Does log data include the actioning user

When Auth0 logs administration actions taken through the DAE/Dashboard/Management API, does the log data include the user that performed the action? For example, if User X creates user Y, I can see that the log entry refers to user Y but does it also include User X?

Hey there @abartlett36!

Welcome in our community!

Let me check that for you and get back here with the info soon!

Hey there!

Sorry for the delay. I was told that in some cases both sides will be visible but not in all.

Using the Dashboard or the Management API logs endpoint, you can pull log data on actions performed by administrators using the Dashboard, operations performed via the Management API, and authentications made by your users.

Thanks Konrad. A couple of follow-up questions:

  • Is there a list available of which cases will/will not have both sides visible?
  • For any given log item, does the Dashboard always show all the log data that is available?

Hi @konrad.sopala,

Do you have any thoughts on my follow-up questions?

Regarding the question about which cases will/will not have both sides visible, it looks like actions taken through the Delegated Admin Extenstion never have the actioning user recorded in the logs. Is that correct? If so, would I be right in thinking that this would apply to any action taken through the Management API?


Hey there!

Sorry for the delay in response but I got trapped in all the incoming questions.

Getting back to your first question. I just created a user and checked the logs.

  • So i performed a Management API operation to be precise. Created a user

  • When I check the overall summary of the log I can that user was created but I have no idea if it wasn’t me who created that user

  • In order to check that you need to go to the raw format of the log which is down there and scroll down until you see this, which is the person that performed the action (who - did - what pattern):

Screenshot 2020-03-18 at 18.21.54

There isn’t a list of cases that will / will not have both sides available. I would say it’s more of a situation where in some cases you will see both sides in the summary and in other you will need to inspect the raw file in JSON format.

Regarding your last message with above screenshots I proved that it’s a wrong assumption cause for creating the user behind the scenes the Management API was used and both sides are visible but you need to inspect raw JSON available below the summary of certain log.

For more on logs you can visit that doc: