Audit events

The audit log is an append-only record of who did what in your tenant — invitations created and accepted, member roles changed, notification rules added or deleted, services created, tokens minted and revoked, and dozens of other entries. Useful for internal compliance reporting, SIEM forwarding, and answering "who turned that off and when".

Read-only

Audit entries are written by the various RPCs that produce them — there is no public write path, and there shouldn't be: forging an audit entry from outside would defeat the log's purpose. This resource is LIST + GET only.

Manager-only by RLS

The underlying read policy requires the caller to be owner / admin (or any member in flat-permission tenants). A token bound to a non-manager member sees zero rows on LIST — no error, just an empty page. Mint a manager-scoped token if you need to forward audit data externally.

Notes

• event is an open string in the schema. New audit events ship through migrations regularly; a closed enum on the API side would force a contract bump on every new event type.
• actor_id is a raw user UUID, not a prefixed API ID — there is no public /v1/users resource in v1, so we surface the underlying identifier honestly. Correlate via the dashboard or your own SSO records.
• metadata is event-specific JSON; structure varies by event.

Endpoints

• GET/v1/audit_events/{id}— Retrieve an audit event
• GET/v1/audit_events— List audit events