feat(audit-log): add persistent audit log system with comprehensive route instrumentation (#3242)

* feat(audit-log): add persistent audit log system with comprehensive route instrumentation * fix(audit-log): address PR review — nullable workspaceId, enum usage, remove redundant queries - Make audit_log.workspace_id nullable with ON DELETE SET NULL (logs survive workspace/user deletion) - Make audit_log.actor_id nullable with ON DELETE SET NULL - Replace all 53 routes' string literal action/resourceType with AuditAction.X and AuditResourceType.X enums - Fix empty workspaceId ('') → null for OAuth, form, and org routes to avoid FK violations - Remove redundant DB queries in chat manage route (use checkChatAccess return data) - Fix organization routes to pass workspaceId: null instead of organizationId * fix(audit-log): replace remaining workspaceId '' fallbacks with null * fix(audit-log): credential-set org IDs, workspace deletion FK, actorId fallback, string literal action * reran migrations * fix(mcp,audit): tighten env var domain bypass, add post-resolution check, form workspaceId - Only bypass MCP domain check when env var is in hostname/authority, not path/query - Add post-resolution validateMcpDomain call in test-connection endpoint - Match client-side isDomainAllowed to same hostname-only bypass logic - Return workspaceId from checkFormAccess, use in form audit logs - Add 49 comprehensive domain-check tests covering all edge cases * fix(mcp): stateful regex lastIndex bug, RFC 3986 authority parsing - Remove /g flag from module-level ENV_VAR_PATTERN to avoid lastIndex state - Create fresh regex instances per call in server-side hasEnvVarInHostname - Fix authority extraction to terminate at /, ?, or # per RFC 3986 - Prevents bypass via https://evil.com?token={{SECRET}} (no path) - Add test cases for query-only and fragment-only env var URLs (53 total) * fix(audit-log): try/catch for never-throw contract, accept null actorName/Email, fix misleading action - Wrap recordAudit body in try/catch so nanoid() or header extraction can't throw - Accept string | null for actorName and actorEmail (session.user.name can be null) - Normalize null -> undefined before insert to match DB column types - Fix org members route: ORG_MEMBER_ADDED -> ORG_INVITATION_CREATED (sends invite, not adds member) * improvement(audit-log): add resource names and specific invitation actions * fix(audit-log): use validated chat record, add mock sync tests
2026-02-19 02:34:37 -05:00 · 2026-02-18 00:54:52 -08:00
parent 11f3a14c02
commit e37b4a926d
88 changed files with 13250 additions and 125 deletions
--- a/apps/sim/app/api/auth/oauth/disconnect/route.test.ts
+++ b/apps/sim/app/api/auth/oauth/disconnect/route.test.ts
@@ -3,7 +3,7 @@
 *
 * @vitest-environment node
 */
-import { createMockLogger, createMockRequest } from '@sim/testing'
+import { auditMock, createMockLogger, createMockRequest } from '@sim/testing'
 import { afterEach, beforeEach, describe, expect, it, vi } from 'vitest'

 describe('OAuth Disconnect API Route', () => {
@@ -67,6 +67,8 @@ describe('OAuth Disconnect API Route', () => {
    vi.doMock('@/lib/webhooks/utils.server', () => ({
      syncAllWebhooksForCredentialSet: mockSyncAllWebhooksForCredentialSet,
    }))
+
+    vi.doMock('@/lib/audit/log', () => auditMock)
  })

  afterEach(() => {
--- a/apps/sim/app/api/auth/oauth/disconnect/route.ts
+++ b/apps/sim/app/api/auth/oauth/disconnect/route.ts
@@ -4,6 +4,7 @@ import { createLogger } from '@sim/logger'
 import { and, eq, like, or } from 'drizzle-orm'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
+import { AuditAction, AuditResourceType, recordAudit } from '@/lib/audit/log'
 import { getSession } from '@/lib/auth'
 import { generateRequestId } from '@/lib/core/utils/request'
 import { syncAllWebhooksForCredentialSet } from '@/lib/webhooks/utils.server'
@@ -118,6 +119,20 @@ export async function POST(request: NextRequest) {
      }
    }

+    recordAudit({
+      workspaceId: null,
+      actorId: session.user.id,
+      action: AuditAction.OAUTH_DISCONNECTED,
+      resourceType: AuditResourceType.OAUTH,
+      resourceId: providerId ?? provider,
+      actorName: session.user.name ?? undefined,
+      actorEmail: session.user.email ?? undefined,
+      resourceName: provider,
+      description: `Disconnected OAuth provider: ${provider}`,
+      metadata: { provider, providerId },
+      request,
+    })
+
    return NextResponse.json({ success: true }, { status: 200 })
  } catch (error) {
    logger.error(`[${requestId}] Error disconnecting OAuth provider`, error)
--- a/apps/sim/app/api/chat/manage/[id]/route.test.ts
+++ b/apps/sim/app/api/chat/manage/[id]/route.test.ts
@@ -3,10 +3,12 @@
 *
 * @vitest-environment node
 */
-import { loggerMock } from '@sim/testing'
+import { auditMock, loggerMock } from '@sim/testing'
 import { NextRequest } from 'next/server'
 import { afterEach, beforeEach, describe, expect, it, vi } from 'vitest'

+vi.mock('@/lib/audit/log', () => auditMock)
+
 vi.mock('@/lib/core/config/feature-flags', () => ({
  isDev: true,
  isHosted: false,
@@ -216,8 +218,11 @@ describe('Chat Edit API Route', () => {
        workflowId: 'workflow-123',
      }

-      mockCheckChatAccess.mockResolvedValue({ hasAccess: true, chat: mockChat })
-      mockLimit.mockResolvedValueOnce([]) // No identifier conflict
+      mockCheckChatAccess.mockResolvedValue({
+        hasAccess: true,
+        chat: mockChat,
+        workspaceId: 'workspace-123',
+      })

      const req = new NextRequest('http://localhost:3000/api/chat/manage/chat-123', {
        method: 'PATCH',
@@ -311,8 +316,11 @@ describe('Chat Edit API Route', () => {
        workflowId: 'workflow-123',
      }

-      mockCheckChatAccess.mockResolvedValue({ hasAccess: true, chat: mockChat })
-      mockLimit.mockResolvedValueOnce([])
+      mockCheckChatAccess.mockResolvedValue({
+        hasAccess: true,
+        chat: mockChat,
+        workspaceId: 'workspace-123',
+      })

      const req = new NextRequest('http://localhost:3000/api/chat/manage/chat-123', {
        method: 'PATCH',
@@ -371,8 +379,11 @@ describe('Chat Edit API Route', () => {
        }),
      }))

-      mockCheckChatAccess.mockResolvedValue({ hasAccess: true })
-      mockWhere.mockResolvedValue(undefined)
+      mockCheckChatAccess.mockResolvedValue({
+        hasAccess: true,
+        chat: { title: 'Test Chat', workflowId: 'workflow-123' },
+        workspaceId: 'workspace-123',
+      })

      const req = new NextRequest('http://localhost:3000/api/chat/manage/chat-123', {
        method: 'DELETE',
@@ -393,8 +404,11 @@ describe('Chat Edit API Route', () => {
        }),
      }))

-      mockCheckChatAccess.mockResolvedValue({ hasAccess: true })
-      mockWhere.mockResolvedValue(undefined)
+      mockCheckChatAccess.mockResolvedValue({
+        hasAccess: true,
+        chat: { title: 'Test Chat', workflowId: 'workflow-123' },
+        workspaceId: 'workspace-123',
+      })

      const req = new NextRequest('http://localhost:3000/api/chat/manage/chat-123', {
        method: 'DELETE',
--- a/apps/sim/app/api/chat/manage/[id]/route.ts
+++ b/apps/sim/app/api/chat/manage/[id]/route.ts
@@ -4,6 +4,7 @@ import { createLogger } from '@sim/logger'
 import { eq } from 'drizzle-orm'
 import type { NextRequest } from 'next/server'
 import { z } from 'zod'
+import { AuditAction, AuditResourceType, recordAudit } from '@/lib/audit/log'
 import { getSession } from '@/lib/auth'
 import { isDev } from '@/lib/core/config/feature-flags'
 import { encryptSecret } from '@/lib/core/security/encryption'
@@ -103,7 +104,11 @@ export async function PATCH(request: NextRequest, { params }: { params: Promise<
    try {
      const validatedData = chatUpdateSchema.parse(body)

-      const { hasAccess, chat: existingChatRecord } = await checkChatAccess(chatId, session.user.id)
+      const {
+        hasAccess,
+        chat: existingChatRecord,
+        workspaceId: chatWorkspaceId,
+      } = await checkChatAccess(chatId, session.user.id)

      if (!hasAccess || !existingChatRecord) {
        return createErrorResponse('Chat not found or access denied', 404)
@@ -217,6 +222,19 @@ export async function PATCH(request: NextRequest, { params }: { params: Promise<

      logger.info(`Chat "${chatId}" updated successfully`)

+      recordAudit({
+        workspaceId: chatWorkspaceId || null,
+        actorId: session.user.id,
+        actorName: session.user.name,
+        actorEmail: session.user.email,
+        action: AuditAction.CHAT_UPDATED,
+        resourceType: AuditResourceType.CHAT,
+        resourceId: chatId,
+        resourceName: title || existingChatRecord.title,
+        description: `Updated chat deployment "${title || existingChatRecord.title}"`,
+        request,
+      })
+
      return createSuccessResponse({
        id: chatId,
        chatUrl,
@@ -252,7 +270,11 @@ export async function DELETE(
      return createErrorResponse('Unauthorized', 401)
    }

-    const { hasAccess } = await checkChatAccess(chatId, session.user.id)
+    const {
+      hasAccess,
+      chat: chatRecord,
+      workspaceId: chatWorkspaceId,
+    } = await checkChatAccess(chatId, session.user.id)

    if (!hasAccess) {
      return createErrorResponse('Chat not found or access denied', 404)
@@ -262,6 +284,19 @@ export async function DELETE(

    logger.info(`Chat "${chatId}" deleted successfully`)

+    recordAudit({
+      workspaceId: chatWorkspaceId || null,
+      actorId: session.user.id,
+      actorName: session.user.name,
+      actorEmail: session.user.email,
+      action: AuditAction.CHAT_DELETED,
+      resourceType: AuditResourceType.CHAT,
+      resourceId: chatId,
+      resourceName: chatRecord?.title || chatId,
+      description: `Deleted chat deployment "${chatRecord?.title || chatId}"`,
+      request: _request,
+    })
+
    return createSuccessResponse({
      message: 'Chat deployment deleted successfully',
    })
--- a/apps/sim/app/api/chat/route.test.ts
+++ b/apps/sim/app/api/chat/route.test.ts
@@ -1,9 +1,10 @@
-import { NextRequest } from 'next/server'
 /**
 * Tests for chat API route
 *
 * @vitest-environment node
 */
+import { auditMock } from '@sim/testing'
+import { NextRequest } from 'next/server'
 import { afterEach, beforeEach, describe, expect, it, vi } from 'vitest'

 describe('Chat API Route', () => {
@@ -30,6 +31,8 @@ describe('Chat API Route', () => {
    mockInsert.mockReturnValue({ values: mockValues })
    mockValues.mockReturnValue({ returning: mockReturning })

+    vi.doMock('@/lib/audit/log', () => auditMock)
+
    vi.doMock('@sim/db', () => ({
      db: {
        select: mockSelect,
--- a/apps/sim/app/api/chat/route.ts
+++ b/apps/sim/app/api/chat/route.ts
@@ -5,6 +5,7 @@ import { eq } from 'drizzle-orm'
 import type { NextRequest } from 'next/server'
 import { v4 as uuidv4 } from 'uuid'
 import { z } from 'zod'
+import { AuditAction, AuditResourceType, recordAudit } from '@/lib/audit/log'
 import { getSession } from '@/lib/auth'
 import { isDev } from '@/lib/core/config/feature-flags'
 import { encryptSecret } from '@/lib/core/security/encryption'
@@ -42,7 +43,7 @@ const chatSchema = z.object({
    .default([]),
 })

-export async function GET(request: NextRequest) {
+export async function GET(_request: NextRequest) {
  try {
    const session = await getSession()

@@ -174,7 +175,7 @@ export async function POST(request: NextRequest) {
        userId: session.user.id,
        identifier,
        title,
-        description: description || '',
+        description: description || null,
        customizations: mergedCustomizations,
        isActive: true,
        authType,
@@ -224,6 +225,20 @@ export async function POST(request: NextRequest) {
        // Silently fail
      }

+      recordAudit({
+        workspaceId: workflowRecord.workspaceId || null,
+        actorId: session.user.id,
+        actorName: session.user.name,
+        actorEmail: session.user.email,
+        action: AuditAction.CHAT_DEPLOYED,
+        resourceType: AuditResourceType.CHAT,
+        resourceId: id,
+        resourceName: title,
+        description: `Deployed chat "${title}"`,
+        metadata: { workflowId, identifier, authType },
+        request,
+      })
+
      return createSuccessResponse({
        id,
        chatUrl,
--- a/apps/sim/app/api/chat/utils.ts
+++ b/apps/sim/app/api/chat/utils.ts
@@ -52,7 +52,7 @@ export async function checkWorkflowAccessForChatCreation(
 export async function checkChatAccess(
  chatId: string,
  userId: string
-): Promise<{ hasAccess: boolean; chat?: any }> {
+): Promise<{ hasAccess: boolean; chat?: any; workspaceId?: string }> {
  const chatData = await db
    .select({
      chat: chat,
@@ -78,7 +78,9 @@ export async function checkChatAccess(
    action: 'admin',
  })

-  return authorization.allowed ? { hasAccess: true, chat: chatRecord } : { hasAccess: false }
+  return authorization.allowed
+    ? { hasAccess: true, chat: chatRecord, workspaceId: workflowWorkspaceId }
+    : { hasAccess: false }
 }

 export async function validateChatAuth(
--- a/apps/sim/app/api/credential-sets/[id]/invite/route.ts
+++ b/apps/sim/app/api/credential-sets/[id]/invite/route.ts
@@ -5,6 +5,7 @@ import { and, eq } from 'drizzle-orm'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
 import { getEmailSubject, renderPollingGroupInvitationEmail } from '@/components/emails'
+import { AuditAction, AuditResourceType, recordAudit } from '@/lib/audit/log'
 import { getSession } from '@/lib/auth'
 import { hasCredentialSetsAccess } from '@/lib/billing'
 import { getBaseUrl } from '@/lib/core/utils/urls'
@@ -175,6 +176,19 @@ export async function POST(req: NextRequest, { params }: { params: Promise<{ id:
      emailSent: !!email,
    })

+    recordAudit({
+      workspaceId: null,
+      actorId: session.user.id,
+      action: AuditAction.CREDENTIAL_SET_INVITATION_CREATED,
+      resourceType: AuditResourceType.CREDENTIAL_SET,
+      resourceId: id,
+      actorName: session.user.name ?? undefined,
+      actorEmail: session.user.email ?? undefined,
+      resourceName: result.set.name,
+      description: `Created invitation for credential set "${result.set.name}"${email ? ` to ${email}` : ''}`,
+      request: req,
+    })
+
    return NextResponse.json({
      invitation: {
        ...invitation,
@@ -235,6 +249,19 @@ export async function DELETE(req: NextRequest, { params }: { params: Promise<{ i
        )
      )

+    recordAudit({
+      workspaceId: null,
+      actorId: session.user.id,
+      action: AuditAction.CREDENTIAL_SET_INVITATION_REVOKED,
+      resourceType: AuditResourceType.CREDENTIAL_SET,
+      resourceId: id,
+      actorName: session.user.name ?? undefined,
+      actorEmail: session.user.email ?? undefined,
+      resourceName: result.set.name,
+      description: `Revoked invitation "${invitationId}" for credential set "${result.set.name}"`,
+      request: req,
+    })
+
    return NextResponse.json({ success: true })
  } catch (error) {
    logger.error('Error cancelling invitation', error)
--- a/apps/sim/app/api/credential-sets/[id]/members/route.ts
+++ b/apps/sim/app/api/credential-sets/[id]/members/route.ts
@@ -3,6 +3,7 @@ import { account, credentialSet, credentialSetMember, member, user } from '@sim/
 import { createLogger } from '@sim/logger'
 import { and, eq, inArray } from 'drizzle-orm'
 import { type NextRequest, NextResponse } from 'next/server'
+import { AuditAction, AuditResourceType, recordAudit } from '@/lib/audit/log'
 import { getSession } from '@/lib/auth'
 import { hasCredentialSetsAccess } from '@/lib/billing'
 import { syncAllWebhooksForCredentialSet } from '@/lib/webhooks/utils.server'
@@ -13,6 +14,7 @@ async function getCredentialSetWithAccess(credentialSetId: string, userId: strin
  const [set] = await db
    .select({
      id: credentialSet.id,
+      name: credentialSet.name,
      organizationId: credentialSet.organizationId,
      providerId: credentialSet.providerId,
    })
@@ -177,6 +179,19 @@ export async function DELETE(req: NextRequest, { params }: { params: Promise<{ i
      userId: session.user.id,
    })

+    recordAudit({
+      workspaceId: null,
+      actorId: session.user.id,
+      action: AuditAction.CREDENTIAL_SET_MEMBER_REMOVED,
+      resourceType: AuditResourceType.CREDENTIAL_SET,
+      resourceId: id,
+      actorName: session.user.name ?? undefined,
+      actorEmail: session.user.email ?? undefined,
+      resourceName: result.set.name,
+      description: `Removed member from credential set "${result.set.name}"`,
+      request: req,
+    })
+
    return NextResponse.json({ success: true })
  } catch (error) {
    logger.error('Error removing member from credential set', error)
--- a/apps/sim/app/api/credential-sets/[id]/route.ts
+++ b/apps/sim/app/api/credential-sets/[id]/route.ts
@@ -4,6 +4,7 @@ import { createLogger } from '@sim/logger'
 import { and, eq } from 'drizzle-orm'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
+import { AuditAction, AuditResourceType, recordAudit } from '@/lib/audit/log'
 import { getSession } from '@/lib/auth'
 import { hasCredentialSetsAccess } from '@/lib/billing'

@@ -131,6 +132,19 @@ export async function PUT(req: NextRequest, { params }: { params: Promise<{ id:

    const [updated] = await db.select().from(credentialSet).where(eq(credentialSet.id, id)).limit(1)

+    recordAudit({
+      workspaceId: null,
+      actorId: session.user.id,
+      action: AuditAction.CREDENTIAL_SET_UPDATED,
+      resourceType: AuditResourceType.CREDENTIAL_SET,
+      resourceId: id,
+      actorName: session.user.name ?? undefined,
+      actorEmail: session.user.email ?? undefined,
+      resourceName: updated?.name ?? result.set.name,
+      description: `Updated credential set "${updated?.name ?? result.set.name}"`,
+      request: req,
+    })
+
    return NextResponse.json({ credentialSet: updated })
  } catch (error) {
    if (error instanceof z.ZodError) {
@@ -175,6 +189,19 @@ export async function DELETE(req: NextRequest, { params }: { params: Promise<{ i

    logger.info('Deleted credential set', { credentialSetId: id, userId: session.user.id })

