Audit API (v1)

https://github.com/folio-org/mod-audit

Table of contents

mod-audit API

This documents the API calls that can be made to query and manage audit records

Audit data

Get existing audit records or Create a new audit record

POST /audit-data

Create a new audit-datum item.

POST /audit-data
Query Parameters
  • lang: (string - default: en - pattern: [a-zA-Z]{2})

    Requested language. Optional. [lang=en]

Body

Media type: application/json

Type: json

Content:

{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "type": "object",
  "description": "Info that an audit record contains",
  "additionalProperties": true,
  "properties": {
    "id": {
      "type": "string",
      "description": "id"
    },
    "timestamp": {
      "type": "string",
      "format": "date-time",
      "description": "timestamp"
    },
    "tenant": {
      "type": "string",
      "description": "tenant"
    },
    "user": {
      "type": "string",
      "description": "user"
    },
    "login": {
      "type": "string",
      "description": "login"
    },
    "uri": {
      "type": "string",
      "description": "uri"
    },
    "path": {
      "type": "string",
      "description": "path"
    },
    "params": {
      "type": "object",
      "description": "params"
    },
    "path_params": {
      "type": "object",
      "description": "path_params"
    },
    "request_id": {
      "type": "string",
      "description": "request_id"
    },
    "auth_result": {
      "type": "string",
      "description": "auth_result"
    },
    "auth_error": {
      "type": "object",
      "description": "auth_error"
    },
    "module_result": {
      "type": "string",
      "description": "module_result"
    },
    "module_error": {
      "type": "object",
      "description": "module_error"
    },
    "target_type": {
      "type": "string",
      "description": "target_type"
    },
    "target_id": {
      "type": "string",
      "description": "target_id"
    },
    "method": {
      "type": "string",
      "description": "method"
    },
    "extra_targets": {
      "type": "object",
      "description": "extra_targets"
    },
    "ip": {
      "type": "string",
      "description": "client IP"
    },
    "extra_headers": {
      "type": "object",
      "description": "extra_headers"
    },
    "metadata": {
      "type": "object",
      "description": "metadata",
      "$ref": "raml-util/schemas/metadata.schema",
      "readonly": true
    }
  },
  "required": [
    "tenant"
  ]
}

Example:

{
  "strict": false,
  "value": "{\n  \"id\": \"1\",\n  \"timestamp\": \"2018-09-27T01:50:59.466Z\",\n  \"tenant\": \"diku\",\n  \"login\": \"diku_admin\"\n}\n"
}

Response 201

Returns a newly created item, with server-controlled fields like 'id' populated

Headers
  • Location: required (string)

    URI to the created audit-datum item

Body

Media type: application/json

Type: any

Example:

{
  "id": "1",
  "timestamp": "2018-09-27T01:50:59.466Z",
  "tenant": "diku",
  "login": "diku_admin"
}

Response 400

Bad request, e.g. malformed request body or query parameter. Details of the error (e.g. name of the parameter or line/character number with malformed data) provided in the response.

Body

Media type: text/plain

Type: any

Example:

"unable to add audit-datum -- malformed JSON at 13:3"

Response 401

Not authorized to perform requested action

Body

Media type: text/plain

Type: any

Example:

unable to create audit-data -- unauthorized

Response 422

Validation errors

Body

Media type: application/json

Type: json

Content:

{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "type": "object",
  "properties": {
    "errors": {
      "id": "errors",
      "type": "array",
      "items": {
        "type": "object",
        "$ref": "error.schema"
      }
    },
    "total_records": {
      "type": "integer"
    }
  }
}

Example:

{
  "errors": [
    {
      "message": "may not be null",
      "type": "1",
      "code": "-1",
      "parameters": [
        {
          "key": "moduleTo",
          "value": "null"
        }
      ]
    }
  ]
}

Response 500

Internal server error, e.g. due to misconfiguration

Body

Media type: text/plain

Type: any

Example:

Internal server error, contact administrator

GET /audit-data

Retrieve a list of audit-datum items.

GET /audit-data
Query Parameters
  • query: (string)

    A query expressed as a CQL string (see dev.folio.org/reference/glossary#cql) using valid searchable fields. The first example below shows the general form of a full CQL query, but those fields might not be relevant in this context.

    with valid searchable fields: for example link = 1234

    Example:

    (username=="ab*" or personal.firstName=="ab*" or personal.lastName=="ab*") and active=="true" sortby personal.lastName personal.firstName barcode
    
    link=/users/1234
    
  • offset: (integer - default: 0 - minimum: 0 - maximum: 2147483647)

    Skip over a number of elements by specifying an offset value for the query

    Example:

    0
  • limit: (integer - default: 10 - minimum: 0 - maximum: 2147483647)

