Skip to content

    Platform Services

    CAP Node.js provides dedicated client library support for common platform services.

    Audit Logging

    class cds.AuditLogService extends cds.MessagingService

    The cds.AuditLogService allows you to track security- and data privacy-relevant events in the SAP BTP Audit Log Service.

    You can connect to the cds.AuditLogService like to any other service using cds.connect. It is a subclass of cds.MessagingService as it shares the asynchronous vs. synchronous processing paradigm using .emit() and .send(), respectively.


    const AuditLogService = await'audit-log')
    // .emit: log sent after tx committed
    await AuditLogService.emit('<event>', { <data> })
    // .send: log sent immediately (for example, if rollback on error required)
    await AuditLogService.send('<event>', { <data> })

    The out of the box implementation uses cds.AuditLogService.emit().

    The messages are sent once the transaction is successful. See Messaging Outbox for more details.


    The following AuditLogService defines the supported events and their respective payloads. The supported events are dataAccessLog, dataModificationLog, configChangeLog, and securityLog.

    service AuditLogService {
      // Log read access to sensitive personal data
      event dataAccessLog {
        accesses         : array of Access;
      // Log changes to personal data
      event dataModificationLog : {
        modifications : array of DataModification;
      // Log config change
      event configChangeLog : {
        action         : String @assert.range enum { Create; Update; Delete };
        configurations : array of ConfigChange;
      // Log security message
      event securityLog : {
        action : String;
        data   : String;
    // types
    define type KeyValuePair {
      keyName : String;
      value   : String;
    define type DataObject {
      type : String;
      id   : array of KeyValuePair;
    define type DataSubject {
      type : String;
      id   : array of KeyValuePair;
      role : String;
    define type Attribute {
      name : String;
    define type Attachment {
      id   : String;
      name : String;
    define type Access {
      dataObject  : DataObject;
      dataSubject : DataSubject;
      attributes  : array of Attribute;
      attachments : array of Attachment;
    define type ChangedAttribute {
      name     : String;
      oldValue : String;
      newValue : String;
    define type DataModification {
      dataObject  : DataObject;
      dataSubject : DataSubject;
      action      : String @assert.range enum { Create; Update; Delete; };
      attributes  : array of ChangedAttribute;
    define type ConfigChange {
      dataObject : DataObject;
      attributes : array of ChangedAttribute;

    Currently, the model is not loaded at runtime, but merely serves as documentation of events and their respective payload. In the future, however, we plan to validate the payload passed to the respective events.

    All audit logging events except securityLog require user and tenant information. Hence, authentication must be enabled. If user or tenant information is not available, the default value anonymous is used. However, this defaulting is only meant to ease development.

    Out of the Box Audit Logging

    The Node.js runtime offers out of the box audit logging for personal data. That is, based on data privacy annotations, modifications of personal data and accesses to sensitive personal data are automatically emitted. Next to the fully annotated model, you have to set feature flag cds.env.features.audit_personal_data = true.