Audita
Every action. Sealed. Unalterable.
Audita gives development teams a cryptographically chained ledger of every event in their systems — ready for compliance audits, security investigations, and operational observability from day one.
500 events/batch
Atomic batch ingestion per requestSHA-256 chained
Per-record cryptographic integrityReal-time delivery
HMAC-signed webhook notificationsExports + reports
Excel, JSON, PDF — all ZIP'd with checksumsFrom API call to tamper-proof record in milliseconds
Three steps to full audit coverage across your entire stack — no in-house infrastructure needed.
01
Capture every event
Send audit events from any backend using your API Key. Submit individual records or atomic batches of up to 500 events per request. Capture actor, resource, action, before/after state, correlation IDs for distributed tracing, and free-form metadata.
02
Seal with cryptography
Each record is SHA-256 chained to the previous one — similar to a blockchain. Any modification or deletion immediately breaks the chain. Verify integrity for the full organization or inspect any single record with pinpoint accuracy.
03
Search, analyze & export
Query your ledger with powerful filters across every field. Visualize metrics, actor timelines and resource lifecycles. Generate compliance-ready PDF reports or raw exports with SHA-256 checksums included in every ZIP.
Everything your team needs to audit with confidence
A complete suite of purpose-built tools covering event capture, integrity verification, analytics, and compliance reporting.
Structured Event Recording
Rich schema: resource type & ID, action, actor data, before/after state, correlation ID, free-form metadata and real timestamp. Individual or batch ingestion up to 500 events per atomic request.
Cryptographic Integrity Chain
Every record is SHA-256 chained to the one before it. Verify the full chain of an entire organization or inspect any single record. Audita pinpoints exactly which record was altered.
Powerful Search & Filtering
Filter by resource type, resource ID, action, actor, correlation ID, date range or keys nested inside JSON payloads. Paginated results returned newest-first.
Metrics & Analytics
Aggregated activity views: total events, distribution by action type (CREATE, UPDATE, DELETE, ACCESS, OTHER), resource breakdown and daily trends. Configurable date ranges, default last 30 days.
Activity Timelines
Two timeline views: by actor — groups events into sessions separated by inactivity — and by resource — full chronological lifecycle of any specific resource.
Data Exports
Export as Excel or JSON, compressed in ZIP. Every export includes an integrity.txt with a SHA-256 checksum of the content. Define custom columns mapped from JSON payload paths.
Compliance PDF Reports
Generate PDF reports ready for regulatory audits. Includes executive summary, action and resource breakdowns, daily activity chart, and a certification section with the document hash.
Scheduled Exports
Schedule future exports (Excel or JSON) with email delivery. Track status in real time: PENDING, RUNNING, COMPLETED, FAILED. Cancel any pending export at any time.
Webhooks
Register HTTP endpoints that receive real-time notifications when audits are created. Each delivery is signed with HMAC-SHA256. Built-in test endpoint to validate integrations before activating.
Anomaly Detection
Threshold-based alert rules: define a max event count for an action/resource combination within a configurable time window. Alerts fire on breach with a cooldown period to prevent fatigue.
Notification Channels
Deliver alerts and scheduled exports via Slack (Incoming Webhook) or Email. A single channel configuration covers both anomaly alerts and scheduled export delivery.
Custom Dashboards
Save dashboard configurations per organization — filters, date ranges and widget layouts — giving teams persistent views tailored to different monitoring workflows.
One API call. Infinite auditability.
Integrate from any backend in minutes using your API Key. No SDK required — just a standard HTTP POST. Audita handles chaining, hashing, and storage so your team stays focused on building.
Individual & batch ingestion — up to 500 events per request
Dual auth: JWT Bearer for platform users, X-API-Key for servers
Rate-limited responses with 429 + Retry-After headers
IP allowlist per organization — exact IPs, CIDR ranges, hostnames
method: 'POST',
headers: { 'X-API-Key': 'sk_live_...' },
body: JSON.stringify({
action: 'USER_PROMOTED',
resourceType: 'USER_ROLE',
resourceId: 'usr_9921',
actorData: 'admin@acme.io',
beforeState: '{"role":"EDITOR"}',
payload: '{"role":"ADMIN"}',
correlationId: 'req_abc123'
})
});
Enterprise-grade controls, out of the box
From access control to retention policies and user management, Audita gives organizations the levers they need to meet rigorous security and compliance requirements.
IP Allowlist
Restrict API Key access by IP. Supports exact IPv4/IPv6 addresses, CIDR ranges and hostnames per organization. An empty list permits unrestricted access.
Retention Policies
Configure the record retention period per organization in days. Records older than the configured threshold are automatically purged on schedule.
Dual Authentication
JWT Bearer tokens for platform users, X-API-Key headers for server-side integrations. Rate limiting with 429 responses and Retry-After headers per key.
User & Organization Management
Email-verified registration with a 6-digit OTP (15-min TTL). Roles: user, admin, organization. Email-based team invitations with assignment and removal flows.
Error Observability
Report HTTP error occurrences from client applications (400, 401, 403, 404, 500, etc.) and visualize error rates on the observability dashboard.
Subscription Management
Plans with start dates, expiry, auto-renewal and integration with external payment providers. Usage-based controls enforced at the platform level.
Tamper detection
with surgical precision.
Every record stores the SHA-256 hash of the previous record in the chain. A full-chain verification traverses every event in your organization and reports the exact position of any break — whether a record was silently edited or deleted.
Verify the full chain of an entire organization
Verify any individual record in isolation
Pinpoint the exact record where the chain breaks
SHA-256 checksum embedded in every export
USER_CREATED
PERMISSION_UPDATE
ROLE_ASSIGNED
ACCESS_GRANTED
Stop logging.
Start auditing.
Give your team an immutable, cryptographically verified record of every action in your system — ready for compliance audits before you need them.