Actions - List
Get all auditable actions filterable by area.
GET https://auditservice.dev.azure.com/{organization}/_apis/audit/actions?api-version=7.1-preview.1GET https://auditservice.dev.azure.com/{organization}/_apis/audit/actions?areaName={areaName}&api-version=7.1-preview.1URI Parameters
| Name | In | Required | Type | Description |
|---|---|---|---|---|
|
organization
|
path | True |
string |
The name of the Azure DevOps organization. |
|
api-version
|
query | True |
string |
Version of the API to use. This should be set to '7.1-preview.1' to use this version of the api. |
|
area
|
query |
string |
Optional. Get actions scoped to area |
Responses
| Name | Type | Description |
|---|---|---|
| 200 OK |
successful operation |
Security
oauth2
Type:
oauth2
Flow:
accessCode
Authorization URL:
https://app.vssps.visualstudio.com/oauth2/authorize&response_type=Assertion
Token URL:
https://app.vssps.visualstudio.com/oauth2/token?client_assertion_type=urn:ietf:params:oauth:client-assertion-type:jwt-bearer&grant_type=urn:ietf:params:oauth:grant-type:jwt-bearer
Scopes
| Name | Description |
|---|---|
| vso.auditlog | Grants the ability to read the auditing log and audit streams to users |
Examples
By areaName
Sample request
GET https://auditservice.dev.azure.com/{organization}/_apis/audit/actions?areaName=Security&api-version=7.1-preview.1
Sample response
{
"count": 13,
"value": [
{
"area": "Security",
"category": "modify",
"actionId": "Security.ModifyPermission"
},
{
"area": "Security",
"category": "modify",
"actionId": "Security.ResetPermission"
},
{
"area": "Security",
"category": "remove",
"actionId": "Security.RemovePermission"
},
{
"area": "Security",
"category": "modify",
"actionId": "Security.ResetAccessControlLists"
},
{
"area": "Security",
"category": "modify",
"actionId": "Security.ModifyAccessControlLists"
},
{
"area": "Security",
"category": "remove",
"actionId": "Security.RemoveAccessControlLists"
},
{
"area": "Security",
"category": "remove",
"actionId": "Security.RemoveIdentityACEs"
},
{
"area": "Security",
"category": "remove",
"actionId": "Security.RemoveAllAccessControlLists"
},
{
"area": "Security",
"category": "create",
"actionId": "Group.CreateGroups"
},
{
"area": "Security",
"category": "modify",
"actionId": "Group.UpdateGroups.Modify"
},
{
"area": "Security",
"category": "remove",
"actionId": "Group.UpdateGroups.Delete"
},
{
"area": "Security",
"category": "modify",
"actionId": "Group.UpdateGroupMembership.Add"
},
{
"area": "Security",
"category": "modify",
"actionId": "Group.UpdateGroupMembership.Remove"
}
]
}Definitions
| Name | Description |
|---|---|
|
Audit |
Type of action executed |
|
Audit |
AuditActionCategory
Type of action executed
| Value | Description |
|---|---|
| unknown |
The category is not known |
| modify |
An artifact has been Modified |
| remove |
An artifact has been Removed |
| create |
An artifact has been Created |
| access |
An artifact has been Accessed |
| execute |
An artifact has been Executed |
AuditActionInfo
| Name | Type | Description |
|---|---|---|
| actionId |
string |
The action id for the event, i.e Git.CreateRepo, Project.RenameProject |
| area |
string |
Area of Azure DevOps the action occurred |
| category |
Type of action executed |