コンテンツにスキップ

Create logging destination

POST
/api/admin/destinations
Code sample: Shell / cURL
curl --request POST \
--url https://auth.example.com/api/admin/destinations \
--header 'Authorization: Bearer <token>' \
--header 'Content-Type: application/json' \
--data '{ "scope_type": "platform", "scope_id": "global", "provider": "http", "name": "security-http-sink", "display_name": "Security HTTP Sink", "description": "Security event delivery target.", "provider_config": { "url": "https://logs.example.com/ingest", "timeoutMs": 5000 }, "allowed_log_types": [ "security.audit" ], "allowed_planes": [ "admin" ], "region": "global", "critical_allowed": true, "default_fallback_eligible": false, "retention_days": 90, "encryption_mode": "platform_managed", "capabilities": [ "log_sink_write" ] }'

Creates a platform-managed logging destination. Provider config must contain non-secret fields only; credentials are configured through the credential rotation endpoints.

Media type application/json
object
scope_type
required
string
Allowed values: platform tenant shared
scope_id
string
provider
required
string
Allowed values: r2 aws_s3 http logpush analytics_engine firehose external custom
name
required
string
display_name
string
description
string
provider_config

Provider-specific non-secret configuration. Secrets must be stored through credential rotation endpoints.

object
key
additional properties
allowed_tenant_ids
Array<string>
allowed_log_types
Array<string>
allowed_planes
Array<string>
region
string
critical_allowed
boolean
default_fallback_eligible
boolean
retention_days
integer
>= 1
encryption_mode
string
Allowed values: platform_managed external_managed none
capabilities
Array<string>
expected_version

Positive version used for update conflict checks, also accepted through an If-Match ETag.

integer
>= 1
key
additional properties
Example
{
"scope_type": "platform",
"scope_id": "global",
"provider": "http",
"name": "security-http-sink",
"display_name": "Security HTTP Sink",
"description": "Security event delivery target.",
"provider_config": {
"url": "https://logs.example.com/ingest",
"timeoutMs": 5000
},
"allowed_log_types": [
"security.audit"
],
"allowed_planes": [
"admin"
],
"region": "global",
"critical_allowed": true,
"default_fallback_eligible": false,
"retention_days": 90,
"encryption_mode": "platform_managed",
"capabilities": [
"log_sink_write"
]
}

Logging destination mutation result.

Media type application/json
object
item
required
object
key
additional properties
audit_id
One of:
string
version
integer
key
additional properties
Example
{
"item": {
"id": "dest_123",
"version": 2,
"updated_at": 1770000000000
},
"audit_id": "audit_123"
}

Error response.

Media type application/json
object
error
string
message
string
error_description
string
key
additional properties
Example generated
{
"error": "example",
"message": "example",
"error_description": "example"
}