Audit Logs - Devin Docs

Get audit logs for the current user’s organization.

Query Parameters

before

string

Return logs before this cursor/timestamp

after

string

Return logs after this cursor/timestamp

limit

integer

default:"100"

Maximum number of audit log entries to return

Response

Response Structure

The API returns audit log data with the following schema:

{
  "audit_logs": [
    {
      "action": "string",           // The action that was performed
      "user_id": "string|null",     // User identifier
      "user_email": "string|null",  // User email address
      "created_at": "number",       // Creation timestamp (Unix timestamp in milliseconds)
      // Additional fields specific to the action type
    }
  ]
}

Action Types and Data Schemas

The following actions are tracked in audit logs. Each action type returns the specific fields for that action:

Member Management

`add_enterprise_member`

Logs when users are added to an enterprise.

{
  "action": "add_enterprise_member",
  "org_id": "string",
  "user_id": "string|null",
  "user_email": "string|null",
  "created_at": "number",
  "target_user_id": "string",
  "roles": ["string"]
}

`add_member`

Logs when users are added to an organization.

{
  "action": "add_member",
  "org_id": "string",
  "user_id": "string|null",
  "user_email": "string|null",
  "created_at": "number",
  "target_user_id": "string",
  "roles": ["string"]
}

`delete_member`

Logs when users are removed from an organization or enterprise.

{
  "action": "delete_member",
  "org_id": "string",
  "user_id": "string|null",
  "user_email": "string|null",
  "created_at": "number",
  "target_user_id": "string",
  "enterprise_id": "string"
}

`assign_roles`

Logs when user roles are updated.

{
  "action": "assign_roles",
  "org_id": "string",
  "user_id": "string|null",
  "user_email": "string|null",
  "created_at": "number",
  "target_user_id": "string",
  "roles": ["string"]
}

Group Management

`add_group_membership`

Logs when groups are added to organization membership.

{
  "action": "add_group_membership",
  "org_id": "string",
  "user_id": "string|null",
  "user_email": "string|null",
  "created_at": "number",
  "target_group_name": "string",
  "roles": ["string"]
}

`update_group_membership`

Logs when group membership roles are updated.

{
  "action": "update_group_membership",
  "org_id": "string",
  "user_id": "string|null",
  "user_email": "string|null",
  "created_at": "number",
  "target_group_name": "string",
  "role": "string"
}

`delete_group_membership`

Logs when groups are removed from organization membership.

{
  "action": "delete_group_membership",
  "org_id": "string",
  "user_id": "string|null",
  "user_email": "string|null",
  "created_at": "number",
  "target_group_name": "string"
}

Session Management

`create_session`

Logs when new Devin sessions are created.

{
  "action": "create_session",
  "org_id": "string",
  "user_id": "string|null",
  "user_email": "string|null",
  "created_at": "number",
  "session_id": "string"
}

`send_message`

Logs when messages are sent to Devin sessions.

{
  "action": "send_message",
  "org_id": "string",
  "user_id": "string|null",
  "user_email": "string|null",
  "created_at": "number",
  "session_id": "string",
  "privacy_mode": "boolean"
}

`sleep_session`

Logs when Devin sessions are put to sleep.

{
  "action": "sleep_session",
  "org_id": "string",
  "user_id": "string|null",
  "user_email": "string|null",
  "created_at": "number",
  "session_id": "string",
  "privacy_mode": "boolean"
}

`terminate_session`

Logs when Devin sessions are terminated.

{
  "action": "terminate_session",
  "org_id": "string",
  "user_id": "string|null",
  "user_email": "string|null",
  "created_at": "number",
  "session_id": "string",
  "privacy_mode": "boolean"
}

`create_mcp_validation_session`

Logs when MCP validation sessions are created.

{
  "action": "create_mcp_validation_session",
  "org_id": "string",
  "user_id": "string|null",
  "user_email": "string|null",
  "created_at": "number",
  "session_id": "string"
}

Organization Management

`create_org`

Logs when new organizations are created.

