Audit endpoint

Use this endpoint to retrieve audit records for a specified time window.

Provide RC3339 timestamps in the from and to query parameters to filter by date and time.

Use this API in the following steps to retrieve the complete set of records:

1. On the first request, call the endpoint with the from and to parameters.
2. Receive a token header in the response of the first call.
3. To page through all records in the range, keep calling the endpoint with the last token value and the to parameter used in the initial call until the response body is an empty array, which means there are no more records in that range.

Note: This page covers the essentials. For full parameters, examples, and response schema, see Get Audit Records (API Reference).

Request

• Authorization: Bearer <access_token> (For more details, see Authentication and Create Access Token).
• Method: GET
• URL: https://audit.{instance}.sectigo.com/api/v1/records (For more details, see Base URL).
• Query parameters:
  • from:
    • Required if token is not provided.
    • Timestamps value to start getting records after.
    • Use RFC 3339 format, i.e. 2025-08-18T15:04:00Z.
  • to:
    • Required.
    • Timestamps value to get records up to.
    • Use RFC 3339 format, i.e. 2025-08-18T15:04:00Z.
  • token:
    • Optional.
    • Pagination cursor from the previous response’s token header.
    • An string value used to mark which record to start from instead of using from parameter.
    • Should be used in all subsequent calls after the initial request made with the from and to parameters.

Response

• Headers:
  • Content-type: application/json
  • token: A token value that can be provided in the token parameter of the next call.
• Body:
  • On success, returns an array of audit records.
  • On failure, returns an object includes error message.
  • For full list of response parameters, see Get Audit Records (API Reference).