SecureAgentMail

List audit entries

Returns a paginated, reverse-chronological list of security and operational audit events. Results can be filtered by inbox, event type, severity, and time range.

GET
/audit_log

Authorization

BearerAuth
AuthorizationBearer <token>

API key passed as a Bearer token. Production keys start with am_live_ and sandbox keys start with am_test_.

In: header

Query Parameters

inbox_id?string

Filter entries by inbox ID.

event_type?string

Filter entries by event type.

Value in"inject" | "exfil" | "pii" | "policy" | "msg_recv" | "msg_sent" | "key_created"
severity?string

Filter entries by severity level.

Value in"high" | "medium" | "low"
since?string

Only return entries created at or after this ISO 8601 timestamp.

Formatdate-time
limit?integer

Maximum number of items to return per page.

Default25
Range1 <= value <= 100
cursor?string

Opaque pagination cursor returned as next_cursor from a previous request.

Response Body

application/json

application/json

application/json

curl -X GET "https://secureagentmail.com/api/v1/audit_log"
{
  "entries": [
    {
      "id": "aud_q9r3s7",
      "inbox_id": "inb_abc123",
      "event_type": "inject",
      "severity": "high",
      "description": "Prompt injection attempt detected in inbound message msg_x7k9m2.",
      "metadata": {},
      "created_at": "2026-02-25T10:15:00Z"
    }
  ],
  "has_more": true,
  "next_cursor": "string"
}
{
  "error": {
    "code": "unauthorized",
    "message": "Invalid or missing API key.",
    "status": 401
  }
}
{
  "error": {
    "code": "rate_limited",
    "message": "Rate limit exceeded. Please retry after 30 seconds.",
    "status": 429
  }
}

Credit consumption history

Returns a paginated ledger of individual credit consumption events. Each entry records the amount consumed, the reason, and the resulting balance.

List API keys

Returns all API keys for the authenticated account. The full key secret is never included; only the `key_prefix` is shown.