For developers

A developer audit log API without the enterprise ceremony

TypeScript SDK, REST API, real docs with a live playground. Drop Recalled in your Next.js, NestJS or plain Node app in under 5 minutes and never touch your audit-log table again.

Start for freeOpen the playground
Your first event in 5 lines
import { Recalled } from "@recalled/sdk";

const recalled = new Recalled({
  apiKey: process.env.RECALLED_API_KEY!,
});

await recalled.events.create({
  action: "user.login",
  actor: { id: user.id, email: user.email },
  metadata: { ip, userAgent },
});

You have a product to ship. Building your own audit-log table, indexing it, archiving it, exporting it, and explaining it to an auditor is nine months of work you never planned. Recalled gives you a typed SDK, a REST API, hash-chained integrity and EU hosting, so the feature exists before you finish your coffee.

Why developers ship with Recalled

  • Typed SDK, no magic

    `@recalled/sdk` on npm. TypeScript types, promise-based API, zero decorators, no reflection, no framework lock-in.

  • REST API for everything else

    Python, Go, Ruby, PHP, Rust, whatever you ship in, a cURL call works. OpenAPI spec in the docs.

  • A real playground

    Paste your API key, hit Run, see the response. No fake swagger, no broken 'try it' buttons.

  • Framework agnostic

    Next.js App Router, Pages Router, NestJS, Express, Hono, Fastify, Bun, Deno. Node 18+ is the only requirement.

The audit-log table you will never have to build

Append-only writes, cursor pagination for millions of rows, full-text search over metadata, retention jobs, CSV export, signed integrity, EU hosting, DPA-ready, all of that without touching your schema. Emit events, query events, get on with shipping.

Where to start

Three concrete things to wire up on day one.

Reconstruct any user's timeline

Query every event by actor id to rebuild a minute-by-minute timeline of what a user did. Perfect for support investigations, bug reports, and replaying the context of a complaint.

Log every security event

Log authentication events with actor, IP, user agent and outcome. Detect credential stuffing, replay suspicious sessions, and prove to enterprise customers that security matters to you.

Audit every admin action

Log every sensitive action taken by a staff member from your back-office: suspensions, refunds, impersonations, role changes. Answer 'who did this and when' before anyone has to ask.

Priority actions to wire

user.loginLog user loginsuser.login.failedLog failed login attemptsadmin.user.suspendedLog admin user suspensionsadmin.impersonation.startedLog staff impersonation

Your next audit log is 2 minutes away

Stop hacking on your own logs table. Drop in Recalled, send your first event, move on.

Start for freeRead the docs