Vanta is a trust management platform that automates security and compliance for frameworks like SOC 2, ISO 27001, HIPAA, and GDPR. It continuously monitors your infrastructure, people, and vendors through automated tests, and centralizes the evidence auditors need.
With the Vanta integration in Sim, you can:
- Monitor compliance posture: List frameworks with control, document, and test completion counts, and drill into individual controls and their mapped tests and evidence documents.
- Triage failing tests: List automated compliance tests by status, framework, integration, or category, and pull the exact failing resource entities that need remediation.
- Manage evidence documents: List and inspect evidence documents, upload evidence files with descriptions and effective dates, download previously uploaded files, and submit document collections for auditor review.
- Track people and security tasks: List people with employment status, group membership, and outstanding security tasks (trainings, policy acceptance, background checks, device monitoring).
- Review policies and vendors: Check policy approval status and versions, and track vendors with risk levels, contract dates, and security review schedules.
- Stay on top of vulnerabilities: List vulnerabilities with severity and SLA deadline filters, review remediation history, and inspect the vulnerable assets behind each finding.
- Watch device compliance: List monitored computers with screenlock, disk encryption, password manager, and antivirus check outcomes.
- Manage risk scenarios: Query risk register scenarios with likelihood/impact scores, treatment decisions, and review status.
The integration authenticates with Vanta OAuth client credentials (created under Settings → Developer Console in Vanta) and supports both the commercial (api.vanta.com) and FedRAMP (api.vanta-gov.com) environments. Evidence uploads require credentials granted the vanta-api.documents:upload scope.
Integrate Vanta into the workflow. Monitor compliance frameworks, controls, and automated tests; find failing test entities; manage evidence documents including file upload, download, and submission; and track people, policies, vendors, monitored computers, vulnerabilities, and risk scenarios. Requires Vanta OAuth client credentials.
List the compliance frameworks (e.g., SOC 2, ISO 27001) available in a Vanta account with completion counts
| Parameter | Type | Required | Description |
|---|
clientId | string | Yes | Vanta OAuth application client ID |
clientSecret | string | Yes | Vanta OAuth application client secret |
region | string | No | Vanta API region: "us" (api.vanta.com, default) or "gov" (api.vanta-gov.com) |
pageSize | number | No | Maximum number of items per page (1-100, default 10) |
pageCursor | string | No | Pagination cursor: pass the endCursor from the previous response to fetch the next page |
| Parameter | Type | Description |
|---|
frameworks | array | Frameworks in the Vanta account |
pageInfo | json | Cursor pagination info for the returned page; pass endCursor as pageCursor to fetch the next page |
Get a Vanta compliance framework by ID, including its requirement categories and mapped controls
| Parameter | Type | Required | Description |
|---|
clientId | string | Yes | Vanta OAuth application client ID |
clientSecret | string | Yes | Vanta OAuth application client secret |
region | string | No | Vanta API region: "us" (api.vanta.com, default) or "gov" (api.vanta-gov.com) |
frameworkId | string | Yes | Unique ID of the framework (e.g., soc2) |
| Parameter | Type | Description |
|---|
framework | json | The requested framework with requirement categories |
List the controls that belong to a specific Vanta compliance framework
| Parameter | Type | Required | Description |
|---|
clientId | string | Yes | Vanta OAuth application client ID |
clientSecret | string | Yes | Vanta OAuth application client secret |
region | string | No | Vanta API region: "us" (api.vanta.com, default) or "gov" (api.vanta-gov.com) |
frameworkId | string | Yes | Unique ID of the framework (e.g., soc2) |
pageSize | number | No | Maximum number of items per page (1-100, default 10) |
pageCursor | string | No | Pagination cursor: pass the endCursor from the previous response to fetch the next page |
| Parameter | Type | Description |
