Get Started
Data
Analytics
Amplitude AI
Session Replay
Guides and Surveys
AI Assistant
Experiment
Admin
SDKs APIs
Partners
FAQ
APIs
/
Audit Logs API

Audit Logs API

The Audit Logs API lets you programmatically access and export audit events for security monitoring, compliance reporting, and operational oversight.

Prerequisites

  • Access to an Organization API key.
  • An Organization Secret Key from Amplitude Support.
  • Your Organization ID.

Retrieve audit events

Use the Audit Logs API to retrieve audit events and export them to a SIEM or internal workflow.

  1. Contact Amplitude Support and request an Organization Secret Key.
  2. Provide your Organization ID to Amplitude Support.
  3. Locate your Organization API key in Organization settings > API Keys.
  4. Send a request to the Audit Logs API endpoint: POST https://amplitude.com/api/2/audit-logs/{ORG_ID}.
  5. Use Basic authentication with your Organization API key and Organization Secret Key.

Amplitude returns audit events for the organization in the response.

Example request

curl -X POST "https://amplitude.com/api/2/audit-logs/76273" \
  -H "Authorization: Basic Base64<ORG_API_KEY:ORG_SECRET_KEY>" \
  -H "Content-Type: application/json" \
  -d '{
    "start_date": "2026-01-01T00:00:00Z",
    "end_date": "2026-01-10T23:59:59Z",
    "filters": {
      "domain": "auth",
      "feature": "auth",
      "action": "login"
    },
    "pagination": {
      "limit": 100
    }
  }'

Required parameters

  • start_date (required): The start of the date range in ISO 8601 format.
  • end_date (required): The end of the date range in ISO 8601 format.

All other fields are optional and refine your query. The API supports a maximum query range of 30 days, and Amplitude retains data for 90 days.

Common use cases

Integrate with a SIEM

Export audit events to your SIEM to monitor administrative activity and detect anomalous access patterns.

Support compliance reporting

Collect audit events to support compliance workflows, such as SOC 2, ISO 27001, and HIPAA reporting.

Investigate security incidents

Review audit events to trace administrative actions and support forensic investigations.

Common questions

Get an Organization Secret Key

Contact Amplitude Support and provide your Organization ID. Amplitude Support issues the Organization Secret Key.

EU endpoint availability

No. The Audit Logs API uses https://amplitude.com for all requests.

Was this page helpful?

January 1st, 1970

Need help? Contact Support

Visit Amplitude.com

Have a look at the Amplitude Blog

Learn more at Amplitude Academy

Terms of Service Privacy Notice Acceptable Use Policy Legal

© 2026 Amplitude, Inc. All rights reserved. Amplitude is a registered trademark of Amplitude, Inc.