Skip to main content
Every meaningful action in Synq — creating a product, placing an order, inviting a team member, or changing a tenant setting — is automatically recorded as an audit event. The audit log gives you a timestamped, tamper-proof trail that you can use to meet compliance requirements, investigate unexpected changes, debug integration issues, or simply understand how your team is using the platform. Audit events are scoped to your tenant and organization, so you only ever see activity that belongs to you.

List audit events

Retrieve the 50 most recent audit events for your tenant, ordered by most recent first. 
GET /api/v1/audit
Authorization: Bearer TOKEN
X-Tenant-ID: your-tenant-id
X-Org-ID: your-org-id
Response 
[
  {
    "id": "c9a1b2d3-4e5f-6789-abcd-0123456789ef",
    "actor_email": "admin@example.com",
    "action": "TENANT_SETTINGS_UPDATED",
    "entity_type": "TENANT_SETTINGS",
    "entity_id": "a1b2c3d4-e5f6-7890-abcd-ef1234567890",
    "details": {
      "inventory_allocation_model": "HARD",
      "auto_po_enabled": true,
      "default_low_stock_threshold": 10,
      "costing_method": "WAC"
    },
    "ip_address": "203.0.113.42",
    "created_at": "2024-11-18T09:15:22Z"
  },
  {
    "id": "f0e1d2c3-b4a5-9687-fedc-ba9876543210",
    "actor_email": "ops@example.com",
    "action": "ORDER_PLACED",
    "entity_type": "ORDER",
    "entity_id": "4455ccdd-aaaa-bbbb-cccc-ddddeeeeffff",
    "details": {
      "order_number": "ORD-10042",
      "total_amount": 1249.99,
      "currency": "USD"
    },
    "ip_address": "203.0.113.11",
    "created_at": "2024-11-17T14:08:01Z"
  },
  {
    "id": "aa11bb22-cc33-dd44-ee55-ff6677889900",
    "actor_email": "catalog@example.com",
    "action": "PRODUCT_CREATED",
    "entity_type": "PRODUCT",
    "entity_id": "deadbeef-0000-1111-2222-333344445555",
    "details": {
      "sku": "SKU-9982",
      "name": "Heavy Duty Storage Rack"
    },
    "ip_address": "203.0.113.55",
    "created_at": "2024-11-16T11:45:00Z"
  }
]

Audit event fields

id
string
UUID that uniquely identifies this audit event. Use this as a stable reference when filing support tickets or cross-referencing events in external systems.
actor_email
string
The email address of the user who performed the action. Set to "system" when an automated process — such as a scheduled job or an AI task — initiated the action rather than a human user.
action
string
An uppercase string that identifies the operation that was performed, for example TENANT_SETTINGS_UPDATED, USER_INVITED, or PRODUCT_CREATED. See the action reference below for common values.
entity_type
string
The category of the object that was acted upon, for example PRODUCT, ORDER, TENANT_SETTINGS, or USER.
entity_id
string
UUID of the specific record that was affected. Pair this with entity_type to look up the record in the relevant API.
details
object
A free-form JSON object containing event-specific context — for example, the field values that were changed, the order total, or the SKU that was created. The shape varies by action.
ip_address
string
The IP address from which the request was made, recorded for security and compliance purposes.
created_at
string
ISO 8601 timestamp (UTC) recording exactly when the event was persisted. This is the authoritative time of the action.

Action reference

ActionDescription
PRODUCT_CREATEDA new product record was added to the catalog.
PRODUCT_UPDATEDOne or more fields on an existing product were changed.
PRODUCT_DELETEDA product was soft-deleted and removed from the active catalog.
PRODUCT_PRICE_CHANGEDThe listed price of a product was updated.
ActionDescription
ORDER_PLACEDA new order was submitted.
ORDER_FULFILLEDAn order was marked as shipped or delivered.
ORDER_CANCELLEDAn order was cancelled before fulfilment.
ORDER_REFUNDEDA refund was issued against a completed order.
ActionDescription
USER_INVITEDA new user was invited to join the organization.
USER_ROLE_CHANGEDAn existing member’s role was updated.
USER_REMOVEDA user’s access to the organization was revoked.
ActionDescription
TENANT_SETTINGS_UPDATEDTenant-level settings were changed. The details object contains the new values for all four settings fields.
ActionDescription
INTEGRATION_CONNECTEDA new commerce channel or third-party integration was connected.

Common use cases

1

Compliance auditing

Export audit events periodically and store them in your data warehouse or SIEM. Filter on action values such as TENANT_SETTINGS_UPDATED or USER_ROLE_CHANGED to satisfy change-management controls.
2

Debugging unexpected changes

When a record looks wrong, look up its UUID in the entity_id field and trace the sequence of events. The actor_email and details fields tell you exactly who made each change and what the values were set to.
3

Tracking automated actions

Events triggered by automated processes carry actor_email: "system". Filter on this value to distinguish automated actions from human ones and review what has been done on your behalf.
Audit logs are read-only — you cannot modify or delete individual events through the API. Events are retained in accordance with your contractual data retention period to support compliance and legal requirements. Contact Synq support if you need a full export or have a retention policy question.