Audit logs
  • 20 Feb 2024
  • 1 Minute to read
  • Dark

Audit logs

  • Dark

Article summary

Audit logs are a record of workspace events in a single workspace. You retrieve the audit logs via a Torq step or the Torq API. The API key used to run the step or API call retrieves logs for the workspace the key was created on.

The rest of this article covers reference material for audit logs, including event types, entities, and so on.

To learn how to retrieve and consume audit logs, check out work with audit logs.

The following is a list of all events for which log entries are created. Entries in the audit log are created for create, update, and delete actions for the main resources in Torq. This means that log entries are NOT created for read actions. 

Generally, log entries are created immediately after the action is taken and are available immediately, but they could take several minutes (no more than 5 minutes). When you send a List audit logs request, the returned log entries are for the account on which the API key was created.


Audit Log APIs require an API key created with the Owner role.


  • User invited

  • User accepted invitation

  • User role updated

  • User deleted

  • User logged in

  • User logged out

  • User switched accounts


  • Workflow created

  • Workflow deleted

  • Workflow updated

  • Workflow published

  • Workflow unpublished

  • Workflow edited

  • Workflow reverted

  • Workflow enabled

  • Workflow disabled

The workflow tags will be available in the tags array under extra_data for every log entry created for a workflow-related action. You can export the log data to filter, aggregate, and use it for automation according to the tags. If the workflow has no tags, the tags array won't exist in the log entry.

API resources workflow tags

Workspace variables

  • Workspace variable created

  • Workspace variable updated

  • Workspace variable deleted

Workflow Notifications

  • Email address added

  • Email address removed

  • Webhook added

  • Webhook removed

  • Webhook authentication headers added

  • Webhook authentication headers removed

  • Webhook authentication headers updated

API Keys

  • API key enabled

  • API key deleted


  • Secret created

  • Secret deleted

  • Secret updated


  • Integration created

  • Integration deleted

  • Integration updated

Custom Steps

  • Custom step created

  • Custom step deleted


  • Runner created

  • Runner deleted

IdP Connections

  • IdP connection created

  • IdP connection updated

  • IdP connection enabled

  • IdP connection disabled

IdP Claims mappings

  • IdP claims mapping created

  • IdP claims mapping updated

  • IdP claims mapping deleted


  • User login failed

Sample entry log

   "account_id": "1d8*****-****-4f2a-****-*****fe50a57",
   "account_name": "mrsactor",
   "action": "Workflow updated",
   "actor_name": "Mrs. Actor ",
   "actor_type": "web_app",
   "email": "",
   "extra_data": {
     "revision_id": "f31bb***-f5**-48**-a1**-749cca80f2**",
     "tags": [
   "id": "8aa*****-****-40a8-b1b1-40811*******",
   "ip": "77.***.***.237",
   "resource_id": "a0f5b***-****-****-****-***7d91d38**",
   "resource_name": "Audit log (step)",
   "timestamp": "2022-05-15T08:51:11.900970Z",
   "user_agent": "Mozilla/5.0 (Macintosh; Intel Mac OS X 10_15_7) AppleWebKit/537.36 (KHTML, like Gecko)    \t\t Chrome/101.0.****.5* Safari/537.36"

Was this article helpful?

Changing your password will log you out immediately. Use the new password to log back in.
First name must have atleast 2 characters. Numbers and special characters are not allowed.
Last name must have atleast 1 characters. Numbers and special characters are not allowed.
Enter a valid email
Enter a valid password
Your profile has been successfully updated.