Audits
List audit controls
Returns a paginated list of controls for an audit.
Rate limit: 250 requests / minute.
GET
/
audits
/
{auditId}
/
controls
TypeScript
import { Vanta } from "vanta-auditor-api-sdk";
const vanta = new Vanta({
bearerAuth: process.env["VANTA_BEARER_AUTH"] ?? "",
});
async function run() {
const result = await vanta.audits.listControls({
auditId: "<id>",
});
console.log(result);
}
run();package hello.world;
import com.vanta.vanta_auditor_api.Vanta;
import com.vanta.vanta_auditor_api.models.operations.ListAuditControlsResponse;
import java.lang.Exception;
public class Application {
public static void main(String[] args) throws Exception {
Vanta sdk = Vanta.builder()
.bearerAuth(System.getenv().getOrDefault("BEARER_AUTH", ""))
.build();
ListAuditControlsResponse res = sdk.audits().listControls()
.auditId("<id>")
.pageSize(10)
.call();
if (res.paginatedResponseAuditorControl().isPresent()) {
System.out.println(res.paginatedResponseAuditorControl().get());
}
}
}curl --request GET \
--url https://api.vanta.com/v1/audits/{auditId}/controls \
--header 'Authorization: Bearer <token>'import requests
url = "https://api.vanta.com/v1/audits/{auditId}/controls"
headers = {"Authorization": "Bearer <token>"}
response = requests.get(url, headers=headers)
print(response.text)const options = {method: 'GET', headers: {Authorization: 'Bearer <token>'}};
fetch('https://api.vanta.com/v1/audits/{auditId}/controls', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://api.vanta.com/v1/audits/{auditId}/controls",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "GET",
CURLOPT_HTTPHEADER => [
"Authorization: Bearer <token>"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}package main
import (
"fmt"
"net/http"
"io"
)
func main() {
url := "https://api.vanta.com/v1/audits/{auditId}/controls"
req, _ := http.NewRequest("GET", url, nil)
req.Header.Add("Authorization", "Bearer <token>")
res, _ := http.DefaultClient.Do(req)
defer res.Body.Close()
body, _ := io.ReadAll(res.Body)
fmt.Println(string(body))
}require 'uri'
require 'net/http'
url = URI("https://api.vanta.com/v1/audits/{auditId}/controls")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Get.new(url)
request["Authorization"] = 'Bearer <token>'
response = http.request(request)
puts response.read_body{
"results": {
"data": [
{
"id": "a2f7e1b9d0c3f4e5a6c7b8d9",
"externalId": "CRY-104",
"name": "Data encryption utilized",
"description": "Access reviews are performed to ensure that access is appropriate for the user's role and responsibilities.",
"source": "Vanta",
"domains": [
"CRYPTOGRAPHIC_PROTECTIONS"
],
"owner": {
"id": "65e1efde08e8478f143a8ff9",
"emailAddress": "example-person@email.com",
"displayName": "Example Owner"
},
"framework": "soc2",
"role": null,
"customFields": [],
"sections": [
{
"framework": "SOC 2",
"name": "CC 1.1",
"principle": {
"id": "CC 1.0",
"name": "Control Environment"
}
}
],
"creationDate": null,
"modificationDate": null
}
],
"pageInfo": {
"hasNextPage": false,
"hasPreviousPage": false,
"startCursor": "YXJyYXljb25uZWN0aW9uOjA=",
"endCursor": "YXJyYXljb25uZWN0aW9uOjE="
}
}
}Authorizations
Bearer authentication header of the form Bearer <token>, where <token> is your auth token.
Path Parameters
Query Parameters
Controls the maximum number of items returned in one response from the API.
Required range:
1 <= x <= 100A marker or pointer, telling the API where to start fetching items for the subsequent page in a paginated dataset. Note that the requested page will not include the item that corresponds to this cursor but will start from the one immediately after this cursor.
Filter controls whose externalId matches any of the provided values (exact, case-sensitive match).
Response
200 - application/json
Ok
Show child attributes
Show child attributes
Was this page helpful?
Previous
Create a custom control for an auditCreate a custom control for an audit.
Rate limit: 10 requests / minute.
