Access Transparency

Learn how Access Transparency creates a record of human access to your organization's data by Anthropic personnel, what it covers, and how to receive events through the Compliance API.



How Access Transparency works

Anthropic personnel access customer content only under defined conditions. Access Transparency is designed to make such access visible to you. The design rests on the following principles:

• Human access happens only under a published reason code.
• Human views of your covered content are recorded. Anthropic's internal tooling that can reach your covered content is instrumented to emit an event on each view.
• Events represent human access, not automated processing. Anthropic's automated safety systems process your content in a secured pipeline with no interactive human access; that processing does not write to this feed.
• Events arrive on your existing feed. Activities are accessible through your Compliance API Activity Feed. Existing credentials, audit, export, and SIEM integrations for the Compliance API will still apply.



What Access Transparency covers

• Covered content: Access Transparency covers prompt and response content sent through the Claude Messages API or Claude Code sessions. Anthropic's general ZDR documentation and ZDR for Claude Code documentation explain which APIs and features are covered by ZDR. The same APIs and features are covered by Access Transparency.
• Manual views by Anthropic personnel: Manual views of your covered content by Anthropic reviewers generate events.



What Access Transparency does not cover

• Automated processing: Model serving, safety classifiers, and abuse-detection pipelines process your content as part of normal operation and do not generate events.
• Your own organization's activity: Your API calls, admin actions, and Compliance API reads are covered by standard Activity Feed event types.
• Claude for Enterprise and Claude Apps: claude.ai Enterprise seats, Claude for Work, Cowork, and Claude in Chrome are not covered.
• Claude consumer products: Claude Free, Pro, or Max plans.
• Partner-operated platforms: Amazon Bedrock and Vertex AI; refer to those platforms' transparency controls.
• Anything ZDR does not cover: Products that are not covered by ZDR (for example, the Files API, Anthropic-hosted stateful applications, and the Batch API) are not covered by Access Transparency. See ZDR documentation for additional details.



Getting started

To enable Access Transparency:

Access Transparency is enabled at the organization level and covers all workspaces. Per-workspace enrollment is not currently available.



Receiving Access Transparency events

Access Transparency events are delivered as the anthropic_access activity type on the Compliance API Activity Feed. Filter with activity_types[]:

curl --fail-with-body -sS -G \
  "https://api.anthropic.com/v1/compliance/activities" \
  --data-urlencode "activity_types[]=anthropic_access" \
  --data-urlencode "limit=50" \
  --header "x-api-key: $ANTHROPIC_COMPLIANCE_ACCESS_KEY"

Pagination, date-range filtering (created_at.gte / .lt), and the response envelope (has_more, first_id, last_id) are shared with the rest of the Activity Feed. See Query the Activity Feed.

Each anthropic_access activity carries the standard Activity fields plus the following:

Example JSON message:

{
  "id": "activity_013b013744txqZtFHLUaRqLr",
  "type": "anthropic_access",
  "created_at": "2026-06-08T17:12:09.812446Z",
  "accessed_at": "2026-06-08T17:12:06.478035Z",
  "organization_id": "org_0910d9133038914eta7i3vt",
  "actor": { "type": "anthropic_actor", "email_address": null },
  "resource_details": { "type": "message", "id": "msg_1234ABCD" },
  "accessor_department": "Safeguards",
  "reason_code": "safety_review",
  "organization_uuid": "5b236db4-3fb4-4bf3-a560-b5e266038a15"
}



Reason codes

The set of reason codes is closed. Anthropic will update this page in the event it introduces a new code.



CMEK content preservation

In rare cases, Anthropic preserves specific content beyond the standard retention window (for example, when a safety review confirms severely harmful content that must be retained for an ongoing investigation). Preservation is itself a logged, customer-visible action:

• A preservation event is written to your feed. When content is preserved, an event with type cmek_preserve is written to your Compliance API Activity Feed, carrying a reason code from the same closed set and the same fields as an access event.
• Preservation follows review. A preservation event always follows an anthropic_access event, because preservation is initiated from a human review.
• For CMEK organizations, preservation is a visible key movement. Preserved content is re-encrypted outside your customer-managed key so that the investigation can continue independent of your key. The preservation event is your record that this occurred. All other retained content remains under your key.



Surface eligibility

The following table lists which surfaces are covered by Access Transparency. Coverage means human access to content from that surface generates anthropic_access events.



Limitations and exclusions



Coverage timing

Access Transparency applies from the time it is enabled for your organization. Content already in your retention window at enablement might also generate events when accessed, but Anthropic does not guarantee coverage for content written before enablement. Treat your enablement date as the start of reliable coverage. There might be a delay of up to two hours between enabling Access Transparency and your content being covered.



Notification timing

anthropic_access events are delivered to your Compliance API feed within two business days of the access they record. This feed should not be treated as a real-time alerting channel, and the accessed_at timestamp reflects when the access occurred, which might be up to two business days before the activity becomes visible in your feed. The created_at field reflects the time that the event became visible.



Automated processing is not logged

Access Transparency records human access only. Anthropic's automated safety systems and classifiers continue to process your content as part of normal operation, and that processing does not generate anthropic_access events. An empty feed means no human at Anthropic has viewed your content; it does not mean your content was not processed by automated systems.



Access Transparency does not change what Anthropic can access

Access Transparency records access; it does not grant or restrict it. The purposes for which Anthropic personnel may access your content are governed by your agreement with Anthropic and the Usage Policies, and are the same regardless of whether Access Transparency is enabled.



CMEK key-use logs are not a per-read record

For organizations that also enable CMEK, your cloud KMS audit log (CloudTrail, Cloud Audit Logs, or Azure Monitor) records Anthropic's use of your key. Because keys are cached for short periods during operation, an individual human read does not necessarily produce a distinct KMS decryption entry. Use the Access Transparency feed as the per-access record; your KMS log independently confirms key usage patterns.



Frequently asked questions



Related resources

• Compliance API overview
• Activity Feed
• API and data retention
• Customer-Managed Encryption Keys (CMEK)
• Claude Code data usage
• Trust Center