> ## Documentation Index
> Fetch the complete documentation index at: https://developer.vanta.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Get audit by ID

> Returns a single audit by ID, scoped to the audit firm.

To identify IRL (Information Request List) audits, check for the presence of the
`auditorRequestListMetadata` field. This field is only present for IRL-based audits
and will be `undefined` for standard audits.

Rate limit: 250 requests / minute.



## OpenAPI

````yaml https://spec.speakeasy.com/vanta/vanta/conduct-an-audit-with-code-samples get /audits/{auditId}
openapi: 3.0.0
info:
  title: Conduct an audit
  version: 1.0.0
  description: >-
    The Auditor API lets audit firms conduct audits from a tool outside of
    Vanta. Unlock data syncing with Vanta through this API.


    **Note for Vanta Gov (FedRAMP) customers:** Select `Vanta Gov (FedRAMP)`
    from the server dropdown to issue requests against
    `https://api.vanta-gov.com`. The OAuth token URL shown below defaults to the
    commercial host — replace it with `https://api.vanta-gov.com/oauth/token`.
  termsOfService: https://www.vanta.com/terms
  license:
    name: UNLICENSED
  contact:
    name: API Support
    url: https://help.vanta.com/
    email: support@vanta.com
servers:
  - url: https://api.vanta.com/v1
    description: Vanta (Commercial)
  - url: https://api.vanta-gov.com/v1
    description: Vanta Gov (FedRAMP)
security: []
paths:
  /audits/{auditId}:
    get:
      tags:
        - Audits
      summary: Get audit by ID
      description: >-
        Returns a single audit by ID, scoped to the audit firm.


        To identify IRL (Information Request List) audits, check for the
        presence of the

        `auditorRequestListMetadata` field. This field is only present for
        IRL-based audits

        and will be `undefined` for standard audits.


        Rate limit: 250 requests / minute.
      operationId: GetAudit
      parameters:
        - in: path
          name: auditId
          required: true
          schema:
            type: string
      responses:
        '200':
          description: Ok
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/Audit'
              examples:
                Example 1:
                  value:
                    id: 65fc81a3359c8508c9af880f
                    customerOrganizationName: corporation.com
                    customerDisplayName: Corporation Company
                    customerOrganizationId: 65fc81a3359c8508c9af880f
                    auditStartDate: '2024-03-07T21:25:56.000Z'
                    auditEndDate: '2024-03-14T21:25:56.000Z'
                    earlyAccessStartsAt: '2024-03-07T21:25:56.000Z'
                    framework: SOC 2 Type II
                    displayName: Q1 2024 SOC 2 Audit
                    allowAuditorEmails:
                      - sam@auditor.com
                    allowAllAuditors: true
                    deletionDate: '2024-03-07T21:25:56.000Z'
                    creationDate: '2024-03-07T21:25:56.000Z'
                    modificationDate: '2024-03-07T21:25:56.000Z'
                    completionDate: '2024-03-07T21:25:56.000Z'
                    auditFocus: EXTERNAL
                    auditorRequestListMetadata:
                      requestsSharedWithCustomer: '2024-03-07T21:25:56.000Z'
      security:
        - bearerAuth: []
      x-codeSamples:
        - lang: typescript
          label: GetAudit
          source: |-
            import { Vanta } from "vanta-auditor-api-sdk";

            const vanta = new Vanta({
              bearerAuth: process.env["VANTA_BEARER_AUTH"] ?? "",
            });

            async function run() {
              const result = await vanta.audits.getAudit({
                auditId: "<id>",
              });

              console.log(result);
            }

            run();
        - lang: java
          label: GetAudit
          source: >-
            package hello.world;


            import com.vanta.vanta_auditor_api.Vanta;

            import
            com.vanta.vanta_auditor_api.models.operations.GetAuditResponse;

            import java.lang.Exception;


            public class Application {

                public static void main(String[] args) throws Exception {

                    Vanta sdk = Vanta.builder()
                            .bearerAuth(System.getenv().getOrDefault("BEARER_AUTH", ""))
                        .build();

                    GetAuditResponse res = sdk.audits().getAudit()
                            .auditId("<id>")
                            .call();

                    if (res.audit().isPresent()) {
                        System.out.println(res.audit().get());
                    }
                }
            }
components:
  schemas:
    Audit:
      properties:
        id:
          type: string
          description: The unique identifier for the audit.
        customerOrganizationName:
          type: string
          description: >-
            The domain name of the customer organization being audited (e.g.
            vanta.com)
        customerDisplayName:
          type: string
          nullable: true
          description: >-
            The human readable name of the customer organization being audited
            (e.g. Vanta)
        customerOrganizationId:
          type: string
          description: The uuid of the customer organization being audited
        auditStartDate:
          type: string
          format: date-time
          description: >-
            The start of the audit window. This is also when data collection for
            audit starts.
        auditEndDate:
          type: string
          format: date-time
          description: The end of the audit window.
        earlyAccessStartsAt:
          type: string
          format: date-time
          nullable: true
          description: >-
            Timestamp at which auditors gain access to the audit. Occurs before
            the audit window begins
        framework:
          type: string
          description: The name of the framework for the audit
        displayName:
          type: string
          description: >-
            The display name for the audit. Returns the custom audit name if
            set,

            otherwise returns the framework name.
        allowAuditorEmails:
          items:
            type: string
          type: array
          description: Emails of auditors with access to audit
        allowAllAuditors:
          type: boolean
          description: Set to true if all auditors in audit firm have access
        deletionDate:
          type: string
          format: date-time
          nullable: true
          description: Timestamp when the audit was deleted
        creationDate:
          type: string
          format: date-time
          description: Timestamp when the audit was created
        modificationDate:
          type: string
          format: date-time
          nullable: true
          description: Timestamp when the audit was updated
        completionDate:
          type: string
          format: date-time
          nullable: true
          description: >-
            Timestamp when the audit was marked completed, and report was
            uploaded
        auditFocus:
          $ref: '#/components/schemas/AuditFocus'
          description: Audit focus determines if the audit is internal or external facing
        auditorRequestListMetadata:
          properties:
            requestsSharedWithCustomer:
              type: string
              format: date-time
              nullable: true
              description: >-
                Timestamp when information requests were shared with the
                customer. Null if not shared.
          required:
            - requestsSharedWithCustomer
          type: object
          description: >-
            Metadata about the auditor request list. This field is only present
            for IRL (Information

            Request List) based audits and will be undefined for standard
            audits. Use the presence

            of this field to differentiate between IRL and non-IRL audits.
      required:
        - id
        - customerOrganizationName
        - customerDisplayName
        - customerOrganizationId
        - auditStartDate
        - auditEndDate
        - earlyAccessStartsAt
        - framework
        - displayName
        - allowAuditorEmails
        - allowAllAuditors
        - deletionDate
        - creationDate
        - modificationDate
        - completionDate
        - auditFocus
      type: object
      additionalProperties: false
    AuditFocus:
      type: string
      enum:
        - EXTERNAL
        - INTERNAL
  securitySchemes:
    bearerAuth:
      type: http
      scheme: bearer

````