Download OpenAPI specification:Download
Atlas REST API (Application Programming Interfaces) provides endpoints for sending a questionnaire based on several industry and custom templates available in Atlas and getting back questionnaires with answers.
This guide is designed to help users to start with our API and use it for basic workflow:
Authenticating to the API with your SecurityScorecard ratings platform credentials.
Select a questionnaire template which was previously defined in Atlas. You can select any of the industry standard templates (e.g. SIG, NIST, PCI, HIPAA, ISO…) or use your own custom template which was previously created in the Atlas UI.
Send a questionnaire request based on the selected template and target user or company domain.
Find out details of the request, e.g. who was the recipient, or in which status the questionnaire request is (Open, In progress, Under review, Accepted/Closed).
Get the questionnaire responses and attachments.
Atlas API needs to define more specialized terms than those used in the Atlas UI. Therefore, the terms can differ a bit. These are the most important terms you should know in order to use the Atlas API properly. The introduction part of this documentation is using terms similar to the ones in UI and mentioning proper APIs to be used. Documentation of endpoints is using the API terms.
Standard
- questionnaire standard is the questionnaire template. Examples of standards with type SYSTEM
are industry standard templates such as NIST, GDPR, ISO. Standards with type CUSTOM
are templates which your company created using the template creator UI or by uploading Excel template. Object Standard
contains template name, year and version. Object FormDefinition
contains a set of questions for given standard.
FormFilling
- any questionnaire sent. In Atlas there are several types of questionnaires. The most important types are REQUEST
(visible in Sent / Received questionnaire page), MASTER
and UPLOAD
(visible in Answer & Evidence page, keeping default answers or answers based on uploaded questionnaire) and PREVIEW
(preview of questionnaire templates).
Form
versus Request
- use /requests
endpoints to get information for form filling of type REQUEST
- i.e. only Sent / Received questionnaires. For more options you can use the endpoint /forms
to get information about forms of other form filling types, e.g. for your
MASTER
and UPLOAD
questionnaires on Answer & Evidence page.
Atlas users are authenticated via the SecurityScorecard ratings platform account. Please follow the guide in order to login to API with platform API key.
Sign in to SecurityScorecard Ratings Platform.
Go to API settings page.
Click Generate New Token.
Copy the token.
Test the token by calling GET /users/current/info
:
curl -X GET "https://api.securityscorecard.io/atlas/users/current/info" \
-H "Accept: application/json" \
-H "Authorization: Token <your token>"
This endpoint returns information about your Atlas account. It returns (among other things) your user name and number of received and sent requests and how many credits you have available for sending a questionnaire - see attribute credits.remaining
.
Atlas continas Templates page housing all the standard templates and custom questionnaires. Atlas offers 20 out of the box templates (as listed below) but you can additionally upload an excel template, use the provided template, or create a custom questionnaire template. Templates are called standards in the API.
curl -X GET "https://api.securityscorecard.io/atlas/companies/current/standards" \
-H "Accept: application/json" \
-H "Authorization: Token <your token>"
Select your preferred template based on the field name
. Later you can refer to it based on the field id
. You can select templates based on their status - system standards are industry standard templates (e.g. SIG, ISO, NIST), custom standards are templates created by your company by uploading Excel template or by creating new template in the UI template builder. Drafts are templates which are not published yet and therefore it is not possible to send a questionnaire request based on this template.
For example, if you want to send a CIS 2016 v.6 questionnaire request, you are looking for the following information:
{
"id": "8053deba-bcd6-449b-81e4-a3bf4fe7fe83",
"name": "CIS Critical Security Controls",
"version": "v.6",
"year": 2016,
...
}
Select a questionnaire template or multiple questionnaire templates at once. Atlas enables you to send more questionnaires based on multiple templates to one or more recipients. Each sent questionnaire will cost 1 credit.
You can send a questionnaire either to the recipient's email, or straight to the company domain. Note that some subdomains are merged under one domain in SecurityScorecard platform. Anybody associated with the company in SecurityScorecard can use the link to respond and collaborate to the questionnaire.
See example how to send a questionnaire based on template CIS (which ID we know from previous query) to recipient user@company.com, with due date 2020-06-08, reminder two weeks before due date, using personalized message:
curl -X POST "https://api.securityscorecard.io/atlas/requests" \
-H "Accept: application/json" \
-H "Authorization: Token <your token>" \
-H 'Content-Type: application/json' \
-d '{"due_date":"2020-06-08T22:00:00.000Z","email_body":"Hi! Message to recipient","notify":true,"reminder":14,"standard_ids":["8053deba-bcd6-449b-81e4-a3bf4fe7fe83"],"targets":["user@company.com"]}'
See example how to set parameters if the questionnaire should be sent to a company domain company.com.
'{"due_date":"2020-06-08T22:00:00.000Z","email_body":"","notify":false,"reminder":-1,"standard_ids":["8053deba-bcd6-449b-81e4-a3bf4fe7fe83"],"targets":["company.com"]}'
You will receive a confirmation message, which contains ID of the questionnaire request and ID of the form. These will be used later for getting the status and answers on the questionnaire.
"form_id": "2bb7ad61-e9db-498a-84d6-707c898506f7",
"form_name": "Request for CIS Critical Security,
"id": "fa1b9fcc-2a7c-4cb6-8294-822a4583a9a3"
Find out details of the request. You will be notified via email when the recipient submits a questionnaire, but if you would like to automate the process by using the API, you can use the following endpoint for getting status of the questionnaire:
curl -X GET "https://api.securityscorecard.io/atlas/requests/fa1b9fcc-2a7c-4cb6-8294-822a4583a9a3" \
-H "Accept: application/json" \
-H "Authorization: Token <your token>"
In the response you can find field status
(Open, In progress, Under review, Accepted/Closed) and other important information, for example who was the recipient of the questionnaire (see target properties), how many questions are filled in etc.
Once the recipient submitted the questionnaire for review or allowed you to see the responses, you can get the responses and attachments from the questionnaire.
If you want to continue with processing of the data, you can use the endpoint GET /forms/{form_id}
to get all details about the sent form:
curl -X GET "https://api.securityscorecard.io/atlas/forms/2bb7ad61-e9db-498a-84d6-707c898506f7" \
-H "Accept: application/json" \
-H "Authorization: Token <your token>"
To obtain questions and responses of the form, use the dedicated endpoint
GET /forms/{form_id}/questions
:
curl -X GET "https://api.securityscorecard.io/atlas/forms/2bb7ad61-e9db-498a-84d6-707c898506f7/questions?limit=30" \
-H "Accept: application/json" \
-H "Authorization: Token <your token>"
You can optionally limit the results to contain only questions from a specific category or apply various other filters.