+    recordAudit({
+      workspaceId: null,
+      actorId: session.user.id,
+      action: AuditAction.CREDENTIAL_SET_DELETED,
+      resourceType: AuditResourceType.CREDENTIAL_SET,
+      resourceId: id,
+      actorName: session.user.name ?? undefined,
+      actorEmail: session.user.email ?? undefined,
+      resourceName: result.set.name,
+      description: `Deleted credential set "${result.set.name}"`,
+      request: req,
+    })
+
    return NextResponse.json({ success: true })
  } catch (error) {
    logger.error('Error deleting credential set', error)
--- a/apps/sim/app/api/credential-sets/route.ts
+++ b/apps/sim/app/api/credential-sets/route.ts
@@ -4,6 +4,7 @@ import { createLogger } from '@sim/logger'
 import { and, count, desc, eq } from 'drizzle-orm'
 import { NextResponse } from 'next/server'
 import { z } from 'zod'
+import { AuditAction, AuditResourceType, recordAudit } from '@/lib/audit/log'
 import { getSession } from '@/lib/auth'
 import { hasCredentialSetsAccess } from '@/lib/billing'

@@ -165,6 +166,19 @@ export async function POST(req: Request) {
      userId: session.user.id,
    })

+    recordAudit({
+      workspaceId: null,
+      actorId: session.user.id,
+      action: AuditAction.CREDENTIAL_SET_CREATED,
+      resourceType: AuditResourceType.CREDENTIAL_SET,
+      resourceId: newCredentialSet.id,
+      actorName: session.user.name ?? undefined,
+      actorEmail: session.user.email ?? undefined,
+      resourceName: name,
+      description: `Created credential set "${name}"`,
+      request: req,
+    })
+
    return NextResponse.json({ credentialSet: newCredentialSet }, { status: 201 })
  } catch (error) {
    if (error instanceof z.ZodError) {
--- a/apps/sim/app/api/folders/[id]/duplicate/route.ts
+++ b/apps/sim/app/api/folders/[id]/duplicate/route.ts
@@ -4,6 +4,7 @@ import { createLogger } from '@sim/logger'
 import { and, eq } from 'drizzle-orm'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
+import { AuditAction, AuditResourceType, recordAudit } from '@/lib/audit/log'
 import { getSession } from '@/lib/auth'
 import { generateRequestId } from '@/lib/core/utils/request'
 import { duplicateWorkflow } from '@/lib/workflows/persistence/duplicate'
@@ -115,6 +116,19 @@ export async function POST(req: NextRequest, { params }: { params: Promise<{ id:
      }
    )

+    recordAudit({
+      workspaceId: targetWorkspaceId,
+      actorId: session.user.id,
+      action: AuditAction.FOLDER_DUPLICATED,
+      resourceType: AuditResourceType.FOLDER,
+      resourceId: newFolderId,
+      actorName: session.user.name ?? undefined,
+      actorEmail: session.user.email ?? undefined,
+      resourceName: name,
+      description: `Duplicated folder "${sourceFolder.name}" as "${name}"`,
+      request: req,
+    })
+
    return NextResponse.json(
      {
        id: newFolderId,
--- a/apps/sim/app/api/folders/[id]/route.test.ts
+++ b/apps/sim/app/api/folders/[id]/route.test.ts
@@ -4,6 +4,7 @@
 * @vitest-environment node
 */
 import {
+  auditMock,
  createMockRequest,
  type MockUser,
  mockAuth,
@@ -12,6 +13,8 @@ import {
 } from '@sim/testing'
 import { afterEach, beforeEach, describe, expect, it, vi } from 'vitest'

+vi.mock('@/lib/audit/log', () => auditMock)
+
 /** Type for captured folder values in tests */
 interface CapturedFolderValues {
  name?: string
--- a/apps/sim/app/api/folders/[id]/route.ts
+++ b/apps/sim/app/api/folders/[id]/route.ts
@@ -4,6 +4,7 @@ import { createLogger } from '@sim/logger'
 import { and, eq } from 'drizzle-orm'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
+import { AuditAction, AuditResourceType, recordAudit } from '@/lib/audit/log'
 import { getSession } from '@/lib/auth'
 import { getUserEntityPermissions } from '@/lib/workspaces/permissions/utils'

@@ -167,6 +168,19 @@ export async function DELETE(
      deletionStats,
    })

+    recordAudit({
+      workspaceId: existingFolder.workspaceId,
+      actorId: session.user.id,
+      actorName: session.user.name,
+      actorEmail: session.user.email,
+      action: AuditAction.FOLDER_DELETED,
+      resourceType: AuditResourceType.FOLDER,
+      resourceId: id,
+      resourceName: existingFolder.name,
+      description: `Deleted folder "${existingFolder.name}"`,
+      request,
+    })
+
    return NextResponse.json({
      success: true,
      deletedItems: deletionStats,
--- a/apps/sim/app/api/folders/route.test.ts
+++ b/apps/sim/app/api/folders/route.test.ts
@@ -3,9 +3,17 @@
 *
 * @vitest-environment node
 */
-import { createMockRequest, mockAuth, mockConsoleLogger, setupCommonApiMocks } from '@sim/testing'
+import {
+  auditMock,
+  createMockRequest,
+  mockAuth,
+  mockConsoleLogger,
+  setupCommonApiMocks,
+} from '@sim/testing'
 import { afterEach, beforeEach, describe, expect, it, vi } from 'vitest'

+vi.mock('@/lib/audit/log', () => auditMock)
+
 interface CapturedFolderValues {
  name?: string
  color?: string
--- a/apps/sim/app/api/folders/route.ts
+++ b/apps/sim/app/api/folders/route.ts
@@ -3,6 +3,7 @@ import { workflowFolder } from '@sim/db/schema'
 import { createLogger } from '@sim/logger'
 import { and, asc, desc, eq, isNull } from 'drizzle-orm'
 import { type NextRequest, NextResponse } from 'next/server'
+import { AuditAction, AuditResourceType, recordAudit } from '@/lib/audit/log'
 import { getSession } from '@/lib/auth'
 import { getUserEntityPermissions } from '@/lib/workspaces/permissions/utils'

@@ -119,6 +120,20 @@ export async function POST(request: NextRequest) {

    logger.info('Created new folder:', { id, name, workspaceId, parentId })

+    recordAudit({
+      workspaceId,
+      actorId: session.user.id,
+      actorName: session.user.name,
+      actorEmail: session.user.email,
+      action: AuditAction.FOLDER_CREATED,
+      resourceType: AuditResourceType.FOLDER,
+      resourceId: id,
+      resourceName: name.trim(),
+      description: `Created folder "${name.trim()}"`,
+      metadata: { name: name.trim() },
+      request,
+    })
+
    return NextResponse.json({ folder: newFolder })
  } catch (error) {
    logger.error('Error creating folder:', { error })
--- a/apps/sim/app/api/form/manage/[id]/route.ts
+++ b/apps/sim/app/api/form/manage/[id]/route.ts
@@ -4,6 +4,7 @@ import { createLogger } from '@sim/logger'
 import { eq } from 'drizzle-orm'
 import type { NextRequest } from 'next/server'
 import { z } from 'zod'
+import { AuditAction, AuditResourceType, recordAudit } from '@/lib/audit/log'
 import { getSession } from '@/lib/auth'
 import { encryptSecret } from '@/lib/core/security/encryption'
 import { checkFormAccess, DEFAULT_FORM_CUSTOMIZATIONS } from '@/app/api/form/utils'
@@ -102,7 +103,11 @@ export async function PATCH(request: NextRequest, { params }: { params: Promise<

    const { id } = await params

-    const { hasAccess, form: formRecord } = await checkFormAccess(id, session.user.id)
+    const {
+      hasAccess,
+      form: formRecord,
+      workspaceId: formWorkspaceId,
+    } = await checkFormAccess(id, session.user.id)

    if (!hasAccess || !formRecord) {
      return createErrorResponse('Form not found or access denied', 404)
@@ -184,6 +189,19 @@ export async function PATCH(request: NextRequest, { params }: { params: Promise<

      logger.info(`Form ${id} updated successfully`)

+      recordAudit({
+        workspaceId: formWorkspaceId ?? null,
+        actorId: session.user.id,
+        action: AuditAction.FORM_UPDATED,
+        resourceType: AuditResourceType.FORM,
+        resourceId: id,
+        actorName: session.user.name ?? undefined,
+        actorEmail: session.user.email ?? undefined,
+        resourceName: formRecord.title ?? undefined,
+        description: `Updated form "${formRecord.title}"`,
+        request,
+      })
+
      return createSuccessResponse({
        message: 'Form updated successfully',
      })
@@ -213,7 +231,11 @@ export async function DELETE(

    const { id } = await params

-    const { hasAccess, form: formRecord } = await checkFormAccess(id, session.user.id)
+    const {
+      hasAccess,
+      form: formRecord,
+      workspaceId: formWorkspaceId,
+    } = await checkFormAccess(id, session.user.id)

    if (!hasAccess || !formRecord) {
      return createErrorResponse('Form not found or access denied', 404)
@@ -223,6 +245,19 @@ export async function DELETE(

    logger.info(`Form ${id} deleted (soft delete)`)

+    recordAudit({
+      workspaceId: formWorkspaceId ?? null,
+      actorId: session.user.id,
+      action: AuditAction.FORM_DELETED,
+      resourceType: AuditResourceType.FORM,
+      resourceId: id,
+      actorName: session.user.name ?? undefined,
+      actorEmail: session.user.email ?? undefined,
+      resourceName: formRecord.title ?? undefined,
+      description: `Deleted form "${formRecord.title}"`,
+      request,
+    })
+
    return createSuccessResponse({
      message: 'Form deleted successfully',
    })
--- a/apps/sim/app/api/form/route.ts
+++ b/apps/sim/app/api/form/route.ts
@@ -5,6 +5,7 @@ import { eq } from 'drizzle-orm'
 import type { NextRequest } from 'next/server'
 import { v4 as uuidv4 } from 'uuid'
 import { z } from 'zod'
+import { AuditAction, AuditResourceType, recordAudit } from '@/lib/audit/log'
 import { getSession } from '@/lib/auth'
 import { isDev } from '@/lib/core/config/feature-flags'
 import { encryptSecret } from '@/lib/core/security/encryption'
@@ -178,7 +179,7 @@ export async function POST(request: NextRequest) {
        userId: session.user.id,
        identifier,
        title,
-        description: description || '',
+        description: description || null,
        customizations: mergedCustomizations,
        isActive: true,
        authType,
@@ -195,6 +196,19 @@ export async function POST(request: NextRequest) {

      logger.info(`Form "${title}" deployed successfully at ${formUrl}`)

+      recordAudit({
+        workspaceId: workflowRecord.workspaceId ?? null,
+        actorId: session.user.id,
+        action: AuditAction.FORM_CREATED,
+        resourceType: AuditResourceType.FORM,
+        resourceId: id,
+        actorName: session.user.name ?? undefined,
+        actorEmail: session.user.email ?? undefined,
+        resourceName: title,
+        description: `Created form "${title}" for workflow ${workflowId}`,
+        request,
+      })
+
      return createSuccessResponse({
        id,
        formUrl,
--- a/apps/sim/app/api/form/utils.ts
+++ b/apps/sim/app/api/form/utils.ts
@@ -52,7 +52,7 @@ export async function checkWorkflowAccessForFormCreation(
 export async function checkFormAccess(
  formId: string,
  userId: string
-): Promise<{ hasAccess: boolean; form?: any }> {
+): Promise<{ hasAccess: boolean; form?: any; workspaceId?: string }> {
  const formData = await db
    .select({ form: form, workflowWorkspaceId: workflow.workspaceId })
    .from(form)
@@ -75,7 +75,9 @@ export async function checkFormAccess(
    action: 'admin',
  })

-  return authorization.allowed ? { hasAccess: true, form: formRecord } : { hasAccess: false }
+  return authorization.allowed
+    ? { hasAccess: true, form: formRecord, workspaceId: workflowWorkspaceId }
+    : { hasAccess: false }
 }

 export async function validateFormAuth(
--- a/apps/sim/app/api/knowledge/[id]/documents/[documentId]/route.test.ts
+++ b/apps/sim/app/api/knowledge/[id]/documents/[documentId]/route.test.ts
@@ -4,6 +4,7 @@
 * @vitest-environment node
 */
 import {
+  auditMock,
  createMockRequest,
  mockAuth,
  mockConsoleLogger,
@@ -35,6 +36,8 @@ vi.mock('@/lib/knowledge/documents/service', () => ({
 mockDrizzleOrm()
 mockConsoleLogger()

+vi.mock('@/lib/audit/log', () => auditMock)
+
 describe('Document By ID API Route', () => {
  const mockAuth$ = mockAuth()

--- a/apps/sim/app/api/knowledge/[id]/documents/[documentId]/route.ts
+++ b/apps/sim/app/api/knowledge/[id]/documents/[documentId]/route.ts
@@ -1,6 +1,7 @@
 import { createLogger } from '@sim/logger'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
+import { AuditAction, AuditResourceType, recordAudit } from '@/lib/audit/log'
 import { checkSessionOrInternalAuth } from '@/lib/auth/hybrid'
 import { generateRequestId } from '@/lib/core/utils/request'
 import {
@@ -197,6 +198,17 @@ export async function PUT(
          `[${requestId}] Document updated: ${documentId} in knowledge base ${knowledgeBaseId}`
        )

+        recordAudit({
+          workspaceId: accessCheck.knowledgeBase?.workspaceId ?? null,
+          actorId: userId,
+          action: AuditAction.DOCUMENT_UPDATED,
+          resourceType: AuditResourceType.DOCUMENT,
+          resourceId: documentId,
+          resourceName: validatedData.filename ?? accessCheck.document?.filename,
+          description: `Updated document "${documentId}" in knowledge base "${knowledgeBaseId}"`,
+          request: req,
+        })
+
        return NextResponse.json({
          success: true,
          data: updatedDocument,
@@ -257,6 +269,17 @@ export async function DELETE(
      `[${requestId}] Document deleted: ${documentId} from knowledge base ${knowledgeBaseId}`
    )

+    recordAudit({
+      workspaceId: accessCheck.knowledgeBase?.workspaceId ?? null,
+      actorId: userId,
+      action: AuditAction.DOCUMENT_DELETED,
+      resourceType: AuditResourceType.DOCUMENT,
+      resourceId: documentId,
+      resourceName: accessCheck.document?.filename,
+      description: `Deleted document "${documentId}" from knowledge base "${knowledgeBaseId}"`,
+      request: req,
+    })
+
    return NextResponse.json({
      success: true,
      data: result,
--- a/apps/sim/app/api/knowledge/[id]/documents/route.test.ts
+++ b/apps/sim/app/api/knowledge/[id]/documents/route.test.ts
@@ -4,6 +4,7 @@
 * @vitest-environment node
 */
 import {
+  auditMock,
  createMockRequest,
  mockAuth,
  mockConsoleLogger,
@@ -40,6 +41,8 @@ vi.mock('@/lib/knowledge/documents/service', () => ({
 mockDrizzleOrm()
 mockConsoleLogger()

+vi.mock('@/lib/audit/log', () => auditMock)
+
 describe('Knowledge Base Documents API Route', () => {
  const mockAuth$ = mockAuth()

--- a/apps/sim/app/api/knowledge/[id]/documents/route.ts
+++ b/apps/sim/app/api/knowledge/[id]/documents/route.ts
@@ -2,6 +2,7 @@ import { randomUUID } from 'crypto'
 import { createLogger } from '@sim/logger'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
+import { AuditAction, AuditResourceType, recordAudit } from '@/lib/audit/log'
 import { getSession } from '@/lib/auth'
 import { checkSessionOrInternalAuth } from '@/lib/auth/hybrid'
 import {
@@ -244,6 +245,17 @@ export async function POST(req: NextRequest, { params }: { params: Promise<{ id:
          logger.error(`[${requestId}] Critical error in document processing pipeline:`, error)
        })

+        recordAudit({
+          workspaceId: accessCheck.knowledgeBase?.workspaceId ?? null,
+          actorId: userId,
+          action: AuditAction.DOCUMENT_UPLOADED,
+          resourceType: AuditResourceType.DOCUMENT,
+          resourceId: knowledgeBaseId,
+          resourceName: `${createdDocuments.length} document(s)`,
+          description: `Uploaded ${createdDocuments.length} document(s) to knowledge base "${knowledgeBaseId}"`,
+          request: req,
+        })
+
        return NextResponse.json({
          success: true,
          data: {
@@ -292,6 +304,17 @@ export async function POST(req: NextRequest, { params }: { params: Promise<{ id:
          // Silently fail
        }

+        recordAudit({
+          workspaceId: accessCheck.knowledgeBase?.workspaceId ?? null,
+          actorId: userId,
+          action: AuditAction.DOCUMENT_UPLOADED,
+          resourceType: AuditResourceType.DOCUMENT,
+          resourceId: knowledgeBaseId,
+          resourceName: validatedData.filename,
+          description: `Uploaded document "${validatedData.filename}" to knowledge base "${knowledgeBaseId}"`,
+          request: req,
+        })
+
        return NextResponse.json({
          success: true,
          data: newDocument,
--- a/apps/sim/app/api/knowledge/[id]/route.test.ts
+++ b/apps/sim/app/api/knowledge/[id]/route.test.ts
@@ -4,6 +4,7 @@
 * @vitest-environment node
 */
 import {
+  auditMock,
  createMockRequest,
  mockAuth,
  mockConsoleLogger,
@@ -16,6 +17,8 @@ mockKnowledgeSchemas()
 mockDrizzleOrm()
 mockConsoleLogger()

+vi.mock('@/lib/audit/log', () => auditMock)
+
 vi.mock('@/lib/knowledge/service', () => ({
  getKnowledgeBaseById: vi.fn(),
  updateKnowledgeBase: vi.fn(),
--- a/apps/sim/app/api/knowledge/[id]/route.ts
+++ b/apps/sim/app/api/knowledge/[id]/route.ts
@@ -1,6 +1,7 @@
 import { createLogger } from '@sim/logger'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
+import { AuditAction, AuditResourceType, recordAudit } from '@/lib/audit/log'
 import { checkSessionOrInternalAuth } from '@/lib/auth/hybrid'
 import { PlatformEvents } from '@/lib/core/telemetry'
 import { generateRequestId } from '@/lib/core/utils/request'
@@ -135,6 +136,17 @@ export async function PUT(req: NextRequest, { params }: { params: Promise<{ id:

      logger.info(`[${requestId}] Knowledge base updated: ${id} for user ${userId}`)

+      recordAudit({
+        workspaceId: accessCheck.knowledgeBase.workspaceId ?? null,
+        actorId: userId,
+        action: AuditAction.KNOWLEDGE_BASE_UPDATED,
+        resourceType: AuditResourceType.KNOWLEDGE_BASE,
+        resourceId: id,
+        resourceName: validatedData.name ?? updatedKnowledgeBase.name,
+        description: `Updated knowledge base "${validatedData.name ?? updatedKnowledgeBase.name}"`,
+        request: req,
+      })
+
      return NextResponse.json({
        success: true,
        data: updatedKnowledgeBase,
@@ -197,6 +209,17 @@ export async function DELETE(

    logger.info(`[${requestId}] Knowledge base deleted: ${id} for user ${userId}`)

