Audit Logging Overview

Audit logs provide visibility for security investigations, compliance evidence, and internal governance.

Event Coverage (current)

• Authentication: logins, SSO assertions, failed attempts.
• Identity & Roles: user creation/deletion, role/permission changes, SCIM (when applicable).
• Configuration: retention settings, SSO/SAML settings, workspace/org settings.
• Content Admin: space/room creation and deletion, export/deletion operations. Roadmap additions will expand object-level access events and administrator actions.

Access & Retention

• Visible to organization administrators.
• Retained per org policy; defaults align to our Data Deletion & Retention Policy.
• Exports available to support compliance and incident response.

Integrity & Protection

• Stored in tamper-resistant systems; administrative access is itself audited. Retrieval is rate-limited and requires MFA for privileged roles.