Skip navigation

Skip to main content

Canva Audit Logs are currently in development (Beta) and are subject to change at Canva's sole discretion.

Users

Create user

An actor triggers this event when they create (or provision) a new Canva user, including when an individual creates a Canva user account by visiting a team invitation link.

The reason field contains the reason the user was created. For example, they accepted a team invitation or they were provisioned by a SCIM provider.

typestring

The value for this can only be CREATE_USER.

display_namestring
OPTIONAL

The user's display name. This is used to represent the user with text in a UI.

first_namestring
OPTIONAL

The user's first name.

last_namestring
OPTIONAL

The user's last name.

emailstring
OPTIONAL

The user's email address.

email_verifiedboolean
OPTIONAL

Whether the user's email address has been verified.

phone_numberstring
OPTIONAL

The user's phone number.

country_codestring
OPTIONAL

The user's country code, shown on user's public profile page.

localestring
OPTIONAL

The supported locale for the user.

managing_entityManagingEntity
OPTIONAL

The entity that manages the user.

Properties of managing_entity
typestring

This can be one of the following:

  • TEAM: A managing entity that is a team.
  • ORGANIZATION: A managing entity that is an organization.
teamAuditLogTeam
CONDITIONAL

A Canva team.

Properties of team
idstring

The team ID.

display_namestring
OPTIONAL

The display name of the team.

For privacy reasons, this field is redacted for brands outside of your organization. Rarely, it may be unavailable for technical reasons.

organizationAuditLogOrganization
CONDITIONAL

A Canva organization.

Properties of organization
idstring

The organization ID.

display_namestring
OPTIONAL

The display name of the organization.

For privacy reasons, this field is redacted for organizations other than your organization. Rarely, it may be unavailable for technical reasons.

saml_accountsSamlAccount[]
OPTIONAL

SAML accounts for the user.

Properties of saml_accounts
idp_issuerstring

A unique identifier for the SAML identity provider.

name_idstring

The unique identifier for the user, within the scope of idp_issuer. This value is often an email address.

oauth_accountsOauthAccount[]
OPTIONAL

OAuth accounts for the user.

Properties of oauth_accounts
platformstring

The OAuth platform.

external_user_idstring

The account ID for the user on the external platform.

totp_mfa_enabledboolean
OPTIONAL

Whether TOTP MFA (Time-based One-Time Password Multi-Factor Authentication) is enabled for the user.

sms_mfa_enabledboolean
OPTIONAL

Whether SMS MFA (SMS-based Multi-Factor Authentication) is enabled for the user.

reasonTeamMembershipChangeReason
OPTIONAL

The reason for the change.

Properties of reason
typestring

This can be one of the following:

inviterAuditLogUser
OPTIONAL

A Canva user.

Properties of inviter
idstring

The user ID.

display_namestring
OPTIONAL

The display name of the user.

For privacy reasons, this field is redacted for users outside of your organization. Rarely, it may also be unavailable for technical reasons.

emailstring
OPTIONAL

The email address of the user.

For privacy reasons, this field is redacted for users outside of your organization. Rarely, it may also be unavailable for technical reasons.

Example

{
  "id": ...,
  "timestamp": ...,
  "actor": ...,
  "target": ...,
  "action": {
    "type": "CREATE_USER",
    "display_name": "Jane Doe",
    "first_name": "Jane",
    "last_name": "Doe",
    "email": "[email protected]",
    "email_verified": true,
    "phone_number": 1234567890,
    "country_code": 65,
    "locale": "en-AU",
    "managing_entity": {
      "team": {
        "id": "BXeFatjDhdR",
        "display_name": "Acme Team"
      },
      "type": "TEAM"
    },
    "saml_accounts": [
      {
        "idp_issuer": "http://www.exampleidp.com/abcdefgh12345",
        "name_id": "[email protected]"
      }
    ],
    "oauth_accounts": [
      {
        "platform": "EXAMPLE_OAUTH_PLATFORM",
        "external_user_id": "3371C5F5-9577-444D-B788-8F4B2CC461A7"
      }
    ],
    "totp_mfa_enabled": true,
    "sms_mfa_enabled": true,
    "reason": {
      "type": "INVITATION_ACCEPTED",
      "inviter": {
        "id": "UXoqDbwwSbQ",
        "display_name": "Jane Doe",
        "email": "[email protected]"
      }
    }
  },
  "outcome": ...,
  "context": ...
}
JSON

Update user

An actor triggers this event when they update a user's account details. This includes when a user updates their own account details.

We only log the user properties that the actor requested changes for. The changed fields are listed in the changed_fields array.

Some changed fields, such as PASSWORD, might be in the changed_fields array but won't have a property included in the log.