+    recordAudit({
+      workspaceId: accessCheck.knowledgeBase.workspaceId ?? null,
+      actorId: userId,
+      action: AuditAction.KNOWLEDGE_BASE_DELETED,
+      resourceType: AuditResourceType.KNOWLEDGE_BASE,
+      resourceId: id,
+      resourceName: accessCheck.knowledgeBase.name,
+      description: `Deleted knowledge base "${accessCheck.knowledgeBase.name || id}"`,
+      request: _request,
+    })
+
    return NextResponse.json({
      success: true,
      data: { message: 'Knowledge base deleted successfully' },
--- a/apps/sim/app/api/knowledge/route.test.ts
+++ b/apps/sim/app/api/knowledge/route.test.ts
@@ -4,6 +4,7 @@
 * @vitest-environment node
 */
 import {
+  auditMock,
  createMockRequest,
  mockAuth,
  mockConsoleLogger,
@@ -16,6 +17,8 @@ mockKnowledgeSchemas()
 mockDrizzleOrm()
 mockConsoleLogger()

+vi.mock('@/lib/audit/log', () => auditMock)
+
 vi.mock('@/lib/workspaces/permissions/utils', () => ({
  getUserEntityPermissions: vi.fn().mockResolvedValue('admin'),
 }))
--- a/apps/sim/app/api/knowledge/route.ts
+++ b/apps/sim/app/api/knowledge/route.ts
@@ -1,6 +1,7 @@
 import { createLogger } from '@sim/logger'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
+import { AuditAction, AuditResourceType, recordAudit } from '@/lib/audit/log'
 import { getSession } from '@/lib/auth'
 import { PlatformEvents } from '@/lib/core/telemetry'
 import { generateRequestId } from '@/lib/core/utils/request'
@@ -109,6 +110,20 @@ export async function POST(req: NextRequest) {
        `[${requestId}] Knowledge base created: ${newKnowledgeBase.id} for user ${session.user.id}`
      )

+      recordAudit({
+        workspaceId: validatedData.workspaceId,
+        actorId: session.user.id,
+        actorName: session.user.name,
+        actorEmail: session.user.email,
+        action: AuditAction.KNOWLEDGE_BASE_CREATED,
+        resourceType: AuditResourceType.KNOWLEDGE_BASE,
+        resourceId: newKnowledgeBase.id,
+        resourceName: validatedData.name,
+        description: `Created knowledge base "${validatedData.name}"`,
+        metadata: { name: validatedData.name },
+        request: req,
+      })
+
      return NextResponse.json({
        success: true,
        data: newKnowledgeBase,
--- a/apps/sim/app/api/knowledge/utils.ts
+++ b/apps/sim/app/api/knowledge/utils.ts
@@ -99,7 +99,7 @@ export interface EmbeddingData {

 export interface KnowledgeBaseAccessResult {
  hasAccess: true
-  knowledgeBase: Pick<KnowledgeBaseData, 'id' | 'userId' | 'workspaceId'>
+  knowledgeBase: Pick<KnowledgeBaseData, 'id' | 'userId' | 'workspaceId' | 'name'>
 }

 export interface KnowledgeBaseAccessDenied {
@@ -113,7 +113,7 @@ export type KnowledgeBaseAccessCheck = KnowledgeBaseAccessResult | KnowledgeBase
 export interface DocumentAccessResult {
  hasAccess: true
  document: DocumentData
-  knowledgeBase: Pick<KnowledgeBaseData, 'id' | 'userId' | 'workspaceId'>
+  knowledgeBase: Pick<KnowledgeBaseData, 'id' | 'userId' | 'workspaceId' | 'name'>
 }

 export interface DocumentAccessDenied {
@@ -128,7 +128,7 @@ export interface ChunkAccessResult {
  hasAccess: true
  chunk: EmbeddingData
  document: DocumentData
-  knowledgeBase: Pick<KnowledgeBaseData, 'id' | 'userId' | 'workspaceId'>
+  knowledgeBase: Pick<KnowledgeBaseData, 'id' | 'userId' | 'workspaceId' | 'name'>
 }

 export interface ChunkAccessDenied {
@@ -151,6 +151,7 @@ export async function checkKnowledgeBaseAccess(
      id: knowledgeBase.id,
      userId: knowledgeBase.userId,
      workspaceId: knowledgeBase.workspaceId,
+      name: knowledgeBase.name,
    })
    .from(knowledgeBase)
    .where(and(eq(knowledgeBase.id, knowledgeBaseId), isNull(knowledgeBase.deletedAt)))
@@ -193,6 +194,7 @@ export async function checkKnowledgeBaseWriteAccess(
      id: knowledgeBase.id,
      userId: knowledgeBase.userId,
      workspaceId: knowledgeBase.workspaceId,
+      name: knowledgeBase.name,
    })
    .from(knowledgeBase)
    .where(and(eq(knowledgeBase.id, knowledgeBaseId), isNull(knowledgeBase.deletedAt)))
--- a/apps/sim/app/api/mcp/servers/[id]/route.ts
+++ b/apps/sim/app/api/mcp/servers/[id]/route.ts
@@ -3,6 +3,7 @@ import { mcpServers } from '@sim/db/schema'
 import { createLogger } from '@sim/logger'
 import { and, eq, isNull } from 'drizzle-orm'
 import type { NextRequest } from 'next/server'
+import { AuditAction, AuditResourceType, recordAudit } from '@/lib/audit/log'
 import { McpDomainNotAllowedError, validateMcpDomain } from '@/lib/mcp/domain-check'
 import { getParsedBody, withMcpAuth } from '@/lib/mcp/middleware'
 import { mcpService } from '@/lib/mcp/service'
@@ -85,6 +86,18 @@ export const PATCH = withMcpAuth<{ id: string }>('write')(
      }

      logger.info(`[${requestId}] Successfully updated MCP server: ${serverId}`)
+
+      recordAudit({
+        workspaceId,
+        actorId: userId,
+        action: AuditAction.MCP_SERVER_UPDATED,
+        resourceType: AuditResourceType.MCP_SERVER,
+        resourceId: serverId,
+        resourceName: updatedServer.name || serverId,
+        description: `Updated MCP server "${updatedServer.name || serverId}"`,
+        request,
+      })
+
      return createMcpSuccessResponse({ server: updatedServer })
    } catch (error) {
      logger.error(`[${requestId}] Error updating MCP server:`, error)
--- a/apps/sim/app/api/mcp/servers/route.ts
+++ b/apps/sim/app/api/mcp/servers/route.ts
@@ -3,6 +3,7 @@ import { mcpServers } from '@sim/db/schema'
 import { createLogger } from '@sim/logger'
 import { and, eq, isNull } from 'drizzle-orm'
 import type { NextRequest } from 'next/server'
+import { AuditAction, AuditResourceType, recordAudit } from '@/lib/audit/log'
 import { McpDomainNotAllowedError, validateMcpDomain } from '@/lib/mcp/domain-check'
 import { getParsedBody, withMcpAuth } from '@/lib/mcp/middleware'
 import { mcpService } from '@/lib/mcp/service'
@@ -161,6 +162,18 @@ export const POST = withMcpAuth('write')(
        // Silently fail
      }

+      recordAudit({
+        workspaceId,
+        actorId: userId,
+        action: AuditAction.MCP_SERVER_ADDED,
+        resourceType: AuditResourceType.MCP_SERVER,
+        resourceId: serverId,
+        resourceName: body.name,
+        description: `Added MCP server "${body.name}"`,
+        metadata: { serverName: body.name, transport: body.transport },
+        request,
+      })
+
      return createMcpSuccessResponse({ serverId }, 201)
    } catch (error) {
      logger.error(`[${requestId}] Error registering MCP server:`, error)
@@ -208,6 +221,18 @@ export const DELETE = withMcpAuth('admin')(
      await mcpService.clearCache(workspaceId)

      logger.info(`[${requestId}] Successfully deleted MCP server: ${serverId}`)
+
+      recordAudit({
+        workspaceId,
+        actorId: userId,
+        action: AuditAction.MCP_SERVER_REMOVED,
+        resourceType: AuditResourceType.MCP_SERVER,
+        resourceId: serverId!,
+        resourceName: deletedServer.name,
+        description: `Removed MCP server "${deletedServer.name}"`,
+        request,
+      })
+
      return createMcpSuccessResponse({ message: `Server ${serverId} deleted successfully` })
    } catch (error) {
      logger.error(`[${requestId}] Error deleting MCP server:`, error)
--- a/apps/sim/app/api/mcp/servers/test-connection/route.ts
+++ b/apps/sim/app/api/mcp/servers/test-connection/route.ts
@@ -105,6 +105,16 @@ export const POST = withMcpAuth('write')(
        logger.warn(`[${requestId}] Some environment variables not found:`, { missingVars })
      }

+      // Re-validate domain after env var resolution
+      try {
+        validateMcpDomain(testConfig.url)
+      } catch (e) {
+        if (e instanceof McpDomainNotAllowedError) {
+          return createMcpErrorResponse(e, e.message, 403)
+        }
+        throw e
+      }
+
      const testSecurityPolicy = {
        requireConsent: false,
        auditLevel: 'none' as const,
--- a/apps/sim/app/api/mcp/workflow-servers/[id]/route.ts
+++ b/apps/sim/app/api/mcp/workflow-servers/[id]/route.ts
@@ -3,6 +3,7 @@ import { workflowMcpServer, workflowMcpTool } from '@sim/db/schema'
 import { createLogger } from '@sim/logger'
 import { and, eq } from 'drizzle-orm'
 import type { NextRequest } from 'next/server'
+import { AuditAction, AuditResourceType, recordAudit } from '@/lib/audit/log'
 import { getParsedBody, withMcpAuth } from '@/lib/mcp/middleware'
 import { mcpPubSub } from '@/lib/mcp/pubsub'
 import { createMcpErrorResponse, createMcpSuccessResponse } from '@/lib/mcp/utils'
@@ -112,6 +113,17 @@ export const PATCH = withMcpAuth<RouteParams>('write')(

      logger.info(`[${requestId}] Successfully updated workflow MCP server: ${serverId}`)

+      recordAudit({
+        workspaceId,
+        actorId: userId,
+        action: AuditAction.MCP_SERVER_UPDATED,
+        resourceType: AuditResourceType.MCP_SERVER,
+        resourceId: serverId,
+        resourceName: updatedServer.name,
+        description: `Updated workflow MCP server "${updatedServer.name}"`,
+        request,
+      })
+
      return createMcpSuccessResponse({ server: updatedServer })
    } catch (error) {
      logger.error(`[${requestId}] Error updating workflow MCP server:`, error)
@@ -149,6 +161,17 @@ export const DELETE = withMcpAuth<RouteParams>('admin')(

      mcpPubSub?.publishWorkflowToolsChanged({ serverId, workspaceId })

+      recordAudit({
+        workspaceId,
+        actorId: userId,
+        action: AuditAction.MCP_SERVER_REMOVED,
+        resourceType: AuditResourceType.MCP_SERVER,
+        resourceId: serverId,
+        resourceName: deletedServer.name,
+        description: `Unpublished workflow MCP server "${deletedServer.name}"`,
+        request,
+      })
+
      return createMcpSuccessResponse({ message: `Server ${serverId} deleted successfully` })
    } catch (error) {
      logger.error(`[${requestId}] Error deleting workflow MCP server:`, error)
--- a/apps/sim/app/api/mcp/workflow-servers/[id]/tools/[toolId]/route.ts
+++ b/apps/sim/app/api/mcp/workflow-servers/[id]/tools/[toolId]/route.ts
@@ -3,6 +3,7 @@ import { workflowMcpServer, workflowMcpTool } from '@sim/db/schema'
 import { createLogger } from '@sim/logger'
 import { and, eq } from 'drizzle-orm'
 import type { NextRequest } from 'next/server'
+import { AuditAction, AuditResourceType, recordAudit } from '@/lib/audit/log'
 import { getParsedBody, withMcpAuth } from '@/lib/mcp/middleware'
 import { mcpPubSub } from '@/lib/mcp/pubsub'
 import { createMcpErrorResponse, createMcpSuccessResponse } from '@/lib/mcp/utils'
@@ -118,6 +119,17 @@ export const PATCH = withMcpAuth<RouteParams>('write')(

      mcpPubSub?.publishWorkflowToolsChanged({ serverId, workspaceId })

+      recordAudit({
+        workspaceId,
+        actorId: userId,
+        action: AuditAction.MCP_SERVER_UPDATED,
+        resourceType: AuditResourceType.MCP_SERVER,
+        resourceId: serverId,
+        description: `Updated tool "${updatedTool.toolName}" in MCP server`,
+        metadata: { toolId, toolName: updatedTool.toolName },
+        request,
+      })
+
      return createMcpSuccessResponse({ tool: updatedTool })
    } catch (error) {
      logger.error(`[${requestId}] Error updating tool:`, error)
@@ -165,6 +177,17 @@ export const DELETE = withMcpAuth<RouteParams>('write')(

      mcpPubSub?.publishWorkflowToolsChanged({ serverId, workspaceId })

+      recordAudit({
+        workspaceId,
+        actorId: userId,
+        action: AuditAction.MCP_SERVER_UPDATED,
+        resourceType: AuditResourceType.MCP_SERVER,
+        resourceId: serverId,
+        description: `Removed tool "${deletedTool.toolName}" from MCP server`,
+        metadata: { toolId, toolName: deletedTool.toolName },
+        request,
+      })
+
      return createMcpSuccessResponse({ message: `Tool ${toolId} deleted successfully` })
    } catch (error) {
      logger.error(`[${requestId}] Error deleting tool:`, error)
--- a/apps/sim/app/api/mcp/workflow-servers/[id]/tools/route.ts
+++ b/apps/sim/app/api/mcp/workflow-servers/[id]/tools/route.ts
@@ -3,6 +3,7 @@ import { workflow, workflowMcpServer, workflowMcpTool } from '@sim/db/schema'
 import { createLogger } from '@sim/logger'
 import { and, eq } from 'drizzle-orm'
 import type { NextRequest } from 'next/server'
+import { AuditAction, AuditResourceType, recordAudit } from '@/lib/audit/log'
 import { getParsedBody, withMcpAuth } from '@/lib/mcp/middleware'
 import { mcpPubSub } from '@/lib/mcp/pubsub'
 import { createMcpErrorResponse, createMcpSuccessResponse } from '@/lib/mcp/utils'
@@ -197,6 +198,17 @@ export const POST = withMcpAuth<RouteParams>('write')(

      mcpPubSub?.publishWorkflowToolsChanged({ serverId, workspaceId })

+      recordAudit({
+        workspaceId,
+        actorId: userId,
+        action: AuditAction.MCP_SERVER_UPDATED,
+        resourceType: AuditResourceType.MCP_SERVER,
+        resourceId: serverId,
+        description: `Added tool "${toolName}" to MCP server`,
+        metadata: { toolId, toolName, workflowId: body.workflowId },
+        request,
+      })
+
      return createMcpSuccessResponse({ tool }, 201)
    } catch (error) {
      logger.error(`[${requestId}] Error adding tool:`, error)
--- a/apps/sim/app/api/mcp/workflow-servers/route.ts
+++ b/apps/sim/app/api/mcp/workflow-servers/route.ts
@@ -3,6 +3,7 @@ import { workflow, workflowMcpServer, workflowMcpTool } from '@sim/db/schema'
 import { createLogger } from '@sim/logger'
 import { eq, inArray, sql } from 'drizzle-orm'
 import type { NextRequest } from 'next/server'
+import { AuditAction, AuditResourceType, recordAudit } from '@/lib/audit/log'
 import { getParsedBody, withMcpAuth } from '@/lib/mcp/middleware'
 import { mcpPubSub } from '@/lib/mcp/pubsub'
 import { createMcpErrorResponse, createMcpSuccessResponse } from '@/lib/mcp/utils'
@@ -188,6 +189,17 @@ export const POST = withMcpAuth('write')(
        `[${requestId}] Successfully created workflow MCP server: ${body.name} (ID: ${serverId})`
      )

+      recordAudit({
+        workspaceId,
+        actorId: userId,
+        action: AuditAction.MCP_SERVER_ADDED,
+        resourceType: AuditResourceType.MCP_SERVER,
+        resourceId: serverId,
+        resourceName: body.name.trim(),
+        description: `Published workflow MCP server "${body.name.trim()}" with ${addedTools.length} tool(s)`,
+        request,
+      })
+
      return createMcpSuccessResponse({ server, addedTools }, 201)
    } catch (error) {
      logger.error(`[${requestId}] Error creating workflow MCP server:`, error)
--- a/apps/sim/app/api/organizations/[id]/invitations/[invitationId]/route.ts
+++ b/apps/sim/app/api/organizations/[id]/invitations/[invitationId]/route.ts
@@ -18,6 +18,7 @@ import { and, eq } from 'drizzle-orm'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
 import { getEmailSubject, renderInvitationEmail } from '@/components/emails'
+import { AuditAction, AuditResourceType, recordAudit } from '@/lib/audit/log'
 import { getSession } from '@/lib/auth'
 import { hasAccessControlAccess } from '@/lib/billing'
 import { syncUsageLimitsFromSubscription } from '@/lib/billing/core/usage'
@@ -552,6 +553,25 @@ export async function PUT(
      email: orgInvitation.email,
    })

+    const auditActionMap = {
+      accepted: AuditAction.ORG_INVITATION_ACCEPTED,
+      rejected: AuditAction.ORG_INVITATION_REJECTED,
+      cancelled: AuditAction.ORG_INVITATION_CANCELLED,
+    } as const
+
+    recordAudit({
+      workspaceId: null,
+      actorId: session.user.id,
+      action: auditActionMap[status],
+      resourceType: AuditResourceType.ORGANIZATION,
+      resourceId: organizationId,
+      actorName: session.user.name ?? undefined,
+      actorEmail: session.user.email ?? undefined,
+      description: `Organization invitation ${status} for ${orgInvitation.email}`,
+      metadata: { invitationId, email: orgInvitation.email, status },
+      request: req,
+    })
+
    return NextResponse.json({
      success: true,
      message: `Invitation ${status} successfully`,
--- a/apps/sim/app/api/organizations/[id]/invitations/route.ts
+++ b/apps/sim/app/api/organizations/[id]/invitations/route.ts
@@ -17,6 +17,7 @@ import {
  renderBatchInvitationEmail,
  renderInvitationEmail,
 } from '@/components/emails'
+import { AuditAction, AuditResourceType, recordAudit } from '@/lib/audit/log'
 import { getSession } from '@/lib/auth'
 import {
  validateBulkInvitations,
@@ -411,6 +412,22 @@ export async function POST(request: NextRequest, { params }: { params: Promise<{
      workspaceInvitationCount: workspaceInvitationIds.length,
    })

+    for (const inv of invitationsToCreate) {
+      recordAudit({
+        workspaceId: null,
+        actorId: session.user.id,
+        action: AuditAction.ORG_INVITATION_CREATED,
+        resourceType: AuditResourceType.ORGANIZATION,
+        resourceId: organizationId,
+        actorName: session.user.name ?? undefined,
+        actorEmail: session.user.email ?? undefined,
+        resourceName: organizationEntry[0]?.name,
+        description: `Invited ${inv.email} to organization as ${role}`,
+        metadata: { invitationId: inv.id, email: inv.email, role },
+        request,
+      })
+    }
+
    return NextResponse.json({
      success: true,
      message: `${invitationsToCreate.length} invitation(s) sent successfully`,
@@ -532,6 +549,19 @@ export async function DELETE(
      email: result[0].email,
    })

