๐Ÿ” DocSign
Log inSign up
Authentication

Tamper-evident audit log

Every security-relevant event is recorded with user, action, IP, user-agent, and timestamp.

What it does

Each login, key add/confirm/revoke, document upload, signing request, OIDC consent, and token issue/revoke writes a row in AuditLog with a dot-separated action name. Users see their own log under /audit; admins (later) get a global view. The log is the forensics primitive every other feature feeds into.

How it works

  1. 1

    An action runs โ€” say, oauth.consent for an OIDC consent screen Allow click.

  2. 2

    The route handler awaits audit({ userId, action, targetId, metadata, ip, userAgent }).

  3. 3

    The row lands in the AuditLog table with a JSON metadata blob.

  4. 4

    You see it in /audit, filtered to your user.

Why it matters

  • Single grep target for 'who did what when' โ€” same pattern across signing, auth, OIDC, KYC.
  • Action names follow a documented taxonomy in docs/SECURITY.md so SIEM ingestion is straightforward.
  • Audit rows are append-only at the API layer; no UI for editing them.

Want to try it?

Most features are available the moment you sign up. No card required.

Sign up

Related features

โœ‰๏ธ

Email-confirmed keys

Every new public key is tied to a one-time email link before it can sign anything.

๐Ÿ›ก๏ธ

Two-factor authentication (TOTP)

RFC 6238 TOTP with QR enrolment, 8 single-use recovery codes, and email-link reset.

๐Ÿชช

Sign in with DocSign (OIDC)

Standard OAuth 2.0 + OpenID Connect 1.0 provider with PKCE, refresh-token rotation, and a signing:proof scope.