    Limit the number of elements returned in the response

    Example:

    10
  • lang: (string - default: en - pattern: [a-zA-Z]{2})

    Requested language. Optional. [lang=en]

Response 200

Returns a list of audit-datum items

Body

Media type: application/json

Type: json

Content:

{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "type": "object",
  "description": "Collection of audit records",
  "properties": {
    "audit": {
      "type": "array",
      "description": "audit records",
      "items": {
        "type": "object",
        "$ref": "audit.json"
      }
    },
    "totalRecords": {
      "type": "integer"
    }
  },
  "required": [
    "audit",
    "totalRecords"
  ]
}

Example:

{
  "strict": false,
  "value": "{\n  \"audit\": [\n    {\n      \"id\": \"1\",\n      \"timestamp\": \"2018-09-27T01:50:59.466Z\",\n      \"tenant\": \"diku\",\n      \"login\": \"diku_admin\"\n    },\n    {\n      \"id\": \"2\",\n      \"timestamp\": \"2018-09-27T01:50:59.467Z\",\n      \"tenant\": \"diku\",\n      \"login\": \"diku_admin\"\n    }\n  ],\n  \"totalRecords\": 2\n}\n"
}

Response 400

Bad request, e.g. malformed request body or query parameter. Details of the error (e.g. name of the parameter or line/character number with malformed data) provided in the response.

Body

Media type: text/plain

Type: any

Example:

unable to list audit-data -- malformed parameter 'query', syntax error at column 6

Response 401

Not authorized to perform requested action

Body

Media type: text/plain

Type: any

Example:

unable to list audit-data -- unauthorized

Response 422

Validation errors

Body

Media type: application/json

Type: json

Content:

{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "type": "object",
  "properties": {
    "errors": {
      "id": "errors",
      "type": "array",
      "items": {
        "type": "object",
        "$ref": "error.schema"
      }
    },
    "total_records": {
      "type": "integer"
    }
  }
}

Example:

{
  "errors": [
    {
      "message": "may not be null",
      "type": "1",
      "code": "-1",
      "parameters": [
        {
          "key": "moduleTo",
          "value": "null"
        }
      ]
    }
  ]
}

Response 500

Internal server error, e.g. due to misconfiguration

Body

Media type: text/plain

Type: any

Example:

internal server error, contact administrator

GET /audit-data/{id}

Retrieve audit-datum item with given {audit-datumId}

GET /audit-data/{id}
URI Parameters
  • id: required (string)
Query Parameters
  • lang: (string - default: en - pattern: [a-zA-Z]{2})

    Requested language. Optional. [lang=en]

Response 200

Returns item with a given ID

Body

Media type: application/json

Type: json

Content:

{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "type": "object",
  "description": "Info that an audit record contains",
  "additionalProperties": true,
  "properties": {
    "id": {
      "type": "string",
      "description": "id"
    },
    "timestamp": {
      "type": "string",
      "format": "date-time",
      "description": "timestamp"
    },
    "tenant": {
      "type": "string",
      "description": "tenant"
    },
    "user": {
      "type": "string",
      "description": "user"
    },
    "login": {
      "type": "string",
      "description": "login"
    },
    "uri": {
      "type": "string",
      "description": "uri"
    },
    "path": {
      "type": "string",
      "description": "path"
    },
    "params": {
      "type": "object",
      "description": "params"
    },
    "path_params": {
      "type": "object",
      "description": "path_params"
    },
    "request_id": {
      "type": "string",
      "description": "request_id"
    },
    "auth_result": {
      "type": "string",
      "description": "auth_result"
    },
    "auth_error": {
      "type": "object",
      "description": "auth_error"
    },
    "module_result": {
      "type": "string",
      "description": "module_result"
    },
    "module_error": {
      "type": "object",
      "description": "module_error"
    },
    "target_type": {
      "type": "string",
      "description": "target_type"
    },
    "target_id": {
      "type": "string",
      "description": "target_id"
    },
    "method": {
      "type": "string",
      "description": "method"
    },
    "extra_targets": {
      "type": "object",
      "description": "extra_targets"
    },
    "ip": {
      "type": "string",
      "description": "client IP"
    },
    "extra_headers": {
      "type": "object",
      "description": "extra_headers"
    },
    "metadata": {
      "type": "object",
      "description": "metadata",
      "$ref": "raml-util/schemas/metadata.schema",
      "readonly": true
    }
  },
  "required": [
    "tenant"
  ]
}

Example:

{
  "strict": false,
  "value": "{\n  \"id\": \"1\",\n  \"timestamp\": \"2018-09-27T01:50:59.466Z\",\n  \"tenant\": \"diku\",\n  \"login\": \"diku_admin\"\n}\n"
}

