Security API

Security status, audit trail, and integrity verification.

Endpoints

GET /security/status

curl http://localhost:4200/security/status

Response (200)

{
  "tls_enabled": true,
  "auth_enabled": true,
  "active_keys": 3,
  "ip_allowlist_configured": true,
  "audit_enabled": true,
  "audit_entries": 1247,
  "audit_integrity": "verified"
}

GET /security/audit

curl "http://localhost:4200/security/audit?limit=5"

Query Parameters

Response (200)

{
  "entries": [
    {
      "timestamp": "2026-06-04T10:15:02Z",
      "actor": "ci-deploy-bot",
      "action": "agent.create",
      "target": "claims-agent-v2",
      "details": {}
    },
    {
      "timestamp": "2026-06-04T09:30:00Z",
      "actor": "system",
      "action": "health.recovery",
      "target": "memory-subsystem",
      "details": {"attempt": 1, "result": "success"}
    }
  ]
}

GET /security/verify

Verify audit trail Merkle chain integrity.

curl http://localhost:4200/security/verify

Response (200 — valid)

{
  "valid": true,
  "entries_checked": 1247,
  "first_entry": "2026-05-20T08:00:00Z",
  "last_entry": "2026-06-04T10:15:02Z"
}

Response (200 — chain broken)

{
  "valid": false,
  "entries_checked": 1247,
  "break_at_entry": 892,
  "expected_hash": "sha256:a1b2c3...",
  "actual_hash": "sha256:deadbe..."
}