Audits

List account access records for an audit

Retrieves account access population data for an audit.

This endpoint provides access to account access records visible to auditors during an audit engagement. Account access data comes from various sources:

IDP Services (Identity Providers): Okta, Azure AD, Google Workspace, OneLogin, PingOne
- Returns user accounts from identity providers
- Supports filtering by search and status
Role Grants Services: GCP, Azure (when role grants are enabled)
- Returns accounts with role-based access grants
- Supports filtering by search and status
First-Party Account Services: AWS, Oracle Cloud, Azure (when not using role grants), etc.
- Returns cloud provider account access records
- Supports filtering by search and status
Received Account Services: External applications (Jira, GitHub, Slack, etc.)
- Returns user accounts from third-party integrations
- Supports filtering by search and status

Supports filtering by:

search: Searches account names/emails (case-insensitive)
status: Filters by account status

Uses cursor-based pagination. To paginate:

Make initial request with desired pageSize
Check results.pageInfo.hasNextPage
Use results.pageInfo.endCursor as pageCursor for next request

The default sort order depends on the service type:

Identity provider services (e.g. Okta, Azure AD): sorted by email, ascending
Cloud provider services (e.g. AWS, GCP): sorted by account name, ascending
Role grant services: sorted by account name, ascending
Third-party application services (e.g. GitHub, Jira): sorted by account name, ascending

Sort order cannot be customized via query parameters.

GET

audits

{auditId}

personnel

account-access

{serviceId}

Java

package hello.world;

import com.vanta.vanta_auditor_api.Vanta;
import com.vanta.vanta_auditor_api.models.operations.ListPersonnelAccountAccessRequest;
import com.vanta.vanta_auditor_api.models.operations.ListPersonnelAccountAccessResponse;
import java.lang.Exception;

public class Application {

    public static void main(String[] args) throws Exception {

        Vanta sdk = Vanta.builder()
                .bearerAuth(System.getenv().getOrDefault("BEARER_AUTH", ""))
            .build();

        ListPersonnelAccountAccessRequest req = ListPersonnelAccountAccessRequest.builder()
                .auditId("<id>")
                .serviceId("<id>")
                .build();

        ListPersonnelAccountAccessResponse res = sdk.audits().listPersonnelAccountAccess()
                .request(req)
                .call();

        if (res.paginatedResponseAccountAccess().isPresent()) {
            System.out.println(res.paginatedResponseAccountAccess().get());
        }
    }
}

{
  "results": {
    "pageInfo": {
      "hasNextPage": false,
      "hasPreviousPage": false,
      "startCursor": null,
      "endCursor": null
    },
    "data": [
      {
        "id": "5f2c939a52855e725c8d5824",
        "accountName": "john.doe@example.com",
        "owner": "John Doe",
        "role": [
          "Admin"
        ],
        "status": "ACTIVE",
        "mfa": true,
        "createdDate": "2024-01-15T10:30:00.000Z",
        "deactivatedDate": null
      }
    ]
  }
}

Authorizations

Authorization

string

header

required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Path Parameters

auditId

string

required

The audit ID

serviceId

string

required

The service ID from the /services endpoint

Query Parameters

pageSize

integer<int32>

default:10

Maximum number of results per page (1-100, default 10) Controls the maximum number of items returned in one response from the API.

Required range: 1 <= x <= 100

pageCursor

string

Pagination cursor from previous response A marker or pointer, telling the API where to start fetching items for the subsequent page in a paginated dataset. Note that the requested page will not include the item that corresponds to this cursor but will start from the one immediately after this cursor.

string

Search term for filtering by account name or email

status

enum<string>

Filter by account status Account status values for account access records. Unified status enum that covers all service types.

Available options:

ACTIVE,

DEACTIVATED,

UNKNOWN

Response

200 - application/json

Paginated list of account access records with pagination metadata

results

object

required

Show child attributes

List groups for an auditRetrieves groups population data for an audit. This endpoint provides access to the group records visible to auditors during an audit engagement. Groups represent organizational units that contain people, either imported from an identity provider (IDP) or created manually in Vanta. Only Controlled Audit View (CAV) audits are supported. Full Audit View audits are rejected with 403. Supports filtering by: - `search`: Searches group names (case-insensitive) - `sourcesMatchesAny`: Filters by IDP source service names Results are sorted by name (ascending) by default. Use `orderBy` and `orderDirection` to customize sorting. Sort parameters must remain consistent across paginated requests. Uses cursor-based pagination. To paginate: 1. Make initial request with desired `pageSize` 2. Check `results.pageInfo.hasNextPage` 3. Use `results.pageInfo.endCursor` as `pageCursor` for next request

⌘I

Java

package hello.world;

import com.vanta.vanta_auditor_api.Vanta;
import com.vanta.vanta_auditor_api.models.operations.ListPersonnelAccountAccessRequest;
import com.vanta.vanta_auditor_api.models.operations.ListPersonnelAccountAccessResponse;
import java.lang.Exception;

public class Application {

    public static void main(String[] args) throws Exception {

        Vanta sdk = Vanta.builder()
                .bearerAuth(System.getenv().getOrDefault("BEARER_AUTH", ""))
            .build();

        ListPersonnelAccountAccessRequest req = ListPersonnelAccountAccessRequest.builder()
                .auditId("<id>")
                .serviceId("<id>")
                .build();

        ListPersonnelAccountAccessResponse res = sdk.audits().listPersonnelAccountAccess()
                .request(req)
                .call();

        if (res.paginatedResponseAccountAccess().isPresent()) {
            System.out.println(res.paginatedResponseAccountAccess().get());
        }
    }
}

{
  "results": {
    "pageInfo": {
      "hasNextPage": false,
      "hasPreviousPage": false,
      "startCursor": null,
      "endCursor": null
    },
    "data": [
      {
        "id": "5f2c939a52855e725c8d5824",
        "accountName": "john.doe@example.com",
        "owner": "John Doe",
        "role": [
          "Admin"
        ],
        "status": "ACTIVE",
        "mfa": true,
        "createdDate": "2024-01-15T10:30:00.000Z",
        "deactivatedDate": null
      }
    ]
  }
}

Documentation Index

Authorizations

Path Parameters

Query Parameters

Response