|---|
controls | array | Controls belonging to the framework |
pageInfo | json | Cursor pagination info for the returned page; pass endCursor as pageCursor to fetch the next page |
List the security controls in a Vanta account, optionally filtered by framework
| Parameter | Type | Required | Description |
|---|
clientId | string | Yes | Vanta OAuth application client ID |
clientSecret | string | Yes | Vanta OAuth application client secret |
region | string | No | Vanta API region: "us" (api.vanta.com, default) or "gov" (api.vanta-gov.com) |
frameworkMatchesAny | string | No | Comma-separated framework IDs to filter controls by (e.g., soc2,iso27001) |
pageSize | number | No | Maximum number of items per page (1-100, default 10) |
pageCursor | string | No | Pagination cursor: pass the endCursor from the previous response to fetch the next page |
| Parameter | Type | Description |
|---|
controls | array | Controls matching the filters |
pageInfo | json | Cursor pagination info for the returned page; pass endCursor as pageCursor to fetch the next page |
Get a Vanta security control by ID, including its status and evidence pass/fail counts
| Parameter | Type | Required | Description |
|---|
clientId | string | Yes | Vanta OAuth application client ID |
clientSecret | string | Yes | Vanta OAuth application client secret |
region | string | No | Vanta API region: "us" (api.vanta.com, default) or "gov" (api.vanta-gov.com) |
controlId | string | Yes | Unique ID of the control |
| Parameter | Type | Description |
|---|
control | json | The requested control with status and evidence counts |
List the automated tests mapped to a specific Vanta control
| Parameter | Type | Required | Description |
|---|
clientId | string | Yes | Vanta OAuth application client ID |
clientSecret | string | Yes | Vanta OAuth application client secret |
region | string | No | Vanta API region: "us" (api.vanta.com, default) or "gov" (api.vanta-gov.com) |
controlId | string | Yes | Unique ID of the control |
pageSize | number | No | Maximum number of items per page (1-100, default 10) |
pageCursor | string | No | Pagination cursor: pass the endCursor from the previous response to fetch the next page |
| Parameter | Type | Description |
|---|
tests | array | Tests mapped to the control |
pageInfo | json | Cursor pagination info for the returned page; pass endCursor as pageCursor to fetch the next page |
List the evidence documents mapped to a specific Vanta control
| Parameter | Type | Required | Description |
|---|
clientId | string | Yes | Vanta OAuth application client ID |
clientSecret | string | Yes | Vanta OAuth application client secret |
region | string | No | Vanta API region: "us" (api.vanta.com, default) or "gov" (api.vanta-gov.com) |
controlId | string | Yes | Unique ID of the control |
pageSize | number | No | Maximum number of items per page (1-100, default 10) |
pageCursor | string | No | Pagination cursor: pass the endCursor from the previous response to fetch the next page |
| Parameter | Type | Description |
|---|
documents | array | Documents mapped to the control |
pageInfo | json | Cursor pagination info for the returned page; pass endCursor as pageCursor to fetch the next page |
List the automated compliance tests in a Vanta account, with filters for status, framework, integration, control, owner, and category
| Parameter | Type | Required | Description |
|---|
clientId | string | Yes | Vanta OAuth application client ID |
clientSecret | string | Yes | Vanta OAuth application client secret |
region | string | No | Vanta API region: "us" (api.vanta.com, default) or "gov" (api.vanta-gov.com) |
statusFilter | string | No | Filter by test status: OK, DEACTIVATED, NEEDS_ATTENTION, IN_PROGRESS, INVALID, or NOT_APPLICABLE |
frameworkFilter | string | No | Filter by framework ID (e.g., soc2) |
integrationFilter | string | No | Filter by integration ID (e.g., aws) |
controlFilter | string | No | Filter by control ID |
ownerFilter | string | No | Filter by owner user ID |
categoryFilter | string | No | Filter by test category (e.g., ACCOUNTS_ACCESS, COMPUTERS, INFRASTRUCTURE, POLICIES, VULNERABILITY_MANAGEMENT) |
isInRollout | boolean | No | Filter by whether the test is in rollout |
pageSize | number | No | Maximum number of items per page (1-100, default 10) |
