Skip to content
MCP Gateway

Search audit events for one MCP server.

GET
/v1/mcp-servers/{server_id}/audit

Authorizations

Section titled “Authorizations ”

Parameters

Section titled “ Parameters ”

Path Parameters

Section titled “Path Parameters ”
server_id
required
string
>= 1 characters

Query Parameters

Section titled “Query Parameters ”
tenant_id
string
environment_id
string
tool_id
string
request_id
string
outcome
Allowed values: succeeded denied failed
page
integer
>= 1
page_size
integer
>= 1 <= 500

Responses

Section titled “ Responses ”

200

Section titled “200 ”

Server-scoped audit search results.

object
schema_version
required
page
required
integer
>= 1
page_size
required
integer
>= 1 <= 500
total_count
required
integer
total_pages
required
integer
>= 1
facets
required
object
event_type
required
Array<object>
object
value
required
string
count
required
integer
outcome
required
Array<object>
object
value
required
string
count
required
integer
server_id
required
Array<object>
object
value
required
string
count
required
integer
tool_id
required
Array<object>
object
value
required
string
count
required
integer
policy_decision
required
Array<object>
object
value
required
string
count
required
integer
credential_resolution_status
required
Array<object>
object
value
required
string
count
required
integer
route_reason
required
Array<object>
object
value
required
string
count
required
integer
environment_id
required
Array<object>
object
value
required
string
count
required
integer
items
required
Array<object>
object
event_id
required
string
>= 1 characters
timestamp
required
string format: date-time
event_type
required
string
>= 1 characters
outcome
required
Allowed values: succeeded denied failed
tenant_id
required
string
>= 1 characters
environment_id
required
string
>= 1 characters
server_id
required
string | null
tool_id
required
string | null
request_id
required
string
>= 1 characters
actor_id
required
string | null
user_id
required
string | null
agent_id
required
string | null
agent_instance_id
required
string | null
client_surface_id
required
string
>= 1 characters
client_session_id
required
string | null
backend_session_id
required
string | null
policy_decision
required
Allowed values: allow deny block error
policy_reason
required
string | null
policy_rule_id
required
string | null
policy_ref
required
string | null
policy_version
required
string
>= 1 characters
denial_reason_code
required
string | null
/^[a-z0-9_]+$/
reason_code
string | null
/^[a-z0-9_]+$/
reason_label_snapshot
string | null
reason_catalog_version
string | null
reason
string | null
<= 500 characters
credential_mode
required
string
Allowed values: none service_account user_delegated agent_scoped workload_mapped
credential_binding_id
required
string | null
credential_resolution_status
required
Any of:
Allowed values: not_required resolved missing denied disabled revoked expired backend_unavailable
connector_id
required
string | null
route_decision
required
Any of:
Allowed values: allow deny
route_reason
required
string | null
/^[a-z0-9_]+$/
upstream_attempted
required
boolean
latency_ms
required
integer | null
redaction_status
required
Allowed values: disabled redacted none
payload_logged
required
boolean
secret_material_logged
required

403

Section titled “403 ”

Caller lacks audit.read for the scoped tenant/environment.

Type set in Geist, Source Serif 4, and Departure Mono.