Skip to content
MCP Gateway

List curated admin activity rows backed by sanitized durable audit events.

GET
/v1/admin-activity

Authorizations

Section titled “Authorizations ”

Parameters

Section titled “ Parameters ”

Query Parameters

Section titled “Query Parameters ”
environment_id
required
string
>= 1 characters
actor_id
string
actor_role
string
actor_group
string
action_type
string
Allowed values: submit_server_manifest submit_api_source approve_registry_item reject_registry_item disable_registry_item archive_registry_item change_registry_owner manifest_validation_failed update_health_status publish_catalog_capability publish_policy_version archive_policy_version create_credential_binding update_credential_binding disable_credential_binding revoke_credential_binding register_connector disable_connector revoke_connector update_connector_health rotate_connector_identity create_client_surface disable_client_surface create_local_identity_user disable_local_identity_user update_local_identity_group create_role_binding delete_role_binding create_audit_export emergency_disable create_revocation permission_denied
resource_type
string
Allowed values: mcp_server api_source api_operation credential_binding connector catalog registry_batch policy_version client_surface local_identity_user local_identity_group role_binding audit_export revocation agent
resource_id
string
outcome
string
Allowed values: succeeded denied failed
reason_code
string
/^[a-z0-9_]+$/
occurred_from
string format: date-time
occurred_to
string format: date-time
cursor
string
limit
integer
>= 1 <= 500
sort
Allowed values: -timestamp timestamp action_type outcome

Responses

Section titled “ Responses ”

200

Section titled “200 ”

Admin activity rows with safe metadata only.

object
schemaVersion
required
requestId
required
string
>= 1 characters
items
required
Array<object>
object
activityId
required
string
>= 1 characters
auditEventId
required
string
>= 1 characters
requestId
required
string
>= 1 characters
timestamp
required
string format: date-time
tenantId
required
string
>= 1 characters
environmentId
required
string
>= 1 characters
actionType
required
string
Allowed values: submit_server_manifest submit_api_source approve_registry_item reject_registry_item disable_registry_item archive_registry_item change_registry_owner manifest_validation_failed update_health_status publish_catalog_capability publish_policy_version archive_policy_version create_credential_binding update_credential_binding disable_credential_binding revoke_credential_binding register_connector disable_connector revoke_connector update_connector_health rotate_connector_identity create_client_surface disable_client_surface create_local_identity_user disable_local_identity_user update_local_identity_group create_role_binding delete_role_binding create_audit_export emergency_disable create_revocation permission_denied
action
required
string
>= 1 characters
actor
required
object
actorId
required
string
>= 1 characters
displayName
required
string
>= 1 characters
roles
required
Array<string>
groups
required
Array<string>
authMode
required
string
Allowed values: trusted_proxy oidc_jwt local_identity service_account workload_identity
resource
required
object
type
required
string
Allowed values: mcp_server api_source api_operation credential_binding connector catalog registry_batch policy_version client_surface local_identity_user local_identity_group role_binding audit_export revocation agent
id
required
string
>= 1 characters
displayName
required
string
>= 1 characters
outcome
required
string
Allowed values: succeeded denied failed
reasonCode
required
string
/^[a-z0-9_]+$/
reason
required

Sanitized human reason text; raw request bodies and secret material are never returned.

string
>= 1 characters
metadataHash
required
string
/^sha256:[a-f0-9]{64}$/
safeDiffSummary
required
string
>= 1 characters
relatedLinks
required
Array<object>
object
rel
required
Allowed values: resource audit_event revocation policy session deny_diagnostics export
href
required
string
>= 1 characters
resourceType
required
string
>= 1 characters
resourceId
required
string
>= 1 characters
redactionStatus
required
Allowed values: redacted
nextCursor
string
allowedActions
required
Array
Allowed values: admin_activity.search admin_activity.get audit.search
sort
required
Allowed values: -timestamp timestamp action_type outcome
metadataOnly
required
boolean

400

Section titled “400 ”

Invalid admin activity filter, sort, pagination, or time range.

object
schemaVersion
required
requestId
required
string
>= 1 characters
status
required
integer
>= 400 <= 599
reasonCode
required
string
/^[a-z0-9_]+$/
message
required
string
>= 1 characters
retryable
required
boolean
machineSafe
required
boolean
redactionStatus
required
Allowed values: redacted metadata_only
field

Optional metadata-only field identifier for validation errors.

string
details

Optional metadata-only diagnostic details. Never include secret material, payloads, prompts, raw endpoint URLs, or customer data.

object
requiredAction
string
>= 1 characters
resourceRef
string
>= 1 characters
key
additional properties
One of:
string

403

Section titled “403 ”

Caller lacks audit.read for the tenant/environment scope.

object
schemaVersion
required
requestId
required
string
>= 1 characters
status
required
integer
>= 400 <= 599
reasonCode
required
string
/^[a-z0-9_]+$/
message
required
string
>= 1 characters
retryable
required
boolean
machineSafe
required
boolean
redactionStatus
required
Allowed values: redacted metadata_only
field

Optional metadata-only field identifier for validation errors.

string
details

Optional metadata-only diagnostic details. Never include secret material, payloads, prompts, raw endpoint URLs, or customer data.

object
requiredAction
string
>= 1 characters
resourceRef
string
>= 1 characters
key
additional properties
One of:
string

Type set in Geist, Source Serif 4, and Departure Mono.