Skip to main content

Documentation Index

Fetch the complete documentation index at: https://docs.usemandate.io/llms.txt

Use this file to discover all available pages before exploring further.

Every meaningful action in Mandate — creating an agent, evaluating a policy, verifying a payment, revoking a mandate — produces an immutable audit log event. The log is append-only: events are never updated or deleted. Use it to reconstruct exactly what happened, when, and by whom, whether you are debugging a failed payment or fulfilling a compliance requirement.

List audit log events


GET /v1/audit-log
Returns audit log events for your account, ordered by created_at descending. Filter by event type, resource type, or specific resource ID to narrow results. Up to 200 events are returned per request.
The audit log is append-only. Events cannot be modified or deleted. This guarantee is enforced at the database level — there is no API operation to alter historical records.
Query parameters
event_type
string
Filter to events of a specific type, e.g. "mandate.created" or "transaction.paid". See the event types table below for all values.
resource_type
string
Filter to events affecting a specific resource type. One of: agent, mandate, transaction, api_key, policy_decision.
resource_id
string
Filter to events affecting a specific resource, e.g. "mandate_xyz789". Combine with resource_type for precise lookups.
limit
number
default:"50"
Maximum number of events to return. Minimum 1, maximum 200.
curl "https://api.kya.dev/v1/audit-log?resource_type=mandate&resource_id=mandate_xyz789&limit=10" \
  --header "Authorization: Bearer ky_sand_••••••••••••••••"
Response 200
events
object[]
required
Array of audit log event objects, ordered by created_at descending.
Example response
{
  "events": [
    {
      "id": "evt_abc001",
      "developer_id": "dev_000111",
      "actor_type": "agent",
      "actor_id": "agent_abc123",
      "event_type": "transaction.paid",
      "resource_type": "transaction",
      "resource_id": "transaction_ghi789",
      "metadata": {
        "amount": "0.10",
        "currency": "USDC",
        "merchant_domain": "api.example.com"
      },
      "sandbox": true,
      "created_at": "2024-01-15T10:30:01Z"
    },
    {
      "id": "evt_abc000",
      "developer_id": "dev_000111",
      "actor_type": "system",
      "actor_id": "system",
      "event_type": "policy.evaluated",
      "resource_type": "policy_decision",
      "resource_id": "policy_decision_mno345",
      "metadata": {
        "decision": "approved",
        "reason_code": "within_policy",
        "transaction_id": "transaction_ghi789"
      },
      "sandbox": true,
      "created_at": "2024-01-15T10:30:00Z"
    }
  ]
}

Event types

Event typeActorDescription
agent.createddeveloperA new agent was registered.
agent.revokeddeveloperAn agent was permanently revoked.
mandate.createddeveloperA new mandate was created.
mandate.revokeddeveloperA mandate was revoked.
api_key.createddeveloper / systemAn API key was created (including on account registration).
api_key.revokeddeveloperAn API key was revoked.
policy.evaluatedsystemThe policy engine evaluated a payment request and recorded a decision.
verification.completedsystemA /v1/verify-agent check completed successfully.
transaction.paidagentA payment proof was verified and the mandate was charged.

Common audit patterns

Reconstruct all events for a mandate 
GET /v1/audit-log?resource_type=mandate&resource_id=mandate_xyz789
Find all paid transactions by an agent 
GET /v1/audit-log?event_type=transaction.paid&resource_type=transaction
Then cross-reference metadata.agent_id in the results, or use GET /v1/transactions?agent_id=agent_abc123&status=paid for a direct transaction query. Review all API key activity 
GET /v1/audit-log?resource_type=api_key