GET /api/v1/admin/orgs/:slug/audit
This page is auto-generated from
src/admin/routes.ts. Do not edit by hand — seedocs/dev/docs-auto-sync.md.
:warning: Heuristic extraction — not a contract. Response shapes below are mined from
c.json(...)literals in the handler via an AST walker. Computed fields, ternaries, and non-literal returns are shown as placeholders. Refer to the linked source file for the authoritative behaviour.
GET /api/v1/admin/orgs/:slug/audit
Section titled “GET /api/v1/admin/orgs/:slug/audit”Authentication
Section titled “Authentication”Requires the following capability(ies):
audit:r
Middleware
Section titled “Middleware”Other middleware observed on this route (heuristic):
requireCapability
Description
Section titled “Description”--- Audit (Phase A — unchanged) ------------------------------------------- GET /api/v1/admin/orgs/:slug/audit?since=&until=&package=&decision=&limit=&event=&actor=&subject=&cursor= #116 — gated on audit:r (one of three proof-of-concept RBAC-gated routes).
#408 — Org-scoped audit log UI surface. Extended (backwards-compatibly) with:
event— envelope event-name match (substring against the JSON"event":"<name>"token indecision_reason).actor— substring match against the envelope’s"by_user_id"field. Operators paste either the principal id or a fragment (“stytch:”) to narrow.subject— substring match againstpackage_name. The audit table usespackage_nameas the “subject” column for envelope-shape rows (member:<id>,policy:<slug>,blocklist:<slug>, etc.); a substring filter is more useful than the exact-packagematch below for these cases.cursor— ISO-8601 timestamp. Returns rows withcreated_at < cursor, newest-first. Drives “load more” pagination without the offset-cost on a hot table.
Tier-window enforcement (#408): if the caller’s since predates the
tier’s allowed window, return 400 instead of silently truncating. Per the
tier matrix in docs/tier-features.md row #408:
free → 7 days
team → 30 days
org → 365 days
enterprise → unbounded
Responses
Section titled “Responses”HTTP 404
Section titled “HTTP 404”{ "error": "Org not found"}HTTP 400
Section titled “HTTP 400”{ "error": "ci_pr_number must be a non-negative integer"}HTTP 400
Section titled “HTTP 400”{ "error": "since predates the tier's allowed audit window", "tier": <member-expr>, "maxWindowDays": <maxDays>}HTTP 200 (default)
Section titled “HTTP 200 (default)”{ "org": <member-expr>, "count": <member-expr>, "limit": <limit>, "tier": <member-expr>, "maxWindowDays": <maxDays>, "nextCursor": <nextCursor>, "entries": <entries>}Source
Section titled “Source”- File:
src/admin/routes.ts - Line: 6669