automation-cloud
latest
false
- Getting started
- Authentication
- Scopes and permissions
- Platform Management APIs
Automation Cloud API guide
Last updated Dec 12, 2025
Retrieve the audit logs for your organization. The APIs differ depending on the logging experience.
The unified logging experience uses these API endpoints and provides two scopes:
-
Organization-level:
/orgaudit_/ -
Tenant-level:
/tenantaudit_/
These APIs return audit information across UiPath services onboarded to the unified framework.
API Endpoint
For retrieving audit logs in the unified logging experience, you can use two different
endpoints:
- Metadata: Retrieves all available audit event types, structured as a
hierarchy of sources, categories, and activities.
Scope API Endpoint Organization level GEThttps://cloud.uipath.com/{org-name}/orgaudit_/api/query/sourcesTenant level GEThttps://cloud.uipath.com/{org-name}/{tenant-name}/tenantaudit_/api/query/sources - Query events: Retrieves audit events for the specified scope, with
advanced filtering.
Scope API Endpoint Organization level GEThttps://cloud.uipath.com/{org-name}/orgaudit_/api/query/eventsTenant level GEThttps://cloud.uipath.com/{org-name}/{tenant-name}/tenantaudit_/api/query/events
Scopes
Requires one of the following scopes:
- PM.Audit
- PM.Audit.Read
Request headers
--header 'Authorization: Bearer {access_token}'
--header 'Content-Type: application/json'
--header 'Authorization: Bearer {access_token}'
--header 'Content-Type: application/json'
Query parameters
| Parameter | Data type | Description |
|---|---|---|
from (optional)
| DateTime | Start of time interval. |
to (optional)
| DateTime | End of time interval. |
source (optional)
| Array [String] | List of event sources (as returned by the Metadata API). |
target (optional)
| Array [String] | List of event categories. |
type (optional)
| Array [String] | List of activity types. |
userIds (optional)
| Array [String] | List of user identifiers. |
searchTerm (optional)
| String | Keyword or term to search for. |
status (optional)
| Integer |
|
maxCount (optional)
| Integer | Maximum number of records to return. |
Responses
200 OK
Returns a JSON object with:
-
List of audit events
-
nextlink for pagination showing newer events -
previouslink for pagination showing older events
Example response
{
"auditEvents": [
{
"id": "string",
"createdOn": "2025-03-24T18:35:38.122Z",
"organizationId": "string",
"organizationName": "string",
"tenantId": "string",
"tenantName": "string",
"actorId": "string",
"actorName": "string",
"actorEmail": "string",
"eventType": "string",
"eventSource": "string",
"eventTarget": "string",
"eventDetails": "string",
"eventSummary": "string",
"status": 0,
"clientInfo": {
"ipAddress": "string",
"ipCountry": "string"
}
}
],
"next": "string",
"previous": "string"
}
{
"auditEvents": [
{
"id": "string",
"createdOn": "2025-03-24T18:35:38.122Z",
"organizationId": "string",
"organizationName": "string",
"tenantId": "string",
"tenantName": "string",
"actorId": "string",
"actorName": "string",
"actorEmail": "string",
"eventType": "string",
"eventSource": "string",
"eventTarget": "string",
"eventDetails": "string",
"eventSummary": "string",
"status": 0,
"clientInfo": {
"ipAddress": "string",
"ipCountry": "string"
}
}
],
"next": "string",
"previous": "string"
}
Example requests
- Organization
level
curl --location 'https://cloud.uipath.com/{org-name}/orgaudit_/api/query/events?status=0&from=2024-12-24T19%3A11%3A46.403Z&to=2025-03-24T19%3A11%3A46.403Z' \ --header 'Authorization: Bearer {token}'curl --location 'https://cloud.uipath.com/{org-name}/orgaudit_/api/query/events?status=0&from=2024-12-24T19%3A11%3A46.403Z&to=2025-03-24T19%3A11%3A46.403Z' \ --header 'Authorization: Bearer {token}' - Tenant
level
curl --location 'https://cloud.uipath.com/{org-name}/{tenant-name}/tenantaudit_/api/query/events?status=0&from=2024-12-24T19%3A11%3A46.403Z&to=2025-03-24T19%3A11%3A46.403Z' \ --header 'Authorization: Bearer {token}'curl --location 'https://cloud.uipath.com/{org-name}/{tenant-name}/tenantaudit_/api/query/events?status=0&from=2024-12-24T19%3A11%3A46.403Z&to=2025-03-24T19%3A11%3A46.403Z' \ --header 'Authorization: Bearer {token}'
Retrieves audit logs for an organization based on its name.
