Skip to main content

Media Governance Audit Export API

The Media Governance Audit Export API exports audit records for requests that included media-governance analysis. Use it when security, privacy, or compliance teams need a bounded evidence package for multimodal AI workflows.

This endpoint is served by the Orchestrator and is commonly reached through the Agent proxy in deployments that expose orchestrator APIs through the Agent.

Endpoint

GET /api/v1/media-governance/audit/export

Authentication And Tier Gate

The handler requires:

  • a paid self-hosted tier: Professional, Enterprise, or Plus
  • X-Tenant-ID on the request

If the deployment tier is not paid, the endpoint returns:

{
"error": {
"code": "ENTERPRISE_REQUIRED",
"message": "Media governance audit export requires Enterprise license"
}
}

The error message uses the existing Enterprise wording, but the code gate is IsPaidTier, which currently means Professional, Enterprise, or Plus. SaaS Plugin tiers such as Pro and Premium are a separate product line and are not included in this gate.

Query Parameters

ParameterDefaultDescription
formatjsonOutput format. Supported values: json, csv.
from7 days before request timeStart timestamp, RFC3339.
torequest timeEnd timestamp, RFC3339.

Invalid formats return 400 INVALID_FORMAT. Invalid timestamps return 400 INVALID_FROM or 400 INVALID_TO.

JSON Response

For format=json or omitted format, the response shape is:

{
"records": [
{
"request_id": "req_123",
"tenant_id": "tenant_abc",
"timestamp": "2026-06-30T12:00:00Z",
"media_type": "image",
"analysis_results": {
"has_pii": true,
"pii_types": ["email"]
},
"policy_actions": ["block"],
"blocked": true
}
],
"tenant_id": "tenant_abc",
"from": "2026-06-23T12:00:00Z",
"to": "2026-06-30T12:00:00Z",
"count": 1
}

The query reads from audit_logs rows whose policy_details include media_type, ordered by newest first, with a maximum of 10,000 records.

CSV Response

For format=csv, the response uses:

  • Content-Type: text/csv
  • Content-Disposition: attachment; filename=media-audit-{tenant_id}-{YYYYMMDD}.csv

CSV columns:

ColumnDescription
request_idGoverned request identifier
tenant_idTenant from X-Tenant-ID
timestampRFC3339 timestamp
media_typeMedia type stored in policy_details, defaulting to image when absent
blockedBoolean blocked status
policy_actionsJSON-encoded list of policy actions

The CSV export intentionally omits the nested analysis_results object so spreadsheet consumers get a stable flat schema.

Example

curl "http://localhost:8080/api/v1/media-governance/audit/export?format=csv&from=2026-06-01T00:00:00Z&to=2026-06-30T23:59:59Z" \
-H "Authorization: Basic $(echo -n 'your-client-id:your-client-secret' | base64)" \
-H "X-Tenant-ID: tenant_abc" \
-o media-audit.csv

Error Responses

HTTP StatusCodeDescription
400MISSING_TENANT_IDX-Tenant-ID header is missing
400INVALID_FORMATformat is not json or csv
400INVALID_FROMfrom is not RFC3339
400INVALID_TOto is not RFC3339
403ENTERPRISE_REQUIREDDeployment tier does not satisfy the paid-tier gate
500QUERY_ERRORAudit query failed