Audit Records
Use the audit endpoint to retrieve a history of compliance activity performed by your account. All sensitive operations — identity checks, CPR lookups, PEP screenings, ROFUS evaluations — generate an audit record automatically.
Note: Audit records contain summary metadata only. Decrypted payloads are not exposed through this API.
Retrieve audit records — GET /api/audit/records
Returns a paginated list of audit record summaries for your account, filtered by the parameters you provide.
Query parameters:
| Parameter | Type | Default | Description |
|---|---|---|---|
externalReference |
string | — | Filter by the externalReference you supplied when making the original request |
from |
ISO 8601 datetime | — | Return records at or after this UTC timestamp |
to |
ISO 8601 datetime | — | Return records at or before this UTC timestamp |
category |
string | — | Filter by category — see categories below |
operation |
string | — | Filter by operation name — see operations below |
page |
integer | 1 |
Page number (1-based) |
pageSize |
integer | 50 |
Number of records per page — minimum 1, maximum 500 |
All filters are optional and are combined with AND logic. Omitting all filters returns all records for your account.
Response:
{
"page": 1,
"pageSize": 50,
"totalCount": 142,
"items": [
{
"id": 12345,
"externalReference": "customer-ref-001",
"context": "player-login",
"category": "Rofus",
"operation": "evaluation",
"performedAt": "2024-06-12T09:14:33Z",
"resultSummary": "GamblerStatus=NotRegistered, IsMinor=False, IsBlockedForPlay=False"
}
]
}
Response fields:
| Field | Type | Description |
|---|---|---|
page |
integer | Current page number |
pageSize |
integer | Records per page as requested |
totalCount |
integer | Total number of records matching the filter |
items[].id |
integer | Unique audit record ID |
items[].externalReference |
string | Your reference from the original request |
items[].context |
string | Context string from the original request, if provided |
items[].category |
string | Category of the operation (see below) |
items[].operation |
string | Specific operation performed (see below) |
items[].performedAt |
ISO 8601 | UTC timestamp when the operation was performed |
items[].resultSummary |
string | Human-readable summary of the outcome |
Categories
| Category | Description |
|---|---|
Identity |
Identity verification flows (MitID, BankID, eIDAS) |
Cpr |
CPR lookup and validation |
Pep |
PEP screening |
Rofus |
ROFUS self-exclusion and evaluation checks |
Safe |
SAFE reporting submissions |
Other |
Miscellaneous operations |
Operations
| Category | Operation | Description |
|---|---|---|
Identity |
start |
Authentication session started |
Identity |
result |
Identity result retrieved |
Cpr |
lookup |
CPR lookup performed |
Cpr |
validate |
CPR validation performed |
Pep |
check |
Single PEP check |
Pep |
check_bulk |
Bulk PEP check (one audit entry per person) |
Rofus |
gambler_check |
Self-exclusion check |
Rofus |
csrp_check |
CSRP registration check |
Rofus |
commercial_check_bulk |
Bulk marketing permission check (one entry per person) |
Rofus |
evaluation |
Combined ROFUS evaluation |
Safe |
session |
Session submitted |
Safe |
jackpot |
Jackpot submitted |
Safe |
end_of_day |
End-of-day report submitted |
Tips
- Use
externalReferenceto find all activity related to a specific customer or transaction. Set this to your internal customer ID or session ID when making requests. - Use
contextto group related operations (e.g."player-login","kyc-onboarding"). - The
resultSummaryis written to be human-readable and is suitable for displaying in compliance dashboards or case management systems. - Combine
fromandtoto query a specific date range for reporting.
Error reference
| Status | Meaning |
|---|---|
400 |
Invalid parameter values (e.g. page < 1, pageSize > 500) |