> ## Documentation Index
> Fetch the complete documentation index at: https://docs.mixpeek.com/docs/llms.txt
> Use this file to discover all available pages before exploring further.

# List Audit Logs

> List organization audit logs with filtering and pagination.

Returns audit events for the organization, sorted by timestamp descending.
Requires ADMIN permission.



## OpenAPI

````yaml get /v1/organizations/audit/logs
openapi: 3.1.0
info:
  title: Mixpeek API
  description: >-
    This is the Mixpeek API, providing access to various endpoints for data
    processing and retrieval.
  termsOfService: https://mixpeek.com/terms
  contact:
    name: Mixpeek Support
    url: https://mixpeek.com/contact
    email: info@mixpeek.com
  version: '0.82'
servers:
  - url: https://api.mixpeek.com
    description: Production
security: []
paths:
  /v1/organizations/audit/logs:
    get:
      tags:
        - Organization Audit
      summary: List Audit Logs
      description: >-
        List organization audit logs with filtering and pagination.


        Returns audit events for the organization, sorted by timestamp
        descending.

        Requires ADMIN permission.
      operationId: list_audit_logs_v1_organizations_audit_logs_get
      parameters:
        - name: resource_type
          in: query
          required: false
          schema:
            anyOf:
              - $ref: '#/components/schemas/ResourceType-Input'
              - type: 'null'
            description: Filter by resource type
            title: Resource Type
          description: Filter by resource type
        - name: resource_id
          in: query
          required: false
          schema:
            anyOf:
              - type: string
              - type: 'null'
            description: Filter by resource ID
            title: Resource Id
          description: Filter by resource ID
        - name: actor_id
          in: query
          required: false
          schema:
            anyOf:
              - type: string
              - type: 'null'
            description: Filter by actor ID
            title: Actor Id
          description: Filter by actor ID
        - name: action
          in: query
          required: false
          schema:
            anyOf:
              - $ref: '#/components/schemas/AuditAction'
              - type: 'null'
            description: Filter by action
            title: Action
          description: Filter by action
        - name: start
          in: query
          required: false
          schema:
            anyOf:
              - type: string
              - type: 'null'
            description: ISO8601 start timestamp
            title: Start
          description: ISO8601 start timestamp
        - name: end
          in: query
          required: false
          schema:
            anyOf:
              - type: string
              - type: 'null'
            description: ISO8601 end timestamp
            title: End
          description: ISO8601 end timestamp
        - name: skip
          in: query
          required: false
          schema:
            type: integer
            minimum: 0
            description: Number of results to skip
            default: 0
            title: Skip
          description: Number of results to skip
        - name: limit
          in: query
          required: false
          schema:
            type: integer
            maximum: 1000
            minimum: 1
            description: Number of results to return
            default: 50
            title: Limit
          description: Number of results to return
      responses:
        '200':
          description: Successful Response
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AuditEventListResponse'
        '400':
          description: Bad Request
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
        '401':
          description: Unauthorized
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
        '403':
          description: Forbidden
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
        '404':
          description: Not Found
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
        '422':
          description: Validation Error
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/HTTPValidationError'
        '500':
          description: Internal Server Error
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/ErrorResponse'
components:
  schemas:
    ResourceType-Input:
      type: string
      enum:
        - organization
        - user
        - api_key
        - namespace
        - collection
        - bucket
        - retriever
        - cluster
        - taxonomy
        - storage_connection
        - alert
        - annotation
        - secret
        - webhook
      title: ResourceType
      description: |-
        Resource surfaces supported by scoped API keys and audit events.

        These resource types can be used in:
        - API key scopes to restrict access to specific resources
        - Audit logs to identify what type of resource was affected
        - Permission systems to grant/deny access to resource categories

        Resource hierarchy:
            ORGANIZATION -> USER, API_KEY, STORAGE_CONNECTION
            NAMESPACE -> COLLECTION, BUCKET, RETRIEVER, CLUSTER, TAXONOMY

        Resource types:
            - ORGANIZATION: Top-level tenant entity
            - USER: Organization member with authentication credentials
            - API_KEY: Authentication token for programmatic access
            - NAMESPACE: Isolated environment for data and compute resources
            - COLLECTION: Vector database collection for searchable documents
            - BUCKET: Object storage container for raw files
            - RETRIEVER: Configured search/retrieval pipeline
            - CLUSTER: Ray compute cluster for distributed processing
            - TAXONOMY: Hierarchical classification system for documents
            - STORAGE_CONNECTION: External storage provider integration
    AuditAction:
      type: string
      enum:
        - user_created
        - user_updated
        - user_deleted
        - api_key_created
        - api_key_rotated
        - api_key_revoked
        - api_key_scope_updated
        - permission_updated
        - storage_connection_created
        - storage_connection_updated
        - storage_connection_deleted
        - storage_connection_tested
        - storage_connection_failed
        - namespace_created
        - namespace_updated
        - namespace_deleted
        - namespace_accessed
        - collection_created
        - collection_updated
        - collection_deleted
        - collection_accessed
        - bucket_created
        - bucket_updated
        - bucket_deleted
        - bucket_accessed
        - retriever_created
        - retriever_updated
        - retriever_deleted
        - retriever_accessed
        - retriever_queried
        - cluster_created
        - cluster_updated
        - cluster_deleted
        - cluster_executed
        - cluster_accessed
        - taxonomy_created
        - taxonomy_updated
        - taxonomy_deleted
        - taxonomy_accessed
        - alert_created
        - alert_updated
        - alert_deleted
        - alert_accessed
        - alert_triggered
        - annotation_created
        - annotation_updated
        - annotation_deleted
        - secret_created
        - secret_updated
        - secret_deleted
        - webhook_created
        - webhook_updated
        - webhook_deleted
      title: AuditAction
      description: >-
        Canonical audit log actions captured for organization events.


        These events are written to the audit trail for compliance, security
        monitoring,

        and debugging. Each action includes actor, resource, timestamp, and
        change details.


        User lifecycle actions:
            - USER_CREATED: New user added to organization
            - USER_UPDATED: User role, status, or metadata modified
            - USER_DELETED: User removed from organization

        API key lifecycle actions:
            - API_KEY_CREATED: New API key generated
            - API_KEY_ROTATED: Key regenerated (old key revoked, new key issued)
            - API_KEY_REVOKED: Key manually revoked
            - API_KEY_SCOPE_UPDATED: Key permissions or scopes modified

        Permission actions:
            - PERMISSION_UPDATED: User or key permissions modified

        Storage connection actions:
            - STORAGE_CONNECTION_CREATED: New external storage connection configured
            - STORAGE_CONNECTION_UPDATED: Connection settings or credentials updated
            - STORAGE_CONNECTION_DELETED: Connection permanently removed
            - STORAGE_CONNECTION_TESTED: Connection health check performed
            - STORAGE_CONNECTION_FAILED: Connection health check or sync failed

        Namespace actions:
            - NAMESPACE_CREATED: New namespace created
            - NAMESPACE_UPDATED: Namespace configuration modified
            - NAMESPACE_DELETED: Namespace permanently removed
            - NAMESPACE_ACCESSED: Namespace read (when read auditing enabled)

        Collection actions:
            - COLLECTION_CREATED: New collection created
            - COLLECTION_UPDATED: Collection configuration modified
            - COLLECTION_DELETED: Collection permanently removed
            - COLLECTION_ACCESSED: Collection read (when read auditing enabled)

        Bucket actions:
            - BUCKET_CREATED: New bucket created
            - BUCKET_UPDATED: Bucket configuration modified
            - BUCKET_DELETED: Bucket permanently removed
            - BUCKET_ACCESSED: Bucket read (when read auditing enabled)

        Retriever actions:
            - RETRIEVER_CREATED: New retriever pipeline created
            - RETRIEVER_UPDATED: Retriever configuration modified
            - RETRIEVER_DELETED: Retriever permanently removed
            - RETRIEVER_ACCESSED: Retriever read (when read auditing enabled)
            - RETRIEVER_QUERIED: Retriever query executed (when read auditing enabled)

        Cluster actions:
            - CLUSTER_CREATED: New cluster created
            - CLUSTER_UPDATED: Cluster configuration modified
            - CLUSTER_DELETED: Cluster permanently removed
            - CLUSTER_EXECUTED: Cluster job executed
            - CLUSTER_ACCESSED: Cluster read (when read auditing enabled)

        Taxonomy actions:
            - TAXONOMY_CREATED: New taxonomy created
            - TAXONOMY_UPDATED: Taxonomy configuration modified
            - TAXONOMY_DELETED: Taxonomy permanently removed
            - TAXONOMY_ACCESSED: Taxonomy read (when read auditing enabled)