API Endpoint
GET
https://cloud.uipath.com/audit_/api/auditlogs/partitionGlobalIdScopes
Requires one of the following scopes:
- PM.Audit
- PM.Audit.Read
Request Headers
--header 'Authorization: Bearer {access_token}'\
--header 'Content-Type: application/json'--header 'Authorization: Bearer {access_token}'\
--header 'Content-Type: application/json'Query Parameters
|
Query param |
Data type |
Description |
|---|---|---|
|
(optional) |
string |
Specify the available display language, in the shorten form. For example,
en, fr, de, ja etc.
|
|
(optional) |
int32 |
Display the top N entries of the audit. |
|
(optional) |
int32 |
Skip the top N audit entries from displaying. |
|
(optional) |
string |
Specify the DTO property used to sort audit entries by. For example,
createdOn, category, email, etc.
|
|
(optional) |
string |
Specify the sorting order. For example, ascending (
asc) or descending (desc).
|
|
(optional) |
string |
Specify the API version you are using. |
Responses
200 OK
Returns the queried audit events.
Example Request
Let's say you gathered all the information needed to build the API call.
- Your
{baseURL}is:https://cloud.uipath.com/{organizationName} -
Your
{access_token}is:1234(for length considerations). -
You set the following query params:
-
language=en -
top= 2, to display the top two entries -
skip= 2, to skip the first two entries -
sortBy=createdOn, to sort the entries by their creation time -
sortOrder=asc, to sort the entries from the earliest entry to the latest one
-
The call should resemble the following example (cURL):
curl --location --request GET ' https://cloud.uipath.com/{organizationName}/audit_/api/auditlogs?language=en&top=2&skip=2&sortBy=createdOn&sortOrder=asc' \
--header 'Authorization: Bearer 1234' \
--header 'Content-Type: application/json'curl --location --request GET ' https://cloud.uipath.com/{organizationName}/audit_/api/auditlogs?language=en&top=2&skip=2&sortBy=createdOn&sortOrder=asc' \
--header 'Authorization: Bearer 1234' \
--header 'Content-Type: application/json'Here's the response body for a successful audit entries retrieval:
{
"totalCount": 29,
"results": [
{
"createdOn": "2021-10-14T13:10:15.1964174+00:00",
"category": "User",
"action": "Login",
"auditLogDetails": "{\r\n \"userName\": \"System Administrator admin\",\r\n \"email\": \"\"\r\n}",
"userName": "System Administrator",
"email": "",
"message": "User 'System Administrator admin' logged in",
"detailsVersion": "1.0",
"source": "Cis"
},
....
{
"createdOn": "2021-10-14T12:41:00.3268964+00:00",
"category": "User",
"action": "Login",
"auditLogDetails": "{\r\n \"userName\": \"System Administrator admin\",\r\n \"email\": \"\"\r\n}",
"userName": "System Administrator",
"email": "",
"message": "User 'System Administrator admin' logged in",
"detailsVersion": "1.0",
"source": "Cis"
}
]
}{
"totalCount": 29,
"results": [
{
"createdOn": "2021-10-14T13:10:15.1964174+00:00",
"category": "User",
"action": "Login",
"auditLogDetails": "{\r\n \"userName\": \"System Administrator admin\",\r\n \"email\": \"\"\r\n}",
"userName": "System Administrator",
"email": "",
"message": "User 'System Administrator admin' logged in",
"detailsVersion": "1.0",
"source": "Cis"
},
....
{
"createdOn": "2021-10-14T12:41:00.3268964+00:00",
"category": "User",
"action": "Login",
"auditLogDetails": "{\r\n \"userName\": \"System Administrator admin\",\r\n \"email\": \"\"\r\n}",
"userName": "System Administrator",
"email": "",
"message": "User 'System Administrator admin' logged in",
"detailsVersion": "1.0",
"source": "Cis"
}
]
}