Next
⌘I
TypeScript
import { Vanta } from "vanta-auditor-api-sdk";
const vanta = new Vanta({
bearerAuth: process.env["VANTA_BEARER_AUTH"] ?? "",
});
async function run() {
const result = await vanta.audits.listControls({
auditId: "<id>",
});
console.log(result);
}
run();package hello.world;
import com.vanta.vanta_auditor_api.Vanta;
import com.vanta.vanta_auditor_api.models.operations.ListAuditControlsResponse;
import java.lang.Exception;
public class Application {
public static void main(String[] args) throws Exception {
Vanta sdk = Vanta.builder()
.bearerAuth(System.getenv().getOrDefault("BEARER_AUTH", ""))
.build();
ListAuditControlsResponse res = sdk.audits().listControls()
.auditId("<id>")
.pageSize(10)
.call();
if (res.paginatedResponseAuditorControl().isPresent()) {
System.out.println(res.paginatedResponseAuditorControl().get());
}
}
}curl --request GET \
--url https://api.vanta.com/v1/audits/{auditId}/controls \
--header 'Authorization: Bearer <token>'import requests
url = "https://api.vanta.com/v1/audits/{auditId}/controls"
headers = {"Authorization": "Bearer <token>"}
response = requests.get(url, headers=headers)
print(response.text)const options = {method: 'GET', headers: {Authorization: 'Bearer <token>'}};
fetch('https://api.vanta.com/v1/audits/{auditId}/controls', options)
.then(res => res.json())
.then(res => console.log(res))
.catch(err => console.error(err));<?php
$curl = curl_init();
curl_setopt_array($curl, [
CURLOPT_URL => "https://api.vanta.com/v1/audits/{auditId}/controls",
CURLOPT_RETURNTRANSFER => true,
CURLOPT_ENCODING => "",
CURLOPT_MAXREDIRS => 10,
CURLOPT_TIMEOUT => 30,
CURLOPT_HTTP_VERSION => CURL_HTTP_VERSION_1_1,
CURLOPT_CUSTOMREQUEST => "GET",
CURLOPT_HTTPHEADER => [
"Authorization: Bearer <token>"
],
]);
$response = curl_exec($curl);
$err = curl_error($curl);
curl_close($curl);
if ($err) {
echo "cURL Error #:" . $err;
} else {
echo $response;
}package main
import (
"fmt"
"net/http"
"io"
)
func main() {
url := "https://api.vanta.com/v1/audits/{auditId}/controls"
req, _ := http.NewRequest("GET", url, nil)
req.Header.Add("Authorization", "Bearer <token>")
res, _ := http.DefaultClient.Do(req)
defer res.Body.Close()
body, _ := io.ReadAll(res.Body)
fmt.Println(string(body))
}require 'uri'
require 'net/http'
url = URI("https://api.vanta.com/v1/audits/{auditId}/controls")
http = Net::HTTP.new(url.host, url.port)
http.use_ssl = true
request = Net::HTTP::Get.new(url)
request["Authorization"] = 'Bearer <token>'
response = http.request(request)
puts response.read_body{
"results": {
"data": [
{
"id": "a2f7e1b9d0c3f4e5a6c7b8d9",
"externalId": "CRY-104",
"name": "Data encryption utilized",
"description": "Access reviews are performed to ensure that access is appropriate for the user's role and responsibilities.",
"source": "Vanta",
"domains": [
"CRYPTOGRAPHIC_PROTECTIONS"
],
"owner": {
"id": "65e1efde08e8478f143a8ff9",
"emailAddress": "example-person@email.com",
"displayName": "Example Owner"
},
"framework": "soc2",
"role": null,
"customFields": [],
"sections": [
{
"framework": "SOC 2",
"name": "CC 1.1",
"principle": {
"id": "CC 1.0",
"name": "Control Environment"
}
}
],
"creationDate": null,
"modificationDate": null
}
],
"pageInfo": {
"hasNextPage": false,
"hasPreviousPage": false,
"startCursor": "YXJyYXljb25uZWN0aW9uOjA=",
"endCursor": "YXJyYXljb25uZWN0aW9uOjE="
}
}
}