTriggered`	boolean	No	Whether the event was triggered by a user action	true, false
`p`	integer	No	The results page number.	1
`ps`	integer	No	The amount of results on each page. Max is 500	500

#### Example Request {% code lineNumbers="true" %} ``` POST https://app.codescan.io/_codescan/audit/logs?p=1&ps=10 ``` {% endcode %} {% code lineNumbers="true" %} ``` { "organizationKey": "org1", "userLogin": "652d14eeedabb7xxxxxd", "category": "PROJECT", "operation": "UPDATE", "createdAt": "2025-07-14", "userTriggered": true } ``` {% endcode %} #### Example Response {% code lineNumbers="true" %} ``` { "content": [ { "organizationUuid": "org-uuid-123", "userLogin": "jdoe", "userUuid": "user-uuid-456", "category": "PROJECT", "operation": "UPDATE", "newValue": "", "createdAt": "2025-07-14T09:00:12.314+00:00", "userTriggered": true } ], "pageable": { "pageNumber": 0, "pageSize": 100 }, "totalElements": 1, "totalPages": 1, "first": true, "last": true, "empty": false } ``` {% endcode %} #### Response Field Details **Audit Log Entry** (`content`) | Field | Description | | ------------------ | ---------------------------------------------------- | | `organizationUuid` | Unique identifier of the organization | | `userLogin` | Login of the user who performed the action | | `userUuid` | Unique identifier of the user | | `category` | Audit log category | | `operation` | Operation performed | | `newValue` | Updated value or details of the change (JSON string) | | `createdAt` | Timestamp of the audit event | | `userTriggered` | Indicates whether the action was triggered by a user | **Example: Project Analysis Event** {% code lineNumbers="true" %} ``` { "category": "PROJECT_ANALYSIS", "operation": "ADD", "userLogin": "System", "userTriggered": false, "newValue": { "projectKey": "prod-project", "projectName": "prod-project", "jobId": "aefe9a9e-d8cf-4faa-811b-7ebc4ab8a0ca", "ncloc": "335" } } ``` {% endcode %} *** **Example: Group permission Assignment** {% code lineNumbers="true" %} ``` { "category": "GROUP_PERMISSION", "operation": "ADD", "userLogin": "thammisetti-vanaja-priya79347", "userTriggered": true, "newValue": { "permission": "codeviewer", "groupName": "Members", "componentKey": "prod-project", "permissionTemplateName": "Default template", "qualifier": "project" } } ``` {% endcode %}
--- # Agent Instructions: Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://knowledgebase.autorabit.com/product-guides/codescan/codescan-api-documentation/audit-logs-api.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.