Skip to main content

Get Security Audit Log

GET 
/v1/users/{userId}/audit-log

Retrieves an independent audit trail of changes to consent-sensitive user settings, supporting regulatory compliance requirements (CCPA, FTC, FCC).

The platform maintains independent audit trails for security and privacy settings as required for carrier compliance programs. Each setting change is recorded with full before/after state, enabling carriers to demonstrate proper consent management.

Tracked Settings

The audit log captures changes to consent-sensitive features:

  • aiDetection: Controls when AI voice analysis is applied to the subscriber's calls
  • redirectScamToChat: Controls redirection of scam callers to the Decoy Engagement Bot
  • scamBlockEnabled: Controls automatic blocking of suspected scam calls

Response Data

Each audit entry includes:

  • Setting name and old/new values (enabling consent state verification)
  • Timestamp of the change (ISO 8601)
  • Source of the change (user action, admin, system)

Use Cases

  • Regulatory Compliance: Demonstrate user consent for security features to auditors
  • Consent Verification: Verify user opt-in/opt-out state at any point in time
  • Support: Troubleshoot unexpected behavior by reviewing setting history
  • Account Activity: Show users when and how their settings changed

Pagination

Use limit and offset parameters for large audit histories. Results are returned in reverse chronological order (most recent first).

Path Parameters

    userId stringrequired

    UUID for the given user

Query Parameters

    settingType string

    Filter by setting type

    Possible values: [aiDetection, redirectScamToChat, scamBlockEnabled]

    limit integer

    Maximum number of entries to return (default 50, max 500)

    Possible values: >= 1 and <= 500

    Default value: 50
    offset integer

    Number of entries to skip for pagination

    Default value: 0

Header Parameters

    x-hiya-product-version string

    Product version. The standard "major.minor.patch" format is highly encouraged without any leading characters; "2.1.3" or "3.0.0" for example.

    x-hiya-account-user-id stringrequired

    The identifier of a logged-in user. Same identifier that is used for /users/{user_id}

Responses

OK

Response Body

application/json