Audit Trail API¶
Port : 8006 | NodePort : 30006 | Repo : solyntek/djinn/services/djinn-audit-trail
Journal d'audit structuré, immutable, multi-tenant avec conformité RGPD.
Endpoints¶
| Méthode | Route | Description |
|---|---|---|
GET |
/health |
Health check |
POST |
/v1/events |
Enregistrer un événement |
POST |
/v1/events/batch |
Enregistrer N événements |
GET |
/v1/events |
Requêter (filtres: actor, resource, action, date) |
GET |
/v1/events/{id} |
Détail d'un événement |
POST |
/v1/gdpr/export |
Export données personnelles (RGPD) |
POST |
/v1/gdpr/anonymize |
Anonymiser un sujet |
GET |
/v1/stats |
Statistiques d'activité |
Modèle AuditEvent¶
{
"tenant_id": "fenyks",
"actor_id": "user-123",
"actor_type": "user",
"action": "update",
"resource_type": "contract",
"resource_id": "ctr-456",
"changes": {"status": {"old": "draft", "new": "active"}},
"severity": "info"
}
Immutable
Les événements ne peuvent pas être modifiés ni supprimés (append-only).
Référence interactive¶
Générée à chaque build depuis la spec versionnée openapi/audit-trail-v1.json (ADR-011) — aucune route documentée à la main.
Djinn Audit Trail 0.1.0¶
Journal d'audit immutable et conformité RGPD
Endpoints¶
GET /health¶
Health
Description
Health check endpoint.
Responses
Schema of the response body
{
"properties": {
"status": {
"type": "string",
"title": "Status",
"default": "ok"
},
"service": {
"type": "string",
"title": "Service",
"default": "audit-trail"
},
"version": {
"type": "string",
"title": "Version",
"default": "0.1.0"
}
},
"type": "object",
"title": "HealthResponse",
"description": "Response for health check."
}
POST /v1/events¶
Create Event
Description
Record a single audit event.
Input parameters
| Parameter | In | Type | Default | Nullable | Description |
|---|---|---|---|---|---|
APIKeyHeader |
header | string | N/A | No | API key |
Request body
{
"tenant_id": "string",
"actor_id": "string",
"actor_type": "string",
"action": "string",
"resource_type": "string",
"resource_id": "string",
"changes": null,
"metadata": {},
"severity": "info"
}
Schema of the request body
{
"properties": {
"tenant_id": {
"type": "string",
"title": "Tenant Id"
},
"actor_id": {
"type": "string",
"title": "Actor Id",
"description": "ID de l'auteur de l'action"
},
"actor_type": {
"type": "string",
"title": "Actor Type",
"description": "user | system | api_key",
"default": "user"
},
"action": {
"type": "string",
"title": "Action",
"description": "create | read | update | delete | export | login | ..."
},
"resource_type": {
"type": "string",
"title": "Resource Type",
"description": "invoice | contract | user | ..."
},
"resource_id": {
"type": "string",
"title": "Resource Id",
"description": "ID de la ressource concernée"
},
"changes": {
"anyOf": [
{
"additionalProperties": true,
"type": "object"
},
{
"type": "null"
}
],
"title": "Changes",
"description": "Changements : {field: {old: x, new: y}}"
},
"metadata": {
"additionalProperties": true,
"type": "object",
"title": "Metadata",
"description": "IP, user-agent, request_id, etc."
},
"severity": {
"$ref": "#/components/schemas/AuditSeverity",
"default": "info"
}
},
"type": "object",
"required": [
"tenant_id",
"actor_id",
"action",
"resource_type",
"resource_id"
],
"title": "AuditEventCreate",
"description": "Requête de création d'un événement d'audit."
