Audit Logs (AI Agent)
⚡ 3 min readEvery MCP tool call and gated action can be recorded as an audit event — same pipeline as human actions in your app. Agent actions are tagged so you can distinguish AI from end-user activity.
What gets logged
Typical agent audit metadata:
| Field | Example |
|---|---|
tag | members:retire or mcp:stepup |
severity | low · medium · high |
status | success / failure |
metadata.type | mcp-stepup |
metadata.method | passkey · totp · … |
metadata.action / resource | matches RBAC resource keys |
Step-up flows on auth.transcodes.io use the same audit shape as the Toolkit modal — backend analysis stays consistent.
Querying via MCP
Show recent audit logs for high-severity events.
List failed step-up attempts in the last 7 days.MCP tools expose audit read APIs scoped to your project token.
Console analytics
The Audit Logs panel in Console provides charts (active users, registrations) and member management. That view is optimized for human end-users.
Full panel guide: Admin → Audit Logs.
For SDK trackUserAction() from your app, see Admin → API Reference → Audit and the archived History Log tutorial.
Next: Step-up Auth · RBAC · Admin audit logs
Last updated on