# listAuditEvents

Source: /openapi/thomas-federated.openapi.json

## Operation

| Method | URL |
|---|---|
| GET | https://api.thomas.co/v1/audit-events |

| Field | Value |
|---|---|
| operationId | listAuditEvents |
| method | GET |
| server | https://api.thomas.co/v1 |
| path | /audit-events |
| tags | `Audit Log` |
| summary | List the tenant audit events (paginated) |
| badges | `{"name":"Owner"}`, `{"name":"Admin"}` |

## Request Parameters

| Name | In | Required | Schema | Description |
|---|---|---|---|---|
| cursor | query | false | string |  |
| limit | query | false | integer |  |
| category | query | false | string |  |
| search | query | false | string |  |
| subjectCompanyIndividualId | query | false | string:uuid |  |

## Request Body

None.

## Responses

| Status | Description | Schema refs |
|---|---|---|
| 200 | Paginated tenant audit events | #/components/schemas/ListAuditEventsResponseDto |
| 400 | Invalid category, limit, or cursor | #/components/schemas/ApiErrorResponseDto |
| 401 | Invalid or missing authentication token (AUTH_TOKEN_INVALID) | #/components/schemas/ApiErrorResponseDto |
| 403 | Admin or owner role required | #/components/schemas/ApiErrorResponseDto |

## Artifact Examples

### Response 400 example

```json
{
  "statusCode": 400,
  "message": "Validation failed",
  "error": "HTTP_BAD_REQUEST"
}
```

### Response 401 example

```json
{
  "statusCode": 401,
  "message": "Invalid or missing authentication token",
  "error": "AUTH_TOKEN_INVALID"
}
```

### Response 403 example

```json
{
  "statusCode": 403,
  "message": "Insufficient role privileges",
  "error": "AUTH_INSUFFICIENT_ROLE"
}
```
