Audit events contain records of user login/logout activities and other operations performed within a Coda organization. Audit events are critical to an enterprise’s Security Monitoring efforts. It enables Security professionals to proactively analyze the audit events for any suspicious behavior within a Coda organization and help them in forensic investigations in case of a security breach. Audit events also enable administrators to write their own applications to understand their users’ usage of Coda.
Audit functionality in Coda is enabled only for organizations having at least one Enterprise workspace. If an organization contains multiple workspaces then audit events will only be recorded for operations performed within Enterprise workspaces. Operations performed within non-Enterprise workspaces will not be audited. However, operations performed on entities (like User and Organization) that are not contained within a workspace are audited as long as there is at least one Enterprise workspace within an organization.
Here is an example of an organization with 2 workspaces, wk1 is a Team workspace and wk2 is an Enterprise workspace. All the entities colored in
are audited and the ones in
are not audited.
This organization contains at least one Enterprise workspace so auditing will be enabled for this organization.
Entities contained within Enterprise workspaces are audited: Folder and Doc entities are contained within workspaces. In this case, since workspace
is on Team’s place, Coda does not generate audit events for entities
which are contained within
. Where as, entities within Enterprise workspace
will be audited, so Coda generates audit events for
Global objects are audited: Even though there is one non-Enterprise workspace, Coda generates audit events for global entities that are scoped to workspaces. Organization and User entities are global entities so Coda generates audit events for operations on entities
org-xyz, user1, user2, user3, user5
will be audited.
At a later time, if
is upgraded to Enterprise plan then Coda will generate audit events for entities contained in
from the time it is upgraded to Enterprise plan.
Who can use Audit events API?
Only admins of an organization can use the Audit events API to get the audit events related to their organization.
Coda generates audit events for most user actions within an organization. Every audit event contains the
of the attempt. The following is a sample audit event of a LogInUser audit event.
"ua": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:88.0) Gecko/20100101 Firefox/88.0"
For the latest documentation on the API, including the fields captured in every audit event and the list of audit actions, please refer to audit events API
. In beta phase, auditing enabled only on demand. If you are interested in enabling audit functionality for your organization, please email
Audit event actions
The following table outlines the currently supported list of audit actions grouped by entity. This action list will likely grow over time and the eventDetails content can also changed based on the feedback and added functionality. If you do not see an action or additional information for an action, please let