+    recordAudit({
+      workspaceId: null,
+      actorId: session.user.id,
+      action: AuditAction.ORG_INVITATION_REVOKED,
+      resourceType: AuditResourceType.ORGANIZATION,
+      resourceId: organizationId,
+      actorName: session.user.name ?? undefined,
+      actorEmail: session.user.email ?? undefined,
+      description: `Revoked organization invitation for ${result[0].email}`,
+      metadata: { invitationId, email: result[0].email },
+      request,
+    })
+
    return NextResponse.json({
      success: true,
      message: 'Invitation cancelled successfully',
--- a/apps/sim/app/api/organizations/[id]/members/[memberId]/route.ts
+++ b/apps/sim/app/api/organizations/[id]/members/[memberId]/route.ts
@@ -4,6 +4,7 @@ import { createLogger } from '@sim/logger'
 import { and, eq } from 'drizzle-orm'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
+import { AuditAction, AuditResourceType, recordAudit } from '@/lib/audit/log'
 import { getSession } from '@/lib/auth'
 import { getUserUsageData } from '@/lib/billing/core/usage'
 import { removeUserFromOrganization } from '@/lib/billing/organizations/membership'
@@ -213,6 +214,19 @@ export async function PUT(
      updatedBy: session.user.id,
    })

+    recordAudit({
+      workspaceId: null,
+      actorId: session.user.id,
+      action: AuditAction.ORG_MEMBER_ROLE_CHANGED,
+      resourceType: AuditResourceType.ORGANIZATION,
+      resourceId: organizationId,
+      actorName: session.user.name ?? undefined,
+      actorEmail: session.user.email ?? undefined,
+      description: `Changed role for member ${memberId} to ${role}`,
+      metadata: { targetUserId: memberId, newRole: role },
+      request,
+    })
+
    return NextResponse.json({
      success: true,
      message: 'Member role updated successfully',
@@ -305,6 +319,22 @@ export async function DELETE(
      billingActions: result.billingActions,
    })

+    recordAudit({
+      workspaceId: null,
+      actorId: session.user.id,
+      action: AuditAction.ORG_MEMBER_REMOVED,
+      resourceType: AuditResourceType.ORGANIZATION,
+      resourceId: organizationId,
+      actorName: session.user.name ?? undefined,
+      actorEmail: session.user.email ?? undefined,
+      description:
+        session.user.id === targetUserId
+          ? 'Left the organization'
+          : `Removed member ${targetUserId} from organization`,
+      metadata: { targetUserId, wasSelfRemoval: session.user.id === targetUserId },
+      request,
+    })
+
    return NextResponse.json({
      success: true,
      message:
--- a/apps/sim/app/api/organizations/[id]/members/route.ts
+++ b/apps/sim/app/api/organizations/[id]/members/route.ts
@@ -5,6 +5,7 @@ import { createLogger } from '@sim/logger'
 import { and, eq } from 'drizzle-orm'
 import { type NextRequest, NextResponse } from 'next/server'
 import { getEmailSubject, renderInvitationEmail } from '@/components/emails'
+import { AuditAction, AuditResourceType, recordAudit } from '@/lib/audit/log'
 import { getSession } from '@/lib/auth'
 import { getUserUsageData } from '@/lib/billing/core/usage'
 import { validateSeatAvailability } from '@/lib/billing/validation/seat-management'
@@ -285,6 +286,19 @@ export async function POST(request: NextRequest, { params }: { params: Promise<{
      // Don't fail the request if email fails
    }

+    recordAudit({
+      workspaceId: null,
+      actorId: session.user.id,
+      action: AuditAction.ORG_INVITATION_CREATED,
+      resourceType: AuditResourceType.ORGANIZATION,
+      resourceId: organizationId,
+      actorName: session.user.name ?? undefined,
+      actorEmail: session.user.email ?? undefined,
+      description: `Invited ${normalizedEmail} to organization as ${role}`,
+      metadata: { invitationId, email: normalizedEmail, role },
+      request,
+    })
+
    return NextResponse.json({
      success: true,
      message: `Invitation sent to ${normalizedEmail}`,
--- a/apps/sim/app/api/organizations/[id]/route.ts
+++ b/apps/sim/app/api/organizations/[id]/route.ts
@@ -4,6 +4,7 @@ import { createLogger } from '@sim/logger'
 import { and, eq, ne } from 'drizzle-orm'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
+import { AuditAction, AuditResourceType, recordAudit } from '@/lib/audit/log'
 import { getSession } from '@/lib/auth'
 import {
  getOrganizationSeatAnalytics,
@@ -192,6 +193,20 @@ export async function PUT(request: NextRequest, { params }: { params: Promise<{
        changes: { name, slug, logo },
      })

+      recordAudit({
+        workspaceId: null,
+        actorId: session.user.id,
+        action: AuditAction.ORGANIZATION_UPDATED,
+        resourceType: AuditResourceType.ORGANIZATION,
+        resourceId: organizationId,
+        actorName: session.user.name ?? undefined,
+        actorEmail: session.user.email ?? undefined,
+        resourceName: updatedOrg[0].name,
+        description: `Updated organization settings`,
+        metadata: { changes: { name, slug, logo } },
+        request,
+      })
+
      return NextResponse.json({
        success: true,
        message: 'Organization updated successfully',
--- a/apps/sim/app/api/organizations/route.ts
+++ b/apps/sim/app/api/organizations/route.ts
@@ -3,6 +3,7 @@ import { member, organization } from '@sim/db/schema'
 import { createLogger } from '@sim/logger'
 import { and, eq, or } from 'drizzle-orm'
 import { NextResponse } from 'next/server'
+import { AuditAction, AuditResourceType, recordAudit } from '@/lib/audit/log'
 import { getSession } from '@/lib/auth'
 import { createOrganizationForTeamPlan } from '@/lib/billing/organization'

@@ -115,6 +116,19 @@ export async function POST(request: Request) {
      organizationId,
    })

+    recordAudit({
+      workspaceId: null,
+      actorId: user.id,
+      action: AuditAction.ORGANIZATION_CREATED,
+      resourceType: AuditResourceType.ORGANIZATION,
+      resourceId: organizationId,
+      actorName: user.name ?? undefined,
+      actorEmail: user.email ?? undefined,
+      resourceName: organizationName ?? undefined,
+      description: `Created organization "${organizationName}"`,
+      request,
+    })
+
    return NextResponse.json({
      success: true,
      organizationId,
--- a/apps/sim/app/api/permission-groups/[id]/members/route.ts
+++ b/apps/sim/app/api/permission-groups/[id]/members/route.ts
@@ -4,6 +4,7 @@ import { createLogger } from '@sim/logger'
 import { and, eq } from 'drizzle-orm'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
+import { AuditAction, AuditResourceType, recordAudit } from '@/lib/audit/log'
 import { getSession } from '@/lib/auth'
 import { hasAccessControlAccess } from '@/lib/billing'

@@ -13,6 +14,7 @@ async function getPermissionGroupWithAccess(groupId: string, userId: string) {
  const [group] = await db
    .select({
      id: permissionGroup.id,
+      name: permissionGroup.name,
      organizationId: permissionGroup.organizationId,
    })
    .from(permissionGroup)
@@ -151,6 +153,20 @@ export async function POST(req: NextRequest, { params }: { params: Promise<{ id:
      assignedBy: session.user.id,
    })

+    recordAudit({
+      workspaceId: null,
+      actorId: session.user.id,
+      action: AuditAction.PERMISSION_GROUP_MEMBER_ADDED,
+      resourceType: AuditResourceType.PERMISSION_GROUP,
+      resourceId: id,
+      resourceName: result.group.name,
+      actorName: session.user.name ?? undefined,
+      actorEmail: session.user.email ?? undefined,
+      description: `Added member ${userId} to permission group "${result.group.name}"`,
+      metadata: { targetUserId: userId, permissionGroupId: id },
+      request: req,
+    })
+
    return NextResponse.json({ member: newMember }, { status: 201 })
  } catch (error) {
    if (error instanceof z.ZodError) {
@@ -221,6 +237,20 @@ export async function DELETE(req: NextRequest, { params }: { params: Promise<{ i
      userId: session.user.id,
    })

+    recordAudit({
+      workspaceId: null,
+      actorId: session.user.id,
+      action: AuditAction.PERMISSION_GROUP_MEMBER_REMOVED,
+      resourceType: AuditResourceType.PERMISSION_GROUP,
+      resourceId: id,
+      resourceName: result.group.name,
+      actorName: session.user.name ?? undefined,
+      actorEmail: session.user.email ?? undefined,
+      description: `Removed member ${memberToRemove.userId} from permission group "${result.group.name}"`,
+      metadata: { targetUserId: memberToRemove.userId, memberId, permissionGroupId: id },
+      request: req,
+    })
+
    return NextResponse.json({ success: true })
  } catch (error) {
    logger.error('Error removing member from permission group', error)
--- a/apps/sim/app/api/permission-groups/[id]/route.ts
+++ b/apps/sim/app/api/permission-groups/[id]/route.ts
@@ -4,6 +4,7 @@ import { createLogger } from '@sim/logger'
 import { and, eq } from 'drizzle-orm'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
+import { AuditAction, AuditResourceType, recordAudit } from '@/lib/audit/log'
 import { getSession } from '@/lib/auth'
 import { hasAccessControlAccess } from '@/lib/billing'
 import {
@@ -181,6 +182,19 @@ export async function PUT(req: NextRequest, { params }: { params: Promise<{ id:
      .where(eq(permissionGroup.id, id))
      .limit(1)

+    recordAudit({
+      workspaceId: null,
+      actorId: session.user.id,
+      action: AuditAction.PERMISSION_GROUP_UPDATED,
+      resourceType: AuditResourceType.PERMISSION_GROUP,
+      resourceId: id,
+      actorName: session.user.name ?? undefined,
+      actorEmail: session.user.email ?? undefined,
+      resourceName: updated.name,
+      description: `Updated permission group "${updated.name}"`,
+      request: req,
+    })
+
    return NextResponse.json({
      permissionGroup: {
        ...updated,
@@ -229,6 +243,19 @@ export async function DELETE(req: NextRequest, { params }: { params: Promise<{ i

    logger.info('Deleted permission group', { permissionGroupId: id, userId: session.user.id })

+    recordAudit({
+      workspaceId: null,
+      actorId: session.user.id,
+      action: AuditAction.PERMISSION_GROUP_DELETED,
+      resourceType: AuditResourceType.PERMISSION_GROUP,
+      resourceId: id,
+      actorName: session.user.name ?? undefined,
+      actorEmail: session.user.email ?? undefined,
+      resourceName: result.group.name,
+      description: `Deleted permission group "${result.group.name}"`,
+      request: req,
+    })
+
    return NextResponse.json({ success: true })
  } catch (error) {
    logger.error('Error deleting permission group', error)
--- a/apps/sim/app/api/permission-groups/route.ts
+++ b/apps/sim/app/api/permission-groups/route.ts
@@ -4,6 +4,7 @@ import { createLogger } from '@sim/logger'
 import { and, count, desc, eq } from 'drizzle-orm'
 import { NextResponse } from 'next/server'
 import { z } from 'zod'
+import { AuditAction, AuditResourceType, recordAudit } from '@/lib/audit/log'
 import { getSession } from '@/lib/auth'
 import { hasAccessControlAccess } from '@/lib/billing'
 import {
@@ -198,6 +199,19 @@ export async function POST(req: Request) {
      userId: session.user.id,
    })

+    recordAudit({
+      workspaceId: null,
+      actorId: session.user.id,
+      action: AuditAction.PERMISSION_GROUP_CREATED,
+      resourceType: AuditResourceType.PERMISSION_GROUP,
+      resourceId: newGroup.id,
+      actorName: session.user.name ?? undefined,
+      actorEmail: session.user.email ?? undefined,
+      resourceName: name,
+      description: `Created permission group "${name}"`,
+      request: req,
+    })
+
    return NextResponse.json({ permissionGroup: newGroup }, { status: 201 })
  } catch (error) {
    if (error instanceof z.ZodError) {
--- a/apps/sim/app/api/schedules/[id]/route.test.ts
+++ b/apps/sim/app/api/schedules/[id]/route.test.ts
@@ -3,7 +3,7 @@
 *
 * @vitest-environment node
 */
-import { databaseMock, loggerMock } from '@sim/testing'
+import { auditMock, databaseMock, loggerMock } from '@sim/testing'
 import { NextRequest } from 'next/server'
 import { afterEach, beforeEach, describe, expect, it, vi } from 'vitest'

@@ -37,6 +37,8 @@ vi.mock('@/lib/core/utils/request', () => ({

 vi.mock('@sim/logger', () => loggerMock)

+vi.mock('@/lib/audit/log', () => auditMock)
+
 import { PUT } from './route'

 function createRequest(body: Record<string, unknown>): NextRequest {
--- a/apps/sim/app/api/schedules/[id]/route.ts
+++ b/apps/sim/app/api/schedules/[id]/route.ts
@@ -4,6 +4,7 @@ import { createLogger } from '@sim/logger'
 import { eq } from 'drizzle-orm'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
+import { AuditAction, AuditResourceType, recordAudit } from '@/lib/audit/log'
 import { getSession } from '@/lib/auth'
 import { generateRequestId } from '@/lib/core/utils/request'
 import { validateCronExpression } from '@/lib/workflows/schedules/utils'
@@ -106,6 +107,18 @@ export async function PUT(request: NextRequest, { params }: { params: Promise<{

    logger.info(`[${requestId}] Reactivated schedule: ${scheduleId}`)

+    recordAudit({
+      workspaceId: authorization.workflow.workspaceId ?? null,
+      actorId: session.user.id,
+      action: AuditAction.SCHEDULE_UPDATED,
+      resourceType: AuditResourceType.SCHEDULE,
+      resourceId: scheduleId,
+      actorName: session.user.name ?? undefined,
+      actorEmail: session.user.email ?? undefined,
+      description: `Reactivated schedule for workflow ${schedule.workflowId}`,
+      request,
+    })
+
    return NextResponse.json({
      message: 'Schedule activated successfully',
      nextRunAt,
--- a/apps/sim/app/api/users/me/api-keys/[id]/route.ts
+++ b/apps/sim/app/api/users/me/api-keys/[id]/route.ts
@@ -3,6 +3,7 @@ import { apiKey } from '@sim/db/schema'
 import { createLogger } from '@sim/logger'
 import { and, eq } from 'drizzle-orm'
 import { type NextRequest, NextResponse } from 'next/server'
+import { AuditAction, AuditResourceType, recordAudit } from '@/lib/audit/log'
 import { getSession } from '@/lib/auth'
 import { generateRequestId } from '@/lib/core/utils/request'

@@ -34,12 +35,27 @@ export async function DELETE(
    const result = await db
      .delete(apiKey)
      .where(and(eq(apiKey.id, keyId), eq(apiKey.userId, userId)))
-      .returning({ id: apiKey.id })
+      .returning({ id: apiKey.id, name: apiKey.name })

    if (!result.length) {
      return NextResponse.json({ error: 'API key not found' }, { status: 404 })
    }

+    const deletedKey = result[0]
+
+    recordAudit({
+      workspaceId: null,
+      actorId: userId,
+      action: AuditAction.PERSONAL_API_KEY_REVOKED,
+      resourceType: AuditResourceType.API_KEY,
+      resourceId: keyId,
+      actorName: session.user.name ?? undefined,
+      actorEmail: session.user.email ?? undefined,
+      resourceName: deletedKey.name,
+      description: `Revoked personal API key: ${deletedKey.name}`,
+      request,
+    })
+
    return NextResponse.json({ success: true })
  } catch (error) {
    logger.error('Failed to delete API key', { error })
--- a/apps/sim/app/api/users/me/api-keys/route.ts
+++ b/apps/sim/app/api/users/me/api-keys/route.ts
@@ -5,6 +5,7 @@ import { and, eq } from 'drizzle-orm'
 import { nanoid } from 'nanoid'
 import { type NextRequest, NextResponse } from 'next/server'
 import { createApiKey, getApiKeyDisplayFormat } from '@/lib/api-key/auth'
+import { AuditAction, AuditResourceType, recordAudit } from '@/lib/audit/log'
 import { getSession } from '@/lib/auth'

 const logger = createLogger('ApiKeysAPI')
@@ -110,6 +111,19 @@ export async function POST(request: NextRequest) {
        createdAt: apiKey.createdAt,
      })

+    recordAudit({
+      workspaceId: null,
+      actorId: userId,
+      action: AuditAction.PERSONAL_API_KEY_CREATED,
+      resourceType: AuditResourceType.API_KEY,
+      resourceId: newKey.id,
+      actorName: session.user.name ?? undefined,
+      actorEmail: session.user.email ?? undefined,
+      resourceName: name,
+      description: `Created personal API key: ${name}`,
+      request,
+    })
+
    return NextResponse.json({
      key: {
        ...newKey,
--- a/apps/sim/app/api/webhooks/[id]/route.ts
+++ b/apps/sim/app/api/webhooks/[id]/route.ts
@@ -3,6 +3,7 @@ import { webhook, workflow } from '@sim/db/schema'
 import { createLogger } from '@sim/logger'
 import { and, eq } from 'drizzle-orm'
 import { type NextRequest, NextResponse } from 'next/server'
+import { AuditAction, AuditResourceType, recordAudit } from '@/lib/audit/log'
 import { checkSessionOrInternalAuth } from '@/lib/auth/hybrid'
 import { validateInteger } from '@/lib/core/security/input-validation'
 import { PlatformEvents } from '@/lib/core/telemetry'
@@ -261,6 +262,18 @@ export async function DELETE(
      logger.info(`[${requestId}] Successfully deleted webhook: ${id}`)
    }

+    recordAudit({
+      workspaceId: webhookData.workflow.workspaceId || null,
+      actorId: userId,
+      action: AuditAction.WEBHOOK_DELETED,
+      resourceType: AuditResourceType.WEBHOOK,
+      resourceId: id,
+      resourceName: foundWebhook.provider || 'generic',
+      description: 'Deleted webhook',
+      metadata: { workflowId: webhookData.workflow.id },
+      request,
+    })
+
    return NextResponse.json({ success: true }, { status: 200 })
  } catch (error: any) {
    logger.error(`[${requestId}] Error deleting webhook`, {
--- a/apps/sim/app/api/webhooks/route.ts
+++ b/apps/sim/app/api/webhooks/route.ts
@@ -4,6 +4,7 @@ import { createLogger } from '@sim/logger'
 import { and, desc, eq, inArray, isNull, or } from 'drizzle-orm'
 import { nanoid } from 'nanoid'
 import { type NextRequest, NextResponse } from 'next/server'
+import { AuditAction, AuditResourceType, recordAudit } from '@/lib/audit/log'
 import { getSession } from '@/lib/auth'
 import { PlatformEvents } from '@/lib/core/telemetry'
 import { generateRequestId } from '@/lib/core/utils/request'
@@ -678,6 +679,18 @@ export async function POST(request: NextRequest) {
      } catch {
        // Telemetry should not fail the operation
      }
+
+      recordAudit({
+        workspaceId: workflowRecord.workspaceId || null,
+        actorId: userId,
+        action: AuditAction.WEBHOOK_CREATED,
+        resourceType: AuditResourceType.WEBHOOK,
+        resourceId: savedWebhook.id,
+        resourceName: provider || 'generic',
+        description: `Created ${provider || 'generic'} webhook`,
+        metadata: { provider, workflowId },
+        request,
+      })
    }

    const status = targetWebhookId ? 200 : 201
--- a/apps/sim/app/api/workflows/[id]/deploy/route.ts
+++ b/apps/sim/app/api/workflows/[id]/deploy/route.ts
@@ -2,6 +2,7 @@ import { db, workflow, workflowDeploymentVersion } from '@sim/db'
 import { createLogger } from '@sim/logger'
 import { and, desc, eq } from 'drizzle-orm'
 import type { NextRequest } from 'next/server'
+import { AuditAction, AuditResourceType, recordAudit } from '@/lib/audit/log'
 import { generateRequestId } from '@/lib/core/utils/request'
 import { removeMcpToolsForWorkflow, syncMcpToolsForWorkflow } from '@/lib/mcp/workflow-mcp-sync'
 import {
@@ -258,6 +259,19 @@ export async function POST(request: NextRequest, { params }: { params: Promise<{
    // Sync MCP tools with the latest parameter schema
    await syncMcpToolsForWorkflow({ workflowId: id, requestId, context: 'deploy' })

