The Audit Log Configuration endpoint provides a single view of an organization’s audit logging setup. It includes retention settings (how long audit logs are stored), the audit log state (active, inactive, or disabled), and – if configured – the audit log stream, which sends events to external destinations like Splunk, Datadog, S3, Google Cloud Storage, or a custom HTTPS endpoint.
The log_stream field is optional and only appears if the organization has a stream configured. If no stream is set up, the response includes only the audit log retention and state information.
curl https://api.workos.com/organizations/org_01EHZNVPK3SFK441A1RGBFSHRT/audit_log_configuration \ --header "Authorization: Bearer sk_example_123456789"
GET/organizationsParameters Returns object