> ## Documentation Index
> Fetch the complete documentation index at: https://docs.lerian.studio/llms.txt
> Use this file to discover all available pages before exploring further.

# List audit records

> Lists audit evidence records with optional filters by actor, action type, and time window. Cursor-based pagination — pass the nextCursor from a previous response to continue. The cursor is opaque and MUST NOT be parsed by clients.



## OpenAPI

````yaml en/openapi/v3-current/spb.yaml get /v1/str/audit-records
openapi: 3.1.0
info:
  contact:
    email: contact@lerian.studio
    name: Lerian Studio
    url: https://lerian.studio
  description: >-
    OpenAPI 3.1 surface for Lerian SPB, the direct integration between the
    institution and the Brazilian Payment System (SPB) over the National
    Financial System Network (RSFN). It covers the Reserve Transfer System
    (STR): message registry and capability catalog, operation lifecycle (bank
    transfers, IBS repasses, liquidity transfers, returns and cancellations),
    reserve-account and schedule queries, alçada governance, reconciliation, and
    event delivery.
  license:
    name: Lerian Studio General License
  title: Lerian SPB API
  version: 1.0.0
servers:
  - url: https://spb.sandbox.lerian.net
security: []
tags:
  - description: Immutable audit-record trails for STR operations and lifecycle events.
    name: Audit
  - description: >-
      STR capability catalog describing supported message types and their
      constraints.
    name: Capabilities
  - description: >-
      ICP-Brasil certificate inventory with hot-reloadable rotation and
      activation.
    name: Certificates
  - description: >-
      Maker-checker approval queue for emissions parked above their alçada band:
      list pending, sign (approve), and deny.
    name: EmissionApprovals
  - description: Webhook event-delivery records with retry control for failed dispatches.
    name: EventDeliveries
  - description: Operation event catalog enumerating the emitted domain event types.
    name: Events
  - description: >-
      Inbound GEN-family notice log (GEN0001 connectivity echo, GEN0004
      transmission error, GEN0005 administrative notice).
    name: GenNotices
  - description: >-
      SPB alçada governance: the value-band table and per-message-type signature
      requirements, hot-reloaded at runtime.
    name: Governance
  - description: >-
      Read raw STR message status: list messages and read a single message by
      NUOp.
    name: Messages
  - description: Aggregated operational summaries and metrics across STR operations.
    name: OperationalIntelligence
  - description: >-
      STR operation lifecycle for bank transfers and IBS repasses, including
      returns and cancellations.
    name: Operations
  - description: >-
      Service readiness state covering startup self-probes and dependency
      health.
    name: Readiness
  - description: Reconciliation cases and the actions that resolve operation discrepancies.
    name: Reconciliation
  - description: >-
      STR reports suite: synchronous, date-ranged aggregate reports (financial
      movement, rejected transactions, volumetria) over Lerian SPB's own
      transmission record.
    name: Reports
  - description: >-
      STR0013 reserve-account balance and STR0014 statement (extrato,
      message-mode) queries and their async results.
    name: ReserveQueries
  - description: >-
      GEN0019 participant responsável roster: full-replacement updates announced
      to BACEN.
    name: Responsibles
  - description: STR operating-window schedule governing when operations may be sent.
    name: Schedule
  - description: >-
      STR0001 single-party schedule queries (consulta de horários do STR) and
      their async STR0001R1 grid results.
    name: ScheduleQueries
  - description: Runtime SPB configuration settings for the STR integration.
    name: Settings
  - description: Webhook endpoint registration and management for event delivery.
    name: Webhooks
  - description: >-
      Flow (mandatory order): certificate → readiness → connectivity-test →
      submit. Activate a certificate, confirm the rail reports ready, pass a
      connectivity test, then submit an operation. Each step is its own
      resource; a submit must not be attempted before readiness passes.
    name: onboarding
  - description: >-
      Flow (mandatory order): parent operation SETTLED → return/cancel. A return
      or cancellation is a sub-resource of a settled parent operation; the
      {operationId}/{endToEndID} path segment enforces the parent structurally.
    name: lifecycle
paths:
  /v1/str/audit-records:
    get:
      tags:
        - Audit
      summary: List audit records
      description: >-
        Lists audit evidence records with optional filters by actor, action
        type, and time window. Cursor-based pagination — pass the nextCursor
        from a previous response to continue. The cursor is opaque and MUST NOT
        be parsed by clients.
      operationId: listAuditRecords
      parameters:
        - description: Filter by principal that emitted the action.
          explode: false
          in: query
          name: actorId
          schema:
            description: Filter by principal that emitted the action.
            examples:
              - 550e8400-e29b-41d4-a716-446655440000
            type: string
        - description: Filter by canonical audit action type (e.g. CERTIFICATE_ROTATED).
          explode: false
          in: query
          name: actionType
          schema:
            description: Filter by canonical audit action type (e.g. CERTIFICATE_ROTATED).
            examples:
              - CERTIFICATE_ROTATED
            type: string
        - description: Inclusive lower bound (RFC3339 timestamp or YYYY-MM-DD).
          explode: false
          in: query
          name: startDate
          schema:
            description: Inclusive lower bound (RFC3339 timestamp or YYYY-MM-DD).
            examples:
              - '2026-06-14T12:00:00Z'
            type: string
        - description: Inclusive upper bound (RFC3339 timestamp or YYYY-MM-DD).
          explode: false
          in: query
          name: endDate
          schema:
            description: Inclusive upper bound (RFC3339 timestamp or YYYY-MM-DD).
            examples:
              - '2026-06-14T12:00:00Z'
            type: string
        - description: Opaque pagination token from a previous response.
          explode: false
          in: query
          name: cursor
