Audit Log

Audit log represents a log record of actions performed by users.

Only admin or organization group admins can access the log records. Logs do not include records about changes made by Rossum representatives via internal systems. The log retention policy is set to 1 year.

Talk with a Rossum representative about enabling this feature.

Audit log

Attribute

Type

Description

organization_id*

read-only

integer

ID of the organization

timestamp*

read-only

datetime

Timestamp of the log record.

username*

read-only

string

Username of the user that performed the action

object_id*

read-only

integer

ID of the object on which the action was performed

object_type*

read-only

"document" | "annotation" | "user"

Type of the object on which the action was performed

action*

read-only

string

Type of the action performed.

Each object_type has different actions available.

object_type	Available actions
document	create
annotation	update-status
user	create, delete, purge, update, destroy, app_load, reset-password, change-password

content*

object

path

string

Partial URL path of the request

method

string

Method of the request

request_id

string

ID of the request. Use this when contacting Rossum support with any related questions

status_code

integer

Status code of the response

details

object

Details about the request (if available). For most cases, this field will be {}

payload

object

Payload details of the request

groups

list[string]

Name of the user roles that were sent (if sent) in a request on a user object

List audit logs

List audit log records for chosen objects and actions.

Only admin or organization group admins can access the log records.

curl -X GET "https://example.rossum.app/api/v1/audit_logs?object_type=document&action=change_password"

curl -X GET "https://example.rossum.app/api/v1/audit_logs?object_type=document&action=change_password"

{
  "pagination": {
    "next": null,
    "previous": null
  },
  "results": [
    {
      "organization_id": 406,
      "timestamp": "2024-07-01T07:00:00.000000Z",
      "username": "john.doe@example.com",
      "object_id": 131,
      "object_type": "user",
      "action": "update",
      "content": {
        "path": "api/v1/users/131",
        "method": "PATCH",
        "request_id": "0aadfd75-8dcz-4e62-94d9-a23811d0d0b0",
        "status_code": 200,
        "details": {
          "payload": {
            "groups": [
              "admin"
            ]
          }
        }
      }
    }
  ]
}

{
  "detail": "Bad Request.",
  "code": "bad_request"
}

{
  "detail": "Invalid token.",
  "code": "authentication_failed"
}

{
  "detail": "Access to the requested resource is forbidden.",
  "code": "access_forbidden"
}

{
  "detail": "Not found.",
  "code": "not_found"
}

{
  "detail": "Conflict.",
  "code": "conflict_status"
}

{
  "detail": "Request was rate limited.",
  "code": "rate_limited",
  "url": "https://rossum.app/api/docs/openapi/guides/overview/#rate-limiting"
}

{
  "detail": "Server error.",
  "code": "error"
}

{
  "detail": "Bad Gateway.",
  "code": "bad_gateway"
}

{
  "detail": "Service Unavailable.",
  "code": "service_unavailable"
}

{
  "detail": "Gateway timeout.",
  "code": "gateway_timeout"
}

Response

200OK

Attribute

Type

Description

pagination*

pagination

URL

URL for the next page of results. Contains an opaque signed cursor query parameter. Use this URL directly to fetch the next page — do not attempt to construct or modify the cursor value.

URL

URL for the previous page of results. Contains an opaque signed cursor query parameter. Use this URL directly to fetch the previous page — do not attempt to construct or modify the cursor value.

results*

list[audit_log]

organization_id*

read-only

integer

ID of the organization

timestamp*

read-only

datetime

Timestamp of the log record.

username*

read-only

string

Username of the user that performed the action

object_id*

read-only

integer

ID of the object on which the action was performed

object_type*

read-only

"document" | "annotation" | "user"

Type of the object on which the action was performed

action*

read-only

string

Type of the action performed.

Each object_type has different actions available.

object_type	Available actions
document	create
annotation	update-status
user	create, delete, purge, update, destroy, app_load, reset-password, change-password

content*

object

path

string

Partial URL path of the request

method

string

Method of the request

request_id

string

ID of the request. Use this when contacting Rossum support with any related questions

status_code

integer

Status code of the response

details

object

Details about the request (if available). For most cases, this field will be {}

payload

object

Payload details of the request

groups

list[string]

Name of the user roles that were sent (if sent) in a request on a user object

400Bad Request

Invalid input data.

Attribute

Type

Description

detail

read-only

string

Detail of the error

code

read-only

string

Code of the error

401Unauthorized

The username/password is invalid or token is invalid (e.g. expired).

Attribute

Type

Description

detail

read-only

string

Detail of the error

code

read-only

string

Code of the error

403Forbidden

Insufficient permission, missing authentication, invalid CSRF token and similar issue.

Attribute

Type

Description

detail

read-only

string

Detail of the error

code

read-only

string

Code of the error

404Not Found

The specified resource was not found.

Attribute

Type

Description

detail

read-only

string

Detail of the error

code

read-only

string

Code of the error

409Conflict

Conflict

Attribute

Type

Description

detail

read-only

string

Detail of the error

code

read-only

string

Code of the error

429Too Many Requests

Request rate is too high, wait before sending more requests. See Rate Limiting for more details.

Attribute

Type

Description

detail

read-only

string

Detail of the error

code

read-only

string

Code of the error

url

read-only

string

Link to the rate limiting documentation

500Internal Server Error

Server failure while processing the request.

Attribute

Type

Description

detail

read-only

string

Detail of the error

code

read-only

string

Code of the error

502Bad Gateway

Invalid response from the upstream server.

Attribute

Type

Description

detail

read-only

string

Detail of the error

code

read-only

string

Code of the error

503Service Unavailable

We're temporarily offline for maintenance. Please try again later.

Attribute

Type

Description

detail

read-only

string

Detail of the error

code

read-only

string

Code of the error

504

Upstream server could not complete the request in time.

Attribute

Type

Description

detail

read-only

string

Detail of the error

code

read-only

string

Code of the error