Response 400

Bad request

Body

Media type: text/plain

Type: any

Response 401

Not authorized to perform requested action

Body

Media type: text/plain

Type: any

Response 404

Item with a given ID not found

Body

Media type: text/plain

Type: any

Example:

"audit-datum not found"

Response 500

Internal server error, e.g. due to misconfiguration

Body

Media type: text/plain

Type: any

Example:

internal server error, contact administrator

PUT /audit-data/{id}

Update audit-datum item with given {audit-datumId}

PUT /audit-data/{id}
URI Parameters
  • id: required (string)
Query Parameters
  • lang: (string - default: en - pattern: [a-zA-Z]{2})

    Requested language. Optional. [lang=en]

Body

Media type: application/json

Type: json

Content:

{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "type": "object",
  "description": "Info that an audit record contains",
  "additionalProperties": true,
  "properties": {
    "id": {
      "type": "string",
      "description": "id"
    },
    "timestamp": {
      "type": "string",
      "format": "date-time",
      "description": "timestamp"
    },
    "tenant": {
      "type": "string",
      "description": "tenant"
    },
    "user": {
      "type": "string",
      "description": "user"
    },
    "login": {
      "type": "string",
      "description": "login"
    },
    "uri": {
      "type": "string",
      "description": "uri"
    },
    "path": {
      "type": "string",
      "description": "path"
    },
    "params": {
      "type": "object",
      "description": "params"
    },
    "path_params": {
      "type": "object",
      "description": "path_params"
    },
    "request_id": {
      "type": "string",
      "description": "request_id"
    },
    "auth_result": {
      "type": "string",
      "description": "auth_result"
    },
    "auth_error": {
      "type": "object",
      "description": "auth_error"
    },
    "module_result": {
      "type": "string",
      "description": "module_result"
    },
    "module_error": {
      "type": "object",
      "description": "module_error"
    },
    "target_type": {
      "type": "string",
      "description": "target_type"
    },
    "target_id": {
      "type": "string",
      "description": "target_id"
    },
    "method": {
      "type": "string",
      "description": "method"
    },
    "extra_targets": {
      "type": "object",
      "description": "extra_targets"
    },
    "ip": {
      "type": "string",
      "description": "client IP"
    },
    "extra_headers": {
      "type": "object",
      "description": "extra_headers"
    },
    "metadata": {
      "type": "object",
      "description": "metadata",
      "$ref": "raml-util/schemas/metadata.schema",
      "readonly": true
    }
  },
  "required": [
    "tenant"
  ]
}

Example:

{
  "strict": false,
  "value": "{\n  \"id\": \"1\",\n  \"timestamp\": \"2018-09-27T01:50:59.466Z\",\n  \"tenant\": \"diku\",\n  \"login\": \"diku_admin\"\n}\n"
}

Response 204

Item successfully updated

Response 400

Bad request

Body

Media type: text/plain

Type: any

Example:

"unable to update audit-datum -- malformed JSON at 13:4"

Response 401

Not authorized to perform requested action

Body

Media type: text/plain

Type: any

Response 404

Item with a given ID not found

Body

Media type: text/plain

Type: any

Example:

"audit-datum not found"

Response 422

Validation errors

Body

Media type: application/json

Type: json

Content:

{
  "$schema": "http://json-schema.org/draft-04/schema#",
  "type": "object",
  "properties": {
    "errors": {
      "id": "errors",
      "type": "array",
      "items": {
        "type": "object",
        "$ref": "error.schema"
      }
    },
    "total_records": {
      "type": "integer"
    }
  }
}

Example:

{
  "errors": [
    {
      "message": "may not be null",
      "type": "1",
      "code": "-1",
      "parameters": [
        {
          "key": "moduleTo",
          "value": "null"
        }
      ]
    }
  ]
}

Response 500

Internal server error, e.g. due to misconfiguration

Body

Media type: text/plain

Type: any

Example:

internal server error, contact administrator

DELETE /audit-data/{id}

Delete audit-datum item with given {audit-datumId}

DELETE /audit-data/{id}
URI Parameters
  • id: required (string)
Query Parameters
  • lang: (string - default: en - pattern: [a-zA-Z]{2})

    Requested language. Optional. [lang=en]

Response 204

Item deleted successfully

Response 400

Bad request

Body

Media type: text/plain

Type: any

Example:

"unable to delete audit-datum -- constraint violation"

Response 401

Not authorized to perform requested action

Body

Media type: text/plain

Type: any

Response 404

Item with a given ID not found

Body

Media type: text/plain

Type: any

Example:

"audit-datum not found"

Response 500

Internal server error, e.g. due to misconfiguration

Body

Media type: text/plain

Type: any

Example:

Internal server error, contact administrator