{
  "action": "create_org",
  "org_id": "string",
  "user_id": "string|null",
  "user_email": "string|null",
  "created_at": "number"
}

`delete_org`

Logs when organizations are deleted.

{
  "action": "delete_org",
  "org_id": "string",
  "user_id": "string|null",
  "user_email": "string|null",
  "created_at": "number",
  "org_name": "string"
}

API Key Management

`create_org_api_key`

Logs when organization API keys are created.

{
  "action": "create_org_api_key",
  "org_id": "string",
  "user_id": "string|null",
  "user_email": "string|null",
  "created_at": "number"
}

`create_user_api_key`

Logs when user-specific API keys are created.

{
  "action": "create_user_api_key",
  "org_id": "string",
  "user_id": "string|null",
  "user_email": "string|null",
  "created_at": "number"
}

`view_org_api_key`

Logs when organization API keys are viewed/retrieved.

{
  "action": "view_org_api_key",
  "org_id": "string",
  "user_id": "string|null",
  "user_email": "string|null",
  "created_at": "number"
}

`view_user_api_key`

Logs when user API keys are viewed/retrieved.

{
  "action": "view_user_api_key",
  "org_id": "string",
  "user_id": "string|null",
  "user_email": "string|null",
  "created_at": "number"
}

`create_service_api_key`

Logs when service API keys are created for enterprises.

{
  "action": "create_service_api_key",
  "org_id": "string",
  "user_id": "string|null",
  "user_email": "string|null",
  "created_at": "number"
}

`revoke_enterprise_api_key`

Logs when enterprise API keys are revoked.

{
  "action": "revoke_enterprise_api_key",
  "org_id": "string",
  "user_id": "string|null",
  "user_email": "string|null",
  "created_at": "number"
}

`revoke_all_enterprise_api_keys`

Logs when all enterprise API keys are revoked.

{
  "action": "revoke_all_enterprise_api_keys",
  "org_id": "string",
  "user_id": "string|null",
  "user_email": "string|null",
  "created_at": "number"
}

Secret Management

`create_secret`

Logs when secrets are created.

{
  "action": "create_secret",
  "org_id": "string",
  "user_id": "string|null",
  "user_email": "string|null",
  "created_at": "number",
  "secret_id": "string",
  "secret_key": "string"
}

`update_secret`

Logs when secrets are updated.

{
  "action": "update_secret",
  "org_id": "string",
  "user_id": "string|null",
  "user_email": "string|null",
  "created_at": "number",
  "secret_id": "string",
  "secret_key": "string"
}

`delete_secret`

Logs when secrets are deleted.

{
  "action": "delete_secret",
  "org_id": "string",
  "user_id": "string|null",
  "user_email": "string|null",
  "created_at": "number",
  "secret_id": "string",
  "secret_key": "string"
}

Knowledge Management

`create_knowledge`

Logs when knowledge items (notes) are created.

{
  "action": "create_knowledge",
  "org_id": "string",
  "user_id": "string|null",
  "user_email": "string|null",
  "created_at": "number",
  "knowledge_id": "string"
}

`edit_knowledge`

Logs when knowledge items are edited.

{
  "action": "edit_knowledge",
  "org_id": "string",
  "user_id": "string|null",
  "user_email": "string|null",
  "created_at": "number",
  "knowledge_id": "string"
}

`delete_knowledge`

Logs when knowledge items are deleted.

{
  "action": "delete_knowledge",
  "org_id": "string",
  "user_id": "string|null",
  "user_email": "string|null",
  "created_at": "number",
  "knowledge_id": "string"
}

`create_folder`

Logs when knowledge folders are created.

{
  "action": "create_folder",
  "org_id": "string",
  "user_id": "string|null",
  "user_email": "string|null",
  "created_at": "number",
  "folder_id": "string"
}

`update_folder`

Logs when knowledge folders are updated.