}
Responses
{
"tenant_id": "string",
"actor_id": "string",
"actor_type": "string",
"action": "string",
"resource_type": "string",
"resource_id": "string",
"changes": null,
"metadata": {},
"severity": "info",
"id": "string",
"timestamp": "2022-04-13T15:42:05.901Z",
"anonymized": true
}
Schema of the response body
{
"properties": {
"tenant_id": {
"type": "string",
"title": "Tenant Id"
},
"actor_id": {
"type": "string",
"title": "Actor Id",
"description": "ID de l'auteur de l'action"
},
"actor_type": {
"type": "string",
"title": "Actor Type",
"description": "user | system | api_key",
"default": "user"
},
"action": {
"type": "string",
"title": "Action",
"description": "create | read | update | delete | export | login | ..."
},
"resource_type": {
"type": "string",
"title": "Resource Type",
"description": "invoice | contract | user | ..."
},
"resource_id": {
"type": "string",
"title": "Resource Id",
"description": "ID de la ressource concernée"
},
"changes": {
"anyOf": [
{
"additionalProperties": true,
"type": "object"
},
{
"type": "null"
}
],
"title": "Changes",
"description": "Changements : {field: {old: x, new: y}}"
},
"metadata": {
"additionalProperties": true,
"type": "object",
"title": "Metadata",
"description": "IP, user-agent, request_id, etc."
},
"severity": {
"$ref": "#/components/schemas/AuditSeverity",
"default": "info"
},
"id": {
"type": "string",
"title": "Id"
},
"timestamp": {
"type": "string",
"format": "date-time",
"title": "Timestamp"
},
"anonymized": {
"type": "boolean",
"title": "Anonymized",
"default": false
}
},
"type": "object",
"required": [
"tenant_id",
"actor_id",
"action",
"resource_type",
"resource_id",
"id",
"timestamp"
],
"title": "AuditEvent",
"description": "Événement d'audit complet avec ID et timestamp."
}
GET /v1/events¶
Query Events
Description
Query audit events with filters.
Input parameters
| Parameter | In | Type | Default | Nullable | Description |
|---|---|---|---|---|---|
APIKeyHeader |
header | string | N/A | No | API key |
action |
query | No | |||
actor_id |
query | No | |||
limit |
query | integer | 50 | No | |
offset |
query | integer | 0 | No | |
resource_id |
query | No | |||
resource_type |
query | No | |||
severity |
query | No | |||
tenant_id |
query | string | No |
Responses
[
{
"tenant_id": "string",
"actor_id": "string",
"actor_type": "string",
"action": "string",
"resource_type": "string",
"resource_id": "string",
"changes": null,
"metadata": {},
"severity": "info",
"id": "string",
"timestamp": "2022-04-13T15:42:05.901Z",
"anonymized": true
}
]
POST /v1/events/batch¶
Create Events Batch
Description
Record multiple audit events.
Input parameters
| Parameter | In | Type | Default | Nullable | Description |
|---|---|---|---|---|---|
APIKeyHeader |
header | string | N/A | No | API key |
Request body
{
"events": [
{
"tenant_id": "string",
"actor_id": "string",
"actor_type": "string",
"action": "string",
"resource_type": "string",
"resource_id": "string",
"changes": null,
"metadata": {},
"severity": "info"
}
]
}
Schema of the request body
Responses
{
"created": 0,
"events": [
{
"tenant_id": "string",
"actor_id": "string",
"actor_type": "string",
"action": "string",
"resource_type": "string",
"resource_id": "string",
"changes": null,
"metadata": {},
"severity": "info",
"id": "string",
"timestamp": "2022-04-13T15:42:05.901Z",
"anonymized": true
}
]
}
Schema of the response body
{
"properties": {
"created": {
"type": "integer",
"title": "Created"
},
"events": {
"items": {
"$ref": "#/components/schemas/AuditEvent"
},
"type": "array",
"title": "Events"
}
},
"type": "object",
"required": [
"created",
"events"
],
"title": "BatchCreateResponse",
"description": "Réponse de création en batch."
}
GET /v1/events/{event_id}¶
Get Event
Description
Get a single audit event by ID, scoped to a tenant.
