Explore

Coda Admin Audit API: events and documentation

The Coda Admin Audit API supports auditing activities via an event log, so your team's work and data is always safe.

Audit events contain records of user login/logout activities and other operations performed within a Coda organization. Audit events are critical to an enterprise’s Security Monitoring efforts. It enables Security professionals to proactively analyze the audit events for any suspicious behavior within a Coda organization and help them in forensic investigations in case of a security breach. Audit events also enable administrators to write their own applications to understand their users’ usage of Coda.

Audit functionality in Coda is enabled only for organizations having at least one Enterprise workspace. If an organization contains multiple workspaces then audit events will only be recorded for operations performed within Enterprise workspaces. Operations performed within non-Enterprise workspaces will not be audited. However, operations performed on entities (like User and Organization) that are not contained within a workspace are audited as long as there is at least one Enterprise workspace within an organization.

Here is an example of an organization with 2 workspaces, wk1 is a Team workspace and wk2 is an Enterprise workspace. All the entities colored in green are audited and the ones in red are not audited.

⁠

Audit+events+-+What+is+audited+and+what+is+not+-+Google+Docs+2021-06-28+at+5.56.52+PM.jpg

⁠

This organization contains at least one Enterprise workspace so auditing will be enabled for this organization.

Entities contained within Enterprise workspaces are audited: Folder and Doc entities are contained within workspaces. In this case, since workspace wk1 is on Team’s place, Coda does not generate audit events for entities folder1, doc1 and doc11 which are contained within wk1. Where as, entities within Enterprise workspace wk2 will be audited, so Coda generates audit events for folder2, doc21 and doc22.

Global objects are audited: Even though there is one non-Enterprise workspace, Coda generates audit events for global entities that are scoped to workspaces. Organization and User entities are global entities so Coda generates audit events for operations on entities org-xyz, user1, user2, user3, user5 and user6 will be audited.

At a later time, if wk1 is upgraded to Enterprise plan then Coda will generate audit events for entities contained in wk1 from the time it is upgraded to Enterprise plan.

Who can use Audit events API?

Only admins of an organization can use the Audit events API to get the audit events related to their organization.

An audit event

Coda generates audit events for most user actions within an organization. Every audit event contains the user performing an action on an entity and the result of the attempt. The following is a sample audit event of a LogInUser audit event.

{

"items": [

{

"action": "LogInUser",

"entity": {

"type": "user",

"user": {

"email": "user@example.com",

"id": 1234,

"type": "user",

}

"eventDetails": {

"providerName": "google"

"organizationId": "org-xyz",

"result": "Allowed",

"timestamp": 1623431501,

"user": {

"email": "user@example.com",

"id": 1234,

"type": "user",

"userContext": {

"browser": {

"ua": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:88.0) Gecko/20100101 Firefox/88.0"

"ipAddress": "192.168.0.1",

"sessionId": "as-dx84XYZ46",

"source": "browser"

}

For the latest documentation on the API, including the fields captured in every audit event and the list of audit actions, please refer to audit events API

documentation⁠

Audit event actions

The following table outlines the currently supported list of audit actions grouped by entity. This action list will likely grow over time and the eventDetails content can also changed based on the feedback and added functionality. If you do not see an action or additional information for an action, please let

us⁠

know.

Audit Actions

Audit Actions

Entity

Audit action Name

Description of the audit action

Additional Fields contained within eventDetails

ApiToken

DeleteApiToken

Delete an API token

None

GenerateApiToken

Generate an API token

None

Doc

AddDocPack

Install a pack within a Doc

packId - id of the Pack added to the doc.

packVersion - Pack version

errorMessage: Error details in case the operation was denied.

CreateDoc

Create a new Doc

folderId: Folder id in which the doc is being created.

CopyDoc

Copy a Doc to a new location

newDocId: Id of the doc that is newly created.

errorMessage: Error details in case the operation was denied.

DeleteDoc

Delete a Doc

None

DeleteDocPack

Remove usage of a pack from a Doc

packId - id of the Pack added to the doc.

errorMessage: Error details in case the operation was denied.

OpenDoc

Opening a Doc for reading, commenting or editing.

None

ReviveDoc

Revive an old Doc to a new folder

folderId: Folder in which the doc is revived to.

UpdateDocPermissions

Update permissions on a Doc

updates - contains the attempted doc permission changes.

CopyTemplate

Copy a template to an existing Doc

destDocId: Doc to which the template is copied to.

errorMessage: Error details in case the operation was denied.

Folder

CreateFolder

Create a new folder

settings: A collection of folder settings used during folder creation.

errorMessage: Error details in case the operation was denied.

DeleteFolder

Delete a folder

errorMessage: Error details in case the operation was denied.

UpdateFolderMembership

Update membership on a folder

userId: User id for which role membership is changed.

loginId: User email address

role: Role name to which the user membership is changed to.

errorMessage: Error details in case the operation was denied.

UpdateFolderSettings

Update folder settings

settings: A collection of folder settings being updated.

errorMessage: Error details in case the operation was denied.

Organization

UpdateOrganizationPackAccess

Enable or Disable usage of a pack within an organization

packEnabled: Whether a pack is enabled or not.

packId: Pack Id.

packName: Pack name

packUrl: Pack URL

UpdateOrganizationSettings

Update organization settings

settings: A collection of updated organization settings.

UpdateOrganizationUserRole

Add or remove user from organization roles

userId: User id for which role membership is changed.

loginId: User email address

role: Role name to which the user membership is changed to.

Pack

CreatePack

Create a new Pack

errorMessage: Error details in case the operation was denied.

User

CreateUser

Create a new user

providerName: specifies whether this is a Google, SSO or email user account.

errorMessage: Error details in case the operation was denied.

DeleteUser

Delete an existing user

errorMessage: Error details in case the operation was denied.

LogInUser

providerName: specifies whether this is a Google, SSO or email user account.

errorMessage: Error details in case the operation was denied.

LogOutUser

LogOut activity of a user

errorMessage: Error details in case the operation was denied.

ResetUserPassword

Reset a user password

errorMessage: Error details in case the operation was denied.

UpdateUserAccount

Update a user account details

settings: A collection of the attempted user account changes.

errorMessage: Error details in case the operation was denied.

UpdateUserPassword

Update a user’s password

errorMessage: Error details in case the operation was denied.

⁠

Gallery

Want to print your doc?
This is not the way.

Try clicking the ⋯ next to your doc name or using a keyboard shortcut (

CtrlP

) instead.