+    recordAudit({
+      workspaceId: workflowData?.workspaceId || null,
+      actorId: actorUserId,
+      actorName: session?.user?.name,
+      actorEmail: session?.user?.email,
+      action: AuditAction.WORKFLOW_DEPLOYED,
+      resourceType: AuditResourceType.WORKFLOW,
+      resourceId: id,
+      resourceName: workflowData?.name,
+      description: `Deployed workflow "${workflowData?.name || id}"`,
+      request,
+    })
+
    const responseApiKeyInfo = workflowData!.workspaceId
      ? 'Workspace API keys'
      : 'Personal API keys'
@@ -297,11 +311,11 @@ export async function DELETE(
  try {
    logger.debug(`[${requestId}] Undeploying workflow: ${id}`)

-    const { error, workflow: workflowData } = await validateWorkflowPermissions(
-      id,
-      requestId,
-      'admin'
-    )
+    const {
+      error,
+      session,
+      workflow: workflowData,
+    } = await validateWorkflowPermissions(id, requestId, 'admin')
    if (error) {
      return createErrorResponse(error.message, error.status)
    }
@@ -325,6 +339,19 @@ export async function DELETE(
      // Silently fail
    }

+    recordAudit({
+      workspaceId: workflowData?.workspaceId || null,
+      actorId: session!.user.id,
+      actorName: session?.user?.name,
+      actorEmail: session?.user?.email,
+      action: AuditAction.WORKFLOW_UNDEPLOYED,
+      resourceType: AuditResourceType.WORKFLOW,
+      resourceId: id,
+      resourceName: workflowData?.name,
+      description: `Undeployed workflow "${workflowData?.name || id}"`,
+      request,
+    })
+
    return createSuccessResponse({
      isDeployed: false,
      deployedAt: null,
--- a/apps/sim/app/api/workflows/[id]/deployments/[version]/revert/route.ts
+++ b/apps/sim/app/api/workflows/[id]/deployments/[version]/revert/route.ts
@@ -2,6 +2,7 @@ import { db, workflow, workflowDeploymentVersion } from '@sim/db'
 import { createLogger } from '@sim/logger'
 import { and, eq } from 'drizzle-orm'
 import type { NextRequest } from 'next/server'
+import { AuditAction, AuditResourceType, recordAudit } from '@/lib/audit/log'
 import { env } from '@/lib/core/config/env'
 import { generateRequestId } from '@/lib/core/utils/request'
 import { syncMcpToolsForWorkflow } from '@/lib/mcp/workflow-mcp-sync'
@@ -22,7 +23,11 @@ export async function POST(
  const { id, version } = await params

  try {
-    const { error } = await validateWorkflowPermissions(id, requestId, 'admin')
+    const {
+      error,
+      session,
+      workflow: workflowRecord,
+    } = await validateWorkflowPermissions(id, requestId, 'admin')
    if (error) {
      return createErrorResponse(error.message, error.status)
    }
@@ -107,6 +112,19 @@ export async function POST(
      logger.error('Error sending workflow reverted event to socket server', e)
    }

+    recordAudit({
+      workspaceId: workflowRecord?.workspaceId ?? null,
+      actorId: session!.user.id,
+      action: AuditAction.WORKFLOW_DEPLOYMENT_REVERTED,
+      resourceType: AuditResourceType.WORKFLOW,
+      resourceId: id,
+      actorName: session!.user.name ?? undefined,
+      actorEmail: session!.user.email ?? undefined,
+      resourceName: workflowRecord?.name ?? undefined,
+      description: `Reverted workflow to deployment version ${version}`,
+      request,
+    })
+
    return createSuccessResponse({
      message: 'Reverted to deployment version',
      lastSaved: Date.now(),
--- a/apps/sim/app/api/workflows/[id]/duplicate/route.ts
+++ b/apps/sim/app/api/workflows/[id]/duplicate/route.ts
@@ -1,6 +1,7 @@
 import { createLogger } from '@sim/logger'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
+import { AuditAction, AuditResourceType, recordAudit } from '@/lib/audit/log'
 import { checkSessionOrInternalAuth } from '@/lib/auth/hybrid'
 import { PlatformEvents } from '@/lib/core/telemetry'
 import { generateRequestId } from '@/lib/core/utils/request'
@@ -61,6 +62,18 @@ export async function POST(req: NextRequest, { params }: { params: Promise<{ id:
      `[${requestId}] Successfully duplicated workflow ${sourceWorkflowId} to ${result.id} in ${elapsed}ms`
    )

+    recordAudit({
+      workspaceId: workspaceId || null,
+      actorId: userId,
+      action: AuditAction.WORKFLOW_DUPLICATED,
+      resourceType: AuditResourceType.WORKFLOW,
+      resourceId: result.id,
+      resourceName: result.name,
+      description: `Duplicated workflow from ${sourceWorkflowId}`,
+      metadata: { sourceWorkflowId },
+      request: req,
+    })
+
    return NextResponse.json(result, { status: 201 })
  } catch (error) {
    if (error instanceof Error) {
--- a/apps/sim/app/api/workflows/[id]/route.test.ts
+++ b/apps/sim/app/api/workflows/[id]/route.test.ts
@@ -5,7 +5,7 @@
 * @vitest-environment node
 */

-import { loggerMock, setupGlobalFetchMock } from '@sim/testing'
+import { auditMock, loggerMock, setupGlobalFetchMock } from '@sim/testing'
 import { NextRequest } from 'next/server'
 import { afterEach, beforeEach, describe, expect, it, vi } from 'vitest'

@@ -23,6 +23,8 @@ vi.mock('@/lib/auth', () => ({

 vi.mock('@sim/logger', () => loggerMock)

+vi.mock('@/lib/audit/log', () => auditMock)
+
 vi.mock('@/lib/workflows/persistence/utils', () => ({
  loadWorkflowFromNormalizedTables: (workflowId: string) =>
    mockLoadWorkflowFromNormalizedTables(workflowId),
--- a/apps/sim/app/api/workflows/[id]/route.ts
+++ b/apps/sim/app/api/workflows/[id]/route.ts
@@ -4,6 +4,7 @@ import { createLogger } from '@sim/logger'
 import { eq } from 'drizzle-orm'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
+import { AuditAction, AuditResourceType, recordAudit } from '@/lib/audit/log'
 import { checkHybridAuth, checkSessionOrInternalAuth } from '@/lib/auth/hybrid'
 import { env } from '@/lib/core/config/env'
 import { PlatformEvents } from '@/lib/core/telemetry'
@@ -336,6 +337,17 @@ export async function DELETE(
      // Don't fail the deletion if Socket.IO notification fails
    }

+    recordAudit({
+      workspaceId: workflowData.workspaceId || null,
+      actorId: userId,
+      action: AuditAction.WORKFLOW_DELETED,
+      resourceType: AuditResourceType.WORKFLOW,
+      resourceId: workflowId,
+      resourceName: workflowData.name,
+      description: `Deleted workflow "${workflowData.name}"`,
+      request,
+    })
+
    return NextResponse.json({ success: true }, { status: 200 })
  } catch (error: any) {
    const elapsed = Date.now() - startTime
--- a/apps/sim/app/api/workflows/[id]/variables/route.test.ts
+++ b/apps/sim/app/api/workflows/[id]/variables/route.test.ts
@@ -5,6 +5,7 @@
 * @vitest-environment node
 */
 import {
+  auditMock,
  databaseMock,
  defaultMockUser,
  mockAuth,
@@ -27,6 +28,8 @@ describe('Workflow Variables API Route', () => {

    vi.doMock('@sim/db', () => databaseMock)

+    vi.doMock('@/lib/audit/log', () => auditMock)
+
    vi.doMock('@/lib/workflows/utils', () => ({
      authorizeWorkflowByWorkspacePermission: mockAuthorizeWorkflowByWorkspacePermission,
    }))
--- a/apps/sim/app/api/workflows/[id]/variables/route.ts
+++ b/apps/sim/app/api/workflows/[id]/variables/route.ts
@@ -4,6 +4,7 @@ import { createLogger } from '@sim/logger'
 import { eq } from 'drizzle-orm'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
+import { AuditAction, AuditResourceType, recordAudit } from '@/lib/audit/log'
 import { checkSessionOrInternalAuth } from '@/lib/auth/hybrid'
 import { generateRequestId } from '@/lib/core/utils/request'
 import { authorizeWorkflowByWorkspacePermission } from '@/lib/workflows/utils'
@@ -79,6 +80,17 @@ export async function POST(req: NextRequest, { params }: { params: Promise<{ id:
        })
        .where(eq(workflow.id, workflowId))

+      recordAudit({
+        workspaceId: workflowData.workspaceId ?? null,
+        actorId: userId,
+        action: AuditAction.WORKFLOW_VARIABLES_UPDATED,
+        resourceType: AuditResourceType.WORKFLOW,
+        resourceId: workflowId,
+        resourceName: workflowData.name ?? undefined,
+        description: `Updated workflow variables`,
+        request: req,
+      })
+
      return NextResponse.json({ success: true })
    } catch (validationError) {
      if (validationError instanceof z.ZodError) {
--- a/apps/sim/app/api/workflows/route.ts
+++ b/apps/sim/app/api/workflows/route.ts
@@ -4,6 +4,7 @@ import { createLogger } from '@sim/logger'
 import { and, asc, eq, inArray, isNull, min } from 'drizzle-orm'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
+import { AuditAction, AuditResourceType, recordAudit } from '@/lib/audit/log'
 import { checkSessionOrInternalAuth } from '@/lib/auth/hybrid'
 import { generateRequestId } from '@/lib/core/utils/request'
 import { getUserEntityPermissions, workspaceExists } from '@/lib/workspaces/permissions/utils'
@@ -188,6 +189,18 @@ export async function POST(req: NextRequest) {

    logger.info(`[${requestId}] Successfully created empty workflow ${workflowId}`)

+    recordAudit({
+      workspaceId,
+      actorId: userId,
+      action: AuditAction.WORKFLOW_CREATED,
+      resourceType: AuditResourceType.WORKFLOW,
+      resourceId: workflowId,
+      resourceName: name,
+      description: `Created workflow "${name}"`,
+      metadata: { name },
+      request: req,
+    })
+
    return NextResponse.json({
      id: workflowId,
      name,
--- a/apps/sim/app/api/workspaces/[id]/api-keys/[keyId]/route.ts
+++ b/apps/sim/app/api/workspaces/[id]/api-keys/[keyId]/route.ts
@@ -4,6 +4,7 @@ import { createLogger } from '@sim/logger'
 import { and, eq, not } from 'drizzle-orm'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
+import { AuditAction, AuditResourceType, recordAudit } from '@/lib/audit/log'
 import { getSession } from '@/lib/auth'
 import { generateRequestId } from '@/lib/core/utils/request'
 import { getUserEntityPermissions } from '@/lib/workspaces/permissions/utils'
@@ -86,6 +87,19 @@ export async function PUT(
        updatedAt: apiKey.updatedAt,
      })

+    recordAudit({
+      workspaceId,
+      actorId: userId,
+      action: AuditAction.API_KEY_UPDATED,
+      resourceType: AuditResourceType.API_KEY,
+      resourceId: keyId,
+      actorName: session.user.name ?? undefined,
+      actorEmail: session.user.email ?? undefined,
+      resourceName: name,
+      description: `Updated workspace API key: ${name}`,
+      request,
+    })
+
    logger.info(`[${requestId}] Updated workspace API key: ${keyId} in workspace ${workspaceId}`)
    return NextResponse.json({ key: updatedKey })
  } catch (error: unknown) {
@@ -123,12 +137,27 @@ export async function DELETE(
      .where(
        and(eq(apiKey.workspaceId, workspaceId), eq(apiKey.id, keyId), eq(apiKey.type, 'workspace'))
      )
-      .returning({ id: apiKey.id })
+      .returning({ id: apiKey.id, name: apiKey.name })

    if (deletedRows.length === 0) {
      return NextResponse.json({ error: 'API key not found' }, { status: 404 })
    }

+    const deletedKey = deletedRows[0]
+
+    recordAudit({
+      workspaceId,
+      actorId: userId,
+      action: AuditAction.API_KEY_REVOKED,
+      resourceType: AuditResourceType.API_KEY,
+      resourceId: keyId,
+      actorName: session.user.name ?? undefined,
+      actorEmail: session.user.email ?? undefined,
+      resourceName: deletedKey.name,
+      description: `Revoked workspace API key: ${deletedKey.name}`,
+      request,
+    })
+
    logger.info(`[${requestId}] Deleted workspace API key: ${keyId} from workspace ${workspaceId}`)
    return NextResponse.json({ success: true })
  } catch (error: unknown) {
--- a/apps/sim/app/api/workspaces/[id]/api-keys/route.ts
+++ b/apps/sim/app/api/workspaces/[id]/api-keys/route.ts
@@ -6,6 +6,7 @@ import { nanoid } from 'nanoid'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
 import { createApiKey, getApiKeyDisplayFormat } from '@/lib/api-key/auth'
+import { AuditAction, AuditResourceType, recordAudit } from '@/lib/audit/log'
 import { getSession } from '@/lib/auth'
 import { PlatformEvents } from '@/lib/core/telemetry'
 import { generateRequestId } from '@/lib/core/utils/request'
@@ -159,6 +160,20 @@ export async function POST(request: NextRequest, { params }: { params: Promise<{

    logger.info(`[${requestId}] Created workspace API key: ${name} in workspace ${workspaceId}`)

+    recordAudit({
+      workspaceId,
+      actorId: userId,
+      actorName: session?.user?.name,
+      actorEmail: session?.user?.email,
+      action: AuditAction.API_KEY_CREATED,
+      resourceType: AuditResourceType.API_KEY,
+      resourceId: newKey.id,
+      resourceName: name,
+      description: `Created API key "${name}"`,
+      metadata: { keyName: name },
+      request,
+    })
+
    return NextResponse.json({
      key: {
        ...newKey,
@@ -222,6 +237,19 @@ export async function DELETE(
    logger.info(
      `[${requestId}] Deleted ${deletedCount} workspace API keys from workspace ${workspaceId}`
    )
+
+    recordAudit({
+      workspaceId,
+      actorId: userId,
+      actorName: session?.user?.name,
+      actorEmail: session?.user?.email,
+      action: AuditAction.API_KEY_REVOKED,
+      resourceType: AuditResourceType.API_KEY,
+      description: `Revoked ${deletedCount} API key(s)`,
+      metadata: { keyIds: keys, deletedCount },
+      request,
+    })
+
    return NextResponse.json({ success: true, deletedCount })
  } catch (error: unknown) {
    logger.error(`[${requestId}] Workspace API key DELETE error`, error)
--- a/apps/sim/app/api/workspaces/[id]/byok-keys/route.ts
+++ b/apps/sim/app/api/workspaces/[id]/byok-keys/route.ts
@@ -5,6 +5,7 @@ import { and, eq } from 'drizzle-orm'
 import { nanoid } from 'nanoid'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
+import { AuditAction, AuditResourceType, recordAudit } from '@/lib/audit/log'
 import { getSession } from '@/lib/auth'
 import { decryptSecret, encryptSecret } from '@/lib/core/security/encryption'
 import { generateRequestId } from '@/lib/core/utils/request'
@@ -185,6 +186,20 @@ export async function POST(request: NextRequest, { params }: { params: Promise<{

    logger.info(`[${requestId}] Created BYOK key for ${providerId} in workspace ${workspaceId}`)

+    recordAudit({
+      workspaceId,
+      actorId: userId,
+      actorName: session?.user?.name,
+      actorEmail: session?.user?.email,
+      action: AuditAction.BYOK_KEY_CREATED,
+      resourceType: AuditResourceType.BYOK_KEY,
+      resourceId: newKey.id,
+      resourceName: providerId,
+      description: `Added BYOK key for ${providerId}`,
+      metadata: { providerId },
+      request,
+    })
+
    return NextResponse.json({
      success: true,
      key: {
@@ -242,6 +257,19 @@ export async function DELETE(

    logger.info(`[${requestId}] Deleted BYOK key for ${providerId} from workspace ${workspaceId}`)

+    recordAudit({
+      workspaceId,
+      actorId: userId,
+      actorName: session?.user?.name,
+      actorEmail: session?.user?.email,
+      action: AuditAction.BYOK_KEY_DELETED,
+      resourceType: AuditResourceType.BYOK_KEY,
+      resourceName: providerId,
+      description: `Removed BYOK key for ${providerId}`,
+      metadata: { providerId },
+      request,
+    })
+
    return NextResponse.json({ success: true })
  } catch (error: unknown) {
    logger.error(`[${requestId}] BYOK key DELETE error`, error)
--- a/apps/sim/app/api/workspaces/[id]/duplicate/route.ts
+++ b/apps/sim/app/api/workspaces/[id]/duplicate/route.ts
@@ -1,6 +1,7 @@
 import { createLogger } from '@sim/logger'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
+import { AuditAction, AuditResourceType, recordAudit } from '@/lib/audit/log'
 import { getSession } from '@/lib/auth'
 import { generateRequestId } from '@/lib/core/utils/request'
 import { duplicateWorkspace } from '@/lib/workspaces/duplicate'
@@ -45,6 +46,19 @@ export async function POST(req: NextRequest, { params }: { params: Promise<{ id:
      `[${requestId}] Successfully duplicated workspace ${sourceWorkspaceId} to ${result.id} in ${elapsed}ms`
    )

+    recordAudit({
+      workspaceId: sourceWorkspaceId,
+      actorId: session.user.id,
+      actorName: session.user.name,
+      actorEmail: session.user.email,
+      action: AuditAction.WORKSPACE_DUPLICATED,
+      resourceType: AuditResourceType.WORKSPACE,
+      resourceId: result.id,
+      resourceName: name,
+      description: `Duplicated workspace to "${name}"`,
+      request: req,
+    })
+
    return NextResponse.json(result, { status: 201 })
  } catch (error) {
    if (error instanceof Error) {
--- a/apps/sim/app/api/workspaces/[id]/environment/route.ts
+++ b/apps/sim/app/api/workspaces/[id]/environment/route.ts
@@ -4,6 +4,7 @@ import { createLogger } from '@sim/logger'
 import { eq } from 'drizzle-orm'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
+import { AuditAction, AuditResourceType, recordAudit } from '@/lib/audit/log'
 import { getSession } from '@/lib/auth'
 import { decryptSecret, encryptSecret } from '@/lib/core/security/encryption'
 import { generateRequestId } from '@/lib/core/utils/request'
@@ -156,6 +157,19 @@ export async function PUT(request: NextRequest, { params }: { params: Promise<{
        set: { variables: merged, updatedAt: new Date() },
      })