Input parameters
| Parameter | In | Type | Default | Nullable | Description |
|---|---|---|---|---|---|
APIKeyHeader |
header | string | N/A | No | API key |
event_id |
path | string | No | ||
tenant_id |
query | string | No |
Responses
{
"tenant_id": "string",
"actor_id": "string",
"actor_type": "string",
"action": "string",
"resource_type": "string",
"resource_id": "string",
"changes": null,
"metadata": {},
"severity": "info",
"id": "string",
"timestamp": "2022-04-13T15:42:05.901Z",
"anonymized": true
}
Schema of the response body
{
"properties": {
"tenant_id": {
"type": "string",
"title": "Tenant Id"
},
"actor_id": {
"type": "string",
"title": "Actor Id",
"description": "ID de l'auteur de l'action"
},
"actor_type": {
"type": "string",
"title": "Actor Type",
"description": "user | system | api_key",
"default": "user"
},
"action": {
"type": "string",
"title": "Action",
"description": "create | read | update | delete | export | login | ..."
},
"resource_type": {
"type": "string",
"title": "Resource Type",
"description": "invoice | contract | user | ..."
},
"resource_id": {
"type": "string",
"title": "Resource Id",
"description": "ID de la ressource concernée"
},
"changes": {
"anyOf": [
{
"additionalProperties": true,
"type": "object"
},
{
"type": "null"
}
],
"title": "Changes",
"description": "Changements : {field: {old: x, new: y}}"
},
"metadata": {
"additionalProperties": true,
"type": "object",
"title": "Metadata",
"description": "IP, user-agent, request_id, etc."
},
"severity": {
"$ref": "#/components/schemas/AuditSeverity",
"default": "info"
},
"id": {
"type": "string",
"title": "Id"
},
"timestamp": {
"type": "string",
"format": "date-time",
"title": "Timestamp"
},
"anonymized": {
"type": "boolean",
"title": "Anonymized",
"default": false
}
},
"type": "object",
"required": [
"tenant_id",
"actor_id",
"action",
"resource_type",
"resource_id",
"id",
"timestamp"
],
"title": "AuditEvent",
"description": "Événement d'audit complet avec ID et timestamp."
}
POST /v1/gdpr/export¶
Gdpr Export
Description
Export all data for a subject (RGPD droit d'accès).
Input parameters
| Parameter | In | Type | Default | Nullable | Description |
|---|---|---|---|---|---|
APIKeyHeader |
header | string | N/A | No | API key |
Request body
Schema of the request body
{
"properties": {
"tenant_id": {
"type": "string",
"title": "Tenant Id"
},
"subject_id": {
"type": "string",
"title": "Subject Id",
"description": "ID de la personne concernee"
},
"subject_type": {
"type": "string",
"enum": [
"actor_id",
"resource_id"
],
"title": "Subject Type",
"description": "Champ a chercher : actor_id | resource_id",
"default": "actor_id"
}
},
"type": "object",
"required": [
"tenant_id",
"subject_id"
],
"title": "GDPRExportRequest",
"description": "Requête d'export des données personnelles (droit d'accès RGPD)."
}
Responses
Schema of the response body
{
"properties": {
"subject_id": {
"type": "string",
"title": "Subject Id"
},
"event_count": {
"type": "integer",
"title": "Event Count"
},
"events": {
"items": {
"additionalProperties": true,
"type": "object"
},
"type": "array",
"title": "Events"
}
},
"type": "object",
"required": [
"subject_id",
"event_count",
"events"
],
"title": "GDPRExportResponse",
"description": "Réponse d'export RGPD."
}
POST /v1/gdpr/anonymize¶
Gdpr Anonymize
Description
Anonymize a data subject (RGPD droit à l'oubli).
