Audit API

The activity endpoints power the Platform Audit page in the UI. Both endpoints require the Admin user role and accept a shared set of filters so the activity log, summary cards, and chart can stay in sync.

Tip

For complete API documentation, including request and response schemas, visit the API docs on your Qualytics deployment.

All endpoints are served from your Qualytics deployment (e.g., https://your-instance.qualytics.io). The paths below include the /api prefix.

List Activity

Return a paginated list of activity records, optionally filtered by user, action, date range, or timeframe window.

Endpoint: GET /api/activity

Permission: Admin user role

Query parameters

Parameter	Type	Description
`users`	`list[int]`	One or more user IDs. When set, only activity attributed to the listed users is returned.
`actions`	`list[str]`	One or more action verbs (`create`, `update`, `delete`, and others). Filters to the listed verbs only.
`start_date`	`date`	The earliest date to include. Use with `end_date` for an explicit range.
`end_date`	`date`	The latest date to include. Use with `start_date` for an explicit range, or with `timeframe` as the anchor.
`timeframe`	`string`	One of `week`, `month`, `quarter`, `year`. When set, derives `start_date` from `end_date`.
`offset`	`int`	Timezone offset in minutes. Applied to the timeframe window boundaries so the date range honors the caller's local calendar.
`include_internal`	`bool`	When `true` (the default), includes activity from internal users. Set to `false` to exclude them.
`page`	`int`	Page number, starting at 1.
`size`	`int`	Page size.

Example request and response

Request:

curl -X GET "https://your-instance.qualytics.io/api/activity?timeframe=week&end_date=2026-06-10&include_internal=false&page=1&size=20" \
  -H "Authorization: Bearer YOUR_TOKEN"

Response:

{
  "items": [
    {
      "transaction": {
        "id": 184221,
        "issued_at": "2026-06-10T18:42:11Z",
        "user": {
          "id": 14,
          "name": "Yannique Kameka",
          "user_name": "yannique",
          "email": "yannique@example.com"
        }
      },
      "verb": "update",
      "object_type": "QualityCheck",
      "object_id": 9821
    }
  ],
  "total": 134,
  "page": 1,
  "size": 20,
  "pages": 7
}

Response schema

Field	Type	Description
`items`	`list[object]`	The page of activity records.
`items[].transaction.id`	`integer`	Unique transaction identifier.
`items[].transaction.issued_at`	`string`	The action timestamp in UTC.
`items[].transaction.user`	`object` or `null`	The actor (display name, username, email). `null` when the user account no longer exists.
`items[].verb`	`string`	The action verb (`create`, `update`, `delete`, `activate`, `archive`, and so on).
`items[].object_type`	`string`	The CamelCase entity type (`Datastore`, `QualityCheck`, `Anomaly`, and others).
`items[].object_id`	`integer` or `null`	The ID of the affected entity, when applicable.
`total`	`integer`	Total number of records matching the filters.
`page`	`integer`	Current page number.
`size`	`integer`	Page size.
`pages`	`integer`	Total number of pages.

Info

For the UI equivalent, see Filter Activity.

Activity Insights

Return aggregated activity statistics for the timeframe window. This is the endpoint that powers the summary cards and the activity chart.

Endpoint: GET /api/activity/insights

Permission: Admin user role

Query parameters

Parameter	Type	Description
`report_date`	`date`	The end of the timeframe window. Defaults to today when omitted.
`timeframe`	`string`	One of `week`, `month`, `quarter`, `year`. Defaults to `month`.
`offset`	`int`	Timezone offset in minutes. Applied before date extraction so daily bucketing in `actions_per_day` groups by the caller's local calendar date.
`include_internal`	`bool`	When `true` (the default), includes internal users in `total_actions`, `top_actor`, `top_entity_type`, and `actions_per_day`. The `unique_actors` count always excludes internal users.
`users`	`list[int]`	Limit the aggregation to one or more user IDs.
`actions`	`list[str]`	Limit the aggregation to one or more action verbs (`create`, `update`, `delete`, and so on).

Example request and response

Request:

curl -X GET "https://your-instance.qualytics.io/api/activity/insights?timeframe=week&report_date=2026-06-10&include_internal=true" \
  -H "Authorization: Bearer YOUR_TOKEN"

Response:

{
  "unique_actors": 7,
  "total_actions": 134,
  "top_actor": {
    "id": 14,
    "name": "Yannique Kameka",
    "user_name": "yannique",
    "email": "yannique@example.com",
    "action_count": 48
  },
  "top_entity_type": {
    "object_type": "Anomaly",
    "count": 62
  },
  "actions_per_day": [
    { "date": "2026-06-04", "user_count": 18, "system_count": 4 },
    { "date": "2026-06-05", "user_count": 11, "system_count": 6 },
    { "date": "2026-06-06", "user_count": 0,  "system_count": 0 },
    { "date": "2026-06-07", "user_count": 0,  "system_count": 0 },
    { "date": "2026-06-08", "user_count": 22, "system_count": 7 },
    { "date": "2026-06-09", "user_count": 25, "system_count": 8 },
    { "date": "2026-06-10", "user_count": 28, "system_count": 5 }
  ]
}

Response schema

Field	Type	Description
`unique_actors`	`integer`	Number of distinct human users with at least one action in the window. Always excludes internal users.
`total_actions`	`integer`	Total number of actions in the window. Respects `include_internal`.
`top_actor`	`object` or `null`	The user with the highest action count in the window. Includes `id`, `name`, `user_name`, `email`, and `action_count`.
`top_entity_type`	`object` or `null`	The entity type with the highest action count. Includes `object_type` (CamelCase) and `count`.
`actions_per_day`	`list[object]`	One entry per day in the window, with `date`, `user_count`, and `system_count`. The page aggregates these into wider buckets (week, month, quarter) when needed.

Info

For the UI equivalent, see Summary Section.

Error Responses

Status Code	Description
`401 Unauthorized`	Missing or invalid API token.
`403 Forbidden`	User does not have the Admin role.
`422 Unprocessable Entity`	Invalid `timeframe`, `offset`, or date value.

Error response examples

403 Forbidden:

{ "detail": "Not enough permissions" }

422 Unprocessable Entity (invalid timeframe):

{
  "detail": [
    {
      "loc": ["query", "timeframe"],
      "msg": "value is not a valid enumeration member; permitted: 'week', 'month', 'quarter', 'year'",
      "type": "type_error.enum"
    }
  ]
}

Permission Summary

Operation	Minimum Permission
List activity	Admin user role
Get activity insights	Admin user role