> ## Documentation Index
> Fetch the complete documentation index at: https://docs.alforse.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Audit

> The operation log and evidence gallery behind every sensitive action.

## List operations

`GET /audit/operations` · requires `admin` (view)

<ParamField query="page" type="integer" default="1" />

<ParamField query="pageSize" type="integer" default="20">Max 200.</ParamField>

<ParamField query="type" type="string">
  One of `create`, `edit`, `payment`, `invoice`, `collection`, `permission`, `login`, `export`,
  `ai`, `delete`.
</ParamField>

<ParamField query="q" type="string">Free-text search.</ParamField>

<ParamField query="subjectId" type="string" />

Every audit event is written automatically by a global interceptor — you cannot write to this
log directly, and there is no endpoint that deletes from it.

## List evidence

`GET /audit/evidence` · requires `contract_view` (view)

<ParamField query="page" type="integer" default="1" />

<ParamField query="pageSize" type="integer" default="20">Max 200.</ParamField>
<ParamField query="kind" type="string" default="all">`all` | `invoice` | `proof`</ParamField>

<ParamField query="q" type="string" />

<ParamField query="subjectId" type="string" />

Lists invoice and receipt evidence files. Note this endpoint only requires `contract_view`,
while the operations log requires `admin` — evidence review is a normal workspace activity,
while the full operation log is an administrative one. See
[Roles & Permissions](/concepts/roles-and-permissions).