If you want to download questionnaire with answers in CSV format, for example for archiving purposes, please use GET /forms/{form_id}/downloads/csv_export
You can also download a ZIP file which contains the CSV with answers and also attachments by using GET /forms/{form_id}/downloads/attachments
curl -X GET "https://api.securityscorecard.io/atlas/forms/2bb7ad61-e9db-498a-84d6-707c898506f7/downloads/attachments" \
--output file.zip \
-H 'Accept: application/json' \
-H "Authorization: Token <your token>" \
-H 'Content-Type: application/json' \
-H 'cache-control: no-cache'
Companies can be referred to using their ID or using /current/
as placeholder for the company ID of the signed-in user
hp | boolean Default: true Return only standards for homepage (applies to system standards only) |
ignore_preview_uninitialized | boolean Default: true |
limit | integer >= 1 Limits the number of entries in the response. |
sort | string Default: "name" Enum: "name" "most_recent" "most_used" Method of sorting the results |
status | Array of strings Default: ["system","custom","draft"] Items Enum: "system" "custom" "draft" Fetch only standards with specified statuses
|
Success
entries required | Array of objects (Standard) |
msg required | string Message related to response |
User is not authorized.
Standard doesn't exist or user doesn't have access to it.
{- "msg": "string",
- "entries": [
- {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "code": "ISO_27001_2013",
- "definition_id": "string",
- "description": "The CIS Critical Security Controls for Effective Cyber Defense",
- "has_conditions": true,
- "has_custom_scoring": true,
- "id": "string",
- "is_duplicable": true,
- "is_unpublishable": true,
- "last_sent_at": "2021-07-22T21:16:29Z",
- "logo": "ISO",
- "name": "ISO 27001",
- "owner_id": "string",
- "preview_form_id": "string",
- "show_on_hp": true,
- "status": "CUSTOM",
- "version": "3.0.1 Lite",
- "year": "2013"
}
]
}
company_id required | string |
hp | boolean Default: true Return only standards for homepage (applies to system standards only) |
ignore_preview_uninitialized | boolean Default: true |
limit | integer >= 1 Limits the number of entries in the response. |
sort | string Default: "name" Enum: "name" "most_recent" "most_used" Method of sorting the results |
status | Array of strings Default: ["system","custom","draft"] Items Enum: "system" "custom" "draft" Fetch only standards with specified statuses
|
Success
entries required | Array of objects (Standard) |
msg required | string Message related to response |
User is not authorized.
Standard doesn't exist or user doesn't have access to it.
{- "msg": "string",
- "entries": [
- {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "code": "ISO_27001_2013",
- "definition_id": "string",
- "description": "The CIS Critical Security Controls for Effective Cyber Defense",
- "has_conditions": true,
- "has_custom_scoring": true,
- "id": "string",
- "is_duplicable": true,
- "is_unpublishable": true,
- "last_sent_at": "2021-07-22T21:16:29Z",
- "logo": "ISO",
- "name": "ISO 27001",
- "owner_id": "string",
- "preview_form_id": "string",
- "show_on_hp": true,
- "status": "CUSTOM",
- "version": "3.0.1 Lite",
- "year": "2013"
}
]
}
Note: Remember to check the form.initialization_status
in the response to be sure
that the form is properly initialized (has status FINISHED_SUCCESS
) and contains complete
data.
URL parameters:
form_id required | string |
assignee_id | string Filter questions by specified assignee |
filters | Array of strings Default: [] Items Enum: "yes" "no" "na" "attachments" "attachments_new" "comments" "comments_new" "required" "filled" "completely_filled" "partially_filled" "not_filled" "ssc_data" "ssc_data_new" "vrm_review_pending" "vrm_review_flagged" "vrm_review_done" "unassigned" "responses" "responses_new" "autocomplete_done" "autocomplete_suggestions_available" Comma separated list of filters applied to form questions, possible values:
Example: |
question_ids | Array of strings Default: [] List of questions to be used for stats |
Success
entry required | object (FormMetadata) |
msg required | string Message related to response |
User is not authorized.
Form doesn't exist or user doesn't have access to it.
Form is already deleted.
{- "msg": "string",
- "entry": {
- "assignee_stats": [
- {
- "count": 0,
- "user": {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "company_id": "string",
- "display_name": "string",
- "domain": "string",
- "email": "string",
- "first_name": "string",
- "full_name": "string",
- "id": "string",
- "is_active": true,
- "last_name": "string"
}
}
], - "autocomplete_executions": [
- {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "company_id": "string",
- "form_id": "string",
- "id": "string",
- "questions_autofilled": [
- "string"
], - "questions_processed": 0,
- "questions_suggested": [
- "string"
], - "questions_total": 0,
- "status": "FINISHED_FAIL",
- "user_id": "string"
}
], - "autofill_stats": {
- "compatible_questions_count": 0,
- "compatible_responses_count": 0,
- "fillable_questions_count": 0,
- "fillable_responses_count": 0,
- "rewritable_questions_count": 0,
- "rewritable_responses_count": 0
}, - "categories": [
- {
- "delegation": {
- "assignee": {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "company_id": "string",
- "display_name": "string",
- "domain": "string",
- "email": "string",
- "first_name": "string",
- "full_name": "string",
- "id": "string",
- "is_active": true,
- "last_name": "string"
}, - "category": "string",
- "quantity": "MULTIPLE_USERS",
- "scope": "ALL"
}, - "name": "string",
- "pos": 0,
- "question_count": 0,
- "question_count_ignore_filter": 0,
- "question_count_ignore_visibility": 0,
- "questions_completely_filled": 0,
- "questions_filled": 0,
- "questions_partially_filled": 0,
- "questions_total_visible": 0,
- "vrm_review_status": {
- "category": "string",
- "scope": "SINGLE_STATUS",
- "status": "DONE"
}
}
], - "delegation_notification_stats": [
- {
- "count": 0,
- "direction": "backward",
- "user": {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "company_id": "string",
- "display_name": "string",
- "domain": "string",
- "email": "string",
- "first_name": "string",
- "full_name": "string",
- "id": "string",
- "is_active": true,
- "last_name": "string"
}
}
], - "filter_stats": {
- "attachments": 0,
- "attachments_new": 0,
- "autocomplete_done": 0,
- "autocomplete_suggestions_available": 0,
- "comments": 0,
- "comments_new": 0,
- "completely_filled": 0,
- "filled": 0,
- "na": 0,
- "no": 0,
- "not_filled": 0,
- "partially_filled": 0,
- "required": 0,
- "responses": 0,
- "responses_new": 0,
- "ssc_data": 0,
- "ssc_data_new": 0,
- "unassigned": 0,
- "vrm_review_done": 0,
- "vrm_review_flagged": 0,
- "vrm_review_pending": 0,
- "yes": 0
}, - "form": {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "description": "string",
- "display_name": "ISO 27001",
- "filling_type": "DELETED",
- "has_evidence_locker_entity": false,
- "id": "string",
- "name": "Request for ISO 27001",
- "owner_id": "string",
- "standard_id": "string",
- "attachment_count": 0,
- "attachment_modifiable": true,
- "attachments": [
- {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "file_size": 0,
- "id": "string",
- "name": "Catalog of Cat Haircuts - Feb 2050.pdf",
- "owner_id": "string"
}
], - "initialization_status": "EMPTY",
- "is_editable": true,
- "is_owner": true,
- "is_submittable": true,
- "merged_to_form_id": "string",
- "owner": {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "domain": "example.com",
- "grade": "A",
- "id": "string",
- "industry": "entertainment",
- "internal_status": "DELETED",
- "last30day_score_change": -12,
