Audit log
Every change, every actor
Goldenhour keeps an append-only audit log of every state- changing operation on your account. Who did what, when, and a before/after snapshot. Useful for chargeback defense, dispute investigation, training new team members, and just knowing what happened.
What gets logged
Every state change
Appointment lifecycle
Created, rescheduled, canceled (by artist or customer), marked done, deposit collected / refunded / forfeited, no-show flagged.
Client actions
Created, archived, blocked / unblocked, tagged, merged, marketing-opt-out flipped, intake submitted.
Service + catalog
Service created / updated / archived, price changed, add-on attached, photo uploaded.
Communications + automation
Auto-SMS sent (prep, reminder, post-care, rebook nudge, win-back), review request sent, daily-brief email sent.
Anatomy of an entry
Five fields, always
- Actor:Who made the change: a specific user (you, a teammate), “customer via manage token”, or “system” (a cron job).
- Action: A short, stable identifier (e.g.
APPOINTMENT_RESCHEDULED,SYSTEM_PREP_CHECKLIST_SENT). - Entity: Type + ID of the thing that changed (appointment + UUID, client + UUID, service + UUID).
- Summary:One-line human-readable description (“Rescheduled Maya’s spray tan from Fri 3pm to Sat 11am”).
- Snapshot: Before-and-after JSON of the changed fields. The forensic record.
When you'll use it
Four real situations
Chargeback defense
Customer disputes a no-show fee. The audit log shows: appointment created (T), customer’s intake submitted with policy-consent flag (T), no-show flagged (T+service-duration), no-show fee charged (T+24h). Upload to Stripe’s dispute portal; most resolve in your favor.
“Wait, what happened to that booking?”
Maya’s Saturday slot was on your calendar + now it isn’t. Filter the audit log by appointment ID; you see whether YOU canceled it, SHE canceled it via the manage page, or a teammate rescheduled it.
Photo-consent dispute
Client claims they never agreed to photos. The audit log shows the intake submission with photoConsent = “yes-anywhere” + the timestamp + the version of the consent form they accepted. Defensible record.
Compliance + due diligence
Insurance underwriter asks how you handle consent + records. Hand them an audit-log export showing recordkeeping discipline + immutable history. Reduces premium friction.
Export
The audit log is one of the eight one-click CSV exports goldenhour ships. Detail at /help/data-export. Endpoint: /api/export/audit.