          schema:
            description: Opaque pagination token from a previous response.
            type: string
        - description: Items per page (default 20, max 100).
          explode: false
          in: query
          name: limit
          schema:
            default: 20
            description: Items per page (default 20, max 100).
            examples:
              - 20
            format: int64
            maximum: 100
            minimum: 1
            type: integer
      responses:
        '200':
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/AuditRecordListResponse'
          description: OK
        default:
          content:
            application/problem+json:
              schema:
                $ref: '#/components/schemas/Detail'
          description: Error
      security:
        - BearerAuth: []
components:
  schemas:
    AuditRecordListResponse:
      additionalProperties: false
      properties:
        correlationId:
          description: >-
            Request-scoped correlation identifier echoing X-Request-ID, for
            pivoting from response to trace.
          examples:
            - req-7a3f9c2e
          type: string
        items:
          description: Audit records for the current page.
          items:
            $ref: '#/components/schemas/AuditRecordResponse'
          type:
            - array
            - 'null'
        limit:
          description: Effective page size applied to this response.
          examples:
            - 20
          format: int64
          type: integer
        nextCursor:
          description: >-
            Opaque cursor for the next page; absent when this is the last page.
            Do not parse.
          type: string
        prevCursor:
          description: >-
            Opaque cursor for the previous page; reserved for future
            bidirectional cursoring, absent today. Do not parse.
          type: string
      required:
        - items
        - limit
        - correlationId
      type: object
    Detail:
      additionalProperties: false
      properties:
        code:
          description: >-
            Stable, machine-readable domain error code scoped to the emitting
            service (format: <SERVICE>-NNNN).
          examples:
            - ERR-0001
          type: string
        detail:
          description: >-
            A human-readable explanation specific to this occurrence of the
            problem.
          examples:
            - Property foo is required but is missing.
          type: string
        errors:
          description: Optional list of individual error details
          items:
            $ref: '#/components/schemas/ErrorDetail'
          type:
            - array
            - 'null'
        instance:
          description: >-
            A URI reference that identifies the specific occurrence of the
            problem.
          examples:
            - https://example.com/error-log/abc123
          format: uri
          type: string
        status:
          description: HTTP status code
          examples:
            - 400
          format: int64
          type: integer
        title:
          description: >-
            A short, human-readable summary of the problem type. This value
            should not change between occurrences of the error.
          examples:
            - Bad Request
          type: string
        type:
          default: about:blank
          description: A URI reference to human-readable documentation for the error.
          examples:
            - https://example.com/errors/example
          format: uri
          type: string
      type: object
    AuditRecordResponse:
      additionalProperties: false
      properties:
        actionType:
          description: Canonical audit action type that was recorded.
          examples:
            - CERTIFICATE_ROTATED
          type: string
        actorId:
          description: Identifier of the principal that performed the audited action.
          examples:
            - 550e8400-e29b-41d4-a716-446655440000
          type: string
        auditId:
          description: Audit record UUID.
          examples:
            - a1b2c3d4-e5f6-7890-abcd-ef1234567890
          format: uuid
          type: string
        correlationId:
          description: >-
            Request-scoped correlation identifier under which the action was
            performed.
          examples:
            - req-7a3f9c2e
          type: string
        details:
          additionalProperties: {}
          description: >-
            Sanitized structured details of the action, scrubbed before
            persistence; omitted when there are none.
          type: object
        occurredAt:
          description: RFC3339 UTC timestamp when the action occurred.
          examples:
            - '2026-05-04T18:30:00Z'
          format: date-time
          type: string
        operationId:
          description: >-
            UUID of the related operation when the action is operation-scoped;
            omitted otherwise.
          examples:
            - 6c8e7e9a-2f3b-4c5d-8e9f-0a1b2c3d4e5f
          format: uuid
          type: string
        resourceId:
          description: >-
            Identifier of the targeted resource; omitted when the action has no
            specific resource.
          examples:
            - 550e8400-e29b-41d4-a716-446655440000
          type: string
        resourceType:
          description: Type of resource the action targeted (e.g. certificate, webhook).
          examples:
            - certificate
          type: string
        summary:
          description: Human-readable one-line summary of the audited action.
          examples:
            - Certificate rotated successfully
          type: string
      required:
        - auditId
        - actorId
        - actionType
        - resourceType
        - summary
        - correlationId
        - occurredAt
      type: object
    ErrorDetail:
      additionalProperties: false
      properties:
        location:
          description: >-
            Where the error occurred, e.g. 'body.items[3].tags' or
            'path.thing-id'
          type: string
        message:
          description: Error message text
          type: string
        value:
          description: The value at the given location
      type: object
  securitySchemes:
    BearerAuth:
      bearerFormat: JWT
      description: JWT bearer token issued by the identity provider.
      scheme: bearer
      type: http

````