Get server-aggregated operational dashboard overview
Returns a single-request operational health snapshot for the admin dashboard. Includes entity counts (tenants, budgets, webhooks), top-offender arrays (over-limit budgets, debt scopes, failing webhooks), and recent event summaries (denials, expiries) — all within a server-defined time window (default 1 hour, returned as event_window_seconds).
DESIGN: - Aggregation is performed server-side through existing repositories. - Top-offender arrays are capped at 10 items each. - Recent events use a 1-hour window (event_window_seconds: 3600). - No client-side pagination or aggregation needed.
PERFORMANCE: - Pages through all tenants, budgets, and webhooks for accurate counts. - For large deployments (100+ tenants), consider caching with short TTL.
Authorizations
Administrative API key with full system access. Also accepted as an alternative to ApiKeyAuth on an explicit per-operation allowlist — the authoritative list is the union of operations whose security: block declares AdminKeyAuth (consult per-operation security blocks rather than this prose, which has historically drifted as the dual-auth surface expanded). When using AdminKeyAuth on list or fund endpoints, a tenant scoping parameter (typically tenant or tenant_id) is required for scoping (400 if missing) — the per-operation description specifies which. Lookup-style endpoints that uniquely identify a resource by non-tenant key (e.g. GET /v1/admin/budgets/lookup, where the (scope, unit) pair is unique) do NOT require a tenant parameter. Allowlisting is per-operation (exact method:path matching — no prefix matching, no wildcards) so new endpoints do not accidentally inherit admin-accessible status.
Responses
Operational overview snapshot