Audit Log
The audit log records key security-sensitive actions taken in your Dacard organization. It is designed for administrators who need to track who did what, when, and from where. Navigate to Settings > Audit Log to view the log. Admin access is required.What is logged
| Action | Description |
|---|---|
member.invite | A new team member was invited |
member.remove | A team member was removed from the organization |
role_change | A member’s role was changed |
delete | A product, score, or account resource was deleted |
impersonate | An admin impersonated another user (dacard_admin only) |
account.update | Organization name or settings were changed |
api_key.create | A new API key was created |
api_key.delete | An API key was deleted |
sso.enforce | SSO enforcement was enabled or disabled |
Reading the log
Each entry shows:| Field | Description |
|---|---|
| Time | When the action occurred |
| User | The user ID who performed the action |
| Action | The action type (color-coded by severity) |
| Resource | The resource type and ID affected (if applicable) |
| IP | The IP address the action originated from |
- Red destructive actions (delete)
- Amber elevated privilege actions (impersonate)
- Purple role changes
- Green standard administrative actions
Retention
Audit log entries are retained for 90 days. Entries older than 90 days are automatically removed. If you need longer retention for compliance purposes, contact support@dacard.ai.Access control
Only users with thedacard_admin role or account admin role can view the audit log. Members and leads do not have access.
The audit log is read-only. Entries cannot be modified or deleted this is by design for security integrity.
Roles & Permissions
Understand who can access the audit log and perform sensitive actions.
SSO
SSO enforcement events appear in the audit log.