Audit Log
Platform owner endpoint for viewing administrative action history.
Overview
All platform owner actions are logged for compliance and security:
- Organization approvals/rejections
- Tier changes
- User MFA resets
- Platform owner promotions/demotions
Endpoints
| Method | Path | Description |
|---|---|---|
GET |
/api/platform/audit-log |
Get audit logs |
GET /api/platform/audit-log
Get paginated audit log entries.
Synopsis
| Property | Value |
|---|---|
| Authentication | Required (Platform Owner JWT) |
| Authorization | Platform Owner only |
Query Parameters
| Parameter | Type | Default | Description |
|---|---|---|---|
page |
integer |
1 | Page number |
limit |
integer |
50 | Items per page (max 100) |
action |
string |
- | Filter by action type |
actor_id |
string |
- | Filter by actor user ID |
from |
string |
- | Start date (ISO 8601) |
to |
string |
- | End date (ISO 8601) |
Example Request
curl -X GET "https://sso.example.com/api/platform/audit-log?action=approve_organization&limit=20" \
-H "Authorization: Bearer {platform_owner_jwt}"
Response (200 OK)
{
"entries": [
{
"id": "audit-uuid",
"action": "approve_organization",
"actor": {
"user_id": "admin-uuid",
"email": "admin@platform.com"
},
"target": {
"type": "organization",
"id": "org-uuid",
"name": "Acme Corporation"
},
"metadata": {
"tier_id": "tier_pro",
"previous_status": "pending",
"new_status": "active"
},
"ip_address": "192.168.1.1",
"user_agent": "Mozilla/5.0...",
"created_at": "2025-01-15T10:30:00Z"
}
],
"pagination": {
"page": 1,
"limit": 20,
"total": 156
}
}
Action Types
| Action | Description |
|---|---|
approve_organization |
Organization approved |
reject_organization |
Organization rejected |
suspend_organization |
Organization suspended |
activate_organization |
Organization reactivated |
delete_organization |
Organization deleted |
update_organization_tier |
Tier changed |
promote_platform_owner |
User promoted to owner |
demote_platform_owner |
Owner demoted |
disable_user_mfa |
Force disabled user MFA |
impersonate_user |
Started impersonation session |
Retention
Audit logs are retained for 2 years and cannot be deleted.