Audit Log

API Explorer (2.0.0)

The entire API V2 documentation is interactive and can be tested here. To the right side of every endpoint you will see a box with an example request. You can click on the "Try it" button to send a request to the server right from the docs. You will need to provide an API key by clicking the ApiKeyAuth_token blue text.

Languages
Servers
Instantly API Server

https://api.instantly.ai/

Mock server

https://developer.instantly.ai/_mock/api/v2/

Analytics

Endpoints related to analytics

Operations

Account

An email account that can be used to send campaigns

Operations

Campaign

A campaign that can be sent to a list of recipients

Operations

Email

A campaign email, a reply, a manually sent email, or any other email that's visible in the Unibox

Operations

Email Verification

A single email verification

Operations

Lead List

A list used to store leads

Operations

Inbox Placement Test

An inbox placement test

Operations

Inbox Placement Analytics

Analytics data for individual emails in inbox placement tests

Operations

Inbox Placement Blacklist & SpamAssassin Report

Report data for an inbox placement test

Operations

API Key

API Key

Operations

Account Campaign Mapping

Account Campaign Mapping

Operations

Lead

A lead entity representing an individual lead

Operations

Background Job

A background job that can be used to perform long-running tasks

Operations

Custom Tag

A custom tag for organizing and categorizing accounts and campaigns. You can use them as filters in apis that list accounts and campaigns.

Operations

Block List Entry

A blocked email or domain

Operations

Lead Label

A custom label for categorizing and managing leads

Operations

Workspace

A workspace entity representing a workspace

Operations

SuperSearch Enrichment

A SuperSearch enrichment that retrieves and enriches leads based on search filters

Operations

Workspace Group Member

A member of a workspace group. You can use the endpoints within this entity to manage the members of a workspace group.

Operations

Workspace Member

A member of a workspace with associated user details

Operations

Campaign Subsequence

A subsequence entity representing a follow-up sequence

Operations

Clause

A clause (filter or sort) that can be applied to variables in campaigns or lists

Audit Log

Audit log records for tracking system activities

Operations

Audit Log

Audit log records for tracking system activities

idstring(uuid)read-onlyrequired
Example: "01234567-89ab-cdef-0123-456789abcdef"
timestampstring(date-time)read-onlyrequired

When the activity occurred

Example: "2025-09-13T12:09:51.583Z"
organization_idstring(uuid)read-onlyrequired

Organization ID associated with the activity

Example: "01234567-89ab-cdef-0123-456789abcdef"
activity_typenumberread-onlyrequired

Type of activity performed

Enum ValueDescription
1

User login

2

Lead deletion

3

Campaign deletion

4

Campaign launch

5

Campaign pause

6

Account addition

7

Account deletion

8

Lead moved

9

Lead added

10

Lead merged

Example: 1
ip_addressstringread-onlyrequired

IP address from which the activity was performed

Example: "127.0.0.1"
from_apibooleanread-onlyrequired

Whether the activity was performed via API

Example: false
user_agentnull or stringread-only

User agent of the client that performed the activity

Example: "Mozilla/5.0..."
user_idnull or string(uuid)read-only

ID of the user who performed the activity

Example: "01234567-89ab-cdef-0123-456789abcdef"
affected_countnull or numberread-only

Number of items affected by the activity

Example: 1
campaign_idnull or string(uuid)read-only

Associated campaign ID if applicable

Example: "01234567-89ab-cdef-0123-456789abcdef"
subsequence_idnull or string(uuid)read-only

Associated subsequence ID if applicable

Example: "01234567-89ab-cdef-0123-456789abcdef"
list_idnull or string(uuid)read-only

