Org in a Box
API Reference

Admin API

Audit logs, usage analytics, user and role management.

GET /v1/admin/audit-log

Query the audit log. Requires admin.view_audit_log.

Query parameters:

  • action — exact action match (e.g. tool.execute)
  • userId — filter by user ID
  • since — ISO 8601 timestamp
  • until — ISO 8601 timestamp
  • limit — max results (default 50, max 500)

Response:

{
  "entries": [
    {
      "id": "uuid",
      "ts": "2026-04-18T10:30:00Z",
      "tenantId": "uuid",
      "userId": "uuid",
      "actor": "user:uuid",
      "action": "tool.execute",
      "target": "bash",
      "sessionId": "uuid",
      "channel": "web",
      "durationMs": 234
    }
  ],
  "count": 1
}

GET /v1/admin/usage

Token and cost analytics digest.

Query parameters:

  • since — duration string: 24h, 7d, 30d (default 24h)

Response:

{
  "totalTokens": 150000,
  "totalCostUsd": 1.23,
  "byModel": { "claude-sonnet-4-5": { "tokens": 150000, "cost": 1.23 } },
  "byUser": { "uuid": { "tokens": 50000, "cost": 0.41 } }
}

GET /v1/admin/users

List all users in the tenant. Requires admin.manage_users.

GET /v1/admin/roles

List all roles in the tenant. Requires admin.manage_roles.

Custom-role creation is not exposed over the REST API yet. The four system roles (owner, admin, member, viewer) are seeded on tenant creation and bundled in packages/core/src/rbac.ts. Use seedSystemRoles() + direct database updates for any custom role shapes until POST /v1/admin/roles ships.

Skills API

Manage the learning loop skill lifecycle.

Gateways API

REST endpoints for managing gateway configs, paired users, and pairing codes.

On this page

GET /v1/admin/audit-logGET /v1/admin/usageGET /v1/admin/usersGET /v1/admin/roles