Disclosure workflows give authorized users scoped access to interpreted audit data. The scope is stored in disclosure and case tables, enforced by API guards and queries, and recorded in auditors_log.

Lifecycle

Supported status values are pending, approved, and closed. Auditors can withdraw pending requests they created when they have cases:withdraw_pending_request. Application administrators can approve or close pending requests when they have cases:approve_creation.

Data model

Tables

TablePurpose
disclosure_requestsParent request with org, application, requester, reason, status, type, approvals required
request_decisionsAdministrator approve/reject decisions and reasons
case_requestsCase period, access duration, disclosure flags, future case id, optional contract filters
case_request_auditor_assignmentsAuditor assignments proposed at request time
casesApproved investigation case
case_auditor_assignmentsActive case auditor assignments; removed assignments are soft-deleted
reportsGenerated report files and metadata
auditors_logActivity trail for request, decision, case, report, team, and application actions

Main endpoints

EndpointPurposeMain permission
GET /api/applications/:foreignId/disclosure-registryAdministrator disclosure request registrycases:approve_creation
GET /api/applications/:foreignId/casesCase list and auditor worklistreports:view_transactions or case/admin-specific checks
POST /api/applications/:foreignId/casesCreate disclosure case requestcases:create
POST /api/applications/:foreignId/cases/requests/:id/withdrawWithdraw own pending requestcases:withdraw_pending_request
POST /api/applications/:foreignId/case-requests/:id/approveApprove requestcases:approve_creation
POST /api/applications/:foreignId/case-requests/:id/closeClose requestcases:approve_creation
POST /api/applications/:foreignId/case-reportsGenerate transaction summary reportreports:create
GET /api/applications/:foreignId/reportsList application reportsreports:list
GET /api/applications/:foreignId/reports/:reportId/downloadDownload application reportreports:download
GET /api/applications/:foreignId/auditors-logApplication activity loglogs:view_activity
GET /api/applications/:foreignId/cases/:caseId/auditors-logCase activity logreports:view_transactions

Transaction review scope

Case transaction review reads interpreted records after these filters:
FilterSource
OrganizationAuthenticated session orgId
Application:foreignId resolved to application_id
Casecases.id
Periodcase_requests.period_from, case_requests.period_to
Contract addresscase_requests.investigation_contract_addresses or cases.contract_addresses
Assignmentcase_auditor_assignments
Access windowcases.created_at + access_days
Field scopefull_tx_ids, sender_information, withdrawal_details
Interpreted audit rows outside this scope are not returned for the case.

Reports

Report rows contain:
  • id
  • org_id
  • application_id
  • file_blob
  • metadata
  • type
  • created_by_user_id
  • created_by_email
  • created_by_name
  • created_at
Report boundaries:
BoundaryEndpoint
OrganizationGET /api/reports, GET /api/reports/:reportId/download
ApplicationGET /api/applications/:foreignId/reports, GET /api/applications/:foreignId/reports/:reportId/download
Case transaction summaryPOST /api/applications/:foreignId/case-reports
Activity log reportPOST /api/auditors-log/reports, POST /api/applications/:foreignId/auditors-log/reports, POST /api/applications/:foreignId/cases/:caseId/auditors-log/reports
Generation and download are separate permission checks and separate activity-log events.

Activity log

auditors_log records:
ColumnMeaning
event_typeAction type
userActor display field
org_idOrganization scope
user_idInternal actor user id
workos_user_idExternal identity user id
objectTyped target object JSON
detailsTyped event details JSON
application_foreign_idOptional application route segment
case_idOptional case id
created_atEvent timestamp
Events are persisted after successful handler execution, so failed requests do not produce success log entries.