Governance API
Manage recertification cycles and access audits.
Endpoints Overview
| Method | Endpoint | Description |
|---|---|---|
| POST | /governance/spaces/{slug}/governance/cycles | Start recertification cycle |
| POST | /governance/governance/audits | Create audit record |
| PATCH | /governance/governance/audits/{audit_id} | Perform audit review |
Note: Some endpoints map to redundant paths (e.g.,
/governance/governance/...) due to current routing configuration.
Recertification Cycles
Create Cycle
POST /governance/spaces/{slug}/governance/cycles
Requires: Space Admin permissions
Start a new access recertification cycle for a specific space.
Request Body
{
"name": "Q1 2026 Access Review",
"deadline": "2026-03-31T23:59:59Z",
"scope": "all_products",
"description": "Quarterly review of all product access."
}
Response
{
"id": "uuid-of-cycle",
"space_id": "uuid-of-space",
"status": "active",
"created_at": "2026-02-08T10:00:00Z",
"total_audits": 150,
"completed_audits": 0
}
Audits
Create Audit
POST /governance/governance/audits
Manually create a single audit record (usually automated by cycle creation).
Request Body
{
"cycle_id": "uuid-of-cycle",
"user_id": "uuid-of-user-to-audit",
"product_id": "uuid-of-product",
"role_id": "uuid-of-role"
}
Perform Review
PATCH /governance/governance/audits/{audit_id}
Review an access audit (approve/revoke).
Request Body
{
"status": "approved",
"comments": "Access is still required for daily tasks."
}
status:approved,revoked,flagged
Response
{
"id": "uuid-of-audit",
"status": "approved",
"reviewer_id": "uuid-of-reviewer",
"reviewed_at": "2026-02-08T12:00:00Z"
}