> ## Documentation Index
> Fetch the complete documentation index at: https://docs.wittify.ai/llms.txt
> Use this file to discover all available pages before exploring further.

# User Activities

> Per-user security log: every sensitive action against your account, with IP, browser, OS, country, and timestamp.

<Note>
  **User Activities** is the cross-system audit log for your account. It records every sensitive action: sign-ins, sign-outs, password changes, two-factor toggles, agent creation, agent activation, agent deletion, and more. The page is read-only by design, you cannot edit or delete entries from here. Open it from the topbar profile dropdown's **User Activities** entry, or visit `/settings/activities` directly.
</Note>

## Reaching this page

Page header:

| Element            | What you see                                             |
| ------------------ | -------------------------------------------------------- |
| Title              | **User Activities**                                      |
| Subtitle           | *A log of every sensitive action taken on your account.* |
| **Refresh** button | End-edge button. Spins while a refresh is in flight.     |

The body has a small KPI strip at the top, followed by a paginated table.

## KPI strip

A row of card tiles. The full strip shows four tiles, but only the first one is wired to the live endpoint today; the other three render as placeholders until the underlying counters ship server-side.

| Tile                 | What it shows                                                          |
| -------------------- | ---------------------------------------------------------------------- |
| **Total activities** | Total number of activity rows recorded against your account, all time. |
| **Last 24 hours**    | (placeholder) Activity in the last 24 hours.                           |
| **Unique IPs**       | (placeholder) Distinct IP addresses across the visible window.         |
| **Failed logins**    | (placeholder) Failed sign-in attempts in the visible window.           |

Tiles render with pulsing skeletons during the initial fetch.

## Table

The table renders six columns today, with three more (Language, browser version, OS version sub-lines, action description, country flag) reserved for when the backend ships them.

| Column      | What it shows                                                                                                                                                              |
| ----------- | -------------------------------------------------------------------------------------------------------------------------------------------------------------------------- |
| **IP**      | The client IP address at the time of the action, detected from CDN headers (Cloudflare, Vercel, CloudFront, GCP). Forced left-to-right so digits read correctly in Arabic. |
| **Browser** | Chrome, Firefox, Safari, Edge, etc.                                                                                                                                        |
| **OS**      | macOS, Windows, Linux, iOS, Android, etc.                                                                                                                                  |
| **Country** | Detected from CDN-supplied geolocation. Falls back to "—" when unknown.                                                                                                    |
| **Action**  | A short label such as **Sign in**, **Sign out**, **Password change**, **Agent created**, **Agent updated**, **Agent activated**, **Agent deactivated**, **Agent deleted**. |
| **Date**    | Locale-formatted date for the entry.                                                                                                                                       |
| **Time**    | Locale-formatted time, plus a relative description (e.g. *3 hours ago*).                                                                                                   |

The action label uses the in-product wording from the action dictionary so an entry from a sign-in always reads **Sign in**, not a translation of "login" or "auth event."

### Action labels

| Label                 | Trigger                                |
| --------------------- | -------------------------------------- |
| **Sign in**           | A successful login.                    |
| **Sign out**          | A logout.                              |
| **Password change**   | The reset-password dialog completed.   |
| **Agent created**     | A new AI Agent saved from the wizard.  |
| **Agent updated**     | A wizard step or settings panel saved. |
| **Agent activated**   | A draft agent was switched on.         |
| **Agent deactivated** | An active agent was switched off.      |
| **Agent deleted**     | An agent was deleted from settings.    |

If the backend logs an action type the page does not yet have a label for, the row renders the raw type string in monospace so support can still investigate.

## Pagination

A footer bar below the table.

| Element               | What it does                                                                    |
| --------------------- | ------------------------------------------------------------------------------- |
| **Per page** dropdown | 10, 25, 50, or 100 rows per page. Defaults to 25.                               |
| Page count            | Shown as a fraction like *Page 3 of 12* using the server's authoritative total. |
| **Previous page**     | Disabled at page 1.                                                             |
| **Next page**         | Disabled at the last page.                                                      |

Changing the page size or paging through fires a refresh. The table renders pulsing skeleton rows while the page loads.

## Empty and error states

| State   | What you see                                                                                                       |
| ------- | ------------------------------------------------------------------------------------------------------------------ |
| Empty   | *No activities match your filters.* The state appears for fresh accounts and after a filter narrows out every row. |
| Loading | Pulsing skeleton rows while the first fetch settles.                                                               |
| Error   | An inline error strip with a **Retry** button. Clicking **Retry** refetches.                                       |

## Refresh

The **Refresh** button in the page header refetches the current page (preserving the page index and page size). The button label includes a spinner while the refresh is in flight.

