> ## Documentation Index
> Fetch the complete documentation index at: https://developer.vanta.com/llms.txt
> Use this file to discover all available pages before exploring further.

# List account access records for an audit

> Retrieves account access population data for an audit.

This endpoint provides access to account access records visible to auditors
during an audit engagement. Account access data comes from various sources:

- **IDP Services** (Identity Providers): Okta, Azure AD, Google Workspace, OneLogin, PingOne

  - Returns user accounts from identity providers
  - Supports filtering by search and status

- **Role Grants Services**: GCP, Azure (when role grants are enabled)

  - Returns accounts with role-based access grants
  - Supports filtering by search and status

- **First-Party Account Services**: AWS, Oracle Cloud, Azure (when not using role grants), etc.

  - Returns cloud provider account access records
  - Supports filtering by search and status

- **Received Account Services**: External applications (Jira, GitHub, Slack, etc.)

  - Returns user accounts from third-party integrations
  - Supports filtering by search and status


Supports filtering by:
- `search`: Searches account names/emails (case-insensitive)
- `status`: Filters by account status

Uses cursor-based pagination. To paginate:
1. Make initial request with desired `pageSize`
2. Check `results.pageInfo.hasNextPage`
3. Use `results.pageInfo.endCursor` as `pageCursor` for next request

The default sort order depends on the service type:
- Identity provider services (e.g. Okta, Azure AD): sorted by email, ascending
- Cloud provider services (e.g. AWS, GCP): sorted by account name, ascending
- Role grant services: sorted by account name, ascending
- Third-party application services (e.g. GitHub, Jira): sorted by account name, ascending

Sort order cannot be customized via query parameters.

Rate limit: 10 requests / minute.



