List audits for the authenticated user
Returns audits based on role (mutually exclusive per organization):
- Audit Manager (
user_global_roles): all audits in the organization. - Auditor (
team_members.role = Auditor): audits assigned to the user (auditor_user_id), excludingCOMPLETED. - Peer review (
?view=peer-reviews): audits awaiting peer review for users withAuditororPeer Auditorinteam_members. ReturnsIN_REVIEWaudits (excluding those assigned to the caller asauditor_user_id) plusCOMPLETEDaudits for the completed-reviews metric. - Pending actions (
?view=pending-actions): audits owned by the authenticated IT Owner (owner_user_id), filtered to statuses requiring owner action (DRAFT,IN_PROGRESS,OVERDUE), submitted (IN_REVIEW), and completed (COMPLETED). RequiresIT Ownerinteam_members. Users cannot hold both audit manager and auditor roles for the same organization (403).
Authorization
SupabaseBearer Supabase user access token (Authorization: Bearer JWT)
In: header
Query Parameters
When set to peer-reviews, returns audits awaiting peer review. When set to pending-actions, returns IT Owner pending action audits.
Value in
- "peer-reviews"
- "pending-actions"
Filter by audit template framework. Comma-separated values match any listed framework.
Filter by audit status (e.g. DRAFT, IN_PROGRESS, IN_REVIEW, COMPLETED).
Filter by assigned auditor user id (auditor_user_id).
uuidFilter to audits with a submission distributed to this application (audit_submissions.application_id).
uuidFilter audits where due_date, due_at (when due_date is null), or updated_at (when both are null) falls on the same UTC calendar day as the due_date query parameter.
date-timeResponse Body
application/json
application/json
curl -X GET "https://example.com/audits"{}{ "message": "string"}