| GET | /admin/audit/alerts | List alerts | detail → |
| GET | /admin/audit/alerts/{alert_id} | Get alert details | detail → |
| POST | /admin/audit/alerts/{alert_id}/assign | Assign alert handler | detail → |
| PUT | /admin/audit/alerts/{alert_id}/status | Update alert status | detail → |
| GET | /admin/audit/anomalies | List audit anomalies | detail → |
| POST | /admin/audit/anomalies/detect | Trigger anomaly detection | detail → |
| GET | /admin/audit/anomalies/{anomaly_id} | Get anomaly details | detail → |
| POST | /admin/audit/anomalies/{anomaly_id}/assign | Assign anomaly analyst | detail → |
| POST | /admin/audit/anomalies/{anomaly_id}/comment | Add anomaly investigation comment | detail → |
| POST | /admin/audit/anomalies/{anomaly_id}/link | Associate anomaly with case | detail → |
| GET | /admin/audit/anomalies/{anomaly_id}/related | Get related anomalies | detail → |
| PUT | /admin/audit/anomalies/{anomaly_id}/status | Update anomaly status | detail → |
| GET | /admin/audit/anomalies/{anomaly_id}/timeline | Get anomaly event timeline | detail → |
| POST | /admin/audit/archive | Archive audit logs | detail → |
| GET | /admin/audit/archive/status | Get archive status | detail → |
| GET | /admin/audit/billing-events | Query billing event audit logs | detail → |
| GET | /admin/audit/compliance/ai-decisions | List AI decisions | detail → |
| POST | /admin/audit/compliance/ai-decisions | Record AI decision | detail → |
| GET | /admin/audit/compliance/ai-decisions/{id} | Get AI decision details | detail → |
| GET | /admin/audit/compliance/breaches | List breach notifications | detail → |
| POST | /admin/audit/compliance/breaches | Create breach notification | detail → |
| GET | /admin/audit/compliance/breaches/{id} | Get breach notification details | detail → |
| GET | /admin/audit/compliance/cleanup-records | List erasure records | detail → |
| POST | /admin/audit/compliance/cleanup-records | Create erasure record | detail → |
| GET | /admin/audit/compliance/cleanup-records/{connector_id} | Get erasure record details | detail → |
| GET | /admin/audit/compliance/cross-border | List cross-border transfers | detail → |
| POST | /admin/audit/compliance/cross-border | Create cross-border transfer record | detail → |
| GET | /admin/audit/compliance/cross-border/{id} | Get cross-border transfer details | detail → |
| GET | /admin/audit/compliance/data-classifications | List data classifications | detail → |
| POST | /admin/audit/compliance/data-classifications | Create data classification | detail → |
| GET | /admin/audit/compliance/data-classifications/{id} | Get data classification details | detail → |
| GET | /admin/audit/compliance/pias | List PIAs | detail → |
| POST | /admin/audit/compliance/pias | Create PIA | detail → |
| GET | /admin/audit/compliance/pias/{id} | Get PIA details | detail → |
| GET | /admin/audit/compliance/role-actions | Query role-operation mapping | detail → |
| GET | /admin/audit/compliance/sod-rules | Query SoD rules | detail → |
| POST | /admin/audit/export | Export audit logs | detail → |
| GET | /admin/audit/export/jobs | List export tasks | detail → |
| GET | /admin/audit/export/{job_id}/download | Download export file | detail → |
| GET | /admin/audit/export/{job_id}/status | Get export task status | detail → |
| GET | /admin/audit/hashchain/{tenant_id} | Get hash chain information | detail → |
| GET | /admin/audit/hashchain/{tenant_id}/verify-by-date | Verify hash chain by date range | detail → |
| GET | /admin/audit/incidents | List security incidents | detail → |
| POST | /admin/audit/incidents | Create security incident | detail → |
| GET | /admin/audit/incidents/{incident_id} | Get security incident details | detail → |
| POST | /admin/audit/incidents/{incident_id}/comment | Add a comment to a security event | detail → |
| PUT | /admin/audit/incidents/{incident_id}/status | Update security event status | detail → |
| GET | /admin/audit/logs | Query audit logs | detail → |
| GET | /admin/audit/logs/{alert_id} | Get audit log by ID | detail → |
| GET | /admin/audit/merkle-proof | Get Merkle Proof for a specified audit log entry | detail → |
| POST | /admin/audit/merkle-proofs | Batch get Merkle Proofs for multiple audit log entries | detail → |
| GET | /admin/audit/merkle-root | Get Merkle Root of tenant audit logs | detail → |
| GET | /admin/audit/payment-events | Query payment event audit logs | detail → |
| GET | /admin/audit/reports/compliance | Get compliance audit report | detail → |
| GET | /admin/audit/reports/security | Get security audit report | detail → |
| GET | /admin/audit/retention-policy | Get tenant audit log retention policy | detail → |
| PUT | /admin/audit/retention-policy | Save or update tenant audit log retention policy | detail → |
| GET | /admin/audit/server-logs | Query service error logs | detail → |
| GET | /admin/audit/server-logs/services | Get list of services with logged errors | detail → |
| GET | /admin/audit/siem/connectors | List SIEM connectors | detail → |
| POST | /admin/audit/siem/connectors | Create SIEM connector | detail → |
| DELETE | /admin/audit/siem/connectors/{anomaly_id} | Delete SIEM connector | detail → |
| PUT | /admin/audit/siem/connectors/{anomaly_id} | Update SIEM connector | detail → |
| POST | /admin/audit/siem/connectors/{anomaly_id}/test | Test SIEM connector | detail → |
| GET | /admin/audit/stats | Get audit statistics | detail → |
| GET | /admin/audit/stream | Real-time audit event stream | detail → |
| GET | /admin/audit/tenant-config | Get tenant anomaly detection configuration | detail → |
| PUT | /admin/audit/tenant-config | Update tenant anomaly detection configuration | detail → |
| GET | /admin/audit/verifications | Query latest automatic hash chain verification results | detail → |
| POST | /admin/audit/verifications | Verify hash chain integrity | detail → |
| GET | /admin/audit/wallet-events | Query wallet event audit logs | detail → |