- "name": "string",
- "requests_email": "john@example.com",
- "score": 77,
- "size": "unknown"
}, - "percentage_filled": 0,
- "permissions": [
- "ANSWER_LOOKUP_LENSES_READ"
], - "question_count": 0,
- "question_count_ignore_visibility": 0,
- "questions": [
- {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "attachment_count": 0,
- "attachment_modifiable": true,
- "attachments": [
- {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "file_size": 0,
- "id": "string",
- "name": "Catalog of Cat Haircuts - Feb 2050.pdf",
- "owner_id": "string"
}
], - "category": "string",
- "code": "A.9.2",
- "comment_count": 0,
- "delegations": [
- {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "assignee": {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "company_id": "string",
- "display_name": "string",
- "domain": "string",
- "email": "string",
- "first_name": "string",
- "full_name": "string",
- "id": "string",
- "is_active": true,
- "last_name": "string"
}, - "assignee_id": "string",
- "assignor": {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "company_id": "string",
- "display_name": "string",
- "domain": "string",
- "email": "string",
- "first_name": "string",
- "full_name": "string",
- "id": "string",
- "is_active": true,
- "last_name": "string"
}, - "assignor_id": "string",
- "id": "string",
- "owner_id": "string",
- "question_id": "string"
}
], - "form_id": "string",
- "has_attachment": true,
- "has_comment": true,
- "has_na": true,
- "has_no": true,
- "has_required": true,
- "has_required_filled": true,
- "has_yes": true,
- "id": "string",
- "is_visible": true,
- "owner_id": "string",
- "pos": 0,
- "question": "string",
- "response_count": 0,
- "responses": [
- {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "attachments": [
- {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "file_size": 0,
- "id": "string",
- "name": "Catalog of Cat Haircuts - Feb 2050.pdf",
- "owner_id": "string"
}
], - "definition": {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "hash": "string",
- "id": "string",
- "label": "string",
- "options": [
- "string"
], - "placeholder": "string",
- "response_type": "EVIDENCE"
}, - "id": "string",
- "is_filled": true,
- "is_required": true,
- "mapping_history": {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "action": "CLEAR_AFTER_COPY",
- "company_id": "string",
- "data": { },
- "id": "string",
- "message": "string",
- "response_id": "string",
- "score": 0,
- "user_id": "string",
- "value": "string"
}, - "pos": 0,
- "value": "string"
}
], - "responses_filled": 0,
- "review_instructions": "string",
- "seen_info": { },
- "vrm_review_status": "DONE"
}
], - "questions_completely_filled": 0,
- "questions_filled": 0,
- "questions_partially_filled": 0,
- "request": {
- "completion_days": 0,
- "form_filled": 0,
- "form_percentage_filled": 0,
- "form_question_count": 0,
- "form_question_count_ignore_visibility": 0,
- "form_questions_completely_filled": 0,
- "form_questions_filled": 0,
- "form_questions_partially_filled": 0,
- "form_response_count": 0,
- "form_response_count_ignore_visibility": 0,
- "form_responses_filled": 0,
- "form_score": 0,
- "form_score_visible": true,
- "form_total": 0,
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "accepted_date": "2021-07-22T21:16:29Z",
- "can_view_data": true,
- "code": "string",
- "due_date": "2021-07-22T21:16:29Z",
- "form_id": "string",
- "form_name": "string",
- "form_roles": [
- "OWNER"
], - "history_count": 0,
- "id": "string",
- "is_internal": false,
- "message": "string",
- "revision_count": 1,
- "risk_note": "string",
- "standard": {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "code": "ISO_27001_2013",
- "definition_id": "string",
- "description": "The CIS Critical Security Controls for Effective Cyber Defense",
- "has_conditions": true,
- "has_custom_scoring": true,
- "id": "string",
- "is_duplicable": true,
- "is_unpublishable": true,
- "last_sent_at": "2021-07-22T21:16:29Z",
- "logo": "ISO",
- "name": "ISO 27001",
- "owner_id": "string",
- "preview_form_id": "string",
- "show_on_hp": true,
- "status": "CUSTOM",
- "version": "3.0.1 Lite",
- "year": "2013"
}, - "status": "ACCEPTED",
- "status_before_archived": "ACCEPTED",
- "target_opened_at": "2021-07-22T21:16:29Z",
- "was_scheduled": true,
- "is_vendor": true,
- "is_vrm": true,
- "source": {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "domain": "example.com",
- "grade": "A",
- "id": "string",
- "industry": "entertainment",
- "internal_status": "DELETED",
- "last30day_score_change": -12,
- "name": "string",
- "requests_email": "john@example.com",
- "score": 77,
- "size": "unknown"
}, - "source_team": {
- "company_id": "string",
- "id": "string",
- "name": "string",
- "platform_id": "string",
- "user_emails": [ ]
}, - "source_user": {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "company_id": "string",
- "display_name": "string",
- "domain": "string",
- "email": "string",
- "first_name": "string",
- "full_name": "string",
- "id": "string",
- "is_active": true,
- "last_name": "string"
}, - "target": {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "domain": "example.com",
- "grade": "A",
- "id": "string",
- "industry": "entertainment",
- "internal_status": "DELETED",
- "last30day_score_change": -12,
- "name": "string",
- "requests_email": "john@example.com",
- "score": 77,
- "size": "unknown"
}, - "target_team": {
- "company_id": "string",
- "id": "string",
- "name": "string",
- "platform_id": "string",
- "user_emails": [ ]
}, - "target_user": {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "company_id": "string",
- "display_name": "string",
- "domain": "string",
- "email": "string",
- "first_name": "string",
- "full_name": "string",
- "id": "string",
- "is_active": true,
- "last_name": "string"
}, - "vrm_view_status": "VENDOR_APPROVED"
}, - "request_id": "string",
- "response_count": 0,
- "response_count_ignore_visibility": 0,
- "responses_filled": 0,
- "score": 100,
- "score_limit": 651,
- "score_raw": 421,
- "score_visible": true,
- "standard": {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "code": "ISO_27001_2013",
- "definition_id": "string",
- "description": "The CIS Critical Security Controls for Effective Cyber Defense",
- "has_conditions": true,
- "has_custom_scoring": true,
- "id": "string",
- "is_duplicable": true,
- "is_unpublishable": true,
- "last_sent_at": "2021-07-22T21:16:29Z",
- "logo": "ISO",
- "name": "ISO 27001",
- "owner_id": "string",
- "preview_form_id": "string",
- "show_on_hp": true,
- "status": "CUSTOM",
- "version": "3.0.1 Lite",
- "year": "2013"
}, - "with_attachment_count": 0,
- "with_comment_count": 0,
- "with_na_count": 0,
- "with_no_count": 0,
- "with_required_count": 0,
- "with_required_filled_count": 0,
- "with_ssc_issue_count": 0,
- "with_vrm_review_status_done_count": 0,
- "with_vrm_review_status_flagged_count": 0,
- "with_vrm_review_status_pending_count": 0,
- "with_yes_count": 0
}, - "mapping_requests": [
- {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "company_id": "string",
- "id": "string",
- "mapping_stats": {
- "questions_partially_updated": 0,
- "questions_updated": 0,
- "responses_updated": 0
}, - "parsed_files": [
- {
- "file_name": "My ISO 270001 answers.xlsx",
- "parsing_messages": [
- {
- "severity": "INFO",
- "text": "string",
- "text_id": "CANNOT_BE_REQUIRED",
- "values": { }
}
]
}
], - "parsed_form": {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "description": "string",
- "display_name": "ISO 27001",
- "filling_type": "DELETED",
- "has_evidence_locker_entity": false,
- "id": "string",
- "name": "Request for ISO 27001",
- "owner_id": "string",
- "standard_id": "string",
- "attachment_count": 0,
