Skip to content
monsys.ai

OpenAI Audit — Quick Start

monsys.ai OpenAI Audit pulls users, projects, API keys and audit log from the OpenAI Platform admin API and bundles everything monthly into an Ed25519-signed evidence pack.

Separate module from Copilot Audit. For customers who have OpenAI Platform or ChatGPT Team/Enterprise and need to prove which users + API keys exist, who changed what, and which keys are orphan (leak risk).

1. Mint an Organization Admin Key

In platform.openai.com → Settings → Organization → Admin Keys → Create:

  • Permission: Read-only
  • Expiration: 90 days recommended

Not to be confused with a user-key (sk-proj-… or sk-… without “admin”). Only an Organization Admin Key (sk-admin-…) has access to /v1/organization/* endpoints.

2. Connect in monsys

Dashboard → OpenAI Audit → + Connect org

  • Org ID: org-... as shown in your OpenAI dashboard
  • Display name: optional
  • Admin Key: paste — shown once, then AES-256-GCM encrypted

Test call via GET /v1/organization/users?limit=1. On fail:

  • 401/403 → key lacks admin scope, or typo
  • 429 → OpenAI rate-limit

3. Hourly snapshot

Worker pulls every hour:

  • GET /v1/organization/users (paginated)
  • GET /v1/organization/projects (incl. archived)
  • Per active project: GET /v1/organization/projects/{id}/api_keys
  • GET /v1/organization/audit_logs (cursor since last_event_id)

Results in Dashboard → OpenAI Audit:

  • KPI strip: connected orgs, users, active projects, API keys, stale keys (>90d unused)
  • Users table: email prefix, role, added date
  • Projects table: status (active/archived), created date
  • API keys table: redacted value, type, owner, last_used (red if >90d)
  • Audit events table: everything in OpenAI’s audit_logs

4. Generate an evidence pack

Terminal window
POST /api/v1/openai/evidence-packs
{
  "period_start": "2026-04-01T00:00:00Z",
  "period_end":   "2026-04-30T23:59:59Z"
}

Produces tarball:

pack-N.tar.gz
├── manifest.json        — schema_version: 2, module: "openai_admin"
├── manifest.sig         — Ed25519 over manifest.json
├── users.jsonl
├── projects.jsonl
├── api_keys.jsonl
└── events.jsonl

Verify (same tool as AI observability + Copilot):

Terminal window
python3 tools/evidence-pack-verify.py pack-N.tar.gz \
    --expected-pubkey <your pinned monsys signing key>

5. Pricing

  • €1 per user per month (averaged over the month)
  • €5 per project per month (averaged over the month)

Example: 25 users + 3 active projects → 25 × €1 + 3 × €5 = €40/month. Tenant with no connected org pays nothing.

Next steps