Audit Logs
2 API calls in this section.
List Audit Logs
/audit-logs?tenant_id=&page=1&limit=50&search=&sort_by=created_at&sort_order=desc&column_filters=Retrieves a paginated list of audit logs with sorting, per-column filtering, and free-text search. Authentication: - Requires valid authentication token or API key - Requires 'manage:operations:tenant' permission or system admin Sorting (sort_by + sort_order): - Supported columns: action, method, endpoint, actor_name, status_code, created_at - action sorts by endpoint; actor_name sorts by the joined user's full_name - Default: created_at desc Column filters (column_filters): - URL-encoded JSON, AND semantics across all keys - action: substring match across method+endpoint - method: exact match (auto-uppercased) - endpoint: case-insensitive substring match - actor_name: case-insensitive substring match on the actor's full_name - status_code: numeric equality - created_at: { from?: string, to?: string } range; plain YYYY-MM-DD values are expanded to full UTC day bounds, and to is inclusive through the end of that day Response fields: - user: joined actor (id, full_name) - action: computed as "{method} {endpoint}" - tenant: joined tenant (id, name)
1curl --request GET "$ONDI_BASE_URL/audit-logs?tenant_id=&page=1&limit=50&search=&sort_by=created_at&sort_order=desc&column_filters=" \2 --header "Authorization: Bearer {{access_token}}" \3 --header "Content-Type: application/json"Query parameters
tenant_idOptionalUUID of the tenant (required for tenant admins; system admins may omit to query across tenants)
pageOptional1
Page number for pagination (default: 1)
limitOptional50
Number of items per page (default: 25, max: 200)
searchOptionalFree-text search across endpoint/method/ip_address/user_agent (optional)
sort_byOptionalcreated_at
Column to sort by. Supported: action, method, endpoint, actor_name, status_code, created_at (default: created_at)
sort_orderOptionaldesc
Sort direction: asc or desc (default: desc)
column_filtersOptionalURL-encoded JSON object with per-column filters (AND semantics). Supported keys: action (string), method (string), endpoint (string), actor_name (string), status_code (number), created_at ({ from?: string, to?: string }). Plain YYYY-MM-DD values are normalized to whole-day UTC bounds, so to stays inclusive through 23:59:59.999Z. Example: {"method":"GET","status_code":200,"created_at":{"from":"2026-05-01","to":"2026-05-11"}}
Headers
AuthorizationOptionalBearer {{access_token}}
Content-TypeOptionalapplication/json
Responses
1{2 "success": true,3 "message": "Audit Logs Retrieved Successfully",4 "audit_logs": [],5 "page": 1,6 "limit": 25,7 "total": 08}Get Audit Log By Id
/audit-logs/{{audit_log_id}}?tenant_id=Retrieves a single audit log by id (tenant-scoped). Authentication: - Requires valid authentication token or API key - Requires 'manage:operations:tenant' permission or system admin
1curl --request GET "$ONDI_BASE_URL/audit-logs/{{audit_log_id}}?tenant_id=" \2 --header "Authorization: Bearer {{access_token}}" \3 --header "Content-Type: application/json"Path parameters
audit_log_idRequired{{audit_log_id}}
Query parameters
tenant_idOptionalUUID of the tenant (only honored for system admins; otherwise inferred from auth context)
Headers
AuthorizationOptionalBearer {{access_token}}
Content-TypeOptionalapplication/json
Responses
1{2 "success": true,3 "message": "Audit Logs Retrieved Successfully",4 "audit_log": null5}