Search Audit Events - C1 documentation

package main import( "context" "github.com/conductorone/conductorone-sdk-go/pkg/models/shared" conductoronesdkgo "github.com/conductorone/conductorone-sdk-go" "log" ) func main() { ctx := context.Background() s := conductoronesdkgo.New( conductoronesdkgo.WithSecurity(shared.Security{ BearerAuth: "<YOUR_BEARER_TOKEN_HERE>", Oauth: "<YOUR_OAUTH_HERE>", }), ) res, err := s.PaperSecret.SearchAuditEvents(ctx, nil) if err != nil { log.Fatal(err) } if res.PaperSecretServiceSearchAuditEventsResponse != nil { // handle response } }

Authorizations

Authorization

string

header

required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Authorization

string

header

required

This API uses OAuth2 with the Client Credential flow. Client Credentials must be sent in the BODY, not the headers. For an example of how to implement this, refer to the c1TokenSource.Token() function.

Body

application/json

PaperSecretServiceSearchAuditEventsRequest searches audit events for a secret owned by the calling user. Only the secret creator may query events. Results are sanitized to include only time, event type, and actor information.

pageSize

integer<int32>

Maximum number of results per page (0 uses server default, max 100).

pageToken

string

Pagination token from a previous response's next_page_token.

vaultId

string

Required. The vault ID of the secret whose audit events to retrieve.

Response

200 - application/json

PaperSecretServiceSearchAuditEventsResponse contains a page of audit events for the requested secret.

list

object[] | null

Sanitized OCSF events containing only time, event type, and actor fields. Sensitive fields such as IP addresses, messages, and raw payloads are removed.

nextPageToken

string

Token to retrieve the next page of results. Empty when no more pages exist.