{
  "action": "update_folder",
  "org_id": "string",
  "user_id": "string|null",
  "user_email": "string|null",
  "created_at": "number",
  "folder_id": "string"
}

`delete_folder`

Logs when knowledge folders are deleted.

{
  "action": "delete_folder",
  "org_id": "string",
  "user_id": "string|null",
  "user_email": "string|null",
  "created_at": "number",
  "folder_id": "string"
}

Repository Management

`start_repo_setup`

Logs when repository setup is initiated.

{
  "action": "start_repo_setup",
  "org_id": "string",
  "user_id": "string|null",
  "user_email": "string|null",
  "created_at": "number",
  "repo_name": "string"
}

`finish_repo_setup`

Logs when repository setup is completed.

{
  "action": "finish_repo_setup",
  "org_id": "string",
  "user_id": "string|null",
  "user_email": "string|null",
  "created_at": "number",
  "repo_name": "string"
}

`delete_repo_setup`

Logs when repository setup is deleted.

{
  "action": "delete_repo_setup",
  "org_id": "string",
  "user_id": "string|null",
  "user_email": "string|null",
  "created_at": "number",
  "repo_name": "string"
}

`remove_repo_from_devin`

Logs when repositories are removed from Devin.

{
  "action": "remove_repo_from_devin",
  "org_id": "string",
  "user_id": "string|null",
  "user_email": "string|null",
  "created_at": "number",
  "repo_name": "string"
}

Playbook Management

`create_playbook`

Logs when playbooks are created.

{
  "action": "create_playbook",
  "org_id": "string",
  "user_id": "string|null",
  "user_email": "string|null",
  "created_at": "number",
  "playbook_id": "string"
}

`update_playbook`

Logs when playbooks are updated.

{
  "action": "update_playbook",
  "org_id": "string",
  "user_id": "string|null",
  "user_email": "string|null",
  "created_at": "number",
  "playbook_id": "string"
}

`delete_playbook`

Logs when playbooks are deleted.

{
  "action": "delete_playbook",
  "org_id": "string",
  "user_id": "string|null",
  "user_email": "string|null",
  "created_at": "number",
  "playbook_id": "string"
}

Integration Management

`create_github_integration`

Logs when GitHub integrations are created.

{
  "action": "create_github_integration",
  "org_id": "string",
  "user_id": "string",
  "user_email": "string",
  "created_at": "number",
  "github_org_name": "string"
}

`delete_github_integration`

Logs when GitHub integrations are deleted.

{
  "action": "delete_github_integration",
  "org_id": "string",
  "user_id": "string|null",
  "user_email": "string|null",
  "created_at": "number"
}

`github_integration_deleted`

Logs when GitHub integrations are automatically deleted.

{
  "action": "github_integration_deleted",
  "org_id": "string",
  "user_id": "string|null",
  "user_email": "string|null",
  "created_at": "number",
  "github_org_name": "string",
  "installation_id": "number"
}

`create_gitlab_integration`

Logs when GitLab integrations are created.

{
  "action": "create_gitlab_integration",
  "org_id": "string",
  "user_id": "string|null",
  "user_email": "string|null",
  "created_at": "number",
  "gitlab_user_name": "string",
  "gitlab_host": "string"
}

`delete_gitlab_integration`

Logs when GitLab integrations are deleted.

{
  "action": "delete_gitlab_integration",
  "org_id": "string",
  "user_id": "string|null",
  "user_email": "string|null",
  "created_at": "number",
  "gitlab_user_name": "string",
  "gitlab_host": "string"
}

`create_azure_devops_integration`

Logs when Azure DevOps integrations are created.

{
  "action": "create_azure_devops_integration",
  "org_id": "string",
  "user_id": "string|null",
  "user_email": "string|null",
  "created_at": "number",
  "azure_devops_user_name": "string",
  "azure_devops_host": "string"
}

`delete_azure_devops_integration`

Logs when Azure DevOps integrations are deleted.