pageCursor | string | No | Pagination cursor: pass the endCursor from the previous response to fetch the next page |
| Parameter | Type | Description |
|---|
tests | array | Tests matching the filters |
pageInfo | json | Cursor pagination info for the returned page; pass endCursor as pageCursor to fetch the next page |
Get a Vanta automated compliance test by ID, including its status and remediation info
| Parameter | Type | Required | Description |
|---|
clientId | string | Yes | Vanta OAuth application client ID |
clientSecret | string | Yes | Vanta OAuth application client secret |
region | string | No | Vanta API region: "us" (api.vanta.com, default) or "gov" (api.vanta-gov.com) |
testId | string | Yes | Unique ID of the test (e.g., test-aws-cloudtrail-enabled) |
| Parameter | Type | Description |
|---|
test | json | The requested test |
List the failing or deactivated resource entities for a specific Vanta test, useful for finding exactly which resources need remediation
| Parameter | Type | Required | Description |
|---|
clientId | string | Yes | Vanta OAuth application client ID |
clientSecret | string | Yes | Vanta OAuth application client secret |
region | string | No | Vanta API region: "us" (api.vanta.com, default) or "gov" (api.vanta-gov.com) |
testId | string | Yes | Unique ID of the test (e.g., test-aws-cloudtrail-enabled) |
entityStatus | string | No | Filter entities by status: FAILING or DEACTIVATED |
pageSize | number | No | Maximum number of items per page (1-100, default 10) |
pageCursor | string | No | Pagination cursor: pass the endCursor from the previous response to fetch the next page |
| Parameter | Type | Description |
|---|
entities | array | Resource entities for the test |
pageInfo | json | Cursor pagination info for the returned page; pass endCursor as pageCursor to fetch the next page |
List the evidence documents in a Vanta account, optionally filtered by framework or document status
| Parameter | Type | Required | Description |
|---|
clientId | string | Yes | Vanta OAuth application client ID |
clientSecret | string | Yes | Vanta OAuth application client secret |
region | string | No | Vanta API region: "us" (api.vanta.com, default) or "gov" (api.vanta-gov.com) |
frameworkMatchesAny | string | No | Comma-separated framework IDs to filter documents by (e.g., soc2,iso27001) |
statusMatchesAny | string | No | Comma-separated document statuses to filter by: "Needs document", "Needs update", "Not relevant", "OK" |
pageSize | number | No | Maximum number of items per page (1-100, default 10) |
pageCursor | string | No | Pagination cursor: pass the endCursor from the previous response to fetch the next page |
| Parameter | Type | Description |
|---|
documents | array | Documents matching the filters |
pageInfo | json | Cursor pagination info for the returned page; pass endCursor as pageCursor to fetch the next page |
Get a Vanta evidence document by ID, including its renewal schedule and deactivation status
| Parameter | Type | Required | Description |
|---|
clientId | string | Yes | Vanta OAuth application client ID |
clientSecret | string | Yes | Vanta OAuth application client secret |
region | string | No | Vanta API region: "us" (api.vanta.com, default) or "gov" (api.vanta-gov.com) |
documentId | string | Yes | Unique ID of the document |
| Parameter | Type | Description |
|---|
document | json | The requested document |
List the files uploaded to a specific Vanta evidence document
| Parameter | Type | Required | Description |
|---|
clientId | string | Yes | Vanta OAuth application client ID |
clientSecret | string | Yes | Vanta OAuth application client secret |
region | string | No | Vanta API region: "us" (api.vanta.com, default) or "gov" (api.vanta-gov.com) |
documentId | string | Yes | Unique ID of the document |
pageSize | number | No | Maximum number of items per page (1-100, default 10) |
pageCursor | string | No | Pagination cursor: pass the endCursor from the previous response to fetch the next page |
| Parameter | Type | Description |
|---|
uploads | array | Files uploaded to the document |
pageInfo | json | Cursor pagination info for the returned page; pass endCursor as pageCursor to fetch the next page |
Upload an evidence file to a Vanta document. Requires credentials with the vanta-api.documents:upload scope.
