Skip to main content
Protect your account and review who did what.

Two-factor authentication

Add two-factor authentication (2FA) from your account settings. Supported methods:
  • an authenticator app (TOTP)
  • email one-time codes
  • backup recovery codes
2FA applies to email and password sign-in only. If you sign in with OAuth, 2FA is not applied, and an account that only uses OAuth cannot enable 2FA.

Audit log

The audit log records who did what in your organisation. It covers 17 event types:
CategoryEvents
API keysapi_key.created, api_key.deleted, api_key.renamed
Planplan.changed, plan.subscribed
Paymentspayment.succeeded, payment.failed
Membersmember.invited, member.removed, member.role_changed, member.left
Invitationsinvitation.canceled
Firewall rulesfirewall_rule.created, firewall_rule.updated, firewall_rule.enabled, firewall_rule.disabled, firewall_rule.deleted
Filter the log by event type to find a specific change. Sensitive metadata in each entry is redacted. Most events are kept for 1 year. Payment events are kept for 7 years.
Audit log view with an event-type filter applied

Organisations & Teams

Roles and who can manage a team’s resources.

API Keys

Key changes are recorded in the audit log.

Firewall

Rule changes are recorded in the audit log.

Request Logs

Per-request history, separate from the audit log.