Platform Audit Log
Platform owner endpoint for viewing administrative action history across the entire platform.
Overview
All platform owner actions are logged for compliance and security. This log tracks operations such as organization approvals, tier changes, and user management.
Endpoints
| Method | Path | Description |
|---|---|---|
GET |
/api/platform/audit-log |
Get platform audit logs |
GET /api/platform/audit-log
Retrieve a paginated list of platform audit logs.
Authorization: Platform Owner Only
Query Parameters
| Parameter | Type | Default | Description |
|---|---|---|---|
action |
string |
- | Filter by action type (e.g., approve_organization) |
target_type |
string |
- | Filter by target type (e.g., organization) |
target_id |
string |
- | Filter by target unique identifier |
limit |
integer |
50 | Items per page (max 100) |
offset |
integer |
0 | Pagination offset |
Example Request
curl -X GET "https://sso.example.com/api/platform/audit-log?action=approve_organization&limit=20" \
-H "Authorization: Bearer {platform_owner_jwt}"
Response (200 OK)
{
"logs": [
{
"id": "audit-uuid",
"platform_owner_id": "admin-uuid",
"action": "approve_organization",
"target_type": "organization",
"target_id": "org-uuid",
"metadata": "{\"tier_id\":\"tier_pro\",\"previous_status\":\"pending\",\"new_status\":\"active\"}",
"created_at": "2025-01-15T10:30:00Z"
}
],
"total": 156
}
Action Types
Commonly logged platform actions:
| Action | Description |
|---|---|
approve_organization |
Organization approved and activated |
reject_organization |
Organization registration rejected |
suspend_organization |
Organization suspended |
activate_organization |
Suspended organization reactivated |
delete_organization |
Organization permanently deleted |
update_organization_tier |
Organization tier changed |
update_organization_features |
Organization feature flags updated |
promote_platform_owner |
User granted platform owner status |
demote_platform_owner |
User removed from platform owners |
force_disable_mfa |
MFA force-disabled for a user |
user.impersonate |
Platform owner initiated user impersonation |
Retention
Audit logs are stored permanently for compliance and cannot be deleted or modified through the API.