    AuditEventListResponse:
      properties:
        results:
          items:
            $ref: '#/components/schemas/AuditEventResponse'
          type: array
          title: Results
          description: Audit events
        total:
          type: integer
          title: Total
          description: Total count matching filters
        skip:
          type: integer
          title: Skip
          description: Number of results skipped
        limit:
          type: integer
          title: Limit
          description: Number of results returned
      type: object
      required:
        - results
        - total
        - skip
        - limit
      title: AuditEventListResponse
      description: Response for listing audit events.
    ErrorResponse:
      properties:
        success:
          type: boolean
          title: Success
          description: Always false for error responses
          default: false
        status:
          type: integer
          title: Status
          description: HTTP status code for this error
        error:
          $ref: '#/components/schemas/ErrorDetail'
          description: Error details payload
      type: object
      required:
        - status
        - error
      title: ErrorResponse
      description: Error response model.
      examples:
        - error:
            details:
              id: ns_123
              resource: namespace
            message: Namespace not found
            type: NotFoundError
          status: 404
          success: false
    HTTPValidationError:
      properties:
        detail:
          items:
            $ref: '#/components/schemas/ValidationError'
          type: array
          title: Detail
      type: object
      title: HTTPValidationError
    AuditEventResponse:
      properties:
        audit_id:
          type: string
          title: Audit Id
          description: Unique audit event identifier
        timestamp:
          title: Timestamp
          description: When the event occurred
        resource_type:
          type: string
          title: Resource Type
          description: Type of resource affected
        resource_id:
          type: string
          title: Resource Id
          description: ID of the affected resource
        action:
          type: string
          title: Action
          description: Action performed
        actor_id:
          type: string
          title: Actor Id
          description: Who performed the action
        actor_type:
          type: string
          title: Actor Type
          description: Type of actor
          default: user
        status:
          type: string
          title: Status
          description: Status of the action
          default: success
        changes:
          title: Changes
          description: What changed
        ip_address:
          anyOf:
            - type: string
            - type: 'null'
          title: Ip Address
          description: Request IP address
        user_agent:
          anyOf:
            - type: string
            - type: 'null'
          title: User Agent
          description: Request user agent
        actor_name:
          anyOf:
            - type: string
            - type: 'null'
          title: Actor Name
          description: Resolved actor display name
        actor_email:
          anyOf:
            - type: string
            - type: 'null'
          title: Actor Email
          description: Resolved actor email
        actor_key_name:
          anyOf:
            - type: string
            - type: 'null'
          title: Actor Key Name
          description: API key name used
      type: object
      required:
        - audit_id
        - timestamp
        - resource_type
        - resource_id
        - action
        - actor_id
      title: AuditEventResponse
      description: Single audit event in list response.
    ErrorDetail:
      properties:
        message:
          type: string
          title: Message
          description: Human-readable error message
        type:
          type: string
          title: Type
          description: Stable error type identifier (machine-readable)
        code:
          anyOf:
            - type: string
            - type: 'null'
          title: Code
          description: >-
            Fine-grained error code for programmatic handling (e.g.,
            namespace_name_taken, feature_extractor_not_found). Present only
            when consumers may need to branch on a specific error condition.
        details:
          anyOf:
            - additionalProperties: true
              type: object
            - type: 'null'
          title: Details
          description: >-
            Optional structured details to help debugging (validation errors,
            IDs, etc.)
      type: object
      required:
        - message
        - type
      title: ErrorDetail
      description: Error detail model.
    ValidationError:
      properties:
        loc:
          items:
            anyOf:
              - type: string
              - type: integer
          type: array
          title: Location
        msg:
          type: string
          title: Message
        type:
          type: string
          title: Error Type
      type: object
      required:
        - loc
        - msg
        - type
      title: ValidationError

````