| Parameter | Type | Required | Description |
|---|
clientId | string | Yes | Vanta OAuth application client ID |
clientSecret | string | Yes | Vanta OAuth application client secret |
region | string | No | Vanta API region: "us" (api.vanta.com, default) or "gov" (api.vanta-gov.com) |
documentId | string | Yes | Unique ID of the document to attach the file to |
file | file | No | The evidence file to upload |
fileContent | string | No | Base64-encoded file content (alternative to file) |
fileName | string | No | Optional file name override |
mimeType | string | No | MIME type of the file (e.g., application/pdf); used when uploading base64 content, since uploaded files already carry their own type |
description | string | No | Description of the uploaded evidence (e.g., "Q3 access review evidence") |
effectiveAtDate | string | No | ISO 8601 date indicating when the document is effective from |
| Parameter | Type | Description |
|---|
upload | json | Metadata of the uploaded file |
Download a file previously uploaded to a Vanta evidence document and store it in execution files
| Parameter | Type | Required | Description |
|---|
clientId | string | Yes | Vanta OAuth application client ID |
clientSecret | string | Yes | Vanta OAuth application client secret |
region | string | No | Vanta API region: "us" (api.vanta.com, default) or "gov" (api.vanta-gov.com) |
documentId | string | Yes | Unique ID of the document |
uploadedFileId | string | Yes | Unique ID of the uploaded file (from List Document Uploads) |
| Parameter | Type | Description |
|---|
file | file | Downloaded file stored in execution files |
name | string | Name of the downloaded file |
mimeType | string | MIME type of the downloaded file |
size | number | Size of the downloaded file in bytes |
Submit a Vanta document collection for review so uploaded evidence becomes visible to auditors. Requires credentials with write access.
| Parameter | Type | Required | Description |
|---|
clientId | string | Yes | Vanta OAuth application client ID |
clientSecret | string | Yes | Vanta OAuth application client secret |
region | string | No | Vanta API region: "us" (api.vanta.com, default) or "gov" (api.vanta-gov.com) |
documentId | string | Yes | Unique ID of the document to submit |
| Parameter | Type | Description |
|---|
documentId | string | ID of the submitted document |
submitted | boolean | Whether the document collection was submitted |
List the people tracked in a Vanta account with employment status, group membership, and security task completion
| Parameter | Type | Required | Description |
|---|
clientId | string | Yes | Vanta OAuth application client ID |
clientSecret | string | Yes | Vanta OAuth application client secret |
region | string | No | Vanta API region: "us" (api.vanta.com, default) or "gov" (api.vanta-gov.com) |
emailAndNameFilter | string | No | Filter people by email address or name |
employmentStatus | string | No | Filter by employment status: UPCOMING, CURRENT, ON_LEAVE, INACTIVE, or FORMER |
groupIdsMatchesAny | string | No | Comma-separated group IDs to filter people by |
tasksSummaryStatusMatchesAny | string | No | Comma-separated task summary statuses to filter by: NONE, DUE_SOON, OVERDUE, COMPLETE, PAUSED, OFFBOARDING_DUE_SOON, OFFBOARDING_OVERDUE, OFFBOARDING_COMPLETE |
taskTypeMatchesAny | string | No | Comma-separated task types to filter by: COMPLETE_TRAININGS, ACCEPT_POLICIES, COMPLETE_CUSTOM_TASKS, COMPLETE_CUSTOM_OFFBOARDING_TASKS, INSTALL_DEVICE_MONITORING, COMPLETE_BACKGROUND_CHECKS |
taskStatusMatchesAny | string | No | Comma-separated task statuses to filter by: COMPLETE, DUE_SOON, OVERDUE, NONE |
pageSize | number | No | Maximum number of items per page (1-100, default 10) |
pageCursor | string | No | Pagination cursor: pass the endCursor from the previous response to fetch the next page |
| Parameter | Type | Description |
|---|
people | array | People matching the filters |
