Autional Autional
API Reference GitHub autional.com →

GET /admin/audit/logs

Query audit logs by tenant, user, operation type, time range, etc. Reference: ISO 27001:2022 Annex A.12.4 (Event Logging), PCI DSS v4.0 Req 10 (Log & Monitor).

Audit Service `bearerAuth` application/json

Request Parameters

NameInTypeRequiredDefaultExampleConstraintsDescription
tenant_id query string No Tenant ID
user_id query string No User ID
action query string No Operation type
resource_type query string No Resource type
start_time query integer No Start timestamp
end_time query integer No End timestamp
page query integer No 1 Page number (default 1)
page_size query integer No 20 Items per page (default 20)

Responses

StatusDescriptionSchema
200Query resultdto.AuditLogListResponse
400Request parameter validation faileddto.Problem
401Unauthenticateddto.Problem
500Internal server errordto.Problem

Referenced Schemas

dto.AuditLogListResponse

FieldTypeRequiredExampleConstraintsDescription
code integer No
items array of

See dto.AuditLogResponse

No Use items uniformly
message string No
pagination object No Pagination information (nested object)
timestamp string No
total integer No Total count (flat, for direct reading)

dto.AuditLogResponse

Audit log record information

FieldTypeRequiredExampleConstraintsDescription
action string No user.login Operation
app_id string No app_xyz Application ID
duration integer No 150 Duration (ms)
id string No audit_abc123 Log ID
ip string No 192.168.1.1 IP
level string No info Level
message string No User login successful Message
metadata object No Metadata
module string No identity Module
operator_id string No usr_abc123 Operator ID
operator_type string No user Operator type
request_id string No req_xyz789 Request ID
sequence integer No 12345 Sequence number
status integer No 0 Status
target_id string No usr_target Target ID
target_type string No user Target type
tenant_id string No tnt_abc123 Tenant ID
timestamp integer No 1713175800 Timestamp
user_agent string No Mozilla/5.0... UA

dto.FieldViolation

FieldTypeRequiredExampleConstraintsDescription
code string No Code is the error code (optional) Used by programs to identify error types, e.g., "required", "format", "range"
description string No Description is a human-readable error description Should explain what rule was violated, e.g., "Must be a valid email address"
field string No Field is the path to the error field Uses dot notation for nested fields, e.g., "user.email" or "addresses[0].city"
value object No Value is the value that caused the error (optional, used in development mode) May not be returned in production to avoid leaking sensitive information

dto.Problem

FieldTypeRequiredExampleConstraintsDescription
code integer No Code is the business error code Used by programs to handle specific error scenarios Example: 30101001
detail string No Detail is a human-readable explanation for this specific error instance Can contain specific error details, e.g., "Field 'email' is required"
errors array of

See dto.FieldViolation

No Errors is a list of field-level validation errors (extension field) Follows Web API standard practices, each error contains field name and error message
i18n_args object No I18nArgs are internationalization parameters Used to dynamically fill translation templates
i18n_key string No I18nKey is the internationalization key Used for client-side localization of error messages Example: "error.user_not_found"
instance string No Instance is the specific URI reference where the problem occurred Usually the request URL, may include query parameters Example: "/api/v1/users?limit=invalid"
request_id string No RequestID is the unique request identifier Used for log correlation and issue tracking Example: "req_550e8400-e29b-41d4-a716-446655440000"
retry_after integer No RetryAfter is used for 429 Too Many Requests responses Indicates the number of seconds the client should wait before retrying (RFC 6585)
service string No Service is the service name Used in microservice architecture to locate the error source Example: "auth-service"
span_id string No SpanID is the current span identifier Used to precisely locate the current node in a distributed trace
status integer No Status is the HTTP status code generated Used by clients to distinguish problem types, does not change with Accept-Language Example: 400, 401, 403, 404, 500
timestamp string No Timestamp is the error occurrence time ISO 8601 format Example: "2026-04-03T12:00:00Z"
title string No Title is a short, human-readable summary of the problem type The same Type should always have the same Title (does not change per instance) Example: "Invalid Request Parameters"
trace_id string No TraceID is the distributed tracing identifier Follows W3C Trace Context standard Example: "00-0af7651916cd43dd8448eb211c80319c-b7ad6b7169203331-01"
type string No Type is a URI reference identifying the problem type When dereferenced, should provide human-readable documentation Example: "https://api.example.com/errors/invalid-request"

gitee_com_linmes_authms_base_dto.PageInfo

FieldTypeRequiredExampleConstraintsDescription
has_next boolean No HasNext indicates whether there is a next page
has_prev boolean No HasPrev indicates whether there is a previous page
page integer No Page is the current page number (1-based)
page_size integer No PageSize is the number of items per page
total integer No Total is the total number of items across all pages
total_pages integer No TotalPages is the total number of pages