Action guide
Record when and why staff suspended a user
POST
/v1/events · admin.user.suspendedEmit an `admin.user.suspended` event whenever a staff member suspends a customer from your back-office. Always attach a reason, it is the first thing legal will ask for.
When to emit
Inside the suspend handler, after the DB transaction commits but before returning the response to the admin.
Example payload
await recalled.events.create({
action: "admin.user.suspended",
actor: { id: user.id, email: user.email },
organization: user.organizationId,
metadata: {
reason: "value",
scope: "value",
ip: "203.0.113.42"
},
});Metadata to include
Keep metadata flat and consistent across your service so it plays well with search and CSV exports.
| Key | Purpose |
|---|---|
reason | spam, abuse, tos_violation, payment_fraud, manual |
scope | account, organization, single_project |
ip | Source IP address of the request |
Suggested retention
Keep for at least 24 months, this is exactly what SOC 2 auditors sample.