List Audit Logs
Gets all signature events which have occurred in the over the timeframe. The max range the API supports is 7 days.
StartTime and EndTime are URL-encoded UTC ISO timestamps:
startTime=2025-08-29T02%3A46%3A40Z
endTime=2025-09-01T02%3A46%3A40Z
An additional optional query parameter, userId can be specified to filter down events to a particular user. The API will return results found in CSV format.
Dfns maintains a script which can be used for audit log signature validation: WebAuthn Signature Verifier
Authentication
✅ Organization User (CustomerEmployee)❌ Delegated User (
EndUser)✅ Service Account
Required Permissions
Auth:Logs:Read: Always required.Authorizations
Bearer Token: Used to authenticate API requests. More details how to generate the token: Authentication flows
Query Parameters
Provide a user id to list events from that particular user only.
1 - 64Response
Success
List of event in CSV format. Content contains:
| Field | Type | description |
|---|---|---|
| Date Performed | date-time | When the action was performed |
| Audit Log ID | log id | id of the log (to use with Get Audit Log) |
| User ID | user id | User id who performed the action |
| Primary Credential ID | credential id | Credential used by the user |
| Action Path Summary | string | Summary of this action |
Check out 'Get Audit Log' response for more details about those fields.
"Date Performed,Audit Log ID,User ID,Username,Primary Credential ID,Action Path,Summary\n2025-10-09T13:23:05.134Z,uj-4vs1l-5012b-9589s12d57t26u8,us-4ovh4-6a0h8-81d2df5e2u8l6djt,[email protected],cr-7bfqk-89uag-8nle1s2d3f8e6dvd1mk,/wallets/wa-3l6ap-r4cbt-8js1e2f3s8u5242c8,Update wallet wa-3l6ap-r4cbt-8j09mhse1f3s5e242c8."