Audit API

Name: Audit API API
Brand: Vonage Audit API
Availability: InStock

★ Only Publicly Available SpecSecurityCompliancebasic2 EndpointsREST

For Agents

Retrieve and filter Vonage account audit events for compliance, SIEM forwarding, and security investigation.

Quickstart

Get started with Audit API in minutes using your preferred integration method.

# Add to your MCP client config (Claude Desktop, Cursor, Windsurf)
{
  "jentic": {
    "url": "https://api.jentic.com/mcp",
    "auth": "oauth"
  }
}

# Then ask your agent:
"list vonage audit events"

# → Jentic returns the GET /events tool with parameter schema, agent executes.

Capabilities

What an agent can do with Audit API API.

Retrieve a paginated stream of Vonage account audit events for compliance review

Filter audit events by event type to surface specific changes such as secret rotations or webhook updates

Filter audit events by date range to bound an investigation to a specific incident window

Retrieve a single audit event by id to inspect its full context, actor, and changed fields

GET STARTED

Start building with Audit API API

Explore with Jentic

View OpenAPI Spec

Jentic publishes the only available OpenAPI specification for Audit API, keeping it validated and agent-ready.

The Vonage Audit API (audit) exposes a read-only stream of changes made to a Vonage account. It records application configuration changes, user secret creations and deletions, and account-level setting updates with timestamps, actor identifiers, and before/after diffs. The 2 endpoints — paginated list and single-event retrieval — cover the surface needed to drive compliance dashboards, SIEM integration, and incident triage. Vonage flags this API as beta on the /beta/audit base path.

Use Cases

Patterns agents use Audit API API for, with concrete tasks.

★ Investigate an unauthorised webhook change

When a security alert flags an unexpected webhook URL change, an investigator needs to identify which actor made the change and when. GET /events with event_type and date_from filters returns the audit trail for the change. GET /events/{id} returns the full context. Together they cut investigation time from hours to minutes.

GET /events?event_type=APPLICATION:UPDATE&date_from=2026-06-01 then GET /events/{id} for the matching event to retrieve the full record.

Stream audit events to SIEM

Compliance frameworks often require all account changes be retained outside the vendor for 7+ years. A scheduled job calls GET /events with a rolling cursor, transforms each event into the SIEM's schema, and ships it to long-term storage. Effort is roughly one day for the cursor logic and field mapping.

GET /events with cursor-based pagination since the last sync timestamp and forward each event to the SIEM ingest endpoint.

Quarterly access review export

Quarterly access reviews require a list of every secret created or revoked in the last 90 days. GET /events filtered to USER:SECRET_CREATE and USER:SECRET_DELETE returns the full set. Output is fed into the access review packet for sign-off.

GET /events?event_type=USER:SECRET_DELETE for the last 90 days and write each entry to the quarterly review CSV.

Agent-driven incident triage

When a paging agent receives a security alert, it searches Jentic for 'list vonage audit events', loads GET /events, and pulls the events around the alert timestamp. The agent enriches the page with the actor and event_type and posts to the incident channel — credentials stay in the Jentic vault.

Search Jentic for 'list vonage audit events', load GET /events schema, and execute with date_from set to 30 minutes before the alert timestamp.

Key Endpoints

2 endpoints — the vonage audit api (audit) exposes a read-only stream of changes made to a vonage account.

METHOD

PATH

DESCRIPTION

GET

/events

Retrieve paginated audit events

GET

/events/{id}

Retrieve an individual audit event

GET

/events

Retrieve paginated audit events

GET

/events/{id}

Retrieve an individual audit event

Why though Jentic?

Three things that make agents converge on Jentic-routed access.

Credential isolation

Vonage uses HTTP Basic auth with API key and API secret. Jentic stores both in the encrypted MAXsystem vault and injects them per call. The agent never sees the raw secret and credentials are scoped per workflow.

Intent-based discovery

Agents search by intent (e.g. 'check my Vonage account balance') and Jentic returns the matching Vonage operation with its input schema, so the agent calls the right endpoint without browsing developer.vonage.com.

Time to first call

Direct integration: 1-2 days for Basic auth, error handling, and balance checks. Through Jentic: under 30 minutes — search, load schema, execute.

Related APIs

Alternatives and complements available in the Jentic catalogue.

Alternative

Twilio Monitor API

Twilio's audit and event monitoring API.

Choose Twilio Monitor when auditing changes inside a Twilio account instead of a Vonage account.

Complementary

Vonage Voice API

Vonage's voice calling API tied to Vonage applications.

Use alongside Application API to register the application that will place or receive calls.

Complementary

Vonage SMS API

Vonage's SMS sending API, billed against the same Vonage account.

Use alongside the Account API to top up balance before sending SMS, or alongside Application to bind virtual numbers.

Alternative

Twilio Accounts API

Twilio's account and subaccount management API.

Choose Twilio Accounts when the agent's primary stack is already Twilio for SMS, voice, or messaging.

Alternative

SendGrid API Keys

SendGrid's API key creation and rotation endpoints.

Choose SendGrid API Keys when rotating credentials for an email-only stack.

FAQs

Specific to using Audit API API through Jentic.

What authentication does the Vonage Audit API use?

It uses HTTP Basic authentication with the Vonage API key and API secret. Jentic stores both in the encrypted MAXsystem vault and injects them per call. The Audit API is currently in beta on the /beta/audit base path.

What event types does the Vonage Audit API expose?

GET /events returns event records covering application creation and update, user secret creation and deletion, and account-level setting changes. Filter via the event_type query parameter to narrow the stream.

What are the rate limits for the Vonage Audit API?

The Audit API is read-only and Vonage does not publish a per-second cap in the spec. Treat it as eventually consistent — events may take a short interval to appear after the underlying change.

How do I export audit events through Jentic with the Vonage Audit API?

Run pip install jentic, search Jentic for 'list vonage audit events', load GET /events, and execute with date_from and date_to. Cursor-paginate via the page parameter until exhausted to back up the full window.

Can I retrieve a specific audit event by id with the Vonage Audit API?

Yes. GET /events/{id} returns the full record for one event including actor, timestamp, source IP, and the before/after diff of the changed fields.

Is the Vonage Audit API considered stable?

Vonage flags the Audit API as beta in the spec description. The shape may change before GA, so wrap the response parser in a tolerant adapter and pin to spec version 1.0.4 for production use.