Share
Explore

Coda Admin Audit API: events and documentation

The Coda Admin Audit API supports auditing activities via an event log, so your team's work and data is always safe.

Audit events contain records of user login/logout activities and other operations performed within a Coda organization. Audit events are critical to an enterprise’s Security Monitoring efforts. It enables Security professionals to proactively analyze the audit events for any suspicious behavior within a Coda organization and help them in forensic investigations in case of a security breach. Audit events also enable administrators to write their own applications to understand their users’ usage of Coda.

Audit functionality in Coda is enabled only for organizations having at least one Enterprise workspace. If an organization contains multiple workspaces then audit events will only be recorded for operations performed within Enterprise workspaces. Operations performed within non-Enterprise workspaces will not be audited. However, operations performed on entities (like User and Organization) that are not contained within a workspace are audited as long as there is at least one Enterprise workspace within an organization.

Here is an example of an organization with 2 workspaces, wk1 is a Team workspace and wk2 is an Enterprise workspace. All the entities colored in
green
are audited and the ones in
red
are not audited.

Audit+events+-+What+is+audited+and+what+is+not+-+Google+Docs+2021-06-28+at+5.56.52+PM.jpg


This organization contains at least one Enterprise workspace so auditing will be enabled for this organization.
Entities contained within Enterprise workspaces are audited: Folder and Doc entities are contained within workspaces. In this case, since workspace
wk1
is on Team’s place, Coda does not generate audit events for entities
folder1
,
doc1
and
doc11
which are contained within
wk1
. Where as, entities within Enterprise workspace
wk2
will be audited, so Coda generates audit events for
folder2
,
doc21
and
doc22
.
Global objects are audited: Even though there is one non-Enterprise workspace, Coda generates audit events for global entities that are scoped to workspaces. Organization and User entities are global entities so Coda generates audit events for operations on entities
org-xyz, user1, user2, user3, user5
and
user6
will be audited.
At a later time, if
wk1
is upgraded to Enterprise plan then Coda will generate audit events for entities contained in
wk1
from the time it is upgraded to Enterprise plan.

Who can use Audit events API?
Only admins of an organization can use the Audit events API to get the audit events related to their organization.

An audit event
Coda generates audit events for most user actions within an organization. Every audit event contains the
user
performing an
action
on an
entity
and the
result
of the attempt. The following is a sample audit event of a LogInUser audit event.

{
"items": [
{
"action": "LogInUser",
"entity": {
"type": "user",
"user": {
"email": "user@example.com",
"id": 1234,
"type": "user",
}
},
"eventDetails": {
"providerName": "google"
},
"organizationId": "org-xyz",
"result": "Allowed",
"timestamp": 1623431501,
"user": {
"email": "user@example.com",
"id": 1234,
"type": "user",
},
"userContext": {
"browser": {
"ua": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10.15; rv:88.0) Gecko/20100101 Firefox/88.0"
},
"ipAddress": "192.168.0.1",
"sessionId": "as-dx84XYZ46",
"source": "browser"
}
}

For the latest documentation on the API, including the fields captured in every audit event and the list of audit actions, please refer to audit events API
. In beta phase, auditing enabled only on demand. If you are interested in enabling audit functionality for your organization, please email
.

Audit event actions

The following table outlines the currently supported list of audit actions grouped by entity. This action list will likely grow over time and the eventDetails content can also changed based on the feedback and added functionality. If you do not see an action or additional information for an action, please let
know.

Audit Actions
0
Entity
Audit action Name
Description of the audit action
Additional Fields contained within eventDetails
ApiToken
2
DeleteApiToken
Delete an API token
None
GenerateApiToken
Generate an API token
None
Doc
8
AddDocPack
Install a pack within a Doc
packId - id of the Pack added to the doc.
packVersion - Pack version
errorMessage: Error details in case the operation was denied.
CreateDoc
Create a new Doc
folderId: Folder id in which the doc is being created.
CopyDoc
Copy a Doc to a new location
newDocId: Id of the doc that is newly created.
errorMessage: Error details in case the operation was denied.
DeleteDoc
Delete a Doc
None
DeleteDocPack
Remove usage of a pack from a Doc
packId - id of the Pack added to the doc.
errorMessage: Error details in case the operation was denied.
OpenDoc
Opening a Doc for reading, commenting or editing.
None
ReviveDoc
Revive an old Doc to a new folder
folderId: Folder in which the doc is revived to.
UpdateDocPermissions
Update permissions on a Doc
updates - contains the attempted doc permission changes.
Folder
4
CreateFolder
Create a new folder
settings: A collection of folder settings used during folder creation.
errorMessage: Error details in case the operation was denied.
DeleteFolder
Delete a folder
errorMessage: Error details in case the operation was denied.
UpdateFolderMembership
Update membership on a folder
userId: User id for which role membership is changed.
loginId: User email address
role: Role name to which the user membership is changed to.
errorMessage: Error details in case the operation was denied.
UpdateFolderSettings
Update folder settings
settings: A collection of folder settings being updated.
errorMessage: Error details in case the operation was denied.
Organization
3
UpdateOrganizationPackAccess
Enable or Disable usage of a pack within an organization
packEnabled: Whether a pack is enabled or not.
packId: Pack Id.
packName: Pack name
packUrl: Pack URL
UpdateOrganizationSettings
Update organization settings
settings: A collection of updated organization settings.
UpdateOrganizationUserRole
Add or remove user from organization roles
userId: User id for which role membership is changed.
loginId: User email address
role: Role name to which the user membership is changed to.
Pack
1
CreatePack
Create a new Pack
errorMessage: Error details in case the operation was denied.
User
7
CreateUser
Create a new user
providerName: specifies whether this is a Google, SSO or email user account.
errorMessage: Error details in case the operation was denied.
DeleteUser
Delete an existing user
errorMessage: Error details in case the operation was denied.
LogInUser
LogIn activity of a user
providerName: specifies whether this is a Google, SSO or email user account.
errorMessage: Error details in case the operation was denied.
LogOutUser
LogOut activity of a user
errorMessage: Error details in case the operation was denied.
ResetUserPassword
Reset a user password
errorMessage: Error details in case the operation was denied.
UpdateUserAccount
Update a user account details
settings: A collection of the attempted user account changes.
errorMessage: Error details in case the operation was denied.
UpdateUserPassword
Update a user’s password
errorMessage: Error details in case the operation was denied.





Share
Want to print your doc?
This is not the way.
Try clicking the ⋯ next to your doc name or using a keyboard shortcut (
CtrlP
) instead.