Audit log — a record of every access change
The audit log records every privileged change to who can access your account: invites created, accepted, and revoked; member role changes; client-scope changes; member removals; and ownership transfers. Each entry captures who did it, what they touched, when, and the before/after detail. It's read-only and account-scoped, visible to Owners and Admins, so you always have an accountability trail for reviews and compliance.
Every sensitive access change writes one immutable entry. The log covers the full set of team mutations: an invite being created, accepted, or revoked; a member's role being changed; a member's client-group scope being changed; a member being removed; and ownership being transferred. Each row records the acting user, the affected member or invite, a timestamp, and structured detail such as the old and new role on a role change — so you can see not just that something changed, but exactly how.
The log is deliberately write-once. Entries are only ever appended — never edited or deleted from the view — and each one is written durably after the change it describes has actually committed, so the log never claims an access change that didn't happen, and a change that did happen is never missing its record. Because the actor is stored as a plain reference, an entry survives even if that person is later removed from the account, so the history stays complete.
Review the audit log
- Open Dashboard → Security (available to Owners and Admins).
- Choose View audit log — it's also linked from the Team page.
- Read the most recent access changes first: each row shows the actor's email, the action, the affected member or invite, and when it happened.
- Use it during access reviews to confirm who was invited, re-roled, re-scoped, removed, or handed ownership — and by whom.
The audit log is Owner- and Admin-only, and scoped to your own account. Technicians and Viewers don't see it, and it only ever shows your account's own history — never another tenant's. It reads back most-recent-first.
It's a record, not a control surface. The audit log is read-only — you review it, you don't edit it. Access changes themselves are made on the Team and Security pages; the log is the trail those actions leave behind.
Frequently asked questions
What actions does the audit log record?
Every privileged access change: invites created, accepted, and revoked; member role changes; member client-scope changes; member removals; and ownership transfers. Each entry captures who acted, the affected member or invite, the timestamp, and before/after detail (like old and new role).
Who can see the audit log?
Owners and Admins, for their own account only. Technicians and Viewers can't view it, and the log is account-scoped, so you never see another tenant's history. Entries read back most-recent-first.
Can the audit log be edited or deleted?
No — it's append-only and read-only. Entries are written after the change they describe has committed and are never edited or removed from the view, so the trail stays honest. An entry even survives the acting user being removed from the account.
Why does the audit log matter?
It's your accountability and compliance trail. For any access review you can show exactly who was granted or removed access, who changed a role or scope, and who transferred ownership — and who did each of those things — without reconstructing it from memory.