- "attachment_modifiable": true,
- "attachments": [
- {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "file_size": 0,
- "id": "string",
- "name": "Catalog of Cat Haircuts - Feb 2050.pdf",
- "owner_id": "string"
}
], - "initialization_status": "EMPTY",
- "is_editable": true,
- "is_owner": true,
- "is_submittable": true,
- "merged_to_form_id": "string",
- "owner": {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "domain": "example.com",
- "grade": "A",
- "id": "string",
- "industry": "entertainment",
- "internal_status": "DELETED",
- "last30day_score_change": -12,
- "name": "string",
- "requests_email": "john@example.com",
- "score": 77,
- "size": "unknown"
}, - "percentage_filled": 0,
- "permissions": [
- "ANSWER_LOOKUP_LENSES_READ"
], - "question_count": 0,
- "question_count_ignore_visibility": 0,
- "questions": [
- {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "attachment_count": 0,
- "attachment_modifiable": true,
- "attachments": [
- {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "file_size": 0,
- "id": "string",
- "name": "Catalog of Cat Haircuts - Feb 2050.pdf",
- "owner_id": "string"
}
], - "category": "string",
- "code": "A.9.2",
- "comment_count": 0,
- "delegations": [
- {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "assignee": {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "company_id": "string",
- "display_name": "string",
- "domain": "string",
- "email": "string",
- "first_name": "string",
- "full_name": "string",
- "id": "string",
- "is_active": true,
- "last_name": "string"
}, - "assignee_id": "string",
- "assignor": {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "company_id": "string",
- "display_name": "string",
- "domain": "string",
- "email": "string",
- "first_name": "string",
- "full_name": "string",
- "id": "string",
- "is_active": true,
- "last_name": "string"
}, - "assignor_id": "string",
- "id": "string",
- "owner_id": "string",
- "question_id": "string"
}
], - "form_id": "string",
- "has_attachment": true,
- "has_comment": true,
- "has_na": true,
- "has_no": true,
- "has_required": true,
- "has_required_filled": true,
- "has_yes": true,
- "id": "string",
- "is_visible": true,
- "owner_id": "string",
- "pos": 0,
- "question": "string",
- "response_count": 0,
- "responses": [
- {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "attachments": [
- {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "file_size": 0,
- "id": "string",
- "name": "Catalog of Cat Haircuts - Feb 2050.pdf",
- "owner_id": "string"
}
], - "definition": {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "hash": "string",
- "id": "string",
- "label": "string",
- "options": [
- "string"
], - "placeholder": "string",
- "response_type": "EVIDENCE"
}, - "id": "string",
- "is_filled": true,
- "is_required": true,
- "mapping_history": {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "action": "CLEAR_AFTER_COPY",
- "company_id": "string",
- "data": { },
- "id": "string",
- "message": "string",
- "response_id": "string",
- "score": 0,
- "user_id": "string",
- "value": "string"
}, - "pos": 0,
- "value": "string"
}
], - "responses_filled": 0,
- "review_instructions": "string",
- "seen_info": { },
- "vrm_review_status": "DONE"
}
], - "questions_completely_filled": 0,
- "questions_filled": 0,
- "questions_partially_filled": 0,
- "request": {
- "completion_days": 0,
- "form_filled": 0,
- "form_percentage_filled": 0,
- "form_question_count": 0,
- "form_question_count_ignore_visibility": 0,
- "form_questions_completely_filled": 0,
- "form_questions_filled": 0,
- "form_questions_partially_filled": 0,
- "form_response_count": 0,
- "form_response_count_ignore_visibility": 0,
- "form_responses_filled": 0,
- "form_score": 0,
- "form_score_visible": true,
- "form_total": 0,
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "accepted_date": "2021-07-22T21:16:29Z",
- "can_view_data": true,
- "code": "string",
- "due_date": "2021-07-22T21:16:29Z",
- "form_id": "string",
- "form_name": "string",
- "form_roles": [
- "OWNER"
], - "history_count": 0,
- "id": "string",
- "is_internal": false,
- "message": "string",
- "revision_count": 1,
- "risk_note": "string",
- "standard": {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "code": "ISO_27001_2013",
- "definition_id": "string",
- "description": "The CIS Critical Security Controls for Effective Cyber Defense",
- "has_conditions": true,
- "has_custom_scoring": true,
- "id": "string",
- "is_duplicable": true,
- "is_unpublishable": true,
- "last_sent_at": "2021-07-22T21:16:29Z",
- "logo": "ISO",
- "name": "ISO 27001",
- "owner_id": "string",
- "preview_form_id": "string",
- "show_on_hp": true,
- "status": "CUSTOM",
- "version": "3.0.1 Lite",
- "year": "2013"
}, - "status": "ACCEPTED",
- "status_before_archived": "ACCEPTED",
- "target_opened_at": "2021-07-22T21:16:29Z",
- "was_scheduled": true,
- "is_vendor": true,
- "is_vrm": true,
- "source": {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "domain": "example.com",
- "grade": "A",
- "id": "string",
- "industry": "entertainment",
- "internal_status": "DELETED",
- "last30day_score_change": -12,
- "name": "string",
- "requests_email": "john@example.com",
- "score": 77,
- "size": "unknown"
}, - "source_team": {
- "company_id": "string",
- "id": "string",
- "name": "string",
- "platform_id": "string",
- "user_emails": [ ]
}, - "source_user": {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "company_id": "string",
- "display_name": "string",
- "domain": "string",
- "email": "string",
- "first_name": "string",
- "full_name": "string",
- "id": "string",
- "is_active": true,
- "last_name": "string"
}, - "target": {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "domain": "example.com",
- "grade": "A",
- "id": "string",
- "industry": "entertainment",
- "internal_status": "DELETED",
- "last30day_score_change": -12,
- "name": "string",
- "requests_email": "john@example.com",
- "score": 77,
- "size": "unknown"
}, - "target_team": {
- "company_id": "string",
- "id": "string",
- "name": "string",
- "platform_id": "string",
- "user_emails": [ ]
}, - "target_user": {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "company_id": "string",
- "display_name": "string",
- "domain": "string",
- "email": "string",
- "first_name": "string",
- "full_name": "string",
- "id": "string",
- "is_active": true,
- "last_name": "string"
}, - "vrm_view_status": "VENDOR_APPROVED"
}, - "request_id": "string",
- "response_count": 0,
- "response_count_ignore_visibility": 0,
- "responses_filled": 0,
- "score": 100,
- "score_limit": 651,
- "score_raw": 421,
- "score_visible": true,
- "standard": {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "code": "ISO_27001_2013",
- "definition_id": "string",
- "description": "The CIS Critical Security Controls for Effective Cyber Defense",
- "has_conditions": true,
- "has_custom_scoring": true,
- "id": "string",
- "is_duplicable": true,
- "is_unpublishable": true,
- "last_sent_at": "2021-07-22T21:16:29Z",
- "logo": "ISO",
- "name": "ISO 27001",
- "owner_id": "string",
- "preview_form_id": "string",
- "show_on_hp": true,
- "status": "CUSTOM",
- "version": "3.0.1 Lite",
- "year": "2013"
}, - "with_attachment_count": 0,
- "with_comment_count": 0,
- "with_na_count": 0,
- "with_no_count": 0,
- "with_required_count": 0,
- "with_required_filled_count": 0,
- "with_ssc_issue_count": 0,
- "with_vrm_review_status_done_count": 0,
- "with_vrm_review_status_flagged_count": 0,
- "with_vrm_review_status_pending_count": 0,
- "with_yes_count": 0
}, - "parsed_form_id": "string",
- "parsing_stats": {
- "filling_id": "string",
- "original_name": "My ISO 270001 answers.csv",
- "question_count": 0,
- "questions_completely_filled": 0,