Associated list ID if applicable

Example: "01234567-89ab-cdef-0123-456789abcdef"
audit_metadataobjectread-only

Metadata about the audit log

user_namenull or stringread-only

Name of the user who performed the activity

Example: "John Doe"
{
  "id": "01234567-89ab-cdef-0123-456789abcdef",
  "timestamp": "2025-09-13T12:09:51.583Z",
  "organization_id": "01234567-89ab-cdef-0123-456789abcdef",
  "activity_type": 1,
  "user_agent": "Mozilla/5.0...",
  "user_id": "01234567-89ab-cdef-0123-456789abcdef",
  "ip_address": "127.0.0.1",
  "from_api": false,
  "affected_count": 1,
  "campaign_id": "01234567-89ab-cdef-0123-456789abcdef",
  "subsequence_id": "01234567-89ab-cdef-0123-456789abcdef",
  "list_id": "01234567-89ab-cdef-0123-456789abcdef",
  "audit_metadata": {},
  "user_name": "John Doe"
}

List audit log

Request

Requires one of the following scopes: audit_logs:read, audit_logs:all, all:read, all:all

Query
limitinteger[ 1 .. 1000 ]

The number of items to return

Example: limit=10
starting_afterstring

The ID of the last item in the previous page - used for pagination. You can use the value of the next_starting_after field from the previous response.

Example: starting_after=01956fbd-0eb1-72db-a565-82977a586084
activity_typenumber

Filter by activity type

Example: activity_type=1
searchstring

Search term to filter logs

Example: search=login
start_datestring

Start date to filter logs

Example: start_date=2024-01-01
end_datestring

End date to filter logs

Example: end_date=2024-01-01
curl -i -X GET \
  'https://api.instantly.ai/api/v2/audit-logs?activity_type=1&end_date=2024-01-01&limit=10&search=login&start_date=2024-01-01&starting_after=01956fbd-0eb1-72db-a565-82977a586084' \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>'

Responses

The list of Audit Log

Bodyapplication/json
itemsArray of objects(Audit Log)required
items[].​idstring(uuid)read-onlyrequired
Example: "01234567-89ab-cdef-0123-456789abcdef"
items[].​timestampstring(date-time)read-onlyrequired

When the activity occurred

Example: "2025-09-13T12:09:51.583Z"
items[].​organization_idstring(uuid)read-onlyrequired

Organization ID associated with the activity

Example: "01234567-89ab-cdef-0123-456789abcdef"
items[].​activity_typenumberread-onlyrequired

Type of activity performed

Enum ValueDescription
1

User login

2

Lead deletion

3

Campaign deletion

4

Campaign launch

5

Campaign pause

6

Account addition

7

Account deletion

8

Lead moved

9

Lead added

10

Lead merged

Example: 1
items[].​ip_addressstringread-onlyrequired

IP address from which the activity was performed

Example: "127.0.0.1"
items[].​from_apibooleanread-onlyrequired

Whether the activity was performed via API

Example: false
items[].​user_agentnull or stringread-only

User agent of the client that performed the activity

Example: "Mozilla/5.0..."
items[].​user_idnull or string(uuid)read-only

ID of the user who performed the activity

Example: "01234567-89ab-cdef-0123-456789abcdef"
items[].​affected_countnull or numberread-only

Number of items affected by the activity

Example: 1
items[].​campaign_idnull or string(uuid)read-only

Associated campaign ID if applicable

Example: "01234567-89ab-cdef-0123-456789abcdef"
items[].​subsequence_idnull or string(uuid)read-only

Associated subsequence ID if applicable

Example: "01234567-89ab-cdef-0123-456789abcdef"
items[].​list_idnull or string(uuid)read-only

Associated list ID if applicable

Example: "01234567-89ab-cdef-0123-456789abcdef"
items[].​audit_metadataobjectread-only

Metadata about the audit log

items[].​user_namenull or stringread-only

Name of the user who performed the activity

Example: "John Doe"
next_starting_afterstring

The filter for getting the next items after this one, this could either be a UUID, a MongoDB ID, a timestamp, on an email depending on the specific API

Example: "019942fb-725e-78a4-baeb-142808d1eac8"
Response
application/json
{
  "items": [
    {}
  ],
  "next_starting_after": "019942fb-725e-78a4-baeb-142808d1eac8"
}

Webhook

A webhook subscription for receiving event notifications

Operations

Schemas