🏠 Overview 🧩 Components 🧩 Security Dashboard API Route

Security Dashboard API Route

Component Detail

Infrastructure low complexity backend
1
Dependencies
0
Dependents
1
Entities
0
Integrations

Description

Next.js API route handler enforcing role-based access control at the API layer before delegating to SecurityMetricsService. Validates that only Organization Admins and Global Admins can reach security metrics endpoints regardless of UI-level gating, and extracts tenant context from the authenticated session for scoping.

Feature: Security Dashboard

security-dashboard-api-route

Responsibilities

  • Enforce role-gating at the API layer for all security metrics endpoints
  • Extract and validate tenant context from the authenticated session
  • Delegate metric retrieval to SecurityMetricsService and serialize response
  • Return 403 for unauthorized roles independent of UI visibility state

Interfaces

GET /api/v1/admin/security/metrics
GET /api/v1/admin/security/alerts
GET /api/v1/admin/security/sessions/active
PATCH /api/v1/admin/security/anomaly-thresholds

Relationships

Dependencies (1)

Components this component depends on

service Security Metrics Service

Related Data Entities (1)

Data entities managed by this component

Audit Log 17 fields audit