- "questions_filled": 0,
- "questions_partially_filled": 0,
- "response_count": 0,
- "responses_filled": 0
}, - "result_form_id": "string",
- "status": 0,
- "updated_questions_ids": [
- "string"
], - "user_id": "string"
}
], - "questions_filtered_count": 0,
- "share": {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "code": "string",
- "expiration_date": "2021-07-22T21:16:29Z",
- "form_id": "string",
- "id": "string",
- "owner_id": "string",
- "shared_by_id": "string",
- "status": 0,
- "owner": {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "domain": "example.com",
- "grade": "A",
- "id": "string",
- "industry": "entertainment",
- "internal_status": "DELETED",
- "last30day_score_change": -12,
- "name": "string",
- "requests_email": "john@example.com",
- "score": 77,
- "size": "unknown"
}, - "shared_by": {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "company_id": "string",
- "display_name": "string",
- "domain": "string",
- "email": "string",
- "first_name": "string",
- "full_name": "string",
- "id": "string",
- "is_active": true,
- "last_name": "string"
}, - "target_users": [
- {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "company_id": "string",
- "display_name": "string",
- "domain": "string",
- "email": "string",
- "first_name": "string",
- "full_name": "string",
- "id": "string",
- "is_active": true,
- "last_name": "string"
}
]
}
}
}
URL parameters:
form_id required | string |
Zip file
User is not authorized.
Form doesn't exist or user doesn't have access to it.
form_id required | string |
CSV file
User is not authorized.
Form doesn't exist or user doesn't have access to it.
Path parameters:
form_id required | string |
assignee_id | string Filter by assignee |
blocks | Array of strings Default: ["attachments"] Items Enum: "attachments" "comments" "ssc_data" "history" List of blocks to return, possible values:
|
category | string Filter by category |
filters | Array of strings Default: [] Items Enum: "yes" "no" "na" "attachments" "attachments_new" "comments" "comments_new" "required" "filled" "completely_filled" "partially_filled" "not_filled" "ssc_data" "ssc_data_new" "vrm_review_pending" "vrm_review_flagged" "vrm_review_done" "unassigned" "responses" "responses_new" "autocomplete_done" "autocomplete_suggestions_available" Comma-separated list of filters, possible values:
|
ids | Array of strings Default: [] List of specific questions to return |
limit | integer >= 1 Default: 50 Max number of questions to return |
offset | integer >= 0 Default: 0 Number of questions to skip |
Success
entries required | Array of objects (QuestionMetadata) |
msg required | string Message related to response |
User is not authorized.
Form doesn't exist or user doesn't have access to it.
{- "msg": "string",
- "entries": [
- {
- "blocks_data": {
- "attachments": { },
- "comments": { },
- "history": { },
- "ssc_data": { }
}, - "blocks_meta": {
- "attachments": {
- "new_count": 0,
- "other_count": 0,
- "total_count": 0
}, - "comments": {
- "new_count": 0,
- "other_count": 0,
- "total_count": 0
}, - "history": {
- "new_count": 0,
- "other_count": 0,
- "total_count": 0
}, - "ssc_data": {
- "new_count": 0,
- "other_count": 0,
- "total_count": 0
}
}, - "question": {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "attachment_count": 0,
- "attachment_modifiable": true,
- "attachments": [
- {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "file_size": 0,
- "id": "string",
- "name": "Catalog of Cat Haircuts - Feb 2050.pdf",
- "owner_id": "string"
}
], - "category": "string",
- "code": "A.9.2",
- "comment_count": 0,
- "delegations": [
- {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "assignee": {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "company_id": "string",
- "display_name": "string",
- "domain": "string",
- "email": "string",
- "first_name": "string",
- "full_name": "string",
- "id": "string",
- "is_active": true,
- "last_name": "string"
}, - "assignee_id": "string",
- "assignor": {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "company_id": "string",
- "display_name": "string",
- "domain": "string",
- "email": "string",
- "first_name": "string",
- "full_name": "string",
- "id": "string",
- "is_active": true,
- "last_name": "string"
}, - "assignor_id": "string",
- "id": "string",
- "owner_id": "string",
- "question_id": "string"
}
], - "form_id": "string",
- "has_attachment": true,
- "has_comment": true,
- "has_na": true,
- "has_no": true,
- "has_required": true,
- "has_required_filled": true,
- "has_yes": true,
- "id": "string",
- "is_visible": true,
- "owner_id": "string",
- "pos": 0,
- "question": "string",
- "response_count": 0,
- "responses": [
- {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "attachments": [
- {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "file_size": 0,
- "id": "string",
- "name": "Catalog of Cat Haircuts - Feb 2050.pdf",
- "owner_id": "string"
}
], - "definition": {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "hash": "string",
- "id": "string",
- "label": "string",
- "options": [
- "string"
], - "placeholder": "string",
- "response_type": "EVIDENCE"
}, - "id": "string",
- "is_filled": true,
- "is_required": true,
- "mapping_history": {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "action": "CLEAR_AFTER_COPY",
- "company_id": "string",
- "data": { },
- "id": "string",
- "message": "string",
- "response_id": "string",
- "score": 0,
- "user_id": "string",
- "value": "string"
}, - "pos": 0,
- "value": "string"
}
], - "responses_filled": 0,
- "review_instructions": "string",
- "seen_info": { },
- "vrm_review_status": "DONE"
}
}
]
}
company_id | Array of strings Default: [] Return only requests sent OR received by the given company (or by any of given companies) |
form_roles | Array of strings Default: [] Items Enum: "VENDOR" "VENDOR_PROXY" "VRM" "VRM_PROXY" Return only requests such that the logged user has one of the specified form roles toward them |
limit | integer Limit the number of returned results |
only_external | boolean Default: false |
only_internal | boolean Default: false |
sent_time_from | string <date-time> Return only requests sent after given time/date (inclusive) |
sent_time_to | string <date-time> Return only requests sent before given time/date (inclusive) |
source_id | Array of strings Default: [] Return only requests sent by the given company (or by any of given companies) |
source_team_ids | Array of strings Default: [] Return requests that are sent by the given teams |
source_user_email | Array of strings Default: [] Return only requests sent by the user with given email (or by any of given users) |
standard_id | Array of strings Default: [] Return only requests with any of given standards |
status | Array of strings Default: [] Items Enum: "CREATED" "VENDOR_IN_PROGRESS" "VRM_IN_PROGRESS" "ACCEPTED" "CANCELED" "ARCHIVED" "UNARCHIVED" Return only requests with any of given statuses |
target_id | Array of strings Default: [] Return only requests received by the given company (or by any of given companies) |
target_team_ids | Array of strings Default: [] Return requests that are sent to the given teams |
target_user_email | Array of strings Default: [] Return only requests received by the user with given email (or by any of given users) |
user_email | Array of strings Default: [] Return only requests sent OR received by the user with given email (or by any of given users) |
with_revisions | integer Default: "" Return requests by number of reviews |
Success
entries required | Array of objects (RequestDetail) |
meta required | object (RequestFiltersStatsMeta) |
msg required | string Message related to response |
User is not authorized.
