Skip to content

GET /api/v1/admin/orgs/:slug/audit/export

This page is auto-generated from src/admin/routes.ts. Do not edit by hand — see docs/dev/docs-auto-sync.md.

:warning: Heuristic extraction — not a contract. Response shapes below are mined from c.json(...) literals in the handler via an AST walker. Computed fields, ternaries, and non-literal returns are shown as placeholders. Refer to the linked source file for the authoritative behaviour.

Requires the following capability(ies):

  • audit:export

Other middleware observed on this route (heuristic):

  • requireCapability

GET /api/v1/admin/orgs/:slug/audit/export?format=csv|json&since=&until=&package=&decision=&limit=

Compliance export of the org’s audit trail in a format consumable by downstream tooling (SIEM ingest, spreadsheets, signed bundles). Reuses the same filters as the live audit-query endpoint but allows a much higher row cap (export is the path operators take when they need everything in the window, not the last page). Returns the body with a Content-Disposition attachment header so a browser hitting the URL gets a download.

CSV: RFC-4180 — header row, comma-separated, fields that contain commas / quotes / newlines are quote-wrapped with internal quotes doubled. JSON: a single JSON array of row objects (ordered newest-first). Operators that want true line-by-line streaming for very large windows can switch to CSV — it streams cleanly via the same loop. #116 — gated on audit:export. The capability maps to [‘audit_1y’, ‘audit_infinite’] in config/capability-features.json, which excludes free and team tiers; org and enterprise tiers retain access.

{
"error": "Org not found"
}
{
"error": "format must be 'csv' or 'json'"
}
{
"error": "ci_pr_number must be a non-negative integer"
}
{
"error": "since predates the tier's allowed audit window",
"tier": <member-expr>,
"maxWindowDays": <maxDays>
}

Shape not a JSON literal — passed through from a variable or expression. See source.

  • File: src/admin/routes.ts
  • Line: 7354