Skip to content
Paylent Docs

Audit Trail

Paylent logs administrative actions as structured audit events. Every event records who performed the action, what was affected, and what changed — giving you a clear history of activity in each environment.

Viewing the Activity Log

Section titled “Viewing the Activity Log”

The Activity Log page in your dashboard (accessible from the sidebar) shows all audit events for the current environment. You can:

  • Filter by action — Search by action type (e.g. client to see all client-related events)
  • Expand events — Click any row to see the full event details including actor, targets, field changes, and request context
  • Paginate — Browse through historical events, 25 per page

Event Structure

Section titled “Event Structure”

Each audit event contains:

FieldDescription
ActionWhat happened, in resource.verb format (e.g. user.created)
ActorWho performed the action — user email and ID, or “System” for automated actions
TargetsThe affected resource(s) — ID, type, and name
ChangesField-level before/after values for updates
ContextIP address and user agent of the request
Occurred atTimestamp of the action

Tracked Events

Section titled “Tracked Events”

The following actions create audit events:

CategoryEvents
Usersuser.created, user.registered, user.updated, user.password_reset
OAuth Clientsclient.registered, client.updated
Rolesrole.created, role.updated
Permissionspermission.created, permission.updated
Signing Keyssigning_key.generated, signing_key.deactivated
Tokenstoken.issued

Change Tracking

Section titled “Change Tracking”

For update actions, audit events record the specific fields that changed with their previous and new values. For example, updating a user’s email produces:

{
  "action": "user.updated",
  "actor": {
    "type": "user",
    "name": "[email protected]"
  },
  "targets": [
    { "type": "user", "name": "[email protected]" }
  ],
  "changes": {
    "email": {
      "from": "[email protected]",
      "to": "[email protected]"
    }
  }
}

Tracked fields vary by resource:

ResourceTracked Fields
Useremail, first_name, last_name
Clientname, redirect_uris, grant_types, first_party, token_format
Rolename, description
Permissiondescription

Dashboard Stats

Section titled “Dashboard Stats”

The dashboard home page uses audit events to display the Auth Requests (24h) stat, which counts the number of token.issued events in the last 24 hours.

Scope

Section titled “Scope”

Audit events are scoped to each environment. Events from your test environment are completely separate from production.

Actions not currently tracked include OAuth protocol internals (authorization codes, refresh tokens, consent grants), RBAC assignments (role-permission and user-role changes), and organization membership changes.