Skip navigation

Skip to main content

Audit events

Audit events are exported as JSON and specify an actor that performed an action on a target at time timestamp with a specific outcome under a context. For example:

{
  "id": "3849ef51-ca85-4028-bae3-1b8de3ee5738",
  "timestamp": 1704070800123,
  "actor": {
    "type": "USER",
    "user": {
      "id": "UXoqDbwwSbQ",
      "display_name": "Jane Doe",
      "email": "[email protected]"
    },
    "team": {
      "id": "BXeFatjDhdR",
      "display_name": "Acme Team"
    },
    "organization": {
      "id": "OXtgecafZvh",
      "display_name": "Acme Corporation"
    },
    "redacted": true
  },
  "target": {
    "target_type": "USER",
    "user": {
      "id": "UXoqDbwwSbQ",
      "display_name": "Jane Doe",
      "email": "[email protected]"
    },
    "team": {
      "id": "BXeFatjDhdR",
      "display_name": "Acme Team"
    }
  },
  "action": {
    "type": "CREATE",
    "create_type": "CREATE_DESIGN"
  },
  "outcome": {
    "result": "PERMITTED",
    "details": {
      "type": "RESOURCE_CREATED",
      "resource_id": "DXWEBartcNg",
      "resource_type": "DESIGN"
    }
  },
  "context": {
    "ip_address": "192.0.2.123",
    "session": "41cfef61",
    "request_id": "220d18b47fcb2d23c72a2a954dff09cb",
    "device_id": "d2805fafb9b50fe3f3d6ebbe221fc0e0883bf06b6bc285389147f3b259c2c4c1"
  }
}
JSON

The actor is the user who initiated the action. This can be a logged in user, or an anonymous (logged out) user.

The action describes the activity, such as a user viewing a design or deleting another user.

The target is the user, team, organization, or resource that the action targeted. For example, a delete user action includes the ID of the user being deleted.

The outcome includes the result of the action, such as whether it succeeded and information about affected resources. For example, the outcome of a successful create user action will contain the user ID of the newly created user.

The context contains additional information related to the event, such as the IP address of the actor.

AuditEvent schema

idstring

The ID of the audit event.

timestampinteger

The time the event occurred, as a Unix timestamp (in milliseconds since the Unix Epoch).

actorActor

The person who performed the action.

A Canva user, including the team and organization context for the action.

typestring

Default value: USER

Available values: The only valid value is USER.

userAuditLogUser

A Canva user.

idstring

The user ID.

display_namestring
Optional

The display name of the user.

For privacy reasons, this field is redacted for users outside of your organization. Rarely, it may also be unavailable for technical reasons.

emailstring
Optional

The email address of the user.

For privacy reasons, this field is redacted for users outside of your organization. Rarely, it may also be unavailable for technical reasons.

teamAuditLogTeam

A Canva team.

idstring

The team ID.

display_namestring
Optional

The display name of the team.

For privacy reasons, this field is redacted for brands outside of your organization. Rarely, it may be unavailable for technical reasons.

redactedboolean

true when we've redacted the details of the user, brand, or organization because they're outside of your organization.

organizationAuditLogOrganization
Optional

A Canva organization.

idstring

The organization ID.

display_namestring
Optional

The display name of the organization.

For privacy reasons, this field is redacted for organizations other than your organization. Rarely, it may be unavailable for technical reasons.

A Canva Staff member providing customer support.

typestring

Default value: CANVA_CUSTOMER_SUPPORT

Available values: The only valid value is CANVA_CUSTOMER_SUPPORT.

A user that isn't signed in.

typestring

Default value: ANONYMOUS

Available values: The only valid value is ANONYMOUS.

A system that isn't associated with a single user account. System actors include internal Canva system processes or external systems such as SCIM IdP providers.

typestring

Default value: SYSTEM

Available values: The only valid value is SYSTEM.

detailsSystemDetails
Optional

Details about the system actor.

Details about the SCIM IdP provider.

typestring

Default value: SCIM

Available values: The only valid value is SCIM.

Details about the Customer Relationship Management system.

typestring

Default value: CRM

Available values: The only valid value is CRM.

targetTarget

The target resource of an action.