pageInfo | json | Cursor pagination info for the returned page; pass endCursor as pageCursor to fetch the next page |
Get a person tracked in Vanta by ID, including employment, leave, and security task status
| Parameter | Type | Required | Description |
|---|
clientId | string | Yes | Vanta OAuth application client ID |
clientSecret | string | Yes | Vanta OAuth application client secret |
region | string | No | Vanta API region: "us" (api.vanta.com, default) or "gov" (api.vanta-gov.com) |
personId | string | Yes | Unique ID of the person |
| Parameter | Type | Description |
|---|
person | json | The requested person |
List the security policies in a Vanta account with approval status and version info
| Parameter | Type | Required | Description |
|---|
clientId | string | Yes | Vanta OAuth application client ID |
clientSecret | string | Yes | Vanta OAuth application client secret |
region | string | No | Vanta API region: "us" (api.vanta.com, default) or "gov" (api.vanta-gov.com) |
pageSize | number | No | Maximum number of items per page (1-100, default 10) |
pageCursor | string | No | Pagination cursor: pass the endCursor from the previous response to fetch the next page |
| Parameter | Type | Description |
|---|
policies | array | Policies in the Vanta account |
pageInfo | json | Cursor pagination info for the returned page; pass endCursor as pageCursor to fetch the next page |
Get a Vanta security policy by ID, including its approval status and latest approved version documents
| Parameter | Type | Required | Description |
|---|
clientId | string | Yes | Vanta OAuth application client ID |
clientSecret | string | Yes | Vanta OAuth application client secret |
region | string | No | Vanta API region: "us" (api.vanta.com, default) or "gov" (api.vanta-gov.com) |
policyId | string | Yes | Unique ID of the policy |
| Parameter | Type | Description |
|---|
policy | json | The requested policy |
List the vendors tracked in a Vanta account with risk levels, contract dates, and security review schedules
| Parameter | Type | Required | Description |
|---|
clientId | string | Yes | Vanta OAuth application client ID |
clientSecret | string | Yes | Vanta OAuth application client secret |
region | string | No | Vanta API region: "us" (api.vanta.com, default) or "gov" (api.vanta-gov.com) |
name | string | No | Filter vendors by name |
statusMatchesAny | string | No | Comma-separated vendor statuses to filter by: MANAGED, ARCHIVED, IN_PROCUREMENT |
pageSize | number | No | Maximum number of items per page (1-100, default 10) |
pageCursor | string | No | Pagination cursor: pass the endCursor from the previous response to fetch the next page |
| Parameter | Type | Description |
|---|
vendors | array | Vendors matching the filters |
pageInfo | json | Cursor pagination info for the returned page; pass endCursor as pageCursor to fetch the next page |
Get a Vanta vendor by ID, including risk levels, contract details, and authentication info
| Parameter | Type | Required | Description |
|---|
clientId | string | Yes | Vanta OAuth application client ID |
clientSecret | string | Yes | Vanta OAuth application client secret |
region | string | No | Vanta API region: "us" (api.vanta.com, default) or "gov" (api.vanta-gov.com) |
vendorId | string | Yes | Unique ID of the vendor |
| Parameter | Type | Description |
|---|
vendor | json | The requested vendor |
List the monitored computers in a Vanta account with screenlock, disk encryption, password manager, and antivirus check outcomes
| Parameter | Type | Required | Description |
|---|
clientId | string | Yes | Vanta OAuth application client ID |
clientSecret | string | Yes | Vanta OAuth application client secret |
region | string | No | Vanta API region: "us" (api.vanta.com, default) or "gov" (api.vanta-gov.com) |
complianceStatusFilterMatchesAny | string | No | Comma-separated compliance issues to filter by: PWM_NOT_INSTALLED, HD_NOT_ENCRYPTED, AV_NOT_INSTALLED, SCREENLOCK_NOT_CONFIGURED, LAST_CHECK_OVER_14_DAYS |
