diff --git a/src/functionalTest/java/uk/gov/hmcts/reform/pip/account/management/controllers/AuditTest.java b/src/functionalTest/java/uk/gov/hmcts/reform/pip/account/management/controllers/AuditTest.java
index ce0771be..9f4d804f 100644
--- a/src/functionalTest/java/uk/gov/hmcts/reform/pip/account/management/controllers/AuditTest.java
+++ b/src/functionalTest/java/uk/gov/hmcts/reform/pip/account/management/controllers/AuditTest.java
@@ -3,6 +3,7 @@
 import com.fasterxml.jackson.core.type.TypeReference;
 import com.fasterxml.jackson.databind.ObjectMapper;
 import io.zonky.test.db.AutoConfigureEmbeddedDatabase;
+import org.apache.commons.lang3.RandomStringUtils;
 import org.junit.jupiter.api.BeforeAll;
 import org.junit.jupiter.api.Test;
 import org.springframework.beans.factory.annotation.Autowired;
@@ -24,6 +25,7 @@
 import uk.gov.hmcts.reform.pip.model.enums.AuditAction;
 
 import static org.junit.jupiter.api.Assertions.assertEquals;
+import static org.junit.jupiter.api.Assertions.assertTrue;
 import static org.springframework.http.HttpStatus.FORBIDDEN;
 import static org.springframework.test.web.servlet.request.MockMvcRequestBuilders.get;
 import static org.springframework.test.web.servlet.result.MockMvcResultMatchers.status;
@@ -145,6 +147,74 @@ void testCreateAuditLog() throws Exception {
         assertEquals(AUDIT_DETAILS, auditLog.getDetails(), "Failed to create audit log");
     }
 
+    @Test
+    void testCreateAuditLogWhenAuditDetailLengthIsBelowMinimum() throws Exception {
+        AuditLog belowMinimumAuditLog = new AuditLog(
+            USER_ID,
+            EMAIL,
+            ROLES,
+            USER_PROVENANCE,
+            AUDIT_ACTION,
+            ""
+        );
+
+        MockHttpServletRequestBuilder mockHttpServletRequestBuilder = MockMvcRequestBuilders
+            .post(ROOT_URL)
+            .content(OBJECT_MAPPER.writeValueAsString(belowMinimumAuditLog))
+            .contentType(MediaType.APPLICATION_JSON);
+
+        MvcResult mvcResult = mockMvc.perform(mockHttpServletRequestBuilder)
+            .andExpect(status().isBadRequest()).andReturn();
+        assertTrue(mvcResult.getResponse().getContentAsString().contains(
+            "details should be between 1 and 255 characters"),
+                   "Audit log details should be between 1 and 255 characters");
+    }
+
+    @Test
+    void testCreateAuditLogWhenAuditDetailLengthIsNull() throws Exception {
+        AuditLog belowMinimumAuditLog = new AuditLog(
+            USER_ID,
+            EMAIL,
+            ROLES,
+            USER_PROVENANCE,
+            AUDIT_ACTION,
+            null
+        );
+
+        MockHttpServletRequestBuilder mockHttpServletRequestBuilder = MockMvcRequestBuilders
+            .post(ROOT_URL)
+            .content(OBJECT_MAPPER.writeValueAsString(belowMinimumAuditLog))
+            .contentType(MediaType.APPLICATION_JSON);
+
+        MvcResult mvcResult = mockMvc.perform(mockHttpServletRequestBuilder)
+            .andExpect(status().isBadRequest()).andReturn();
+        assertTrue(mvcResult.getResponse().getContentAsString().contains("details must be provided"),
+                   "The audit details field must be provided");
+    }
+
+    @Test
+    void testCreateAuditLogWhenAuditDetailLengthIsAboveMaximum() throws Exception {
+        AuditLog aboveMaximumAuditLog = new AuditLog(
+            USER_ID,
+            EMAIL,
+            ROLES,
+            USER_PROVENANCE,
+            AUDIT_ACTION,
+            RandomStringUtils.random(256, true, false)
+        );
+
+        MockHttpServletRequestBuilder mockHttpServletRequestBuilder = MockMvcRequestBuilders
+            .post(ROOT_URL)
+            .content(OBJECT_MAPPER.writeValueAsString(aboveMaximumAuditLog))
+            .contentType(MediaType.APPLICATION_JSON);
+
+        MvcResult mvcResult = mockMvc.perform(mockHttpServletRequestBuilder)
+            .andExpect(status().isBadRequest()).andReturn();
+        assertTrue(mvcResult.getResponse().getContentAsString().contains(
+            "details should be between 1 and 255 characters"),
+                   "Audit log details should be between 1 and 255 characters");
+    }
+
     @Test
     @WithMockUser(username = UNAUTHORIZED_USERNAME, authorities = {UNAUTHORIZED_ROLE})
     void testUnauthorizedCreateAuditLog() throws Exception {
diff --git a/src/main/java/uk/gov/hmcts/reform/pip/account/management/model/AuditLog.java b/src/main/java/uk/gov/hmcts/reform/pip/account/management/model/AuditLog.java
index cea6de53..f80a55da 100644
--- a/src/main/java/uk/gov/hmcts/reform/pip/account/management/model/AuditLog.java
+++ b/src/main/java/uk/gov/hmcts/reform/pip/account/management/model/AuditLog.java
@@ -11,6 +11,7 @@
 import jakarta.validation.constraints.Email;
 import jakarta.validation.constraints.NotBlank;
 import jakarta.validation.constraints.NotNull;
+import jakarta.validation.constraints.Size;
 import lombok.AllArgsConstructor;
 import lombok.Data;
 import lombok.NoArgsConstructor;
@@ -54,7 +55,8 @@ public class AuditLog {
     @NotNull(message = "action shouldn't be null")
     private AuditAction action;
 
-    @NotBlank(message = "details shouldn't be blank or null")
+    @NotNull(message = "details must be provided")
+    @Size(min = 1, max = 255, message = "details should be between 1 and 255 characters")
     private String details;
 
     @CreatedDate