## What is NOT in the log

| Not logged                                             | Why                                                                                                                                     |
| ------------------------------------------------------ | --------------------------------------------------------------------------------------------------------------------------------------- |
| Read-only browsing (opening a page, scrolling a table) | These do not change account state.                                                                                                      |
| Per-keystroke drafts                                   | Only the actual save event lands in the log, not every keystroke as you compose.                                                        |
| Per-conversation events                                | Those live in the per-agent Activity Log on the [Manage Agent Overview](/en/Systems/AI-Agents/Manage-Agent/Manage-Agent-Overview) page. |
| Visitor sessions of public Share Links                 | Those are admin-readable inside [Share Links](/en/Systems/Chat-with-Documents/Share-Links), not in your personal log.                   |
| Critical security emails                               | They are sent regardless of your notification toggles and are logged separately by the email provider.                                  |

## Read-only by design

The page has no delete, edit, or hide affordances. The log is your security audit trail; if you saw a sign-in from an unfamiliar IP or browser, the row needs to stay so you can show it to support. If something looks suspicious:

1. Reset your password from [Profile Settings](/en/Account/Profile-Settings).
2. Enable two-factor authentication if it is not already on.
3. Contact support with the row details (date, time, IP, country).

## Coming soon

The backend is staging the rest of the planned columns and filters; once each piece ships, the page exposes it automatically.

| Feature                     | What you will see                                                                             |
| --------------------------- | --------------------------------------------------------------------------------------------- |
| Free-text search            | A **Search by IP, browser, OS, country, action** input above the table.                       |
| Filter bar                  | Per-column filters for **Action type**, **Country**, **Browser**, **OS**, and **Date range**. |
| Sortable columns            | Click any column header to sort that column.                                                  |
| **Group by action**         | A toggle to group consecutive rows by their action label.                                     |
| Browser version, OS version | A sub-line under each Browser and OS cell with version numbers.                               |
| Country flag                | A small emoji flag in the Country cell.                                                       |
| Action description          | A sentence under the action label explaining what changed.                                    |
| **Export CSV**              | A download button that produces a UTF-8 BOM CSV of the current page.                          |
| Three KPI tiles             | Live values for **Last 24 hours**, **Unique IPs**, and **Failed logins**.                     |

## Common questions

<AccordionGroup>
  <Accordion title="A row says I signed in from a country I have never been to.">
    That can happen for two innocent reasons: a VPN you forgot you had on, or a corporate network that egresses through a different region. If neither applies, treat it as suspicious: change your password and enable 2FA immediately.
  </Accordion>

  <Accordion title="The Browser column says 'Unknown.'">
    Detection relies on the user-agent string the browser sends. Some privacy-focused browsers strip or randomize that header; the row still records the action, the metadata is just less specific.
  </Accordion>

  <Accordion title="The KPI tiles for Last 24 hours, Unique IPs, and Failed logins are blank.">
    Those tiles are placeholders until the backend ships per-window aggregations. The **Total activities** tile is live today.
  </Accordion>

  <Accordion title="Why can I not delete an entry?">
    The page is intentionally read-only. The log is an audit trail; entries cannot be removed from this surface. If a row contains personally identifying information you need redacted (a guest IP, for example), contact support.
  </Accordion>

  <Accordion title="The Refresh button does not load my newest action.">
    Activity lands after the action commits, which can take a few seconds. Wait, then click **Refresh** again. If the action keeps not appearing, the action category may not be logged yet (e.g. read-only browsing is never logged).
  </Accordion>

  <Accordion title="My table is stuck on pulsing skeleton rows.">
    The first fetch failed or is taking long. The error state replaces the skeletons with an inline error strip and a **Retry** button. If you keep seeing skeletons indefinitely, your network or your auth session may be the cause; refresh the tab.
  </Accordion>

  <Accordion title="Can I export my full log to a file?">
    The **Export CSV** affordance is in the planned column above; it is not live yet. When it ships, you will see a download button at the top of the page that emits a UTF-8 BOM CSV.
  </Accordion>

  <Accordion title="Where do I find per-agent activity (a chat ended, a lead was captured)?">
    That is the per-agent **Activity Log** on the **Manage Agent** overview, not this page. This page is for sensitive actions on your *account*; per-agent traffic lives next to the agent.
  </Accordion>
</AccordionGroup>

## Where to go next

<CardGroup cols={2}>
  <Card title="Profile Settings" icon="user" href="/en/Account/Profile-Settings">Change your password, enable two-factor authentication.</Card>
  <Card title="Notification Settings" icon="bell" href="/en/Account/Notification-Settings">Choose which emails Wittify sends you.</Card>
  <Card title="Plans and Subscriptions" icon="credit-card" href="/en/Account/Plans-and-Subscriptions">Manage plan, add-ons, payment method.</Card>
  <Card title="Manage Agent Overview" icon="robot" href="/en/Systems/AI-Agents/Manage-Agent/Manage-Agent-Overview">Per-agent activity log lives there, not here.</Card>
</CardGroup>