pageSize | number | No | Maximum number of items per page (1-100, default 10) |
pageCursor | string | No | Pagination cursor: pass the endCursor from the previous response to fetch the next page |
| Parameter | Type | Description |
|---|
computers | array | Monitored computers matching the filters |
pageInfo | json | Cursor pagination info for the returned page; pass endCursor as pageCursor to fetch the next page |
List the vulnerabilities detected across a Vanta account with filters for severity, fixability, SLA deadlines, package, and integration
| Parameter | Type | Required | Description |
|---|
clientId | string | Yes | Vanta OAuth application client ID |
clientSecret | string | Yes | Vanta OAuth application client secret |
region | string | No | Vanta API region: "us" (api.vanta.com, default) or "gov" (api.vanta-gov.com) |
q | string | No | Search query for vulnerabilities |
severity | string | No | Filter by severity: LOW, MEDIUM, HIGH, or CRITICAL |
isFixAvailable | boolean | No | Filter by whether a fix is available |
isDeactivated | boolean | No | Filter by whether vulnerability monitoring is deactivated |
includeVulnerabilitiesWithoutSlas | boolean | No | Include vulnerabilities that have no SLA deadline |
packageIdentifier | string | No | Filter by the affected package identifier |
externalVulnerabilityId | string | No | Filter by external vulnerability ID (e.g., a CVE identifier) |
integrationId | string | No | Filter by the integration that detected the vulnerability |
vulnerableAssetId | string | No | Filter by the vulnerable asset ID |
slaDeadlineAfterDate | string | No | Only include vulnerabilities with an SLA deadline after this ISO 8601 date |
slaDeadlineBeforeDate | string | No | Only include vulnerabilities with an SLA deadline before this ISO 8601 date |
pageSize | number | No | Maximum number of items per page (1-100, default 10) |
pageCursor | string | No | Pagination cursor: pass the endCursor from the previous response to fetch the next page |
| Parameter | Type | Description |
|---|
vulnerabilities | array | Vulnerabilities matching the filters |
pageInfo | json | Cursor pagination info for the returned page; pass endCursor as pageCursor to fetch the next page |
List remediated vulnerabilities in a Vanta account with detection, SLA deadline, and remediation dates
| Parameter | Type | Required | Description |
|---|
clientId | string | Yes | Vanta OAuth application client ID |
clientSecret | string | Yes | Vanta OAuth application client secret |
region | string | No | Vanta API region: "us" (api.vanta.com, default) or "gov" (api.vanta-gov.com) |
integrationId | string | No | Filter by the integration that detected the vulnerability |
severity | string | No | Filter by severity: LOW, MEDIUM, HIGH, or CRITICAL |
isRemediatedOnTime | boolean | No | Filter by whether the vulnerability was remediated before its SLA deadline |
remediatedAfterDate | string | No | Only include remediations completed after this ISO 8601 date |
remediatedBeforeDate | string | No | Only include remediations completed before this ISO 8601 date |
pageSize | number | No | Maximum number of items per page (1-100, default 10) |
pageCursor | string | No | Pagination cursor: pass the endCursor from the previous response to fetch the next page |
| Parameter | Type | Description |
|---|
remediations | array | Vulnerability remediations matching the filters |
pageInfo | json | Cursor pagination info for the returned page; pass endCursor as pageCursor to fetch the next page |
List the assets associated with vulnerabilities in a Vanta account (servers, repositories, workstations, and more)
| Parameter | Type | Required | Description |
|---|
clientId | string | Yes | Vanta OAuth application client ID |
clientSecret | string | Yes | Vanta OAuth application client secret |
