The Coda Admin Audit API supports auditing activities via an event log, so your team's work and data is always safe.
Audit events contain records of user login/logout activities and other operations performed within a Coda organization. Audit events are critical to an enterprise’s Security Monitoring efforts. It enables Security professionals to proactively analyze the audit events for any suspicious behavior within a Coda organization and help them in forensic investigations in case of a security breach. Audit events also enable administrators to write their own applications to understand their users’ usage of Coda.
Audit functionality in Coda is enabled only for organizations having at least one Enterprise workspace. If an organization contains multiple workspaces then audit events will only be recorded for operations performed within Enterprise workspaces. Operations performed within non-Enterprise workspaces will not be audited. However, operations performed on entities (like User and Organization) that are not contained within a workspace are audited as long as there is at least one Enterprise workspace within an organization.
Here is an example of an organization with 2 workspaces, wk1 is a Team workspace and wk2 is an Enterprise workspace. All the entities colored in green are audited and the ones in red are not audited.
This organization contains at least one Enterprise workspace so auditing will be enabled for this organization. Entities contained within Enterprise workspaces are audited: Folder and Doc entities are contained within workspaces. In this case, since workspace wk1 is on Team’s place, Coda does not generate audit events for entities folder1, doc1 and doc11 which are contained within wk1. Where as, entities within Enterprise workspace wk2 will be audited, so Coda generates audit events for folder2, doc21 and doc22. Global objects are audited: Even though there is one non-Enterprise workspace, Coda generates audit events for global entities that are scoped to workspaces. Organization and User entities are global entities so Coda generates audit events for operations on entities org-xyz, user1, user2, user3, user5 and user6 will be audited. At a later time, if wk1 is upgraded to Enterprise plan then Coda will generate audit events for entities contained in wk1 from the time it is upgraded to Enterprise plan.
Who can use Audit events API?
Only admins of an organization can use the Audit events API to get the audit events related to their organization.
An audit event
Coda generates audit events for most user actions within an organization. Every audit event contains the user performing an action on an entity and the result of the attempt. The following is a sample audit event of a LogInUser audit event.
"ua": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:88.0) Gecko/20100101 Firefox/88.0"
For the latest documentation on the API, including the fields captured in every audit event and the list of audit actions, please refer to audit events API .
Audit event actions
The following table outlines the currently supported list of audit actions grouped by entity. This action list will likely grow over time and the eventDetails content can also changed based on the feedback and added functionality. If you do not see an action or additional information for an action, please let know.
Description of the audit action
Additional Fields contained within eventDetails