Audits

List integrations for an audit

Retrieves integration population data for an audit.

This endpoint provides access to integration records visible to auditors during an audit engagement. Integrations represent connected services (e.g., GitHub, AWS, Slack) that provide data for the audit.

Supports filtering by:

search: Searches integration names (case-insensitive)
tagsMatchesAny: Filters by integration tag (ACCESS, COMPUTERS, etc.)
categoriesMatchesAny: Filters by category (CLOUD_PROVIDER, HR_PROVIDER, etc.)

Uses cursor-based pagination. To paginate:

Make initial request with desired pageSize
Check results.pageInfo.hasNextPage
Use results.pageInfo.endCursor as pageCursor for next request

Results are sorted by integration display name (ascending). This sort order is fixed and cannot be customized via query parameters.

Rate limit: 10 requests / minute.

GET

audits

{auditId}

integrations

TypeScript

import { Vanta } from "vanta-auditor-api-sdk";

const vanta = new Vanta({
  bearerAuth: process.env["VANTA_BEARER_AUTH"] ?? "",
});

async function run() {
  const result = await vanta.audits.listIntegrations({
    auditId: "<id>",
  });

  console.log(result);
}

run();

{
  "results": {
    "pageInfo": {
      "hasNextPage": true,
      "hasPreviousPage": false,
      "startCursor": "github",
      "endCursor": "github"
    },
    "data": [
      {
        "id": "github",
        "name": "GitHub",
        "tags": [
          "Vulnerabilities",
          "Code changes"
        ],
        "categories": [
          "Version control systems"
        ]
      }
    ]
  }
}

Authorizations

Authorization

string

header

required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Path Parameters

auditId

string

required

The audit ID

Query Parameters

pageSize

integer<int32>

default:10

Maximum number of results per page (1-100, default 10) Controls the maximum number of items returned in one response from the API.

Required range: 1 <= x <= 100

pageCursor

string

Pagination cursor from previous response A marker or pointer, telling the API where to start fetching items for the subsequent page in a paginated dataset. Note that the requested page will not include the item that corresponds to this cursor but will start from the one immediately after this cursor.

string

Search term for filtering by integration name

tagsMatchesAny

enum<string>[]

Filter integrations by tag values

Available options:

ACCESS,

COMPUTERS,

CUSTOM_RESOURCE,

DATA_LOSS_PREVENTION,

DOCUMENTS,

DOCUMENT_UPLOAD,

FRAMEWORK,

GROUPS,

INVENTORY,

NOTIFICATIONS,

PEOPLE,

POLICIES,

SECURITY_AWARENESS_TRAINING,

SECURITY_SCANNER_ALERTS,

SSO,

TASK_CREATION,

TASK_TRACKING,

TRUST_CENTER,

VENDOR_DISCOVERY,

VENDOR_PROCUREMENT,

VULNERABILITIES

categoriesMatchesAny

enum<string>[]

Filter integrations by category values

Available options:

ATS_MERGE_ACCOUNT,

BACKGROUND_CHECK_SERVICE,

CLOUD_PROVIDER,

COMMUNICATION_PLATFORM,

CRM_MERGE_ACCOUNT,

CRM_PLATFORM,

DATASTORE_PROVIDER,

DATA_LOSS_PREVENTION,

DATA_WAREHOUSE_PROVIDER,

DOCUMENT_MANAGEMENT_TOOL,

ENDPOINT_SECURITY_TOOL,

HR_PROVIDER,

IDENTITY_PROVIDER,

INCIDENT_MANAGEMENT_TOOL,

MOBILE_DEVICE_MANAGEMENT_TOOL,

MONITORING_SERVICE,

OTHER_INTEGRATION,

SECURITY_AWARENESS_TRAINING_PROVIDER,

SECURITY_SCANNER_ALERTS,

TASK_TRACKER,

VERSION_CONTROL_SYSTEM,

VULNERABILITY_SCANNER

Response

200 - application/json

Paginated list of integrations with pagination metadata

results

object

required

Show child attributes

List snapshotted issues for an auditRetrieves a list of all issues that have been shared with an audit. The issues returned are immutable, point-in-time snapshots; there may be duplicates of issues that have been snapshotted at different times. The GET /audits/{auditId}/issues/snapshots endpoint can be used to retrieve metadata about the snapshots that issues belong to. Issues represent compliance findings from a variety of sources that need to be tracked and remediated. Supports filtering by: - `search`: full text search across issue title and description - `snapshotId`: filtering to a specific snapshot or snapshots, which represent point-in-time captures of issues. Use the GET /audits/{auditId}/issues/snapshots endpoint to retrieve snapshot IDs and metadata. - `createdAfterDate` / `createdBeforeDate`: filter to issues created within a date range (inclusive) - `detectedAfterDate` / `detectedBeforeDate`: filter to issues detected within a date range (inclusive) Results are sorted by issue creation date in descending order (newest first) by default. Use `orderBy` and `orderDirection` to customize sorting. Sort parameters must remain consistent across paginated requests. Uses cursor-based pagination. To paginate: 1. Make initial request with desired `pageSize` 2. Check `results.pageInfo.hasNextPage` 3. Use `results.pageInfo.endCursor` as `pageCursor` for next request Rate limit: 10 requests / minute.

⌘I

TypeScript

import { Vanta } from "vanta-auditor-api-sdk";

const vanta = new Vanta({
  bearerAuth: process.env["VANTA_BEARER_AUTH"] ?? "",
});

async function run() {
  const result = await vanta.audits.listIntegrations({
    auditId: "<id>",
  });

  console.log(result);
}

run();

{
  "results": {
    "pageInfo": {
      "hasNextPage": true,
      "hasPreviousPage": false,
      "startCursor": "github",
      "endCursor": "github"
    },
    "data": [
      {
        "id": "github",
        "name": "GitHub",
        "tags": [
          "Vulnerabilities",
          "Code changes"
        ],
        "categories": [
          "Version control systems"
        ]
      }
    ]
  }
}