Compliance API documentation
The Compliance API documentation can be found here. Please note that you must be logged into your Enterprise or Edu workspace to view the API documentation.
How to get access
The Compliance Platform is available to Enterprise and Edu customers. If you'd like to purchase a plan for your organization, please reach out to our sales team or your account manager.
How it works
The Compliance Platform provides access to logs and metadata from your ChatGPT workspace that you can connect with your eDiscovery, DLP, or SIEM tools.
The Compliance Platform supports two complementary access patterns:
Compliance Logs Platform for immutable, append-only compliance log events for auditing purposes.
Stateful Compliance API for querying state at the time of request. These are useful for joining data referenced from events above and for legacy data types for audit purposes.
You can use the API Documentation and quickstart notebook to learn how to ingest data into your SIEM or data lake.
eDiscovery tools help in identifying, collecting, and delivering electronic information that can be used as evidence in legal cases.
Organizations use these tools during litigation, investigations, or audits. They enable legal teams to sift through large volumes of data to find relevant documents and communications efficiently.
DLP (Data Loss Prevention) tools are used to detect and prevent data breaches, data exfiltration, and the unauthorized use or access to sensitive information within an organization.
They are commonly used to protect intellectual property and ensure compliance with privacy laws and regulations such as GDPR, HIPAA, etc. DLP systems monitor, detect, and block sensitive data while in-use (endpoint actions), in-motion (network traffic), and at-rest (data storage).
SIEM (Security Information and Event Management) tools provide real-time analysis of security alerts generated by applications and network hardware.
They are used for threat detection, security incident management, and compliance. By aggregating and analyzing log data, SIEM systems help identify anomalous behavior and potential threats.
Data Retention with the Compliance API
The Compliance Logs Platform retains data for 30 days. If longer retention is desired then consumers should implement a system to continuously download all logs and retain them according to their policies.
Deleted data is not recoverable. This API does not provide the capability for deleting any data logged internally specifically for audit or security within OpenAI. All authenticated requests to this API are logged for security and compliance purposes. When an item is deleted using this API, it is also removed from all production search and retrieval indexes. Data is retained internally for no greater than 30 days following a deletion request.
Deprecation Notice
On March 5th, 2026 a new conversations logs system was released, deprecating the old stateful route.
Action May Be Required: the stateful route will be removed June 5th, 2026. Please follow the API Documentation to move your integrations to the new source as soon as possible.
Partner Integrations
To help with their compliance requirements, customers can take advantage of 13 Compliance API integrations built by leading eDiscovery and Data Loss Prevention (DLP) companies.
Updated conversation message logs in the Logs Platform are currently supported by:
And implementations are in progress by:
All partners support ingestion of the other data types. You can read more about the Compliance API in our blog post.