> For clean Markdown of any page, append .md to the page URL.
> For a complete documentation index, see https://docs.adid.dev/llms.txt.
> For full documentation content, see https://docs.adid.dev/llms-full.txt.

# Agent Audit Log

#### When to use

You need a per-action record of what an agent did — for compliance, debugging, or dispute resolution.

#### Before you begin

The agent's DID. You can read any agent's audit log (the endpoint is authenticated but not principal-only).

#### API

```bash
curl "https://adid.dev/api/v1/agents/did:adi:0xA.../audit-log?limit=50&offset=0" \
  -H "Authorization: Bearer $ACCESS_TOKEN"
```

(`agent.go:232`, `router.go:139`.)

Response:

```json
{
  "data":[
    { "ts":"2026-04-26T11:00:00Z", "action":"verify",  "resource":"proof",      "ibct":"ibct-uuid-2", "outcome":"ok",   "txHash":null },
    { "ts":"2026-04-26T11:01:30Z", "action":"sign",    "resource":"didcomm",    "ibct":"ibct-uuid-2", "outcome":"ok",   "txHash":null },
    { "ts":"2026-04-26T11:02:14Z", "action":"delegate","resource":"sub-agent",  "ibct":"ibct-uuid-2", "outcome":"ok",   "txHash":"0xabcd..." }
  ],
  "total":3
}
```

#### Filtering

Query parameters: `from`, `to`, `action`, `resource`, `outcome`. Combine for forensic queries:

```bash
curl "https://adid.dev/api/v1/agents/did:adi:0xA.../audit-log?action=delegate&outcome=fail&from=2026-04-25" \
  -H "Authorization: Bearer $ACCESS_TOKEN"
```

#### Verify

Cross-check selected entries against your runtime logs. Each entry's `ibct` (jti) is reproducible across both sides of every action.

#### Export

Click **Download CSV** in the portal's audit log viewer for a CSV export.

#### Troubleshooting

| Symptom                | Cause                   | Fix                                                                                    |
| ---------------------- | ----------------------- | -------------------------------------------------------------------------------------- |
| Audit log empty        | Agent has not yet acted | Trigger a tool call.                                                                   |
| Action not appearing   | Audit write failed      | Check API logs; the audit handler logs failures with `audit_write_failed`.             |
| Discrepancy with chain | Off-chain action        | Not all actions emit chain events; off-chain ones are still recorded in the audit log. |

> 💡 **Tip** — For long-running agents, set up a daily export job that writes the CSV to your archival store. The audit log endpoint paginates and supports `from`/`to` ranges, so cron-friendly extraction is straightforward.

***