region | string | No | Vanta API region: "us" (api.vanta.com, default) or "gov" (api.vanta-gov.com) |
q | string | No | Search query for vulnerable assets |
integrationId | string | No | Filter by the integration scanning the asset |
assetType | string | No | Filter by asset type: SERVER, SERVERLESS_FUNCTION, CONTAINER, CONTAINER_REPOSITORY, CONTAINER_REPOSITORY_IMAGE, CODE_REPOSITORY, MANIFEST_FILE, WORKSTATION, or OTHER |
assetExternalAccountId | string | No | Filter by the external account ID the asset belongs to |
pageSize | number | No | Maximum number of items per page (1-100, default 10) |
pageCursor | string | No | Pagination cursor: pass the endCursor from the previous response to fetch the next page |
| Parameter | Type | Description |
|---|
assets | array | Vulnerable assets matching the filters |
pageInfo | json | Cursor pagination info for the returned page; pass endCursor as pageCursor to fetch the next page |
Get a vulnerable asset in Vanta by ID, including the scanners reporting it and per-scanner asset details
| Parameter | Type | Required | Description |
|---|
clientId | string | Yes | Vanta OAuth application client ID |
clientSecret | string | Yes | Vanta OAuth application client secret |
region | string | No | Vanta API region: "us" (api.vanta.com, default) or "gov" (api.vanta-gov.com) |
vulnerableAssetId | string | Yes | Unique ID of the vulnerable asset |
| Parameter | Type | Description |
|---|
asset | json | The requested vulnerable asset |
List the risk scenarios in a Vanta risk register with likelihood/impact scores, treatment decisions, and review status
| Parameter | Type | Required | Description |
|---|
clientId | string | Yes | Vanta OAuth application client ID |
clientSecret | string | Yes | Vanta OAuth application client secret |
region | string | No | Vanta API region: "us" (api.vanta.com, default) or "gov" (api.vanta-gov.com) |
searchString | string | No | Search string to filter risk scenarios |
includeIgnored | boolean | No | Include ignored risk scenarios |
type | string | No | Filter by scenario type: "Risk Scenario" or "Enterprise Risk" |
ownerMatchesAny | string | No | Comma-separated owner emails to filter by |
categoryMatchesAny | string | No | Comma-separated risk categories to filter by |
ciaCategoryMatchesAny | string | No | Comma-separated CIA categories to filter by: Confidentiality, Integrity, Availability |
treatmentTypeMatchesAny | string | No | Comma-separated treatments to filter by: Mitigate, Transfer, Avoid, Accept |
inherentScoreGroupMatchesAny | string | No | Comma-separated inherent score groups to filter by: "Very low", Low, Med, High, Critical |
residualScoreGroupMatchesAny | string | No | Comma-separated residual score groups to filter by: "Very low", Low, Med, High, Critical |
reviewStatusMatchesAny | string | No | Comma-separated review statuses to filter by: APPROVED, DRAFT, NOT_REVIEWED, AWAITING_SUBMISSION, PENDING_APPROVAL, REQUESTED_CHANGES |
orderBy | string | No | Field to order results by: description or createdAt |
pageSize | number | No | Maximum number of items per page (1-100, default 10) |
pageCursor | string | No | Pagination cursor: pass the endCursor from the previous response to fetch the next page |
| Parameter | Type | Description |
|---|
riskScenarios | array | Risk scenarios matching the filters |
pageInfo | json | Cursor pagination info for the returned page; pass endCursor as pageCursor to fetch the next page |
Get a Vanta risk scenario by ID, including its scores, treatment decision, and review status
| Parameter | Type | Required | Description |
|---|
clientId | string | Yes | Vanta OAuth application client ID |
clientSecret | string | Yes | Vanta OAuth application client secret |
region | string | No | Vanta API region: "us" (api.vanta.com, default) or "gov" (api.vanta-gov.com) |
riskScenarioId | string | Yes | Unique ID of the risk scenario |
| Parameter | Type | Description |
|---|
riskScenario | json | The requested risk scenario |