+    recordAudit({
+      workspaceId,
+      actorId: userId,
+      actorName: session?.user?.name,
+      actorEmail: session?.user?.email,
+      action: AuditAction.ENVIRONMENT_UPDATED,
+      resourceType: AuditResourceType.ENVIRONMENT,
+      resourceId: workspaceId,
+      description: `Updated environment variables`,
+      metadata: { keysUpdated: Object.keys(variables) },
+      request,
+    })
+
    return NextResponse.json({ success: true })
  } catch (error: any) {
    logger.error(`[${requestId}] Workspace env PUT error`, error)
--- a/apps/sim/app/api/workspaces/[id]/files/[fileId]/route.ts
+++ b/apps/sim/app/api/workspaces/[id]/files/[fileId]/route.ts
@@ -1,5 +1,6 @@
 import { createLogger } from '@sim/logger'
 import { type NextRequest, NextResponse } from 'next/server'
+import { AuditAction, AuditResourceType, recordAudit } from '@/lib/audit/log'
 import { getSession } from '@/lib/auth'
 import { generateRequestId } from '@/lib/core/utils/request'
 import { deleteWorkspaceFile } from '@/lib/uploads/contexts/workspace'
@@ -39,6 +40,18 @@ export async function DELETE(

    logger.info(`[${requestId}] Deleted workspace file: ${fileId}`)

+    recordAudit({
+      workspaceId,
+      actorId: session.user.id,
+      actorName: session.user.name,
+      actorEmail: session.user.email,
+      action: AuditAction.FILE_DELETED,
+      resourceType: AuditResourceType.FILE,
+      resourceId: fileId,
+      description: `Deleted file "${fileId}"`,
+      request,
+    })
+
    return NextResponse.json({
      success: true,
    })
--- a/apps/sim/app/api/workspaces/[id]/files/route.ts
+++ b/apps/sim/app/api/workspaces/[id]/files/route.ts
@@ -1,5 +1,6 @@
 import { createLogger } from '@sim/logger'
 import { type NextRequest, NextResponse } from 'next/server'
+import { AuditAction, AuditResourceType, recordAudit } from '@/lib/audit/log'
 import { getSession } from '@/lib/auth'
 import { generateRequestId } from '@/lib/core/utils/request'
 import { listWorkspaceFiles, uploadWorkspaceFile } from '@/lib/uploads/contexts/workspace'
@@ -104,6 +105,19 @@ export async function POST(request: NextRequest, { params }: { params: Promise<{

    logger.info(`[${requestId}] Uploaded workspace file: ${file.name}`)

+    recordAudit({
+      workspaceId,
+      actorId: session.user.id,
+      actorName: session.user.name,
+      actorEmail: session.user.email,
+      action: AuditAction.FILE_UPLOADED,
+      resourceType: AuditResourceType.FILE,
+      resourceId: userFile.id,
+      resourceName: file.name,
+      description: `Uploaded file "${file.name}"`,
+      request,
+    })
+
    return NextResponse.json({
      success: true,
      file: userFile,
--- a/apps/sim/app/api/workspaces/[id]/notifications/[notificationId]/route.ts
+++ b/apps/sim/app/api/workspaces/[id]/notifications/[notificationId]/route.ts
@@ -4,6 +4,7 @@ import { createLogger } from '@sim/logger'
 import { and, eq, inArray } from 'drizzle-orm'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
+import { AuditAction, AuditResourceType, recordAudit } from '@/lib/audit/log'
 import { getSession } from '@/lib/auth'
 import { encryptSecret } from '@/lib/core/security/encryption'
 import { getUserEntityPermissions } from '@/lib/workspaces/permissions/utils'
@@ -251,6 +252,19 @@ export async function PUT(request: NextRequest, { params }: RouteParams) {
      subscriptionId: subscription.id,
    })

+    recordAudit({
+      workspaceId,
+      actorId: session.user.id,
+      action: AuditAction.NOTIFICATION_UPDATED,
+      resourceType: AuditResourceType.NOTIFICATION,
+      resourceId: notificationId,
+      resourceName: subscription.notificationType,
+      actorName: session.user.name ?? undefined,
+      actorEmail: session.user.email ?? undefined,
+      description: `Updated ${subscription.notificationType} notification subscription`,
+      request,
+    })
+
    return NextResponse.json({
      data: {
        id: subscription.id,
@@ -300,17 +314,35 @@ export async function DELETE(request: NextRequest, { params }: RouteParams) {
          eq(workspaceNotificationSubscription.workspaceId, workspaceId)
        )
      )
-      .returning({ id: workspaceNotificationSubscription.id })
+      .returning({
+        id: workspaceNotificationSubscription.id,
+        notificationType: workspaceNotificationSubscription.notificationType,
+      })

    if (deleted.length === 0) {
      return NextResponse.json({ error: 'Notification not found' }, { status: 404 })
    }

+    const deletedSubscription = deleted[0]
+
    logger.info('Deleted notification subscription', {
      workspaceId,
      subscriptionId: notificationId,
    })

+    recordAudit({
+      workspaceId,
+      actorId: session.user.id,
+      action: AuditAction.NOTIFICATION_DELETED,
+      resourceType: AuditResourceType.NOTIFICATION,
+      resourceId: notificationId,
+      actorName: session.user.name ?? undefined,
+      actorEmail: session.user.email ?? undefined,
+      resourceName: deletedSubscription.notificationType,
+      description: `Deleted ${deletedSubscription.notificationType} notification subscription`,
+      request,
+    })
+
    return NextResponse.json({ success: true })
  } catch (error) {
    logger.error('Error deleting notification', { error })
--- a/apps/sim/app/api/workspaces/[id]/notifications/route.ts
+++ b/apps/sim/app/api/workspaces/[id]/notifications/route.ts
@@ -5,6 +5,7 @@ import { and, eq, inArray } from 'drizzle-orm'
 import { type NextRequest, NextResponse } from 'next/server'
 import { v4 as uuidv4 } from 'uuid'
 import { z } from 'zod'
+import { AuditAction, AuditResourceType, recordAudit } from '@/lib/audit/log'
 import { getSession } from '@/lib/auth'
 import { encryptSecret } from '@/lib/core/security/encryption'
 import { getUserEntityPermissions } from '@/lib/workspaces/permissions/utils'
@@ -256,6 +257,19 @@ export async function POST(request: NextRequest, { params }: { params: Promise<{
      type: data.notificationType,
    })

+    recordAudit({
+      workspaceId,
+      actorId: session.user.id,
+      action: AuditAction.NOTIFICATION_CREATED,
+      resourceType: AuditResourceType.NOTIFICATION,
+      resourceId: subscription.id,
+      resourceName: data.notificationType,
+      actorName: session.user.name ?? undefined,
+      actorEmail: session.user.email ?? undefined,
+      description: `Created ${data.notificationType} notification subscription`,
+      request,
+    })
+
    return NextResponse.json({
      data: {
        id: subscription.id,
--- a/apps/sim/app/api/workspaces/[id]/permissions/route.ts
+++ b/apps/sim/app/api/workspaces/[id]/permissions/route.ts
@@ -5,6 +5,7 @@ import { createLogger } from '@sim/logger'
 import { and, eq } from 'drizzle-orm'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
+import { AuditAction, AuditResourceType, recordAudit } from '@/lib/audit/log'
 import { getSession } from '@/lib/auth'
 import {
  getUsersWithPermissions,
@@ -156,6 +157,21 @@ export async function PATCH(request: NextRequest, { params }: { params: Promise<

    const updatedUsers = await getUsersWithPermissions(workspaceId)

+    for (const update of body.updates) {
+      recordAudit({
+        workspaceId,
+        actorId: session.user.id,
+        action: AuditAction.MEMBER_ROLE_CHANGED,
+        resourceType: AuditResourceType.WORKSPACE,
+        resourceId: workspaceId,
+        actorName: session.user.name ?? undefined,
+        actorEmail: session.user.email ?? undefined,
+        description: `Changed permissions for user ${update.userId} to ${update.permissions}`,
+        metadata: { targetUserId: update.userId, newPermissions: update.permissions },
+        request,
+      })
+    }
+
    return NextResponse.json({
      message: 'Permissions updated successfully',
      users: updatedUsers,
--- a/apps/sim/app/api/workspaces/[id]/route.ts
+++ b/apps/sim/app/api/workspaces/[id]/route.ts
@@ -3,6 +3,7 @@ import { createLogger } from '@sim/logger'
 import { and, eq, inArray } from 'drizzle-orm'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
+import { AuditAction, AuditResourceType, recordAudit } from '@/lib/audit/log'
 import { getSession } from '@/lib/auth'

 const logger = createLogger('WorkspaceByIdAPI')
@@ -228,6 +229,13 @@ export async function DELETE(
      `Deleting workspace ${workspaceId} for user ${session.user.id}, deleteTemplates: ${deleteTemplates}`
    )

+    // Fetch workspace name before deletion for audit logging
+    const [workspaceRecord] = await db
+      .select({ name: workspace.name })
+      .from(workspace)
+      .where(eq(workspace.id, workspaceId))
+      .limit(1)
+
    // Delete workspace and all related data in a transaction
    await db.transaction(async (tx) => {
      // Get all workflows in this workspace before deletion
@@ -281,6 +289,19 @@ export async function DELETE(
      logger.info(`Successfully deleted workspace ${workspaceId} and all related data`)
    })

+    recordAudit({
+      workspaceId: null,
+      actorId: session.user.id,
+      actorName: session.user.name,
+      actorEmail: session.user.email,
+      action: AuditAction.WORKSPACE_DELETED,
+      resourceType: AuditResourceType.WORKSPACE,
+      resourceId: workspaceId,
+      resourceName: workspaceRecord?.name,
+      description: `Deleted workspace "${workspaceRecord?.name || workspaceId}"`,
+      request,
+    })
+
    return NextResponse.json({ success: true })
  } catch (error) {
    logger.error(`Error deleting workspace ${workspaceId}:`, error)
--- a/apps/sim/app/api/workspaces/invitations/[invitationId]/route.test.ts
+++ b/apps/sim/app/api/workspaces/invitations/[invitationId]/route.test.ts
@@ -1,4 +1,4 @@
-import { createSession, createWorkspaceRecord, loggerMock } from '@sim/testing'
+import { auditMock, createSession, createWorkspaceRecord, loggerMock } from '@sim/testing'
 import { NextRequest } from 'next/server'
 import { beforeEach, describe, expect, it, vi } from 'vitest'

@@ -55,6 +55,8 @@ vi.mock('@/lib/workspaces/permissions/utils', () => ({

 vi.mock('@sim/logger', () => loggerMock)

+vi.mock('@/lib/audit/log', () => auditMock)
+
 vi.mock('@/lib/core/utils/urls', () => ({
  getBaseUrl: vi.fn().mockReturnValue('https://test.sim.ai'),
 }))
--- a/apps/sim/app/api/workspaces/invitations/[invitationId]/route.ts
+++ b/apps/sim/app/api/workspaces/invitations/[invitationId]/route.ts
@@ -12,6 +12,7 @@ import { createLogger } from '@sim/logger'
 import { and, eq } from 'drizzle-orm'
 import { type NextRequest, NextResponse } from 'next/server'
 import { WorkspaceInvitationEmail } from '@/components/emails'
+import { AuditAction, AuditResourceType, recordAudit } from '@/lib/audit/log'
 import { getSession } from '@/lib/auth'
 import { getBaseUrl } from '@/lib/core/utils/urls'
 import { sendEmail } from '@/lib/messaging/email/mailer'
@@ -162,6 +163,19 @@ export async function GET(
          .where(eq(workspaceInvitation.id, invitation.id))
      })

+      recordAudit({
+        workspaceId: invitation.workspaceId,
+        actorId: session.user.id,
+        action: AuditAction.INVITATION_ACCEPTED,
+        resourceType: AuditResourceType.WORKSPACE,
+        resourceId: invitation.workspaceId,
+        actorName: session.user.name ?? undefined,
+        actorEmail: session.user.email ?? undefined,
+        resourceName: workspaceDetails.name,
+        description: `Accepted workspace invitation to "${workspaceDetails.name}"`,
+        request: req,
+      })
+
      return NextResponse.redirect(new URL(`/workspace/${invitation.workspaceId}/w`, getBaseUrl()))
    }

@@ -216,6 +230,19 @@ export async function DELETE(

    await db.delete(workspaceInvitation).where(eq(workspaceInvitation.id, invitationId))

+    recordAudit({
+      workspaceId: invitation.workspaceId,
+      actorId: session.user.id,
+      action: AuditAction.INVITATION_REVOKED,
+      resourceType: AuditResourceType.WORKSPACE,
+      resourceId: invitation.workspaceId,
+      actorName: session.user.name ?? undefined,
+      actorEmail: session.user.email ?? undefined,
+      description: `Revoked workspace invitation for ${invitation.email}`,
+      metadata: { invitationId, email: invitation.email },
+      request: _request,
+    })
+
    return NextResponse.json({ success: true })
  } catch (error) {
    logger.error('Error deleting workspace invitation:', error)
--- a/apps/sim/app/api/workspaces/invitations/route.test.ts
+++ b/apps/sim/app/api/workspaces/invitations/route.test.ts
@@ -1,4 +1,4 @@
-import { createMockRequest, mockAuth, mockConsoleLogger } from '@sim/testing'
+import { auditMock, createMockRequest, mockAuth, mockConsoleLogger } from '@sim/testing'
 import { beforeEach, describe, expect, it, vi } from 'vitest'

 describe('Workspace Invitations API Route', () => {
@@ -96,6 +96,8 @@ describe('Workspace Invitations API Route', () => {
      getEmailDomain: vi.fn().mockReturnValue('sim.ai'),
    }))

+    vi.doMock('@/lib/audit/log', () => auditMock)
+
    vi.doMock('drizzle-orm', () => ({
      and: vi.fn().mockImplementation((...args) => ({ type: 'and', conditions: args })),
      eq: vi.fn().mockImplementation((field, value) => ({ type: 'eq', field, value })),
--- a/apps/sim/app/api/workspaces/invitations/route.ts
+++ b/apps/sim/app/api/workspaces/invitations/route.ts
@@ -13,6 +13,7 @@ import { createLogger } from '@sim/logger'
 import { and, eq, inArray } from 'drizzle-orm'
 import { type NextRequest, NextResponse } from 'next/server'
 import { WorkspaceInvitationEmail } from '@/components/emails'
+import { AuditAction, AuditResourceType, recordAudit } from '@/lib/audit/log'
 import { getSession } from '@/lib/auth'
 import { PlatformEvents } from '@/lib/core/telemetry'
 import { getBaseUrl } from '@/lib/core/utils/urls'
@@ -214,6 +215,20 @@ export async function POST(req: NextRequest) {
      token: token,
    })

+    recordAudit({
+      workspaceId,
+      actorId: session.user.id,
+      actorName: session.user.name,
+      actorEmail: session.user.email,
+      action: AuditAction.MEMBER_INVITED,
+      resourceType: AuditResourceType.WORKSPACE,
+      resourceId: workspaceId,
+      resourceName: email,
+      description: `Invited ${email} as ${permission}`,
+      metadata: { email, role: permission },
+      request: req,
+    })
+
    return NextResponse.json({ success: true, invitation: invitationData })
  } catch (error) {
    if (error instanceof InvitationsNotAllowedError) {
--- a/apps/sim/app/api/workspaces/members/[id]/route.ts
+++ b/apps/sim/app/api/workspaces/members/[id]/route.ts
@@ -4,6 +4,7 @@ import { createLogger } from '@sim/logger'
 import { and, eq } from 'drizzle-orm'
 import { type NextRequest, NextResponse } from 'next/server'
 import { z } from 'zod'
+import { AuditAction, AuditResourceType, recordAudit } from '@/lib/audit/log'
 import { getSession } from '@/lib/auth'
 import { hasWorkspaceAdminAccess } from '@/lib/workspaces/permissions/utils'

@@ -101,6 +102,19 @@ export async function DELETE(req: NextRequest, { params }: { params: Promise<{ i
        )
      )

+    recordAudit({
+      workspaceId,
+      actorId: session.user.id,
+      actorName: session.user.name,
+      actorEmail: session.user.email,
+      action: AuditAction.MEMBER_REMOVED,
+      resourceType: AuditResourceType.WORKSPACE,
+      resourceId: workspaceId,
+      description: isSelf ? 'Left the workspace' : 'Removed a member from the workspace',
+      metadata: { removedUserId: userId, selfRemoval: isSelf },
+      request: req,
+    })
+
    return NextResponse.json({ success: true })
  } catch (error) {
    logger.error('Error removing workspace member:', error)
--- a/apps/sim/app/api/workspaces/route.ts
+++ b/apps/sim/app/api/workspaces/route.ts
@@ -4,6 +4,7 @@ import { createLogger } from '@sim/logger'
 import { and, desc, eq, isNull } from 'drizzle-orm'
 import { NextResponse } from 'next/server'
 import { z } from 'zod'
+import { AuditAction, AuditResourceType, recordAudit } from '@/lib/audit/log'
 import { getSession } from '@/lib/auth'
 import { PlatformEvents } from '@/lib/core/telemetry'
 import { buildDefaultWorkflowArtifacts } from '@/lib/workflows/defaults'
@@ -68,6 +69,20 @@ export async function POST(req: Request) {

    const newWorkspace = await createWorkspace(session.user.id, name, skipDefaultWorkflow)

