> ## Documentation Index
> Fetch the complete documentation index at: https://docs.cantina.xyz/llms.txt
> Use this file to discover all available pages before exploring further.

# Get company audit log.

> # Access control rules

- Company manager can view a company's change log.
- Admins can list all companies. Requires `read_all_companies` permissions.



## OpenAPI

````yaml GET /api/v0/companies/{company_id}/audit-log
openapi: 3.1.0
info:
  title: Cantina Client API
  description: >-
    Endpoints available to client organizations. For an overview and
    authentication, see
    https://docs.cantina.xyz/for-organizations/getting-started/api-access.
  license:
    name: Cantina
    identifier: Cantina
  version: 0.1.0
servers: []
security: []
paths:
  /api/v0/companies/{company_id}/audit-log:
    get:
      tags:
        - companies
      summary: Get company audit log.
      description: >-
        # Access control rules


        - Company manager can view a company's change log.

        - Admins can list all companies. Requires `read_all_companies`
        permissions.
      operationId: get_company_audit_log
      parameters:
        - name: target_users
          in: query
          description: List only entries involving the user
          required: false
          schema:
            type:
              - array
              - 'null'
            items:
              $ref: '#/components/schemas/ResourceRef'
        - name: actions
          in: query
          description: List only entries for the action
          required: false
          schema:
            type:
              - array
              - 'null'
            items:
              $ref: '#/components/schemas/AuditLogAction'
        - name: since
          in: query
          description: List only entries since a point in time, defaults to all the events.
          required: false
          schema:
            type:
              - string
              - 'null'
            format: date-time
        - name: performing_users
          in: query
          description: List only entries in which the user acted
          required: false
          schema:
            type:
              - array
              - 'null'
            items:
              $ref: '#/components/schemas/ResourceRef'
        - name: limit
          in: query
          description: Maximum number of entries returned (defaults to 5), limited to 100.
          required: false
          schema:
            type:
              - integer
              - 'null'
            minimum: 0
        - name: order_by
          in: query
          description: Ordering for entries, defaults to descending creation date.
          required: false
          schema:
            oneOf:
              - type: 'null'
              - $ref: '#/components/schemas/AuditLogEntryOrdering'
        - name: next
          in: query
          description: Next page key.
          required: false
          schema:
            type:
              - string
              - 'null'
        - name: company_id
          in: path
          required: true
          schema:
            type: string
            format: uuid
      responses:
        '200':
          description: Company audit log
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Page_AuditLogEntry'
        '400':
          description: Bad request
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/CantinaError'
        '401':
          description: Access not authorised
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/CantinaError'
        '403':
          description: Access forbidden
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/CantinaError'
        '404':
          description: Not found
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/CantinaError'
        '500':
          description: Error retrieving company audit log
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/CantinaError'
components:
  schemas:
    ResourceRef:
      oneOf:
        - type: string
          format: uuid
          description: Resource id.
        - type: string
          description: Resource handle, e.g. a user's username or a team handle.
      description: Reference to a resource, either by `id` or `handle` (`username`).
    AuditLogAction:
      oneOf:
        - $ref: '#/components/schemas/AuditLogCompanyAction'
        - $ref: '#/components/schemas/AuditLogRepositoryAction'
      description: Possible actions to filter entries
    AuditLogEntryOrdering:
      type: string
      description: Ordering for the lists of findings in the auditor profile
      enum:
        - created_at_asc
        - created_at_desc
    Page_AuditLogEntry:
      type: object
      description: Pagination helper over a list of AuditLogEntry
      required:
        - items
      properties:
        items:
          type: array
          items:
            $ref: '#/components/schemas/AuditLogEntry'
        nextValue:
          type:
            - string
            - 'null'
          description: |-
            Use this as `next` argument in the next request to retrieve
            the next list of AuditLogEntry

            If this is empty it means no more AuditLogEntry are available.
    CantinaError:
      type: object
      description: Error returned by the Cantina API.
      required:
        - type
        - msg
      properties:
        type:
          $ref: '#/components/schemas/ErrorType'
        msg:
          type: string
          description: Error message for the user.
    AuditLogCompanyAction:
      type: string
      description: Company audit log data
      enum:
        - user_invited
        - user_auto_joined
        - user_disabled
        - user_reenabled
