Anthropic/compliance
Observe a Claude Enterprise account via the Compliance API. Covers the 6-year activity audit feed, organization directory (users, roles, groups with SCIM source attribution), and effective runtime settings (retention, redaction, IP allowlist, SSO mode, code execution egress).
Authentication
Requires a Compliance Access Key (sk-ant-api01-...) created by the
primary owner in claude.ai → Org settings → API access. Store in a
swamp vault.
Usage
swamp extension pull @webframp/anthropic/compliance
swamp model create @webframp/anthropic/compliance claude-compliance \
--global-arg 'complianceKey=${{ vault.get("anthropic", "COMPLIANCE_KEY") }}'
# Discover org
swamp model method run claude-compliance sync_organizations
# Full directory sync (users + roles + groups)
swamp model method run claude-compliance sync_directory
# Effective settings
swamp model method run claude-compliance sync_effective_settings
# Audit feed
swamp model method run claude-compliance collect_activities
swamp model method run claude-compliance collect_activities \
--input activity_types=user.login,conversation.createMethods
- sync_organizations — discover orgs visible to the key
- sync_users — paginate all directory users
- sync_roles — list defined roles
- sync_groups — list groups
- get_group_members — members with SCIM source attribution
- sync_directory — fan-out: users + roles + groups in one call
- sync_effective_settings — observe runtime config
- collect_activities — filterable audit feed (6-year retention)
2026.07.07.1
Fixed:
collect_activitiessincefilter: the Compliance API expects the dotted range parametercreated_at.gte, not the bracketedcreated_at[gte], which returned HTTP 400 (Unknown query parameter: 'created_at[gte]'). Thesinceargument now filters activities correctly.
2026.07.03.1
Fixed:
- Organization ID mapping: The Anthropic compliance API returns org identifiers
in the
uuidfield, notid.resolveOrgIdandsync_organizationsnow correctly preferuuidoverid, fixing auto-discovery failures. - Activity schema:
actor.id,actor.email,actor.name, anddetailsare now nullable+optional, matching actual API response shapes (e.g.api_actorhasapi_key_idbut noid/email/name).
Changed:
collect_activitiesnow writes to the"recent"instance (was"latest"). swamp reserves"latest"for internal use. If you have CEL expressions referencingdata.latest("claude-compliance", "latest"), update them todata.latest("claude-compliance", "recent").
2026.07.02.1
Added: Initial release. Compliance API observation model with 8 methods: sync_organizations, sync_users, sync_roles, sync_groups, get_group_members, sync_directory (fan-out), sync_effective_settings, collect_activities. Seven versioned resource specs for CEL queries.
Global Arguments
| Argument | Type | Description |
|---|---|---|
| complianceKey | string | Compliance Access Key (sk-ant-api01-...) from claude.ai org settings (use vault reference) |
| orgId? | string | Organization ID to scope queries. Omit to auto-discover from /v1/compliance/organizations. |
| Argument | Type | Description |
|---|---|---|
| activity_types? | string | Comma-separated activity type filter (e.g. 'user.login,conversation.create') |
| since? | string | ISO-8601 timestamp — collect activities created after this time |
| limit? | string | Max activities to collect per page (default 100, max 5000) |
| Argument | Type | Description |
|---|---|---|
| groupId | string | Group ID to fetch members for |
Resources
2026.07.03.1
Fixed:
- Organization ID mapping: The Anthropic compliance API returns org identifiers
in the
uuidfield, notid.resolveOrgIdandsync_organizationsnow correctly preferuuidoverid, fixing auto-discovery failures. - Activity schema:
actor.id,actor.email,actor.name, anddetailsare now nullable+optional, matching actual API response shapes (e.g.api_actorhasapi_key_idbut noid/email/name).
Changed:
collect_activitiesnow writes to the"recent"instance (was"latest"). swamp reserves"latest"for internal use. If you have CEL expressions referencingdata.latest("claude-compliance", "latest"), update them todata.latest("claude-compliance", "recent").
2026.07.02.1
Added: Initial release. Compliance API observation model with 8 methods: sync_organizations, sync_users, sync_roles, sync_groups, get_group_members, sync_directory (fan-out), sync_effective_settings, collect_activities. Seven versioned resource specs for CEL queries.
2026.07.02.1
Added: Initial release. Compliance API observation model with 8 methods: sync_organizations, sync_users, sync_roles, sync_groups, get_group_members, sync_directory (fan-out), sync_effective_settings, collect_activities. Seven versioned resource specs for CEL queries.
- Has README or module doc2/2earned
- README has a code example1/1earned
- README is substantive1/1earned
- Most symbols documented1/1earned
- No slow types (deprecated)1/1earned
- Dependencies pass trust audit2/2earned
- Has description1/1earned
- Platform support declared (or universal)2/2earned
- License declared1/1earned
- Verified public repository2/2earned