Audit Log

Every state-changing action performed within your eConsent account is automatically recorded in the audit log. Each entry captures who performed the action, what changed, and when it occurred, giving you a complete trail for compliance and accountability.

What’s tracked

The audit log captures actions across the following categories:

Category	Actions
Certificates	Certificate generation, certificate downloads, certificate expiration
Consent	Consent revocation, opt-out requests processed
Webhooks	Webhook created, updated, deleted, toggled on/off
Authentication	User logins, failed login attempts, password resets, API token generation
Configuration	Property settings changed, retention settings updated, integration enabled/disabled
Billing	Wallet recharge, plan upgrade/downgrade, auto-recharge toggled
Organization	User invited, user removed, role changed, company details updated

Log entry fields

Each audit log entry contains the following fields:

Field	Type	Description
`action`	string	The specific action performed (e.g., `certificate.generated`, `webhook.created`)
`category`	string	The category grouping (e.g., `certificates`, `webhooks`, `billing`)
`user`	string	Email address of the user who performed the action
`ip_address`	string	IP address from which the action originated
`timestamp`	string	ISO 8601 timestamp of when the action occurred
`details`	object	Additional context specific to the action (e.g., property ID, webhook URL, old/new values)

Example entry

{
  "action": "webhook.created",
  "category": "webhooks",
  "user": "admin@example.com",
  "ip_address": "203.0.113.42",
  "timestamp": "2026-03-15T14:22:08Z",
  "details": {
    "webhook_id": "wh-abc123",
    "url": "https://example.com/webhook",
    "events": ["certificate.generated", "consent.revoked"]
  }
}

Viewing the audit log

Navigate to Audit Log in the left sidebar of your dashboard at app.econsent.org.
Browse the chronological list of actions performed across your account.
Use the Category filter to narrow results to a specific type of action (e.g., show only billing events or webhook changes).
Click on any entry to expand its details and view the full context of the action.

Admin tracking

Actions performed by admin or super root users are tagged with the admin’s identity, even when acting on behalf of another account. This ensures that administrative operations are fully attributable and distinguishable from actions taken by regular account users.

Field	Description
`user`	The admin’s email address
`details.admin`	`true` when the action was performed by an admin user
`details.on_behalf_of`	The company or account the admin was acting on, if applicable

Retention

Audit log entries are retained for 90 days from the date they were created. After 90 days, entries are automatically purged and cannot be recovered.

If you require longer retention for regulatory or legal purposes, export your audit log data before the 90-day window expires.

Use cases

Compliance audits

Use the audit log to demonstrate a clear chain of custody for consent records. During a TCPA compliance review, filter by the Certificates and Consent categories to produce a complete timeline of certificate generation and any subsequent revocations.

Internal investigations

When investigating unexpected changes to account configuration, the audit log provides the exact user, IP address, and timestamp for every modification. Filter by Configuration or Organization to trace who changed a setting or removed a team member.

Change tracking

Track all modifications to webhooks, integrations, and property settings over time. The details field captures old and new values where applicable, making it straightforward to understand what changed and why.

Next steps

Properties & Domains. Configure properties and domain settings
Retention Management. Session and certificate retention policies
Revocation & Opt-Out. Consumer consent revocation workflow