## OpenAPI

````yaml https://spec.speakeasy.com/vanta/vanta/conduct-an-audit-with-code-samples get /audits/{auditId}/personnel/account-access/{serviceId}
openapi: 3.0.0
info:
  title: Conduct an audit
  version: 1.0.0
  description: >-
    The Auditor API lets audit firms conduct audits from a tool outside of
    Vanta. Unlock data syncing with Vanta through this API.


    **Note for Vanta Gov (FedRAMP) customers:** Select `Vanta Gov (FedRAMP)`
    from the server dropdown to issue requests against
    `https://api.vanta-gov.com`. The OAuth token URL shown below defaults to the
    commercial host — replace it with `https://api.vanta-gov.com/oauth/token`.
  termsOfService: https://www.vanta.com/terms
  license:
    name: UNLICENSED
  contact:
    name: API Support
    url: https://help.vanta.com/
    email: support@vanta.com
servers:
  - url: https://api.vanta.com/v1
    description: US Region API
  - url: https://api.vanta-gov.com/v1
    description: Vanta Gov (FedRAMP)
security: []
paths:
  /audits/{auditId}/personnel/account-access/{serviceId}:
    get:
      tags:
        - Audits
      summary: List account access records for an audit
      description: >-
        Retrieves account access population data for an audit.


        This endpoint provides access to account access records visible to
        auditors

        during an audit engagement. Account access data comes from various
        sources:


        - **IDP Services** (Identity Providers): Okta, Azure AD, Google
        Workspace, OneLogin, PingOne

          - Returns user accounts from identity providers
          - Supports filtering by search and status

        - **Role Grants Services**: GCP, Azure (when role grants are enabled)

          - Returns accounts with role-based access grants
          - Supports filtering by search and status

        - **First-Party Account Services**: AWS, Oracle Cloud, Azure (when not
        using role grants), etc.

          - Returns cloud provider account access records
          - Supports filtering by search and status

        - **Received Account Services**: External applications (Jira, GitHub,
        Slack, etc.)

          - Returns user accounts from third-party integrations
          - Supports filtering by search and status


        Supports filtering by:

        - `search`: Searches account names/emails (case-insensitive)

        - `status`: Filters by account status


        Uses cursor-based pagination. To paginate:

        1. Make initial request with desired `pageSize`

        2. Check `results.pageInfo.hasNextPage`

        3. Use `results.pageInfo.endCursor` as `pageCursor` for next request


        The default sort order depends on the service type:

        - Identity provider services (e.g. Okta, Azure AD): sorted by email,
        ascending

        - Cloud provider services (e.g. AWS, GCP): sorted by account name,
        ascending

        - Role grant services: sorted by account name, ascending

        - Third-party application services (e.g. GitHub, Jira): sorted by
        account name, ascending


        Sort order cannot be customized via query parameters.


        Rate limit: 10 requests / minute.
      operationId: ListPersonnelAccountAccess
      parameters:
        - description: The audit ID
          in: path
          name: auditId
          required: true
          schema:
            type: string
        - description: The service ID from the /services endpoint
          in: path
          name: serviceId
          required: true
          schema:
            type: string
        - description: Maximum number of results per page (1-100, default 10)
          in: query
          name: pageSize
          required: false
          schema:
            $ref: '#/components/schemas/PageSize'
        - description: Pagination cursor from previous response
          in: query
          name: pageCursor
          required: false
          schema:
            $ref: '#/components/schemas/PageCursor'
        - description: Search term for filtering by account name or email
          in: query
          name: search
          required: false
          schema:
            type: string
        - description: Filter by account status
          in: query
          name: status
          required: false
          schema:
            $ref: '#/components/schemas/AccountAccessStatus'
      responses:
        '200':
          description: Paginated list of account access records with pagination metadata
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedResponse_AccountAccess_'
              examples:
                Example 1:
                  value:
                    results:
                      pageInfo:
                        hasNextPage: false
                        hasPreviousPage: false
                        startCursor: null
                        endCursor: null
                      data:
                        - id: 5f2c939a52855e725c8d5824
                          accountName: john.doe@example.com
                          owner: John Doe
                          role:
                            - Admin
                          status: ACTIVE
                          mfa: true
                          createdDate: '2024-01-15T10:30:00.000Z'
                          deactivatedDate: null
      security:
        - bearerAuth: []
      x-codeSamples:
        - lang: typescript
          label: ListPersonnelAccountAccess
          source: |-
            import { Vanta } from "vanta-auditor-api-sdk";

            const vanta = new Vanta({
              bearerAuth: process.env["VANTA_BEARER_AUTH"] ?? "",
            });

            async function run() {
              const result = await vanta.audits.listPersonnelAccountAccess({
                auditId: "<id>",
                serviceId: "<id>",
              });

              console.log(result);
            }

            run();
        - lang: java
          label: ListPersonnelAccountAccess
          source: >-
            package hello.world;


            import com.vanta.vanta_auditor_api.Vanta;

            import
            com.vanta.vanta_auditor_api.models.operations.ListPersonnelAccountAccessRequest;

            import
            com.vanta.vanta_auditor_api.models.operations.ListPersonnelAccountAccessResponse;

            import java.lang.Exception;


            public class Application {

                public static void main(String[] args) throws Exception {

                    Vanta sdk = Vanta.builder()
                            .bearerAuth(System.getenv().getOrDefault("BEARER_AUTH", ""))
                        .build();

                    ListPersonnelAccountAccessRequest req = ListPersonnelAccountAccessRequest.builder()
                            .auditId("<id>")
                            .serviceId("<id>")
                            .build();

                    ListPersonnelAccountAccessResponse res = sdk.audits().listPersonnelAccountAccess()
                            .request(req)
                            .call();

                    if (res.paginatedResponseAccountAccess().isPresent()) {
                        System.out.println(res.paginatedResponseAccountAccess().get());
                    }
                }
            }
components:
  schemas:
    PageSize:
      type: integer
      format: int32
      default: 10
      description: >-
        Controls the maximum number of items returned in one response from the
        API.
      minimum: 1
      maximum: 100
    PageCursor:
      type: string
      description: >-
        A marker or pointer, telling the API where to start fetching items for
        the subsequent page in a paginated dataset.

        Note that the requested page will not include the item that corresponds
        to this cursor but will start from the one immediately

        after this cursor.
    AccountAccessStatus:
      type: string
      enum:
        - ACTIVE
        - DEACTIVATED
        - UNKNOWN
      description: |-
        Account status values for account access records.
        Unified status enum that covers all service types.
    PaginatedResponse_AccountAccess_:
      properties:
        results:
          properties:
            data:
              items:
                $ref: '#/components/schemas/AccountAccess'
              type: array
            pageInfo:
              $ref: '#/components/schemas/PageInfo'
          required:
            - data
            - pageInfo
          type: object
      required:
        - results
      type: object
      additionalProperties: false
    AccountAccess:
      description: >-
        Account access record from personnel population.


        This unified interface represents account access data from all service
        types:

        - IDP services (Okta, Azure AD, Google Workspace, etc.)

        - First-party account services (AWS, Azure, GCP, Oracle Cloud, etc.)

        - Role grants services (GCP, Azure role grants)

        - Received/third-party applications


        Only `id` and `accountName` are always present. Other fields are
        optional so

        disallowed columns can be omitted (for example under controlled audit
        view).

        When an optional field is present, `null` means the column is visible
        but empty

        (only fields that are nullable in population data use `null`).
      properties:
        id:
          type: string
          description: Unique identifier for the account.
          example: 5f2c939a52855e725c8d5824
        accountName:
          type: string
          description: Account name or email address (primary identifier).
          example: john.doe@example.com
        owner:
          type: string
          nullable: true
          description: >-
            Display name of the account owner, or null when the column is
            visible but unknown.
          example: John Doe
        role:
          items:
            type: string
          type: array
          description: >-
            Account roles; empty array when the column is visible but has no
            roles.
          example:
            - Admin
        status:
          $ref: '#/components/schemas/AccountAccessStatus'
          description: >-
            Account status when present; omitted when the column is not in the
            response.
          example: ACTIVE
        mfa:
          type: boolean
          nullable: true
          description: >-
            Multi-factor authentication (MFA) status when present.

            `true` = MFA enabled, `false` = MFA not enabled, `null` = visible
            but unknown.
          example: true
        createdDate:
          type: string
          format: date-time
          nullable: true
          description: Account creation date when present, or null when visible but absent.
          example: '2024-01-15T10:30:00.000Z'
        deactivatedDate:
          type: string
          format: date-time
          nullable: true
          description: Account deactivation date when present, or null when active.
          example: '2024-06-20T08:00:00.000Z'
      required:
        - id
        - accountName
      type: object
      additionalProperties: false
    PageInfo:
      description: Provides information about the pagination of a dataset.
      properties:
        endCursor:
          type: string
          nullable: true
          description: >-
            The cursor that points to the end of the current page, or null if
            there is no such cursor.
        hasNextPage:
          type: boolean
          description: Indicates if there is another page after the current page.
        hasPreviousPage:
          type: boolean
          description: Indicates if there is a page before the current page.
        startCursor:
          type: string
          nullable: true
          description: >-
            The cursor that points to the start of the current page, or null if
            there is no such cursor.
      required:
        - endCursor
        - hasNextPage
        - hasPreviousPage
        - startCursor
      type: object
      additionalProperties: false
  securitySchemes:
    bearerAuth:
      type: http
      scheme: bearer

````