Request doesn't exist or user doesn't have access to it.
{- "msg": "string",
- "entries": [
- {
- "completion_days": 0,
- "form_filled": 0,
- "form_percentage_filled": 0,
- "form_question_count": 0,
- "form_question_count_ignore_visibility": 0,
- "form_questions_completely_filled": 0,
- "form_questions_filled": 0,
- "form_questions_partially_filled": 0,
- "form_response_count": 0,
- "form_response_count_ignore_visibility": 0,
- "form_responses_filled": 0,
- "form_score": 0,
- "form_score_visible": true,
- "form_total": 0,
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "accepted_date": "2021-07-22T21:16:29Z",
- "can_view_data": true,
- "code": "string",
- "due_date": "2021-07-22T21:16:29Z",
- "form_id": "string",
- "form_name": "string",
- "form_roles": [
- "OWNER"
], - "history_count": 0,
- "id": "string",
- "is_internal": false,
- "message": "string",
- "revision_count": 1,
- "risk_note": "string",
- "standard": {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "code": "ISO_27001_2013",
- "definition_id": "string",
- "description": "The CIS Critical Security Controls for Effective Cyber Defense",
- "has_conditions": true,
- "has_custom_scoring": true,
- "id": "string",
- "is_duplicable": true,
- "is_unpublishable": true,
- "last_sent_at": "2021-07-22T21:16:29Z",
- "logo": "ISO",
- "name": "ISO 27001",
- "owner_id": "string",
- "preview_form_id": "string",
- "show_on_hp": true,
- "status": "CUSTOM",
- "version": "3.0.1 Lite",
- "year": "2013"
}, - "status": "ACCEPTED",
- "status_before_archived": "ACCEPTED",
- "target_opened_at": "2021-07-22T21:16:29Z",
- "was_scheduled": true,
- "is_vendor": true,
- "is_vrm": true,
- "source": {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "domain": "example.com",
- "grade": "A",
- "id": "string",
- "industry": "entertainment",
- "internal_status": "DELETED",
- "last30day_score_change": -12,
- "name": "string",
- "requests_email": "john@example.com",
- "score": 77,
- "size": "unknown"
}, - "source_team": {
- "company_id": "string",
- "id": "string",
- "name": "string",
- "platform_id": "string",
- "user_emails": [ ]
}, - "source_user": {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "company_id": "string",
- "display_name": "string",
- "domain": "string",
- "email": "string",
- "first_name": "string",
- "full_name": "string",
- "id": "string",
- "is_active": true,
- "last_name": "string"
}, - "target": {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "domain": "example.com",
- "grade": "A",
- "id": "string",
- "industry": "entertainment",
- "internal_status": "DELETED",
- "last30day_score_change": -12,
- "name": "string",
- "requests_email": "john@example.com",
- "score": 77,
- "size": "unknown"
}, - "target_team": {
- "company_id": "string",
- "id": "string",
- "name": "string",
- "platform_id": "string",
- "user_emails": [ ]
}, - "target_user": {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "company_id": "string",
- "display_name": "string",
- "domain": "string",
- "email": "string",
- "first_name": "string",
- "full_name": "string",
- "id": "string",
- "is_active": true,
- "last_name": "string"
}, - "vrm_view_status": "VENDOR_APPROVED",
- "form_updated_at": "2021-07-22T21:16:29Z",
- "has_new_attachments": false,
- "has_new_comments": false,
- "has_new_history": false,
- "has_new_ssc_data": false,
- "is_unread": false,
- "standard_name": "string"
}
], - "meta": {
- "request_filters_stats": {
- "company_id": [
- {
- "count": 0,
- "name": "string",
- "values": [
- "string"
]
}
], - "description": {
- "html": "string",
- "plain": "string"
}, - "source_id": [
- {
- "count": 0,
- "name": "string",
- "values": [
- "string"
]
}
], - "source_user_email": [
- {
- "count": 0,
- "name": "string",
- "values": [
- "string"
]
}
], - "standard_id": [
- {
- "count": 0,
- "name": "string",
- "values": [
- "string"
]
}
], - "status": [
- {
- "count": 0,
- "name": "string",
- "values": [
- "string"
]
}
], - "target_id": [
- {
- "count": 0,
- "name": "string",
- "values": [
- "string"
]
}
], - "target_user_email": [
- {
- "count": 0,
- "name": "string",
- "values": [
- "string"
]
}
], - "user_email": [
- {
- "count": 0,
- "name": "string",
- "values": [
- "string"
]
}
]
}
}
}
due_date | string <date-time> Due date for filling the form. Omit to send questionnaire without a due date |
email_body | string Default: "" Text of the email sent to the vendor |
notify | boolean Default: true Set to true if recepients specified in |
reminder | integer How many days before due date should the user be notified |
source_team | string Source team UUID of the actual sender. This field is optional when a user who is not a part of any team, sends a questionnaire to another user/company. |
standard_ids required | Array of strings List of IDs of standards that should be sent to the vendor for filling |
targets required | Array of strings List of recepients of the standards. Recepient can be either a company specified as a domain (e.g. "example.com") or a specific user from the company (e.g. "john.doe@example.com"). Limitation: In order to keep the sevice accessible for everyone, the total recipients should not exceed 30 per request. |
Success
entries required | Array of objects (RequestDetail) |
meta required | object (CreditsChangeSummaryMeta) |
msg required | string Message related to response |
User is not authorized.
Request doesn't exist or user doesn't have access to it.
