Audit logs that help you close enterprise deals.
Give your customers a trusted audit trail they can hand to security, compliance, and leadership without waiting on your team. Every action is recorded, signed, and independently verifiable, so they can prove who did what, when it happened, and that nothing changed after the fact. Add customer-ready audit logs in days, not months.
A verifiable audit log in minutes
Each of your end customers is an org, addressed by your own external id. Create it once, send signed events to it, then let your customer view, verify, and export their own log. Three calls from empty to production.
Register each end customer once. Events reference it by your external id.
curl -X POST https://api.invoance.com/v1/audit/orgs \
-H "Authorization: Bearer invoance_live_xxx" \
-H "Content-Type: application/json" \
-d '{ "external_id": "acme-prod", "name": "Acme Production" }'POST an activity event. Invoance signs it with Ed25519 and returns its id.
curl -X POST https://api.invoance.com/v1/audit/events \
-H "Authorization: Bearer invoance_live_xxx" \
-H "Idempotency-Key: 7f4c1c9d-5b8a-4d42-9e0b-1f2a3b4c5d6e" \
-H "Content-Type: application/json" \
-d '{
"org": "acme-prod",
"action": "user.signed_in",
"actor": { "type": "user", "id": "user_123" }
}'List and filter the log, then verify any event offline against your org's key.
curl https://api.invoance.com/v1/audit/events/9549c332/verify \
-H "Authorization: Bearer invoance_live_xxx"Signed at the source. Verifiable by anyone.
Most audit logs ask you to trust the vendor that stores them. Invoance signs every event the instant it is received, so the log proves itself. A customer, auditor, or regulator can check a record against your organization's public key with no account and no call back to Invoance.
Every event is signed with a key bound to your organization at the moment it lands. The signature proves origin and that nothing has changed since.
The canonical event bytes are hashed before signing. Alter a single character of any field and the hash, and the signature, no longer match.
The SDKs reconstruct the signed bytes and check the signature locally. No network call, no dependency on Invoance being online or honest.
Actions follow a dot-segmented grammar, actors and targets are structured, and unknown fields are rejected. Bad shapes fail at the door, not in your log.
An Idempotency-Key is required on every write, so a retried request never doubles a record. Safe to call from at-least-once pipelines.
Each event carries the time it occurred and a per-org sequence. Records are added, never rewritten, and paginate in a stable total order.
One call to record an event
Use the Node or Python SDK, or hit the API directly. The SDKs default the timestamp and generate the required idempotency key for you, so the smallest useful event is an org, an action, and an actor.
curl -X POST https://api.invoance.com/v1/audit/events \
-H "Authorization: Bearer invoance_live_xxx" \
-H "Idempotency-Key: 7f4c1c9d-5b8a-4d42-9e0b-1f2a3b4c5d6e" \
-H "Content-Type: application/json" \
-d '{
"org": "acme-prod",
"action": "user.signed_in",
"actor": { "type": "user", "id": "user_123", "name": "Lily Ari" },
"targets": [{ "type": "team", "id": "team_42" }],
"metadata": { "ip": "203.0.113.7" }
}'Record who did it: a user, a service account, or the system itself. Names are optional, ids are not.
List the objects an action touched, by type and id, so the log filters cleanly by what changed.
Attach typed scalars (strings, ints, bools) to the event, the actor, or any target. Nesting and floats are rejected by design.
Record IP, user agent, and a request id alongside the event so investigations have the full picture.
Give customers their own audit log
Enterprise buyers ask for their audit trail. Instead of building a viewer, mint a private link. It opens a hosted, branded portal scoped to one org, where your customer can search, verify, and export their own events, and wire up their own log streams. Links are single-use and the session length is yours to set.
Filter by actor, action, target, and time window over a fast keyset-paginated view of the org's log.
One click checks the Ed25519 signature for a record and shows the verdict, right inside the portal.
Your customer pulls their own range to CSV, JSON, or PDF without filing a ticket with your team.
Customers add their own webhook destinations, see delivery health, and send a test, all without your involvement.
Stream and export, on their terms
Some customers want the log pushed to them in real time. Others want a file for their own warehouse. You get both without building delivery infrastructure.
Point a stream at any HTTPS endpoint, including a SIEM or log pipeline. Every delivery is HMAC-signed so the receiver can verify it, destinations are checked against an SSRF guard, and delivery is at-least-once from a durable cursor. Send a test before you go live.
Request a range as CSV or NDJSON and get back a presigned download. The serializer is injection-safe, so a malicious cell value can never turn an export into a spreadsheet formula. One call, one file, ready for an auditor.
Model every event precisely
A useful audit log is structured, not a pile of strings. The envelope gives you the fields auditors expect, and rejects the shapes that would make the log untrustworthy later.
Attribute an action to a user, a service account, or the system itself.
Name the objects an action touched, by type and id, for clean filtering.
Typed scalars on the event, actor, or target. No nesting, no floats, no surprises.
A dot-segmented grammar like billing.invoice.paid keeps actions consistent.
Capture IP, user agent, and request id to reconstruct what happened.
Set occurred_at to when the action really happened, validated to a sane window.
Proof your customers' auditors will accept
Every event is Ed25519-signed the instant it lands. The signature travels with the record, so authenticity is built in, not bolted on.
Your customer, their auditor, or a regulator checks a record offline against your public key. No account, and no trust in Invoance required.
When a SOC 2 auditor or security team asks for the trail, you hand over a signed, exportable record in minutes, not weeks.
Buy the proof layer. Build your product.
You could build audit logging in-house. Signing, key management, a customer portal, webhook delivery with retries and an SSRF guard, exports, dedupe. Or you could ship it this afternoon and spend the quarter on your own product.
Pricing that starts at zero
Audit Logs are part of the Invoance platform. Build and test for free, then move to a paid plan when you put real customer traffic through it.
Build your integration, send real signed events, and verify them. No credit card to start.
Production volume, longer retention, the embeddable portal, webhook streaming, and exports.
Custom volume, SSO and SAML, a BAA, custom retention, and priority rate limits.
Every plan includes Ed25519 signing, offline verification, and API access. Annual billing saves 20%. See full pricing
Start building
Give your customers an audit log they can trust
Signed at the source, verifiable by anyone, streamable, exportable, and ready to embed. Add audit logs to your app with one API and spend your time on the product only you can build.
Audit Logs, Signed and Independently Verifiable
Invoance Audit Logs give your application a customer-facing activity log that anyone can verify. Every event is signed with Ed25519 the moment it is received and hashed with SHA-256, so a record can be checked offline without trusting Invoance, your servers, or anyone else. Send events with one API call, group them by end-customer organization, stream them to any HTTPS endpoint by signed webhook, export them to CSV or NDJSON, and hand your customers a private, embeddable portal to view, verify, and export their own logs. Built for B2B SaaS teams that need SOC 2, ISO 27001, and enterprise audit-trail requirements without building the infrastructure themselves.