If the user was updated as part of the login process, the actor might be set to ANONYMOUS.

typestring

The value for this can only be UPDATE_USER.

changed_fieldsstring[]

Fields requested to be changed in this update. This can be an array of the following:

  • PASSWORD: The user's password.
  • DISPLAY_NAME: The user's display name.
  • FIRST_NAME: The user's first name.
  • LAST_NAME: The user's last name.
  • EMAIL: The user's email address.
  • EMAIL_VERIFIED: Whether the user's email address has been verified.
  • PHONE_NUMBER: The user's phone number.
  • CITY: The user's city.
  • COUNTRY_CODE: The user's country code.
  • LOCALE: The user's locale.
  • MANAGING_ENTITY: The entity that manages the user.
  • SAML_ACCOUNTS: SAML accounts.
  • OAUTH_ACCOUNTS: OAUTH accounts.
  • TOTP_MFA_ENABLED: Whether TOTP MFA (Time-based One-Time Password Multi-Factor Authentication) is enabled for the user.
  • SMS_MFA_ENABLED: Whether SMS MFA (SMS-based Multi-Factor Authentication) is enabled for the user.
  • PASSKEYS: The user's passkeys.
display_namestring
OPTIONAL

The user's display name. This is used to represent the user with text in a UI.

first_namestring
OPTIONAL

The user's first name.

last_namestring
OPTIONAL

The user's last name.

emailstring
OPTIONAL

The user's email address.

email_verifiedboolean
OPTIONAL

Whether the user's email address has been verified.

phone_numberstring
OPTIONAL

The user's phone number.

country_codestring
OPTIONAL

The user's country code, shown on user's public profile page.

localestring
OPTIONAL

The supported locale for the user.

managing_entityManagingEntity
OPTIONAL

The entity that manages the user.

Properties of managing_entity
typestring

This can be one of the following:

  • TEAM: A managing entity that is a team.
  • ORGANIZATION: A managing entity that is an organization.
teamAuditLogTeam
CONDITIONAL

A Canva team.

Properties of team
idstring

The team ID.

display_namestring
OPTIONAL

The display name of the team.

For privacy reasons, this field is redacted for brands outside of your organization. Rarely, it may be unavailable for technical reasons.

organizationAuditLogOrganization
CONDITIONAL

A Canva organization.

Properties of organization
idstring

The organization ID.

display_namestring
OPTIONAL

The display name of the organization.

For privacy reasons, this field is redacted for organizations other than your organization. Rarely, it may be unavailable for technical reasons.

saml_accountsSamlAccount[]
OPTIONAL

SAML accounts for the user.

Properties of saml_accounts
idp_issuerstring

A unique identifier for the SAML identity provider.

name_idstring

The unique identifier for the user, within the scope of idp_issuer. This value is often an email address.

oauth_accountsOauthAccount[]
OPTIONAL

OAuth accounts for the user.

Properties of oauth_accounts
platformstring

The OAuth platform.

external_user_idstring

The account ID for the user on the external platform.

totp_mfa_enabledboolean
OPTIONAL

Whether TOTP MFA (Time-based One-Time Password Multi-Factor Authentication) is enabled for the user.

sms_mfa_enabledboolean
OPTIONAL

Whether SMS MFA (SMS-based Multi-Factor Authentication) is enabled for the user.

passkeysPasskey[]
OPTIONAL

Passkeys for the user.

Properties of passkeys
idstring

The passkey ID.

reasonUpdateUserChangeReason
OPTIONAL

Why the user's details changed.

Properties of reason
typestring

This can be one of the following:

  • PASSWORD_RESET_WITH_LINK: The user's password was reset and their identity was verified using a link in an email.
  • PASSWORD_RESET_WITH_SMS_CODE: The user's password was reset and their identity was verified using a code the user received in an email.
  • PASSWORD_RESET_WITH_EMAIL_CODE: The user's password was reset and their identity was verified using an email code.
emailstring
OPTIONAL

The email address used for verification when resetting the password.

phone_numberstring
OPTIONAL

The phone number used for verification when resetting the password.

Example

{
  "id": ...,
  "timestamp": ...,
  "actor": ...,
  "target": ...,
  "action": {
    "type": "UPDATE_USER",
    "changed_fields": [
      "PASSWORD",
      "DISPLAY_NAME",
      "FIRST_NAME",
      "LAST_NAME",
      "EMAIL",
      "EMAIL_VERIFIED",
      "PHONE_NUMBER",
      "CITY",
      "COUNTRY_CODE",
      "LOCALE",
      "MANAGING_ENTITY",
      "SAML_ACCOUNTS",
      "OAUTH_ACCOUNTS",
      "TOTP_MFA_ENABLED",
      "SMS_MFA_ENABLED",
      "PASSKEYS"
    ],
    "display_name": "Jane Doe",
    "first_name": "Jane",
    "last_name": "Doe",
    "email": "[email protected]",
    "email_verified": true,
    "phone_number": 1234567890,
    "country_code": 65,
    "locale": "en-AU",
    "managing_entity": {
      "team": {
        "id": "BXeFatjDhdR",
        "display_name": "Acme Team"
      },
      "type": "TEAM"
    },
    "saml_accounts": [
      {
        "idp_issuer": "http://www.exampleidp.com/abcdefgh12345",
        "name_id": "[email protected]"
      }
    ],
    "oauth_accounts": [
      {
        "platform": "EXAMPLE_OAUTH_PLATFORM",
        "external_user_id": "3371C5F5-9577-444D-B788-8F4B2CC461A7"
      }
    ],
    "totp_mfa_enabled": true,
    "sms_mfa_enabled": true,
    "passkeys": [
      {
        "id": "00320131-4957-4EBD-9569-FDED5F0A4F2D"
      }
    ],
    "reason": {
      "type": "PASSWORD_RESET_WITH_LINK",
      "email": "[email protected]"
    }
  },
  "outcome": ...,
  "context": ...
}
JSON