{- "due_date": "2020-06-08T22:00:00.000Z",
- "email_body": "Hi! Message to recipient",
- "notify": true,
- "reminder": 0,
- "source_team": "string",
- "standard_ids": [
- "string"
], - "targets": [
- "string"
]
}
{- "msg": "string",
- "entries": [
- {
- "completion_days": 0,
- "form_filled": 0,
- "form_percentage_filled": 0,
- "form_question_count": 0,
- "form_question_count_ignore_visibility": 0,
- "form_questions_completely_filled": 0,
- "form_questions_filled": 0,
- "form_questions_partially_filled": 0,
- "form_response_count": 0,
- "form_response_count_ignore_visibility": 0,
- "form_responses_filled": 0,
- "form_score": 0,
- "form_score_visible": true,
- "form_total": 0,
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "accepted_date": "2021-07-22T21:16:29Z",
- "can_view_data": true,
- "code": "string",
- "due_date": "2021-07-22T21:16:29Z",
- "form_id": "string",
- "form_name": "string",
- "form_roles": [
- "OWNER"
], - "history_count": 0,
- "id": "string",
- "is_internal": false,
- "message": "string",
- "revision_count": 1,
- "risk_note": "string",
- "standard": {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "code": "ISO_27001_2013",
- "definition_id": "string",
- "description": "The CIS Critical Security Controls for Effective Cyber Defense",
- "has_conditions": true,
- "has_custom_scoring": true,
- "id": "string",
- "is_duplicable": true,
- "is_unpublishable": true,
- "last_sent_at": "2021-07-22T21:16:29Z",
- "logo": "ISO",
- "name": "ISO 27001",
- "owner_id": "string",
- "preview_form_id": "string",
- "show_on_hp": true,
- "status": "CUSTOM",
- "version": "3.0.1 Lite",
- "year": "2013"
}, - "status": "ACCEPTED",
- "status_before_archived": "ACCEPTED",
- "target_opened_at": "2021-07-22T21:16:29Z",
- "was_scheduled": true,
- "is_vendor": true,
- "is_vrm": true,
- "source": {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "domain": "example.com",
- "grade": "A",
- "id": "string",
- "industry": "entertainment",
- "internal_status": "DELETED",
- "last30day_score_change": -12,
- "name": "string",
- "requests_email": "john@example.com",
- "score": 77,
- "size": "unknown"
}, - "source_team": {
- "company_id": "string",
- "id": "string",
- "name": "string",
- "platform_id": "string",
- "user_emails": [ ]
}, - "source_user": {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "company_id": "string",
- "display_name": "string",
- "domain": "string",
- "email": "string",
- "first_name": "string",
- "full_name": "string",
- "id": "string",
- "is_active": true,
- "last_name": "string"
}, - "target": {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "domain": "example.com",
- "grade": "A",
- "id": "string",
- "industry": "entertainment",
- "internal_status": "DELETED",
- "last30day_score_change": -12,
- "name": "string",
- "requests_email": "john@example.com",
- "score": 77,
- "size": "unknown"
}, - "target_team": {
- "company_id": "string",
- "id": "string",
- "name": "string",
- "platform_id": "string",
- "user_emails": [ ]
}, - "target_user": {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "company_id": "string",
- "display_name": "string",
- "domain": "string",
- "email": "string",
- "first_name": "string",
- "full_name": "string",
- "id": "string",
- "is_active": true,
- "last_name": "string"
}, - "vrm_view_status": "VENDOR_APPROVED",
- "form_updated_at": "2021-07-22T21:16:29Z",
- "has_new_attachments": false,
- "has_new_comments": false,
- "has_new_history": false,
- "has_new_ssc_data": false,
- "is_unread": false,
- "standard_name": "string"
}
], - "meta": {
- "credits_change_summary": {
- "balance_diff": 0,
- "balance_now": 0,
- "cause": "ADDED_INITIAL"
}
}
}
due_date | string <date-time> Due date for filling the form. Omit to send questionnaire without a due date |
email_body | string Default: "" Text of the email sent to the vendor |
notify | boolean Default: true Set to true if recepients specified in |
reminder | integer How many days before due date should the user be notified |
source_team required | string Source team UUID of the actual sender. The request sender must belong to this team, to be able to send an internal request. |
standard_ids required | Array of strings List of IDs of standards that should be sent to the vendor for filling |
target_teams required | Array of strings List of recepient teams UUID of the standards. All recepient teams must belong to the same company of the sender. Limitation: In order to keep the sevice accessible for everyone, the total recipients in all target teams should not exceed 30. Note: If you need to send an email for more than 30 recipients, please use the POSTrequest/ API with 30 emails per request. Note: Currently, for the feature to perform as intended, all the users must visit ATLAS at least once before using this API endpoint. |
Success
entries required | Array of objects (RequestDetail) |
meta required | object (CreditsChangeSummaryMeta) |
msg required | string Message related to response |
User is not authorized.
Request doesn't exist or user doesn't have access to it.
{- "due_date": "2020-06-08T22:00:00.000Z",
- "email_body": "Hi! Message to recipient",
- "notify": true,
- "reminder": 0,
- "source_team": "string",
- "standard_ids": [
- "string"
], - "target_teams": [
- "string"
]
}
{- "msg": "string",
- "entries": [
- {
- "completion_days": 0,
- "form_filled": 0,
- "form_percentage_filled": 0,
- "form_question_count": 0,
- "form_question_count_ignore_visibility": 0,
- "form_questions_completely_filled": 0,
- "form_questions_filled": 0,
- "form_questions_partially_filled": 0,
- "form_response_count": 0,
- "form_response_count_ignore_visibility": 0,
- "form_responses_filled": 0,
- "form_score": 0,
- "form_score_visible": true,
- "form_total": 0,
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "accepted_date": "2021-07-22T21:16:29Z",
- "can_view_data": true,
- "code": "string",
- "due_date": "2021-07-22T21:16:29Z",
- "form_id": "string",
- "form_name": "string",
- "form_roles": [
- "OWNER"
], - "history_count": 0,
- "id": "string",
- "is_internal": false,
- "message": "string",
- "revision_count": 1,
- "risk_note": "string",
- "standard": {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "code": "ISO_27001_2013",
- "definition_id": "string",
- "description": "The CIS Critical Security Controls for Effective Cyber Defense",
- "has_conditions": true,
- "has_custom_scoring": true,
- "id": "string",
- "is_duplicable": true,
- "is_unpublishable": true,
- "last_sent_at": "2021-07-22T21:16:29Z",
- "logo": "ISO",
- "name": "ISO 27001",
- "owner_id": "string",
- "preview_form_id": "string",
- "show_on_hp": true,
- "status": "CUSTOM",
- "version": "3.0.1 Lite",
- "year": "2013"
}, - "status": "ACCEPTED",
- "status_before_archived": "ACCEPTED",
- "target_opened_at": "2021-07-22T21:16:29Z",
- "was_scheduled": true,
- "is_vendor": true,
- "is_vrm": true,
- "source": {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "domain": "example.com",
- "grade": "A",
- "id": "string",
- "industry": "entertainment",
- "internal_status": "DELETED",
- "last30day_score_change": -12,
- "name": "string",
- "requests_email": "john@example.com",
- "score": 77,
- "size": "unknown"
}, - "source_team": {
- "company_id": "string",
- "id": "string",
- "name": "string",
- "platform_id": "string",
- "user_emails": [ ]
}, - "source_user": {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "company_id": "string",
- "display_name": "string",
- "domain": "string",
- "email": "string",
- "first_name": "string",
- "full_name": "string",
- "id": "string",
- "is_active": true,
- "last_name": "string"
}, - "target": {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "domain": "example.com",
- "grade": "A",
- "id": "string",
- "industry": "entertainment",
- "internal_status": "DELETED",
- "last30day_score_change": -12,
- "name": "string",
- "requests_email": "john@example.com",
- "score": 77,
- "size": "unknown"
}, - "target_team": {
- "company_id": "string",
- "id": "string",
- "name": "string",
- "platform_id": "string",
- "user_emails": [ ]
}, - "target_user": {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "company_id": "string",
- "display_name": "string",
- "domain": "string",
- "email": "string",
- "first_name": "string",
- "full_name": "string",
- "id": "string",
- "is_active": true,
- "last_name": "string"
}, - "vrm_view_status": "VENDOR_APPROVED",
- "form_updated_at": "2021-07-22T21:16:29Z",
- "has_new_attachments": false,
- "has_new_comments": false,
- "has_new_history": false,
- "has_new_ssc_data": false,
- "is_unread": false,
- "standard_name": "string"
}
], - "meta": {
- "credits_change_summary": {
- "balance_diff": 0,
- "balance_now": 0,
- "cause": "ADDED_INITIAL"
}
}
}
request_id required | string |
Success
entry required | object (RequestDetail) |
msg required | string Message related to response |
User is not authorized.
