Audit Logs
Audit Logs API
Endpoint for querying the audit trail. Records all critical actions (quote creation, status changes, client updates, settings changes, impersonation, etc.).
List Audit Logs
GET /api/audit-logs
Permission: config:manage | Plan: PRO (requires audit_log_ui feature)
Retrieve a paginated, filterable list of audit log entries for the current tenant.
Query Parameters:
| Parameter | Type | Required | Description |
|---|---|---|---|
| action | string | No | Filter by action (e.g., create, update, delete, status_change, invite, duplicate) |
| entity | string | No | Filter by entity type (e.g., quote, client, product, tenant, collaborator, Webhook) |
| userId | string | No | Filter by user ID (CUID format) |
| from | string | No | Start date (YYYY-MM-DD format) |
| to | string | No | End date (YYYY-MM-DD format, inclusive through end of day) |
| page | number | No | Page number (default: 1, max: 1000) |
| limit | number | No | Items per page (default: 25, max: 100) |
Response 200 OK:
{
"data": [
{
"id": "clxyz...",
"action": "create",
"entity": "quote",
"entityId": "clxyz...",
"metadata": { "quoteNumber": 42 },
"tenantId": "...",
"createdAt": "2026-03-31T10:00:00.000Z",
"user": {
"id": "clxyz...",
"name": "Carlos Méndez",
"email": "carlos@empresa.mx"
}
}
],
"total": 230,
"page": 1,
"totalPages": 10
}Errors:
| Status | Error | When |
|---|---|---|
| 400 | "Parámetros inválidos" | Invalid query parameters (e.g., malformed date, invalid CUID) |
| 401 | "No autorizado" | Missing or invalid session |
| 403 | "Sin permisos" | Role lacks config:manage |
| 403 | "Función disponible en el plan Pro" | Tenant is on FREE plan |
cURL Example:
curl -X GET "https://cotizera.com/api/audit-logs?action=create&entity=quote&from=2026-03-01&to=2026-03-31&page=1" \
-H "Cookie: next-auth.session-token=YOUR_TOKEN"