Audit log
Read the org's audit events — every mutating action (member invites, key creation/revocation, org updates, etc.) writes an entry. JWT-only.
| Method | Path | Permission |
|---|---|---|
GET | /v1/audit | audit:read |
GET /v1/audit
Newest events first. Filter by action (exact match) and/or
resource_type.
Query parameters
| Name | Type | Default | Notes |
|---|---|---|---|
action | string | — | e.g. member.invited, apikey.revoked. |
resource_type | string | — | e.g. api_key, membership, org. |
limit | int | 50 | 1–500. |
curl "https://api.receipts.oligontech.com/v1/audit?action=apikey.created&limit=20" \
-H "Authorization: Bearer $JWT"Response — 200 OK
{
"items": [
{
"id": "01HQX...",
"action": "apikey.created",
"resource_type": "api_key",
"resource_id": "01HQX...",
"actor_user_id": "01HQX...",
"actor_api_key_id": null,
"ip_address": "203.0.113.5",
"user_agent": "Mozilla/5.0 ...",
"before": null,
"after": { "name": "Production", "scopes": ["extract:write"], "is_live": true },
"request_id": "req_01HQX...",
"created_at": "2026-06-09T12:00:00+00:00"
}
]
}before / after are JSON snapshots written by the producing endpoint
(may be null for create/delete-style actions).