Request doesn't exist or user doesn't have access to it.
Request is already deleted.
{- "msg": "string",
- "entry": {
- "completion_days": 0,
- "form_filled": 0,
- "form_percentage_filled": 0,
- "form_question_count": 0,
- "form_question_count_ignore_visibility": 0,
- "form_questions_completely_filled": 0,
- "form_questions_filled": 0,
- "form_questions_partially_filled": 0,
- "form_response_count": 0,
- "form_response_count_ignore_visibility": 0,
- "form_responses_filled": 0,
- "form_score": 0,
- "form_score_visible": true,
- "form_total": 0,
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "accepted_date": "2021-07-22T21:16:29Z",
- "can_view_data": true,
- "code": "string",
- "due_date": "2021-07-22T21:16:29Z",
- "form_id": "string",
- "form_name": "string",
- "form_roles": [
- "OWNER"
], - "history_count": 0,
- "id": "string",
- "is_internal": false,
- "message": "string",
- "revision_count": 1,
- "risk_note": "string",
- "standard": {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "code": "ISO_27001_2013",
- "definition_id": "string",
- "description": "The CIS Critical Security Controls for Effective Cyber Defense",
- "has_conditions": true,
- "has_custom_scoring": true,
- "id": "string",
- "is_duplicable": true,
- "is_unpublishable": true,
- "last_sent_at": "2021-07-22T21:16:29Z",
- "logo": "ISO",
- "name": "ISO 27001",
- "owner_id": "string",
- "preview_form_id": "string",
- "show_on_hp": true,
- "status": "CUSTOM",
- "version": "3.0.1 Lite",
- "year": "2013"
}, - "status": "ACCEPTED",
- "status_before_archived": "ACCEPTED",
- "target_opened_at": "2021-07-22T21:16:29Z",
- "was_scheduled": true,
- "is_vendor": true,
- "is_vrm": true,
- "source": {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "domain": "example.com",
- "grade": "A",
- "id": "string",
- "industry": "entertainment",
- "internal_status": "DELETED",
- "last30day_score_change": -12,
- "name": "string",
- "requests_email": "john@example.com",
- "score": 77,
- "size": "unknown"
}, - "source_team": {
- "company_id": "string",
- "id": "string",
- "name": "string",
- "platform_id": "string",
- "user_emails": [ ]
}, - "source_user": {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "company_id": "string",
- "display_name": "string",
- "domain": "string",
- "email": "string",
- "first_name": "string",
- "full_name": "string",
- "id": "string",
- "is_active": true,
- "last_name": "string"
}, - "target": {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "domain": "example.com",
- "grade": "A",
- "id": "string",
- "industry": "entertainment",
- "internal_status": "DELETED",
- "last30day_score_change": -12,
- "name": "string",
- "requests_email": "john@example.com",
- "score": 77,
- "size": "unknown"
}, - "target_team": {
- "company_id": "string",
- "id": "string",
- "name": "string",
- "platform_id": "string",
- "user_emails": [ ]
}, - "target_user": {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "company_id": "string",
- "display_name": "string",
- "domain": "string",
- "email": "string",
- "first_name": "string",
- "full_name": "string",
- "id": "string",
- "is_active": true,
- "last_name": "string"
}, - "vrm_view_status": "VENDOR_APPROVED",
- "form_updated_at": "2021-07-22T21:16:29Z",
- "has_new_attachments": false,
- "has_new_comments": false,
- "has_new_history": false,
- "has_new_ssc_data": false,
- "is_unread": false,
- "standard_name": "string"
}
}
When the response to GET /users/current/info
states that the user is not fully
initialized (as indicated by field user.internal_status
having value of MERGING
), the
subsequent results from other endpoints may be incomplete (namely GET /forms/{form_id}
,
...) until user initialization is finished.
It is advised to periodically re-check user status, until user.internal_status
is
NORMAL
, before querying any other data. The expected time before user initialization
finishes depends on number of form filling requests received by the user - from seconds to
minutes (in extreme cases).
include_credit_history | boolean Default: false |
Success
entry required | object (UserInfo) |
msg required | string Message related to response |
User is not authorized.
User doesn't exist or user doesn't have access to it.
{- "msg": "string",
- "entry": {
- "credits": {
- "active_list": [
- {
- "expires_at": "2021-07-22T21:16:29Z",
- "is_expired": true,
- "remaining": 0
}
], - "charging_history": [
- {
- "amount": 0,
- "created_at": "2021-07-22T21:16:29Z",
- "expires_at": "2021-07-22T21:16:29Z",
- "is_expired": true
}
], - "summary": {
- "expired": 0,
- "expiring": 0,
- "fresh": 0,
- "remaining": 0,
- "total": 0,
- "used": 0
}
}, - "ld_toggles": { },
- "settings": { },
- "stats": {
- "filling_stats": {
- "question_count": 0,
- "questions_completely_filled": 0,
- "questions_filled": 0,
- "questions_partially_filled": 0,
- "response_count": 0,
- "responses_filled": 0
}, - "is_new_vendor": true,
- "logins": 0,
- "requests_received": 0,
- "requests_received_archived": 0,
- "requests_sent": 0,
- "requests_sent_archived": 0
}, - "toggles": { },
- "user": {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "company_id": "string",
- "display_name": "string",
- "domain": "string",
- "email": "string",
- "first_name": "string",
- "full_name": "string",
- "id": "string",
- "is_active": true,
- "last_name": "string",
- "company": {
- "created_at": "2021-07-22T21:16:29Z",
- "updated_at": "2021-07-22T21:16:29Z",
- "domain": "example.com",
- "grade": "A",
- "id": "string",
- "industry": "entertainment",
- "internal_status": "DELETED",
- "last30day_score_change": -12,
- "name": "string",
- "requests_email": "john@example.com",
- "score": 77,
- "size": "unknown"
}, - "internal_status": "DELETED",
- "roles": [
- "CUSTOMER_ADMIN"
], - "teams": [
- {
- "company_id": "string",
- "id": "string",
- "name": "string",
- "platform_id": "string",
- "user_emails": [ ]
}
]
}
}
}
Success
entry required | object (CreditsDetail) |
msg required | string Message related to response |
User is not authorized.
User doesn't exist or user doesn't have access to it.
{- "msg": "string",
- "entry": {
- "active_list": [
- {
- "expires_at": "2021-07-22T21:16:29Z",
- "is_expired": true,
- "remaining": 0
}
], - "charging_history": [
- {
- "amount": 0,
- "created_at": "2021-07-22T21:16:29Z",
- "expires_at": "2021-07-22T21:16:29Z",
- "is_expired": true
}
], - "summary": {
- "expired": 0,
- "expiring": 0,
- "fresh": 0,
- "remaining": 0,
- "total": 0,
- "used": 0
}
}
}