Input parameters
| Parameter | In | Type | Default | Nullable | Description |
|---|---|---|---|---|---|
APIKeyHeader |
header | string | N/A | No | API key |
Request body
{
"tenant_id": "string",
"subject_id": "string",
"subject_type": "actor_id",
"replacement": "string"
}
Schema of the request body
{
"properties": {
"tenant_id": {
"type": "string",
"title": "Tenant Id"
},
"subject_id": {
"type": "string",
"title": "Subject Id",
"description": "ID de la personne à anonymiser"
},
"subject_type": {
"type": "string",
"enum": [
"actor_id",
"resource_id"
],
"title": "Subject Type",
"description": "Champ à anonymiser : actor_id | resource_id",
"default": "actor_id"
},
"replacement": {
"type": "string",
"title": "Replacement",
"description": "Valeur de remplacement",
"default": "[ANONYMIZED]"
}
},
"type": "object",
"required": [
"tenant_id",
"subject_id"
],
"title": "GDPRAnonymizeRequest",
"description": "Requête d'anonymisation des données personnelles."
}
Responses
Schema of the response body
GET /v1/stats¶
Stats
Description
Get audit statistics for a tenant.
Input parameters
| Parameter | In | Type | Default | Nullable | Description |
|---|---|---|---|---|---|
APIKeyHeader |
header | string | N/A | No | API key |
tenant_id |
query | string | No |
Responses
Schemas¶
AnonymizeResponse¶
| Name | Type | Description |
|---|---|---|
anonymized_count |
integer | |
subject_id |
string |
AuditEvent¶
| Name | Type | Description |
|---|---|---|
action |
string | create | read | update | delete | export | login | ... |
actor_id |
string | ID de l'auteur de l'action |
actor_type |
string | user | system | api_key |
anonymized |
boolean | |
changes |
Changements : {field: {old: x, new: y}} | |
id |
string | |
metadata |
IP, user-agent, request_id, etc. | |
resource_id |
string | ID de la ressource concernée |
resource_type |
string | invoice | contract | user | ... |
severity |
AuditSeverity | |
tenant_id |
string | |
timestamp |
string(date-time) |
AuditEventCreate¶
| Name | Type | Description |
|---|---|---|
action |
string | create | read | update | delete | export | login | ... |
actor_id |
string | ID de l'auteur de l'action |
actor_type |
string | user | system | api_key |
changes |
Changements : {field: {old: x, new: y}} | |
metadata |
IP, user-agent, request_id, etc. | |
resource_id |
string | ID de la ressource concernée |
resource_type |
string | invoice | contract | user | ... |
severity |
AuditSeverity | |
tenant_id |
string |
AuditSeverity¶
Type: string
BatchCreateRequest¶
| Name | Type | Description |
|---|---|---|
events |
Array<AuditEventCreate> |
BatchCreateResponse¶
| Name | Type | Description |
|---|---|---|
created |
integer | |
events |
Array<AuditEvent> |
GDPRAnonymizeRequest¶
| Name | Type | Description |
|---|---|---|
replacement |
string | Valeur de remplacement |
subject_id |
string | ID de la personne à anonymiser |
subject_type |
string | Champ à anonymiser : actor_id | resource_id |
tenant_id |
string |
GDPRExportRequest¶
| Name | Type | Description |
|---|---|---|
subject_id |
string | ID de la personne concernee |
subject_type |
string | Champ a chercher : actor_id | resource_id |
tenant_id |
string |
GDPRExportResponse¶
| Name | Type | Description |
|---|---|---|
event_count |
integer | |
events |
Array<> | |
subject_id |
string |
HealthResponse¶
| Name | Type | Description |
|---|---|---|
service |
string | |
status |
string | |
version |
string |
HTTPValidationError¶
| Name | Type | Description |
|---|---|---|
detail |
Array<ValidationError> |
ValidationError¶
| Name | Type | Description |
|---|---|---|
ctx |
||
input |
||
loc |
Array<> | |
msg |
string | |
type |
string |
Security schemes¶
| Name | Type | Scheme | Description |
|---|---|---|---|
| APIKeyHeader | apiKey |