        - company_role_changed
        - github_integration_added
        - github_integration_removed
    AuditLogRepositoryAction:
      type: string
      description: Repository audit log action
      enum:
        - access_granted
        - access_revoked
        - repository_role_changed
    AuditLogEntry:
      allOf:
        - $ref: '#/components/schemas/AuditLogEntryContents'
        - type: object
          required:
            - id
            - createdBy
            - createdAt
          properties:
            id:
              type: string
              format: uuid
            createdBy:
              $ref: '#/components/schemas/UserProfile'
            createdAt:
              type: string
              format: date-time
      description: Audit log entry.
    ErrorType:
      type: string
      description: Type of error.
      enum:
        - email_not_verified
        - auth_invalid
        - auth_expired
        - auth_token_missing
        - auth_id_missing
        - invalid_password
        - disabled_user
        - tc_not_accepted
        - evicted
        - unauthorized
        - bad_request
        - not_found
        - forbidden
        - gone
        - payload_too_large
        - service_unavailable
        - internal_error
    AuditLogEntryContents:
      oneOf:
        - allOf:
            - type: object
              description: Company audit log data
              required:
                - action
                - target
              properties:
                action:
                  $ref: '#/components/schemas/AuditLogCompanyAction'
                role:
                  oneOf:
                    - type: 'null'
                    - $ref: '#/components/schemas/CompanyRole'
                target:
                  $ref: '#/components/schemas/UserProfile'
                github_account_name:
                  type:
                    - string
                    - 'null'
            - type: object
              required:
                - type
              properties:
                type:
                  type: string
                  enum:
                    - company_audit_log
        - allOf:
            - type: object
              description: Repository audit log data
              required:
                - action
                - repository
                - target
              properties:
                action:
                  $ref: '#/components/schemas/AuditLogRepositoryAction'
                repository:
                  $ref: '#/components/schemas/CompanyRepository'
                role:
                  oneOf:
                    - type: 'null'
                    - $ref: '#/components/schemas/RepositoryRole'
                target:
                  $ref: '#/components/schemas/UserProfile'
            - type: object
              required:
                - type
              properties:
                type:
                  type: string
                  enum:
                    - repository_audit_log
      description: Type of audit log entry.
    UserProfile:
      type: object
      description: Profile info of a user.
      required:
        - userId
        - name
        - username
        - avatar
      properties:
        userId:
          type: string
          format: uuid
        name:
          type: string
        username:
          type: string
        avatar:
          type: string
        disabledAt:
          type:
            - string
            - 'null'
          format: date-time
    CompanyRole:
      type: string
      enum:
        - manager
        - member
        - unverified_member
    CompanyRepository:
      type: object
      description: '[`Repository`] information in the context of a [`CompanyProfile`].'
      required:
        - name
        - kind
        - status
      properties:
        id:
          type:
            - string
            - 'null'
          format: uuid
          description: |-
            This will be none if associated repository does not exist.
            In such cases, `CompanyRepository.report` will be set.
        report:
          type:
            - string
            - 'null'
          format: uuid
          description: Set if there exists a report associated with the repository.
        name:
          type: string
        timeframe:
          oneOf:
            - type: 'null'
            - $ref: '#/components/schemas/RangeFromDateTime'
        kind:
          $ref: '#/components/schemas/RepositoryKind'
        status:
          $ref: '#/components/schemas/RepositoryStatus'
        currencyCode:
          type: string
        totalRewardPot:
          type:
            - string
            - 'null'
    RepositoryRole:
      type: string
      description: Role of a user in the context of a repository.
      enum:
        - client
        - reviewer
        - judge
        - triager
        - admin
    RangeFromDateTime:
      type: object
      description: Represent a range where the start is always set but the end is optional.
      required:
        - start
      properties:
        start:
          type: string
          format: date-time
        end:
          type:
            - string
            - 'null'
          format: date-time
    RepositoryKind:
      type: string
      enum:
        - scoping
        - collaborative_review
        - private_contest
        - public_contest
        - private_bounty
        - public_bounty
    RepositoryStatus:
      type: string
      description: Status of a repository.
      enum:
        - draft
        - upcoming
        - live
        - judging
        - escalations
        - escalations_ended
        - complete
        - published

````