securityAuditEvents
Returns paginated security audit events for an organization. Newest first by default (the entity has an OCCURRED_AT order field). Admin-only via view-audit scope; an audit log can reveal which member performed which sensitive operation, a privacy concern beyond the operational signal.
Use the where filter to scope by event_type (e.g. only trust_policy_changed events) or result (e.g. only denied attempts).
securityAuditEvents(
orgID: String!
after: Cursor
first: Int
before: Cursor
last: Int
orderBy: SecurityAuditEventOrder
where: SecurityAuditEventWhereInput
): SecurityAuditEventConnection!
Arguments
securityAuditEvents.orgID ● String! non-null scalar
Keycloak organization alias (slug, e.g. "acme-corp").
securityAuditEvents.after ● Cursor scalar
Returns the elements in the list that come after the specified cursor.
securityAuditEvents.first ● Int scalar
Returns the first n elements from the list.
securityAuditEvents.before ● Cursor scalar
Returns the elements in the list that come before the specified cursor.
securityAuditEvents.last ● Int scalar
Returns the last n elements from the list.
securityAuditEvents.orderBy ● SecurityAuditEventOrder input
Ordering options. Default is OCCURRED_AT desc.
securityAuditEvents.where ● SecurityAuditEventWhereInput input
Filtering options.
Type
SecurityAuditEventConnection object
A connection to a list of items.