+    recordAudit({
+      workspaceId: newWorkspace.id,
+      actorId: session.user.id,
+      actorName: session.user.name,
+      actorEmail: session.user.email,
+      action: AuditAction.WORKSPACE_CREATED,
+      resourceType: AuditResourceType.WORKSPACE,
+      resourceId: newWorkspace.id,
+      resourceName: newWorkspace.name,
+      description: `Created workspace "${newWorkspace.name}"`,
+      metadata: { name: newWorkspace.name },
+      request: req,
+    })
+
    return NextResponse.json({ workspace: newWorkspace })
  } catch (error) {
    logger.error('Error creating workspace:', error)
--- a/apps/sim/app/workspace/[workspaceId]/w/components/sidebar/components/settings-modal/components/mcp/mcp.tsx
+++ b/apps/sim/app/workspace/[workspaceId]/w/components/sidebar/components/settings-modal/components/mcp/mcp.tsx
@@ -109,10 +109,29 @@ const logger = createLogger('McpSettings')
 /**
 * Checks if a URL's hostname is in the allowed domains list.
 * Returns true if no allowlist is configured (null) or the domain matches.
+ * Env var references in the hostname bypass the check since the domain
+ * can't be determined until resolution — but env vars only in the path/query
+ * do NOT bypass the check.
 */
+const ENV_VAR_PATTERN = /\{\{[^}]+\}\}/
+
+function hasEnvVarInHostname(url: string): boolean {
+  // If the entire URL is an env var, hostname is unknown
+  const globalPattern = new RegExp(ENV_VAR_PATTERN.source, 'g')
+  if (url.trim().replace(globalPattern, '').trim() === '') return true
+  const protocolEnd = url.indexOf('://')
+  if (protocolEnd === -1) return ENV_VAR_PATTERN.test(url)
+  // Extract authority per RFC 3986 (terminated by /, ?, or #)
+  const afterProtocol = url.substring(protocolEnd + 3)
+  const authorityEnd = afterProtocol.search(/[/?#]/)
+  const authority = authorityEnd === -1 ? afterProtocol : afterProtocol.substring(0, authorityEnd)
+  return ENV_VAR_PATTERN.test(authority)
+}
+
 function isDomainAllowed(url: string | undefined, allowedDomains: string[] | null): boolean {
  if (allowedDomains === null) return true
-  if (!url) return true
+  if (!url) return false
+  if (hasEnvVarInHostname(url)) return true
  try {
    const hostname = new URL(url).hostname.toLowerCase()
    return allowedDomains.includes(hostname)
@@ -1030,12 +1049,14 @@ export function MCP({ initialServerId }: MCPProps) {
  const showNoResults = searchTerm.trim() && filteredServers.length === 0 && servers.length > 0

  const isFormValid = formData.name.trim() && formData.url?.trim()
-  const isAddDomainBlocked = !isDomainAllowed(formData.url, allowedMcpDomains)
+  const isAddDomainBlocked =
+    !!formData.url?.trim() && !isDomainAllowed(formData.url, allowedMcpDomains)
  const isSubmitDisabled = serversLoading || isAddingServer || !isFormValid || isAddDomainBlocked
  const testButtonLabel = getTestButtonLabel(testResult, isTestingConnection)

  const isEditFormValid = editFormData.name.trim() && editFormData.url?.trim()
-  const isEditDomainBlocked = !isDomainAllowed(editFormData.url, allowedMcpDomains)
+  const isEditDomainBlocked =
+    !!editFormData.url?.trim() && !isDomainAllowed(editFormData.url, allowedMcpDomains)
  const editTestButtonLabel = getTestButtonLabel(editTestResult, isEditTestingConnection)
  const hasEditChanges = useMemo(() => {
    if (editFormData.name !== editOriginalData.name) return true
--- a/apps/sim/lib/audit/log.test.ts
+++ b/apps/sim/lib/audit/log.test.ts
@@ -0,0 +1,272 @@
+/**
+ * @vitest-environment node
+ */
+import { auditMock, databaseMock, loggerMock } from '@sim/testing'
+import { afterEach, beforeEach, describe, expect, it, vi } from 'vitest'
+
+vi.mock('@sim/db', () => ({
+  ...databaseMock,
+  auditLog: { id: 'id', workspaceId: 'workspace_id' },
+}))
+vi.mock('@sim/logger', () => loggerMock)
+vi.mock('nanoid', () => ({ nanoid: () => 'test-id-123' }))
+
+import { AuditAction, AuditResourceType, recordAudit } from '@/lib/audit/log'
+
+describe('AuditAction', () => {
+  it('contains all expected action categories', () => {
+    expect(AuditAction.WORKFLOW_CREATED).toBe('workflow.created')
+    expect(AuditAction.MEMBER_INVITED).toBe('member.invited')
+    expect(AuditAction.API_KEY_CREATED).toBe('api_key.created')
+    expect(AuditAction.ORGANIZATION_CREATED).toBe('organization.created')
+  })
+
+  it('has unique values for every key', () => {
+    const values = Object.values(AuditAction)
+    const unique = new Set(values)
+    expect(unique.size).toBe(values.length)
+  })
+})
+
+describe('AuditResourceType', () => {
+  it('contains all expected resource types', () => {
+    expect(AuditResourceType.WORKFLOW).toBe('workflow')
+    expect(AuditResourceType.WORKSPACE).toBe('workspace')
+    expect(AuditResourceType.API_KEY).toBe('api_key')
+    expect(AuditResourceType.MCP_SERVER).toBe('mcp_server')
+  })
+
+  it('has unique values for every key', () => {
+    const values = Object.values(AuditResourceType)
+    const unique = new Set(values)
+    expect(unique.size).toBe(values.length)
+  })
+})
+
+describe('recordAudit', () => {
+  const mockInsert = databaseMock.db.insert
+  let mockValues: ReturnType<typeof vi.fn>
+
+  beforeEach(() => {
+    vi.clearAllMocks()
+    mockValues = vi.fn(() => Promise.resolve())
+    mockInsert.mockReturnValue({ values: mockValues })
+  })
+
+  afterEach(() => {
+    vi.restoreAllMocks()
+  })
+
+  it('inserts an audit log entry with all required fields', async () => {
+    recordAudit({
+      workspaceId: 'ws-1',
+      actorId: 'user-1',
+      action: AuditAction.WORKFLOW_CREATED,
+      resourceType: AuditResourceType.WORKFLOW,
+      resourceId: 'wf-1',
+    })
+
+    await vi.waitFor(() => {
+      expect(mockInsert).toHaveBeenCalledTimes(1)
+    })
+
+    expect(mockValues).toHaveBeenCalledWith(
+      expect.objectContaining({
+        id: 'test-id-123',
+        workspaceId: 'ws-1',
+        actorId: 'user-1',
+        action: 'workflow.created',
+        resourceType: 'workflow',
+        resourceId: 'wf-1',
+        metadata: {},
+      })
+    )
+  })
+
+  it('includes optional denormalized fields when provided', async () => {
+    recordAudit({
+      workspaceId: 'ws-1',
+      actorId: 'user-1',
+      action: AuditAction.FOLDER_CREATED,
+      resourceType: AuditResourceType.FOLDER,
+      resourceId: 'folder-1',
+      actorName: 'Waleed',
+      actorEmail: 'waleed@example.com',
+      resourceName: 'My Folder',
+      description: 'Created folder "My Folder"',
+    })
+
+    await vi.waitFor(() => {
+      expect(mockValues).toHaveBeenCalledTimes(1)
+    })
+
+    expect(mockValues).toHaveBeenCalledWith(
+      expect.objectContaining({
+        actorName: 'Waleed',
+        actorEmail: 'waleed@example.com',
+        resourceName: 'My Folder',
+        description: 'Created folder "My Folder"',
+      })
+    )
+  })
+
+  it('sets optional fields to undefined when not provided', async () => {
+    recordAudit({
+      workspaceId: 'ws-1',
+      actorId: 'user-1',
+      action: AuditAction.WORKSPACE_DELETED,
+      resourceType: AuditResourceType.WORKSPACE,
+    })
+
+    await vi.waitFor(() => {
+      expect(mockValues).toHaveBeenCalledTimes(1)
+    })
+
+    const insertedValues = mockValues.mock.calls[0][0]
+    expect(insertedValues.resourceId).toBeUndefined()
+    expect(insertedValues.actorName).toBeUndefined()
+    expect(insertedValues.actorEmail).toBeUndefined()
+    expect(insertedValues.resourceName).toBeUndefined()
+    expect(insertedValues.description).toBeUndefined()
+  })
+
+  it('extracts IP address from x-forwarded-for header', async () => {
+    const request = new Request('https://example.com', {
+      headers: {
+        'x-forwarded-for': '1.2.3.4, 5.6.7.8',
+        'user-agent': 'TestAgent/1.0',
+      },
+    })
+
+    recordAudit({
+      workspaceId: 'ws-1',
+      actorId: 'user-1',
+      action: AuditAction.MEMBER_INVITED,
+      resourceType: AuditResourceType.WORKSPACE,
+      request,
+    })
+
+    await vi.waitFor(() => {
+      expect(mockValues).toHaveBeenCalledTimes(1)
+    })
+
+    expect(mockValues).toHaveBeenCalledWith(
+      expect.objectContaining({
+        ipAddress: '1.2.3.4',
+        userAgent: 'TestAgent/1.0',
+      })
+    )
+  })
+
+  it('falls back to x-real-ip when x-forwarded-for is absent', async () => {
+    const request = new Request('https://example.com', {
+      headers: { 'x-real-ip': '10.0.0.1' },
+    })
+
+    recordAudit({
+      workspaceId: 'ws-1',
+      actorId: 'user-1',
+      action: AuditAction.API_KEY_CREATED,
+      resourceType: AuditResourceType.API_KEY,
+      request,
+    })
+
+    await vi.waitFor(() => {
+      expect(mockValues).toHaveBeenCalledTimes(1)
+    })
+
+    expect(mockValues).toHaveBeenCalledWith(
+      expect.objectContaining({
+        ipAddress: '10.0.0.1',
+        userAgent: undefined,
+      })
+    )
+  })
+
+  it('defaults metadata to empty object when not provided', async () => {
+    recordAudit({
+      workspaceId: 'ws-1',
+      actorId: 'user-1',
+      action: AuditAction.ENVIRONMENT_UPDATED,
+      resourceType: AuditResourceType.ENVIRONMENT,
+    })
+
+    await vi.waitFor(() => {
+      expect(mockValues).toHaveBeenCalledTimes(1)
+    })
+
+    expect(mockValues).toHaveBeenCalledWith(expect.objectContaining({ metadata: {} }))
+  })
+
+  it('passes through metadata when provided', async () => {
+    recordAudit({
+      workspaceId: 'ws-1',
+      actorId: 'user-1',
+      action: AuditAction.WEBHOOK_CREATED,
+      resourceType: AuditResourceType.WEBHOOK,
+      metadata: { provider: 'github', workflowId: 'wf-1' },
+    })
+
+    await vi.waitFor(() => {
+      expect(mockValues).toHaveBeenCalledTimes(1)
+    })
+
+    expect(mockValues).toHaveBeenCalledWith(
+      expect.objectContaining({
+        metadata: { provider: 'github', workflowId: 'wf-1' },
+      })
+    )
+  })
+
+  it('does not throw when the database insert fails', async () => {
+    mockValues.mockReturnValue(Promise.reject(new Error('DB connection lost')))
+
+    expect(() => {
+      recordAudit({
+        workspaceId: 'ws-1',
+        actorId: 'user-1',
+        action: AuditAction.WORKFLOW_DELETED,
+        resourceType: AuditResourceType.WORKFLOW,
+      })
+    }).not.toThrow()
+  })
+
+  it('does not block — returns void synchronously', () => {
+    const result = recordAudit({
+      workspaceId: 'ws-1',
+      actorId: 'user-1',
+      action: AuditAction.CHAT_DEPLOYED,
+      resourceType: AuditResourceType.CHAT,
+    })
+
+    expect(result).toBeUndefined()
+  })
+})
+
+describe('auditMock sync', () => {
+  it('has the same AuditAction keys as the source', () => {
+    const sourceKeys = Object.keys(AuditAction).sort()
+    const mockKeys = Object.keys(auditMock.AuditAction).sort()
+    expect(mockKeys).toEqual(sourceKeys)
+  })
+
+  it('has the same AuditAction values as the source', () => {
+    for (const key of Object.keys(AuditAction)) {
+      expect(auditMock.AuditAction[key]).toBe(AuditAction[key as keyof typeof AuditAction])
+    }
+  })
+
+  it('has the same AuditResourceType keys as the source', () => {
+    const sourceKeys = Object.keys(AuditResourceType).sort()
+    const mockKeys = Object.keys(auditMock.AuditResourceType).sort()
+    expect(mockKeys).toEqual(sourceKeys)
+  })
+
+  it('has the same AuditResourceType values as the source', () => {
+    for (const key of Object.keys(AuditResourceType)) {
+      expect(auditMock.AuditResourceType[key]).toBe(
+        AuditResourceType[key as keyof typeof AuditResourceType]
+      )
+    }
+  })
+})
--- a/apps/sim/lib/audit/log.ts
+++ b/apps/sim/lib/audit/log.ts
@@ -0,0 +1,207 @@
+import { auditLog, db } from '@sim/db'
+import { createLogger } from '@sim/logger'
+import { nanoid } from 'nanoid'
+
+const logger = createLogger('AuditLog')
+
+/**
+ * All auditable actions in the platform, grouped by resource type.
+ */
+export const AuditAction = {
+  // API Keys
+  API_KEY_CREATED: 'api_key.created',
+  API_KEY_UPDATED: 'api_key.updated',
+  API_KEY_REVOKED: 'api_key.revoked',
+  PERSONAL_API_KEY_CREATED: 'personal_api_key.created',
+  PERSONAL_API_KEY_REVOKED: 'personal_api_key.revoked',
+
+  // BYOK Keys
+  BYOK_KEY_CREATED: 'byok_key.created',
+  BYOK_KEY_DELETED: 'byok_key.deleted',
+
+  // Chat
+  CHAT_DEPLOYED: 'chat.deployed',
+  CHAT_UPDATED: 'chat.updated',
+  CHAT_DELETED: 'chat.deleted',
+
+  // Credential Sets
+  CREDENTIAL_SET_CREATED: 'credential_set.created',
+  CREDENTIAL_SET_UPDATED: 'credential_set.updated',
+  CREDENTIAL_SET_DELETED: 'credential_set.deleted',
+  CREDENTIAL_SET_MEMBER_REMOVED: 'credential_set_member.removed',
+  CREDENTIAL_SET_INVITATION_CREATED: 'credential_set_invitation.created',
+  CREDENTIAL_SET_INVITATION_REVOKED: 'credential_set_invitation.revoked',
+
+  // Documents
+  DOCUMENT_UPLOADED: 'document.uploaded',
+  DOCUMENT_UPDATED: 'document.updated',
+  DOCUMENT_DELETED: 'document.deleted',
+
+  // Environment
+  ENVIRONMENT_UPDATED: 'environment.updated',
+
+  // Files
+  FILE_UPLOADED: 'file.uploaded',
+  FILE_DELETED: 'file.deleted',
+
+  // Folders
+  FOLDER_CREATED: 'folder.created',
+  FOLDER_DELETED: 'folder.deleted',
+  FOLDER_DUPLICATED: 'folder.duplicated',
+
+  // Forms
+  FORM_CREATED: 'form.created',
+  FORM_UPDATED: 'form.updated',
+  FORM_DELETED: 'form.deleted',
+
+  // Invitations
+  INVITATION_ACCEPTED: 'invitation.accepted',
+  INVITATION_REVOKED: 'invitation.revoked',
+
+  // Knowledge Bases
+  KNOWLEDGE_BASE_CREATED: 'knowledge_base.created',
+  KNOWLEDGE_BASE_UPDATED: 'knowledge_base.updated',
+  KNOWLEDGE_BASE_DELETED: 'knowledge_base.deleted',
+
+  // MCP Servers
+  MCP_SERVER_ADDED: 'mcp_server.added',
+  MCP_SERVER_UPDATED: 'mcp_server.updated',
+  MCP_SERVER_REMOVED: 'mcp_server.removed',
+
+  // Members
+  MEMBER_INVITED: 'member.invited',
+  MEMBER_REMOVED: 'member.removed',
+  MEMBER_ROLE_CHANGED: 'member.role_changed',
+
+  // Notifications
+  NOTIFICATION_CREATED: 'notification.created',
+  NOTIFICATION_UPDATED: 'notification.updated',
+  NOTIFICATION_DELETED: 'notification.deleted',
+
+  // OAuth
+  OAUTH_DISCONNECTED: 'oauth.disconnected',
+
+  // Organizations
+  ORGANIZATION_CREATED: 'organization.created',
+  ORGANIZATION_UPDATED: 'organization.updated',
+  ORG_MEMBER_ADDED: 'org_member.added',
+  ORG_MEMBER_REMOVED: 'org_member.removed',
+  ORG_MEMBER_ROLE_CHANGED: 'org_member.role_changed',
+  ORG_INVITATION_CREATED: 'org_invitation.created',
+  ORG_INVITATION_ACCEPTED: 'org_invitation.accepted',
+  ORG_INVITATION_REJECTED: 'org_invitation.rejected',
+  ORG_INVITATION_CANCELLED: 'org_invitation.cancelled',
+  ORG_INVITATION_REVOKED: 'org_invitation.revoked',
+
+  // Permission Groups
+  PERMISSION_GROUP_CREATED: 'permission_group.created',
+  PERMISSION_GROUP_UPDATED: 'permission_group.updated',
+  PERMISSION_GROUP_DELETED: 'permission_group.deleted',
+  PERMISSION_GROUP_MEMBER_ADDED: 'permission_group_member.added',
+  PERMISSION_GROUP_MEMBER_REMOVED: 'permission_group_member.removed',
+
+  // Schedules
+  SCHEDULE_UPDATED: 'schedule.updated',
+
+  // Webhooks
+  WEBHOOK_CREATED: 'webhook.created',
+  WEBHOOK_DELETED: 'webhook.deleted',
+
+  // Workflows
+  WORKFLOW_CREATED: 'workflow.created',
+  WORKFLOW_DELETED: 'workflow.deleted',
+  WORKFLOW_DEPLOYED: 'workflow.deployed',
+  WORKFLOW_UNDEPLOYED: 'workflow.undeployed',
+  WORKFLOW_DUPLICATED: 'workflow.duplicated',
+  WORKFLOW_DEPLOYMENT_REVERTED: 'workflow.deployment_reverted',
+  WORKFLOW_VARIABLES_UPDATED: 'workflow.variables_updated',
+
+  // Workspaces
+  WORKSPACE_CREATED: 'workspace.created',
+  WORKSPACE_DELETED: 'workspace.deleted',
+  WORKSPACE_DUPLICATED: 'workspace.duplicated',
+} as const
+
+export type AuditActionType = (typeof AuditAction)[keyof typeof AuditAction]
+
+/**
+ * All resource types that can appear in audit log entries.
+ */
+export const AuditResourceType = {
+  API_KEY: 'api_key',
+  BYOK_KEY: 'byok_key',
+  CHAT: 'chat',
+  CREDENTIAL_SET: 'credential_set',
+  DOCUMENT: 'document',
+  ENVIRONMENT: 'environment',
+  FILE: 'file',
+  FOLDER: 'folder',
+  FORM: 'form',
+  KNOWLEDGE_BASE: 'knowledge_base',
+  MCP_SERVER: 'mcp_server',
+  NOTIFICATION: 'notification',
+  OAUTH: 'oauth',
+  ORGANIZATION: 'organization',
+  PERMISSION_GROUP: 'permission_group',
+  SCHEDULE: 'schedule',
+  WEBHOOK: 'webhook',
+  WORKFLOW: 'workflow',
+  WORKSPACE: 'workspace',
+} as const
+
+export type AuditResourceTypeValue = (typeof AuditResourceType)[keyof typeof AuditResourceType]
+
+interface AuditLogParams {
+  workspaceId?: string | null
+  actorId: string
+  action: AuditActionType
+  resourceType: AuditResourceTypeValue
+  resourceId?: string
+  actorName?: string | null
+  actorEmail?: string | null
+  resourceName?: string
+  description?: string
+  metadata?: Record<string, unknown>
+  request?: Request
+}
+
+/**
+ * Records an audit log entry. Fire-and-forget — never throws or blocks the caller.
+ */
+export function recordAudit(params: AuditLogParams): void {
+  try {
+    const ipAddress =
+      params.request?.headers.get('x-forwarded-for')?.split(',')[0].trim() ??
+      params.request?.headers.get('x-real-ip') ??
+      undefined
+    const userAgent = params.request?.headers.get('user-agent') ?? undefined
+
+    db.insert(auditLog)
+      .values({
+        id: nanoid(),
+        workspaceId: params.workspaceId || null,
+        actorId: params.actorId,
+        action: params.action,
+        resourceType: params.resourceType,
+        resourceId: params.resourceId,
+        actorName: params.actorName ?? undefined,
+        actorEmail: params.actorEmail ?? undefined,
+        resourceName: params.resourceName,
+        description: params.description,
+        metadata: params.metadata ?? {},
+        ipAddress,
+        userAgent,
+      })
+      .then(() => {
+        logger.debug('Audit log recorded', {
+          action: params.action,
+          resourceType: params.resourceType,
+        })
+      })
+      .catch((error) => {
+        logger.error('Failed to record audit log', { error, action: params.action })
+      })
+  } catch (error) {
+    logger.error('Failed to initiate audit log', { error, action: params.action })
+  }
+}
--- a/apps/sim/lib/mcp/domain-check.test.ts
+++ b/apps/sim/lib/mcp/domain-check.test.ts
@@ -3,20 +3,19 @@
 */
 import { beforeEach, describe, expect, it, vi } from 'vitest'

