Skip to content
EdgeFlags

Audit Log

Every create, update, and delete operation is recorded in the audit log. Entries include the actor (token prefix), timestamp, before/after state, and resource details.

Querying audit entries

Terminal window
curl -H "Authorization: Bearer $ADMIN_TOKEN" \
  "https://edgeflags.net/api/v1/audit"

Response:

{
  "entries": [
    {
      "timestamp": "2026-01-15T10:30:00.000Z",
      "actor": "ff_defa_k1a2...",
      "action": "update",
      "resource_type": "flag",
      "resource_key": "new_checkout",
      "project_id": "default",
      "before": { "enabled": true, "value": false, "version": 1 },
      "after": { "enabled": false, "value": false, "version": 2 }
    }
  ],
  "total": 42,
  "has_more": true
}

Filtering

Filter entries by resource type and/or resource key:

Terminal window
# All flag changes
curl -H "Authorization: Bearer $ADMIN_TOKEN" \
  "https://edgeflags.net/api/v1/audit?resource_type=flag"


# Changes to a specific flag
curl -H "Authorization: Bearer $ADMIN_TOKEN" \
  "https://edgeflags.net/api/v1/audit?resource_type=flag&resource_key=new_checkout"


# All token operations
curl -H "Authorization: Bearer $ADMIN_TOKEN" \
  "https://edgeflags.net/api/v1/audit?resource_type=token"

Filter parameters

ParameterValuesDescription
resource_typeflag, config, segment, token, projectFilter by resource type
resource_keyany stringFilter by specific resource key

Pagination

Terminal window
curl -H "Authorization: Bearer $ADMIN_TOKEN" \
  "https://edgeflags.net/api/v1/audit?limit=20&offset=0"
ParameterDefaultRangeDescription
limit501-200Number of entries per page
offset00+Number of entries to skip

Entries are sorted by timestamp in descending order (most recent first).

Audit entry fields

FieldTypeDescription
timestampstringISO 8601 timestamp
actorstringToken prefix of the authenticated caller
actionstringcreate, update, or delete
resource_typestringflag, config, segment, token, or project
resource_keystringKey or identifier of the affected resource
project_idstringProject the resource belongs to
beforeobjectResource state before the change (null for creates)
afterobjectResource state after the change (null for deletes)

Retention

Audit entries have a 90-day TTL. Entries older than 90 days are automatically deleted by Cloudflare KV’s expiration mechanism.