The user that is the target of the action.

target_typestring

Default value: USER

Available values: The only valid value is USER.

userAuditLogUser

A Canva user.

idstring

The user ID.

display_namestring
Optional

The display name of the user.

For privacy reasons, this field is redacted for users outside of your organization. Rarely, it may also be unavailable for technical reasons.

emailstring
Optional

The email address of the user.

For privacy reasons, this field is redacted for users outside of your organization. Rarely, it may also be unavailable for technical reasons.

teamAuditLogTeam

A Canva team.

idstring

The team ID.

display_namestring
Optional

The display name of the team.

For privacy reasons, this field is redacted for brands outside of your organization. Rarely, it may be unavailable for technical reasons.

The team that is the target of the action.

target_typestring

Default value: TEAM

Available values: The only valid value is TEAM.

teamAuditLogTeam

A Canva team.

idstring

The team ID.

display_namestring
Optional

The display name of the team.

For privacy reasons, this field is redacted for brands outside of your organization. Rarely, it may be unavailable for technical reasons.

The organization that is the target of the action.

target_typestring

Default value: ORGANIZATION

Available values: The only valid value is ORGANIZATION.

organizationAuditLogOrganization

A Canva organization.

idstring

The organization ID.

display_namestring
Optional

The display name of the organization.

For privacy reasons, this field is redacted for organizations other than your organization. Rarely, it may be unavailable for technical reasons.

The resource that's the target of the action. For example, a design.

target_typestring

Default value: RESOURCE

Available values: The only valid value is RESOURCE.

resource_typestring

The type of resource.

Available values:

idstring

The resource ID.

ownerOwner

The owner of the resource.

An owner who is a user.

typestring

Default value: USER

Available values: The only valid value is USER.

userAuditLogUser

A Canva user.

idstring

The user ID.

display_namestring
Optional

The display name of the user.

For privacy reasons, this field is redacted for users outside of your organization. Rarely, it may also be unavailable for technical reasons.

emailstring
Optional

The email address of the user.

For privacy reasons, this field is redacted for users outside of your organization. Rarely, it may also be unavailable for technical reasons.

teamAuditLogTeam

A Canva team.

idstring

The team ID.

display_namestring
Optional

The display name of the team.

For privacy reasons, this field is redacted for brands outside of your organization. Rarely, it may be unavailable for technical reasons.

An owner that is a team.

typestring

Default value: TEAM

Available values: The only valid value is TEAM.

teamAuditLogTeam

A Canva team.

idstring

The team ID.

display_namestring
Optional

The display name of the team.

For privacy reasons, this field is redacted for brands outside of your organization. Rarely, it may be unavailable for technical reasons.

An owner that is an organization.

typestring

Default value: ORGANIZATION

Available values: The only valid value is ORGANIZATION.

organizationAuditLogOrganization

A Canva organization.

idstring

The organization ID.

display_namestring
Optional

The display name of the organization.

For privacy reasons, this field is redacted for organizations other than your organization. Rarely, it may be unavailable for technical reasons.

namestring
Optional

The name of the resource.

actionAction

This can be one of the following action types:

outcomeOutcome

Outcome of the action.

resultstring

The outcome result.

Available values:

  • UNKNOWN: The action failed due to an unknown error.
  • PERMITTED: The action was permitted.
  • DENIED: The action was denied.
  • RESOURCE_NOT_FOUND: The action failed because the resource was not found.
  • FAILED: The action failed.
detailsOutcomeDetails
Optional

Additional details about the outcome.

Outcome details when a new resource is created.

typestring

Default value: RESOURCE_CREATED

Available values: The only valid value is RESOURCE_CREATED.

resource_idstring

The resource ID.

resource_typestring

The type of resource.

Available values:

Outcome details when a new user is created.

typestring

Default value: USER_CREATED

Available values: The only valid value is USER_CREATED.

user_idstring

The ID of the created user.

contextContext

Additional context associated with the audit event.

ip_addressstring
Optional

The IP address of the actor.

sessionstring
Optional

The session ID of the actor.

request_idstring
Optional

The ID of the request.

device_idstring
Optional

A hashed ID generated and stored on the device when a user logs into Canva from a device without a device_id (such as a new or reformatted device, or after a web browser's cache is cleared). This ID can be useful for identifying suspicious logins.

This ID is stored on the user's device, and may be subject to forgery or tampering.