-const mockGetAllowedMcpDomainsFromEnv = vi.fn<() => string[] | null>()
-const mockGetBaseUrl = vi.fn<() => string>()
+const { mockGetAllowedMcpDomainsFromEnv } = vi.hoisted(() => ({
+  mockGetAllowedMcpDomainsFromEnv: vi.fn<() => string[] | null>(),
+}))

-vi.doMock('@/lib/core/config/feature-flags', () => ({
+vi.mock('@/lib/core/config/feature-flags', () => ({
  getAllowedMcpDomainsFromEnv: mockGetAllowedMcpDomainsFromEnv,
 }))

-vi.doMock('@/lib/core/utils/urls', () => ({
-  getBaseUrl: mockGetBaseUrl,
+vi.mock('@/executor/utils/reference-validation', () => ({
+  createEnvVarPattern: () => /\{\{([^}]+)\}\}/g,
 }))

-const { McpDomainNotAllowedError, isMcpDomainAllowed, validateMcpDomain } = await import(
-  './domain-check'
-)
+import { isMcpDomainAllowed, McpDomainNotAllowedError, validateMcpDomain } from './domain-check'

 describe('McpDomainNotAllowedError', () => {
  it.concurrent('creates error with correct name and message', () => {
@@ -50,63 +49,155 @@ describe('isMcpDomainAllowed', () => {
    it('allows empty string URL', () => {
      expect(isMcpDomainAllowed('')).toBe(true)
    })
+
+    it('allows env var URLs', () => {
+      expect(isMcpDomainAllowed('{{MCP_SERVER_URL}}')).toBe(true)
+    })
+
+    it('allows URLs with env vars anywhere', () => {
+      expect(isMcpDomainAllowed('https://server.com/{{PATH}}')).toBe(true)
+    })
  })

  describe('when allowlist is configured', () => {
    beforeEach(() => {
      mockGetAllowedMcpDomainsFromEnv.mockReturnValue(['allowed.com', 'internal.company.com'])
-      mockGetBaseUrl.mockReturnValue('https://platform.example.com')
    })

-    it('allows URLs on the allowlist', () => {
-      expect(isMcpDomainAllowed('https://allowed.com/mcp')).toBe(true)
-      expect(isMcpDomainAllowed('https://internal.company.com/tools')).toBe(true)
-    })
+    describe('basic domain matching', () => {
+      it('allows URLs on the allowlist', () => {
+        expect(isMcpDomainAllowed('https://allowed.com/mcp')).toBe(true)
+        expect(isMcpDomainAllowed('https://internal.company.com/tools')).toBe(true)
+      })

-    it('rejects URLs not on the allowlist', () => {
-      expect(isMcpDomainAllowed('https://evil.com/mcp')).toBe(false)
-    })
+      it('allows URLs with paths on allowlisted domains', () => {
+        expect(isMcpDomainAllowed('https://allowed.com/deep/path/to/mcp')).toBe(true)
+      })

-    it('rejects undefined URL (fail-closed)', () => {
-      expect(isMcpDomainAllowed(undefined)).toBe(false)
-    })
+      it('allows URLs with query params on allowlisted domains', () => {
+        expect(isMcpDomainAllowed('https://allowed.com/mcp?key=value&foo=bar')).toBe(true)
+      })

-    it('rejects empty string URL (fail-closed)', () => {
-      expect(isMcpDomainAllowed('')).toBe(false)
-    })
+      it('allows URLs with ports on allowlisted domains', () => {
+        expect(isMcpDomainAllowed('https://allowed.com:8080/mcp')).toBe(true)
+      })

-    it('rejects malformed URLs', () => {
-      expect(isMcpDomainAllowed('not-a-url')).toBe(false)
-    })
+      it('allows HTTP URLs on allowlisted domains', () => {
+        expect(isMcpDomainAllowed('http://allowed.com/mcp')).toBe(true)
+      })

-    it('matches case-insensitively', () => {
-      expect(isMcpDomainAllowed('https://ALLOWED.COM/mcp')).toBe(true)
-    })
+      it('matches case-insensitively', () => {
+        expect(isMcpDomainAllowed('https://ALLOWED.COM/mcp')).toBe(true)
+        expect(isMcpDomainAllowed('https://Allowed.Com/mcp')).toBe(true)
+      })

-    it('always allows the platform hostname', () => {
-      expect(isMcpDomainAllowed('https://platform.example.com/mcp')).toBe(true)
-    })
+      it('rejects URLs not on the allowlist', () => {
+        expect(isMcpDomainAllowed('https://evil.com/mcp')).toBe(false)
+      })

-    it('allows platform hostname even when not in the allowlist', () => {
-      mockGetAllowedMcpDomainsFromEnv.mockReturnValue(['other.com'])
-      expect(isMcpDomainAllowed('https://platform.example.com/mcp')).toBe(true)
-    })
-  })
+      it('rejects subdomains of allowed domains', () => {
+        expect(isMcpDomainAllowed('https://sub.allowed.com/mcp')).toBe(false)
+      })

-  describe('when getBaseUrl is not configured', () => {
-    beforeEach(() => {
-      mockGetAllowedMcpDomainsFromEnv.mockReturnValue(['allowed.com'])
-      mockGetBaseUrl.mockImplementation(() => {
-        throw new Error('Not configured')
+      it('rejects URLs with allowed domain in path only', () => {
+        expect(isMcpDomainAllowed('https://evil.com/allowed.com/mcp')).toBe(false)
      })
    })

-    it('still allows URLs on the allowlist', () => {
-      expect(isMcpDomainAllowed('https://allowed.com/mcp')).toBe(true)
+    describe('fail-closed behavior', () => {
+      it('rejects undefined URL', () => {
+        expect(isMcpDomainAllowed(undefined)).toBe(false)
+      })
+
+      it('rejects empty string URL', () => {
+        expect(isMcpDomainAllowed('')).toBe(false)
+      })
+
+      it('rejects malformed URLs', () => {
+        expect(isMcpDomainAllowed('not-a-url')).toBe(false)
+      })
+
+      it('rejects URLs with no protocol', () => {
+        expect(isMcpDomainAllowed('allowed.com/mcp')).toBe(false)
+      })
    })

-    it('still rejects URLs not on the allowlist', () => {
-      expect(isMcpDomainAllowed('https://evil.com/mcp')).toBe(false)
+    describe('env var handling — hostname bypass', () => {
+      it('allows entirely env var URL', () => {
+        expect(isMcpDomainAllowed('{{MCP_SERVER_URL}}')).toBe(true)
+      })
+
+      it('allows env var URL with whitespace', () => {
+        expect(isMcpDomainAllowed('  {{MCP_SERVER_URL}}  ')).toBe(true)
+      })
+
+      it('allows multiple env vars composing the entire URL', () => {
+        expect(isMcpDomainAllowed('{{PROTOCOL}}{{HOST}}{{PATH}}')).toBe(true)
+      })
+
+      it('allows env var in hostname portion', () => {
+        expect(isMcpDomainAllowed('https://{{MCP_HOST}}/mcp')).toBe(true)
+      })
+
+      it('allows env var as subdomain', () => {
+        expect(isMcpDomainAllowed('https://{{TENANT}}.company.com/mcp')).toBe(true)
+      })
+
+      it('allows env var in port (authority)', () => {
+        expect(isMcpDomainAllowed('https://{{HOST}}:{{PORT}}/mcp')).toBe(true)
+      })
+
+      it('allows env var as the full authority', () => {
+        expect(isMcpDomainAllowed('https://{{MCP_HOST}}:{{MCP_PORT}}/api/mcp')).toBe(true)
+      })
+    })
+
+    describe('env var handling — no bypass when only in path/query', () => {
+      it('rejects disallowed domain with env var in path', () => {
+        expect(isMcpDomainAllowed('https://evil.com/{{MCP_PATH}}')).toBe(false)
+      })
+
+      it('rejects disallowed domain with env var in query', () => {
+        expect(isMcpDomainAllowed('https://evil.com/mcp?key={{API_KEY}}')).toBe(false)
+      })
+
+      it('rejects disallowed domain with env var in fragment', () => {
+        expect(isMcpDomainAllowed('https://evil.com/mcp#{{SECTION}}')).toBe(false)
+      })
+
+      it('allows allowlisted domain with env var in path', () => {
+        expect(isMcpDomainAllowed('https://allowed.com/{{MCP_PATH}}')).toBe(true)
+      })
+
+      it('allows allowlisted domain with env var in query', () => {
+        expect(isMcpDomainAllowed('https://allowed.com/mcp?key={{API_KEY}}')).toBe(true)
+      })
+
+      it('rejects disallowed domain with env var in both path and query', () => {
+        expect(isMcpDomainAllowed('https://evil.com/{{PATH}}?token={{TOKEN}}&key={{KEY}}')).toBe(
+          false
+        )
+      })
+
+      it('rejects disallowed domain with env var in query but no path', () => {
+        expect(isMcpDomainAllowed('https://evil.com?token={{SECRET}}')).toBe(false)
+      })
+
+      it('rejects disallowed domain with env var in fragment but no path', () => {
+        expect(isMcpDomainAllowed('https://evil.com#{{SECTION}}')).toBe(false)
+      })
+    })
+
+    describe('env var security edge cases', () => {
+      it('rejects URL with env var only after allowed domain in path', () => {
+        expect(isMcpDomainAllowed('https://evil.com/allowed.com/{{VAR}}')).toBe(false)
+      })
+
+      it('rejects URL trying to use env var to sneak past domain check via userinfo', () => {
+        // https://evil.com@allowed.com would have hostname "allowed.com" per URL spec,
+        // but https://{{VAR}}@evil.com has env var in authority so it bypasses
+        expect(isMcpDomainAllowed('https://{{VAR}}@evil.com/mcp')).toBe(true)
+      })
    })
  })
 })
@@ -128,36 +219,83 @@ describe('validateMcpDomain', () => {
    it('does not throw for undefined URL', () => {
      expect(() => validateMcpDomain(undefined)).not.toThrow()
    })
+
+    it('does not throw for empty string', () => {
+      expect(() => validateMcpDomain('')).not.toThrow()
+    })
  })

  describe('when allowlist is configured', () => {
    beforeEach(() => {
      mockGetAllowedMcpDomainsFromEnv.mockReturnValue(['allowed.com'])
-      mockGetBaseUrl.mockReturnValue('https://platform.example.com')
    })

-    it('does not throw for allowed URLs', () => {
-      expect(() => validateMcpDomain('https://allowed.com/mcp')).not.toThrow()
+    describe('basic validation', () => {
+      it('does not throw for allowed URLs', () => {
+        expect(() => validateMcpDomain('https://allowed.com/mcp')).not.toThrow()
+      })
+
+      it('throws McpDomainNotAllowedError for disallowed URLs', () => {
+        expect(() => validateMcpDomain('https://evil.com/mcp')).toThrow(McpDomainNotAllowedError)
+      })
+
+      it('throws for undefined URL (fail-closed)', () => {
+        expect(() => validateMcpDomain(undefined)).toThrow(McpDomainNotAllowedError)
+      })
+
+      it('throws for malformed URLs', () => {
+        expect(() => validateMcpDomain('not-a-url')).toThrow(McpDomainNotAllowedError)
+      })
+
+      it('includes the rejected domain in the error message', () => {
+        expect(() => validateMcpDomain('https://evil.com/mcp')).toThrow(/evil\.com/)
+      })
+
+      it('includes "(empty)" in error for undefined URL', () => {
+        expect(() => validateMcpDomain(undefined)).toThrow(/\(empty\)/)
+      })
    })

-    it('throws McpDomainNotAllowedError for disallowed URLs', () => {
-      expect(() => validateMcpDomain('https://evil.com/mcp')).toThrow(McpDomainNotAllowedError)
-    })
+    describe('env var handling', () => {
+      it('does not throw for entirely env var URL', () => {
+        expect(() => validateMcpDomain('{{MCP_SERVER_URL}}')).not.toThrow()
+      })

-    it('throws for undefined URL (fail-closed)', () => {
-      expect(() => validateMcpDomain(undefined)).toThrow(McpDomainNotAllowedError)
-    })
+      it('does not throw for env var in hostname', () => {
+        expect(() => validateMcpDomain('https://{{MCP_HOST}}/mcp')).not.toThrow()
+      })

-    it('throws for malformed URLs', () => {
-      expect(() => validateMcpDomain('not-a-url')).toThrow(McpDomainNotAllowedError)
-    })
+      it('does not throw for env var in authority', () => {
+        expect(() => validateMcpDomain('https://{{HOST}}:{{PORT}}/mcp')).not.toThrow()
+      })

-    it('includes the rejected domain in the error message', () => {
-      expect(() => validateMcpDomain('https://evil.com/mcp')).toThrow(/evil\.com/)
-    })
+      it('throws for disallowed URL with env var only in path', () => {
+        expect(() => validateMcpDomain('https://evil.com/{{MCP_PATH}}')).toThrow(
+          McpDomainNotAllowedError
+        )
+      })

-    it('does not throw for platform hostname', () => {
-      expect(() => validateMcpDomain('https://platform.example.com/mcp')).not.toThrow()
+      it('throws for disallowed URL with env var only in query', () => {
+        expect(() => validateMcpDomain('https://evil.com/mcp?key={{API_KEY}}')).toThrow(
+          McpDomainNotAllowedError
+        )
+      })
+
+      it('does not throw for allowed URL with env var in path', () => {
+        expect(() => validateMcpDomain('https://allowed.com/{{PATH}}')).not.toThrow()
+      })
+
+      it('throws for disallowed URL with env var in query but no path', () => {
+        expect(() => validateMcpDomain('https://evil.com?token={{SECRET}}')).toThrow(
+          McpDomainNotAllowedError
+        )
+      })
+
+      it('throws for disallowed URL with env var in fragment but no path', () => {
+        expect(() => validateMcpDomain('https://evil.com#{{SECTION}}')).toThrow(
+          McpDomainNotAllowedError
+        )
+      })
    })
  })
 })
--- a/apps/sim/lib/mcp/domain-check.ts
+++ b/apps/sim/lib/mcp/domain-check.ts
@@ -1,5 +1,5 @@
 import { getAllowedMcpDomainsFromEnv } from '@/lib/core/config/feature-flags'
-import { getBaseUrl } from '@/lib/core/utils/urls'
+import { createEnvVarPattern } from '@/executor/utils/reference-validation'

 export class McpDomainNotAllowedError extends Error {
  constructor(domain: string) {
@@ -8,22 +8,6 @@ export class McpDomainNotAllowedError extends Error {
  }
 }

-let cachedPlatformHostname: string | null = null
-
-/**
- * Returns the platform's own hostname (from getBaseUrl), lazy-cached.
- * Always lowercase. Returns null if the base URL is not configured or invalid.
- */
-function getPlatformHostname(): string | null {
-  if (cachedPlatformHostname !== null) return cachedPlatformHostname
-  try {
-    cachedPlatformHostname = new URL(getBaseUrl()).hostname.toLowerCase()
-  } catch {
-    return null
-  }
-  return cachedPlatformHostname
-}
-
 /**
 * Core domain check. Returns null if the URL is allowed, or the hostname/url
 * string to use in the rejection error.
@@ -33,27 +17,51 @@ function checkMcpDomain(url: string): string | null {
  if (allowedDomains === null) return null
  try {
    const hostname = new URL(url).hostname.toLowerCase()
-    if (hostname === getPlatformHostname()) return null
    return allowedDomains.includes(hostname) ? null : hostname
  } catch {
    return url
  }
 }

+/**
+ * Returns true if the URL's hostname contains an env var reference,
+ * meaning domain validation must be deferred until env var resolution.
+ * Only bypasses validation when the hostname itself is unresolvable —
+ * env vars in the path/query do NOT bypass the domain check.
+ */
+function hasEnvVarInHostname(url: string): boolean {
+  // If the entire URL is an env var reference, hostname is unknown
+  if (url.trim().replace(createEnvVarPattern(), '').trim() === '') return true
+  try {
+    // Extract the authority portion (between :// and the first /, ?, or # per RFC 3986)
+    const protocolEnd = url.indexOf('://')
+    if (protocolEnd === -1) return createEnvVarPattern().test(url)
+    const afterProtocol = url.substring(protocolEnd + 3)
+    const authorityEnd = afterProtocol.search(/[/?#]/)
+    const authority = authorityEnd === -1 ? afterProtocol : afterProtocol.substring(0, authorityEnd)
+    return createEnvVarPattern().test(authority)
+  } catch {
+    return createEnvVarPattern().test(url)
+  }
+}
+
 /**
 * Returns true if the URL's domain is allowed (or no restriction is configured).
- * The platform's own hostname (from getBaseUrl) is always allowed.
+ * URLs with env var references in the hostname are allowed — they will be
+ * validated after resolution at execution time.
 */
 export function isMcpDomainAllowed(url: string | undefined): boolean {
  if (!url) {
    return getAllowedMcpDomainsFromEnv() === null
  }
+  if (hasEnvVarInHostname(url)) return true
  return checkMcpDomain(url) === null
 }

 /**
 * Throws McpDomainNotAllowedError if the URL's domain is not in the allowlist.
- * The platform's own hostname (from getBaseUrl) is always allowed.
+ * URLs with env var references in the hostname are skipped — they will be
+ * validated after resolution at execution time.
 */
 export function validateMcpDomain(url: string | undefined): void {
  if (!url) {
@@ -62,6 +70,7 @@ export function validateMcpDomain(url: string | undefined): void {
    }
    return
  }
+  if (hasEnvVarInHostname(url)) return
  const rejected = checkMcpDomain(url)
  if (rejected !== null) {
    throw new McpDomainNotAllowedError(rejected)
--- a/apps/sim/lib/mcp/service.ts
+++ b/apps/sim/lib/mcp/service.ts
@@ -10,7 +10,7 @@ import { isTest } from '@/lib/core/config/feature-flags'
 import { generateRequestId } from '@/lib/core/utils/request'
 import { McpClient } from '@/lib/mcp/client'
 import { mcpConnectionManager } from '@/lib/mcp/connection-manager'
-import { isMcpDomainAllowed } from '@/lib/mcp/domain-check'
+import { isMcpDomainAllowed, validateMcpDomain } from '@/lib/mcp/domain-check'
 import { resolveMcpConfigEnvVars } from '@/lib/mcp/resolve-config'
 import {
  createMcpCacheAdapter,
@@ -67,6 +67,7 @@ class McpService {
    const { config: resolvedConfig } = await resolveMcpConfigEnvVars(config, userId, workspaceId, {
      strict: true,
    })
+    validateMcpDomain(resolvedConfig.url)
    return resolvedConfig
  }