ID Gateway Audit API (0.1.0)

Download OpenAPI specification:Download

OpenAPI specification for audit export and search endpoints.

The Audit API provides:

User data export for GDPR access requests
Compliance search across audit events (admin-only)

Security

All endpoints require valid bearer token (JWT)
/audit/search requires admin/compliance role

Export audit events for the authenticated user

Exports all audit events for the authenticated user with optional filtering by action and time range.

Authorizations:

bearerAuth

query Parameters

from	string <date-time> Start timestamp (inclusive) in ISO 8601 format
to	string <date-time> End timestamp (inclusive) in ISO 8601 format
action	string Filter by action type

Responses

Response samples

200
401
500

Content type

application/json

{"user_id": "user_123",
"export_date": "2025-12-03T10:00:00Z",
"events": [{"id": "evt_abc123",
"timestamp": "2025-12-03T09:00:00Z",
"action": "auth_started",
"purpose": "login",
"decision": "granted",
"reason": "user_initiated"
}
],
"total": 1
}

Search audit events across users (admin-only)

Searches audit events with optional filters for compliance and investigation workflows. Requires admin/compliance authorization.