{
  "action": "delete_azure_devops_integration",
  "org_id": "string",
  "user_id": "string|null",
  "user_email": "string|null",
  "created_at": "number",
  "azure_devops_user_name": "string",
  "azure_devops_host": "string"
}

Enterprise Management

`update_enterprise_settings`

Logs when enterprise settings are updated.

{
  "action": "update_enterprise_settings",
  "org_id": "string",
  "user_id": "string|null",
  "user_email": "string|null",
  "created_at": "number"
}

`update_enterprise_hypervisor_settings`

Logs when enterprise hypervisor settings are updated.

{
  "action": "update_enterprise_hypervisor_settings",
  "org_id": "string",
  "user_id": "string|null",
  "user_email": "string|null",
  "created_at": "number",
  "settings": {
    "debugging_enabled": "boolean|null",
    "automatic_updates": "boolean|null"
  }
}

Search and Query

`search_query`

Logs when search queries are performed.

{
  "action": "search_query",
  "org_id": "string",
  "user_id": "string|null",
  "user_email": "string|null",
  "created_at": "number"
}

Security

`ai_guardrail_violation`

Logs when AI guardrail violations are detected.

{
  "action": "ai_guardrail_violation",
  "org_id": "string",
  "user_id": "string|null",
  "user_email": "string|null",
  "created_at": "number",
  "session_id": "string",
  "offending_event_id": "string",
  "confidence_score": "number",
  "rule_name": "string"
}

Possible rule_name values:

Rule Name	Description
`"profanity"`	Detects messages containing profanity or inappropriate language
`"secrets"`	Detects attempts to query for secrets, sensitive data, or system prompts
`"pii"`	Detects attempts to access PII (Personally Identifiable Information) or other sensitive user information
`"ddos"`	Detects requests to DDOS downstream systems
`"evasion"`	Detects attempts to circumvent or ignore the guardrail rules themselves

curl -X GET "https://api.devin.ai/v2/audit-logs" \
  -H "Authorization: Bearer YOUR_API_KEY" \
  -G \
  -d "limit=50"

{
  "audit_logs": [
    {
      "action": "create_session",
      "user_id": "user_456",
      "user_email": "user@example.com",
      "created_at": 1704067200000,
      "session_id": "session_789"
    },
    {
      "action": "add_member",
      "user_id": "user_456",
      "user_email": "user@example.com",
      "created_at": 1704153600000,
      "target_user_id": "user_789",
      "roles": ["member"]
    }
  ]
}

Enterprise

Security & Access

Virtual Private Cloud

Enterprise API

​Query Parameters

​Response

​Response Structure

​Action Types and Data Schemas

​Member Management

​add_enterprise_member

​add_member

​delete_member

​assign_roles

​Group Management

​add_group_membership

​update_group_membership

​delete_group_membership

​Session Management

​create_session

​send_message

​sleep_session

​terminate_session

​create_mcp_validation_session

​Organization Management

​create_org

​delete_org

​API Key Management

​create_org_api_key

​create_user_api_key

​view_org_api_key

​view_user_api_key

​create_service_api_key

​revoke_enterprise_api_key

​revoke_all_enterprise_api_keys

​Secret Management

​create_secret

​update_secret

​delete_secret

​Knowledge Management

​create_knowledge

​edit_knowledge

​delete_knowledge

​create_folder

​update_folder

​delete_folder

​Repository Management

​start_repo_setup

​finish_repo_setup

​delete_repo_setup

​remove_repo_from_devin

​Playbook Management

​create_playbook

​update_playbook

​delete_playbook

​Integration Management

​create_github_integration

​delete_github_integration

​github_integration_deleted

​create_gitlab_integration

​delete_gitlab_integration

​create_azure_devops_integration

​delete_azure_devops_integration

​Enterprise Management

​update_enterprise_settings

​update_enterprise_hypervisor_settings

​Search and Query

​search_query

​Security

​ai_guardrail_violation