The Descope service logs events to an Audit trail within the Descope UI. The Audit trail can be found in the Console. The Descope audit trail is
stored on a project level. Descope logs creation, edits, deletion, and login of users, including the authentication method, flowID, user, loginId, and tenantId. The timestamp,
type of alert, and actions are logged. You can also display other columns apart from the default ones appearing in the audit table which also can be a part of smart search using the filter available. These include Device, Method, Country, Remote Address and Login IDs.
Descope also logs other various updates, deletes, or create events within the UI, such as management key, access key, or tenant alteration.
Descope supports streaming your audit trail to a third-party service, to learn more about this concept, review the
Audit Trail Streaming knowledge base article.
You can search the Descope audit trail via the Descope SDK which is shown below, or you can utilize the Descope
console or the Search Audit API endpoint.
It's crucial to see user configuration changes in your audit trail. To help you track these changes, Descope
logs the new values of the changed UserModified actions. Below is an example of the detail provided within
the audit trail of a UserModified action with various changes.