Audit log
GET /v1/audit-logEvery mutating API call (sync, publish, cleanup, settings, media,
merchandising, translations, order status, product delete) leaves one
compact audit entry — so the venue owner and the integrator can always
answer "what did the API key change, and when?". Reads are never logged;
?dryRun=true syncs (which write nothing) aren't either.
Entries are summaries, not payloads: counts, refs, changed-field names and locales. Field values, images and secrets are never stored.
Query parameters#
| Param | Meaning |
|---|---|
page / limit | Standard pagination (limit ≤ 100, default 20) |
action | Exact action filter, e.g. menu.sync, settings.update, product.delete |
Response#
Standard list envelope, newest first:
{
"items": [
{
"id": "clx...",
"action": "menu.sync",
"entityType": "menu",
"entityRef": null,
"changes": {
"products": { "created": 12, "updated": 3, "skipped": 41 }
},
"requestId": "8f14e45f-ceea-4671-a2d5-6d5c9a3f1b2e",
"source": "api_key",
"createdAt": "2026-07-05T12:00:00.000Z"
},
{
"id": "clx...",
"action": "settings.update",
"entityType": "settings",
"entityRef": null,
"changes": { "fields": ["name", "enabledLanguages"] },
"requestId": "0bd55251-c694-4a78-878b-02bb6159e055",
"source": "api_key",
"createdAt": "2026-07-05T11:58:41.000Z"
}
],
"total": 2,
"page": 1,
"limit": 20,
"totalPages": 1
}requestId matches the x-request-id of the original call — quote it in
support requests to correlate an audit entry with server logs.
Actions#
menu.sync · menu.publish · menu.cleanup · product.delete ·
product.image · product.translations · settings.update ·
logo.image · banner.create/update/delete/image/translations ·
promotion.create/update/delete/item_add/item_update/item_remove ·
table.create/update/delete · category.translations ·
ingredient.translations · modifier_group.translations ·
order.status_update