Audit Log — Osstblok

What gets logged

Token lifecycle — create, revoke, rotate.
Collaborator changes — invite, role change, removal.
OIDC provider configuration changes.
Webhook create / delete / delivery failures after max retries.
Storyblok imports — source space, dry-run flag, counts imported.
Destructive story ops beyond soft-delete (hard-delete, bulk move).

GET/api/v1/spaces/{spaceId}/audit_logBearer (Mgmt)

List audit-log entries, newest first.

Request

GET /api/v1/spaces/1/audit_log?action=token.create&per_page=50
Authorization: Bearer sbmgmt_...

Response

{
  "entries": [
    {
      "id": 102,
      "action": "token.create",
      "actor_user_id": 3,
      "resource_type": "access_token",
      "resource_id": "42",
      "metadata": { "scope": "public" },
      "created_at": "2026-04-23T09:11:00Z"
    }
  ]
}