Developer portal

GET /tenant/audit

List tenant audit entries with optional action/since filters and cursor pagination.

PilotGET /tenant/auditAuth: admin

Summary

List tenant audit entries with optional action/since filters and cursor pagination.

curl

curl "https://sparkling-vibrancy-production-1a7a.up.railway.app/tenant/audit" \
  -H "Authorization: Bearer 811f31d4-5b8e-4ed0-a7a2-8176e05eba63"

Field	Type	Required	Description
limit	integer	No (50)	Entries per page (1-500).
action	string	No	Action prefix filter.
since	string (ISO8601)	No	Only return entries after timestamp.
cursor	string	No	Cursor for next page retrieval.

Field	Type	Required	Description
entries	object[]	Yes	Audit events.
nextCursor	string \| null	No	Cursor for subsequent page.

Code	Meaning	Typical cause	Suggested fix
401	Unauthorized	Missing or invalid API key in Authorization, x-api-key, or query param.	Send Bearer <key> or x-api-key with a valid tenant token.
403	Forbidden	Valid key but insufficient role (viewer attempting write) or wrong admin key.	Use operator or admin role key; check RBAC matrix.
404	Not found	Scan, schedule, share link, or resource id does not exist or expired.	Verify id and tenant scope; share links expire per expiresHours.
422	Unprocessable entity	Invalid payload shape, unsupported scenario, or infeasible constraints.	Fix field errors in response detail; relax constraints and retry.
429	Too many requests	Per-key rate limit exceeded (default 300 requests per minute) or public endpoint limit.	Backoff with jitter; cache results; request higher limit for production.
500	Internal server error	Unexpected backend failure; includes requestId in response.	Retry with exponential backoff; contact support with requestId if persistent.
503	Service unavailable	Persistence disabled, auth DB unreachable, or admin API not configured.	Retry shortly; schedules require Postgres persistence enabled.