Delete user

An actor triggers this event when they delete a user's account. This includes when a user deletes their own account.

typestring

The value for this can only be DELETE_USER.

Example

{
  "id": ...,
  "timestamp": ...,
  "actor": ...,
  "target": ...,
  "action": {
    "type": "DELETE_USER"
  },
  "outcome": ...,
  "context": ...
}
JSON

Undelete user

An actor triggers this event when they cancel or undo the deletion of a user's account. This includes when a user cancels the deletion of their own account.

typestring

The value for this can only be UNDELETE_USER.

Example

{
  "id": ...,
  "timestamp": ...,
  "actor": ...,
  "target": ...,
  "action": {
    "type": "UNDELETE_USER"
  },
  "outcome": ...,
  "context": ...
}
JSON

Create multi-factor authentication (MFA) backup codes

An actor triggers this event when they generate multi-factor authentication (MFA) backup codes for their account. For details on generating MFA backup codes, see Canva Help: Setting up Multi-Factor Authentication (MFA) — Generate backup codes(opens in a new tab or window).

typestring

The value for this can only be CREATE_MFA_BACKUP_CODES.

Example

{
  "id": ...,
  "timestamp": ...,
  "actor": ...,
  "target": ...,
  "action": {
    "type": "CREATE_MFA_BACKUP_CODES"
  },
  "outcome": ...,
  "context": ...
}
JSON

User login

An actor triggers this event when they log into Canva.

The actor will be USER if the login is successful. If the login is unsuccessful, the actor will be ANONYMOUS.

typestring

The value for this can only be LOGIN.

login_typestring

The general type of user login being attempted. This can be one of the following:

  • PASSWORD: User login with credentials, such as email address, user ID, phone number, and password.
  • ONE_TIME_PASSWORD: User login with a temporary code delivered to the user's email address or phone.
  • MULTI_FACTOR_AUTHENTICATION: User login with multi-factor authentication.
  • OAUTH: User login with a social account or other third-party provider.
  • SAML: User login with single sign-on for a specific email domain.
  • PASSKEY: User login with a passkey (such as a security key).
  • OTHER: Other types of user login.
  • LEARNING_TOOLS_INTEROPERABILITY: User login for education users from a Learning Management System.
oauth_platformstring
OPTIONAL

The OAuth platform used for login. Only set if the login_type is OAUTH. This can be one of the following:

  • APPLE
  • ATLASSIAN
  • CLEVER
  • DROPBOX
  • FACEBOOK
  • GITHUB
  • GOOGLE
  • INSTAGRAM
  • LARK
  • LINE
  • LINKEDIN
  • MAILCHIMP
  • MICROSOFT
  • PINTEREST
  • QQ
  • SLACK
  • TRELLO
  • TUMBLR
  • TWITTER
  • WECHAT
  • WEIBO
  • YAHOO_JAPAN

Example

{
  "id": ...,
  "timestamp": ...,
  "actor": ...,
  "target": ...,
  "action": {
    "type": "LOGIN",
    "login_type": "PASSWORD",
    "oauth_platform": "APPLE"
  },
  "outcome": ...,
  "context": ...
}
JSON

User logout

An actor triggers this event when they log out of Canva.

typestring

The value for this can only be LOGOUT.

user_scopestring

Specifies which users on the device are logged out. This can be one of the following:

  • CURRENT_USER: Only the currently active user is logged out.
  • ALL_USERS: All users logged into the device are logged out.
session_scopestring

For the selected users, this specifies which sessions are logged out. This can be one of the following:

  • CURRENT_SESSION: Only the currently active session is logged out.
  • ALL_SESSIONS: All sessions across all devices are logged out.

Example

{
  "id": ...,
  "timestamp": ...,
  "actor": ...,
  "target": ...,
  "action": {
    "type": "LOGOUT",
    "user_scope": "CURRENT_USER",
    "session_scope": "CURRENT_SESSION"
  },
  "outcome": ...,
  "context": ...
}
JSON