Audit logs are available on the Enterprise plan.
Accessing audit logs
To view all account activity:- Go to Account Settings by clicking on the user icon in the top right corner of the dashboard.
- Select [Audit Logs] (https://app.suprsend.com/en/account-settings/audit-logs) tab.
| Filter option | Description |
|---|---|
| Date range | Choose relative date ranges (e.g., last 7 days, last 30 days) or set an absolute date range |
| Actor | Filter by team member email or name |
| Action | Select one or more action types (e.g., account.member_invited, api_key.generated) |
Tracked actions
Authentication & Key / Token Management
Authentication & Key / Token Management
Monitors all security-related changes including authentication methods, API keys, tokens, and signing keys. These are the highest priority events to track.Authentication (Account Settings → Authentication)
Service Tokens (Account Settings → Service Tokens)
API Keys (Developers → API Keys)
Public Keys (Developers → API Keys)
Signing Keys (Developers → API Keys)
| Action | Description |
|---|---|
account.mfa_enabled | Multi-factor authentication (MFA) was enabled for your account. This adds an extra layer of security by requiring a second verification step when logging in. |
account.mfa_disabled | Multi-factor authentication (MFA) was disabled for your account. This removes the additional security layer. |
| Action | Description |
|---|---|
service_token.generated | A new service token was created. Service tokens are used for authentication of management API requests or for CLI operations. |
service_token.deleted | Service token was deleted. This token can no longer be used for authentication. |
| Action | Description |
|---|---|
api_key.generated | A new API key was created. API keys are used to authenticate API requests to SuprSend. |
api_key.disabled | API key was deleted. This key can no longer be used to make API requests. |
| Action | Description |
|---|---|
public_api_key.generated | A new public API key was generated. Public API keys are used for authentication of client SDK requests. |
public_api_key.rotated | Public API key was rotated (replaced with a new key). This is done for security purposes to invalidate the old key. |
public_api_key.deleted | Public API key was deleted. This key can no longer be used for authentication. |
public_api_key.secure_mode_enabled | Enhanced security mode was enabled for public API key. This requires a signed user token to be sent along with client requests. |
public_api_key.secure_mode_disabled | Enhanced security mode was disabled for public API key. This no longer requires a signed user token to be sent along with client requests. |
| Action | Description |
|---|---|
signing_api_key.generated | A new signing API key was generated. Signing keys are used to sign JWT tokens for client SDK requests. |
signing_api_key.deleted | Signing API key was deleted. This key can no longer be used to sign JWT tokens. |
signing_api_key.rolled | Signing API key was rolled (replaced with a new key). The old key is invalidated and a new one is generated. |
Team Management
Team Management
Tracks changes to your team - member invitations, deactivations, and role changes.Team Management (Account Settings → Team)
| Action | Description |
|---|---|
account.member_invited | New team member was invited to the team. They will receive an email to join your team. |
account.member_deactivated | Team member was deactivated. This user can no longer access the account. |
account.member_invite_cancelled | Pending member invitation was cancelled. They will not be able to join using that invitation. |
account.member_invite_resent | Member invitation was resent. This is useful if the original invitation expired or was lost. |
account.member_role_changed | Team member role was changed. This affects their permissions and access level. |
We’re continuously expanding audit log coverage to include other account level actions. If you have any suggestions or need to track other actions on priority basis, please contact the SuprSend support team.
FAQs
Can I export my audit logs?
Can I export my audit logs?
This feature to download audit logs or export it in your data warehouse is not available yet. You can raise feature request on slack community or email us at [email protected].
How long are audit logs stored?
How long are audit logs stored?
We start tracking audit logs in your account as soon as you upgrade to the Enterprise plan. The log retention timeframe depends on your billing plan.
Why do I see system actions in my audit logs?
Why do I see system actions in my audit logs?
When events occur that don’t originate from a user action (like automated system updates or side effects from merges), these events may be attributed to system processes. This helps maintain a complete audit trail of all changes to your account.