Audits

List snapshotted issues for an audit

Retrieves a list of all issues that have been shared with an audit.

The issues returned are immutable, point-in-time snapshots; there may be duplicates of issues that have been snapshotted at different times. The GET /audits//issues/snapshots endpoint can be used to retrieve metadata about the snapshots that issues belong to. Issues represent compliance findings from a variety of sources that need to be tracked and remediated.

Supports filtering by:

search: full text search across issue title and description
snapshotId: filtering to a specific snapshot or snapshots, which represent point-in-time captures of issues. Use the GET /audits//issues/snapshots endpoint to retrieve snapshot IDs and metadata.
createdAfterDate / createdBeforeDate: filter to issues created within a date range (inclusive)
detectedAfterDate / detectedBeforeDate: filter to issues detected within a date range (inclusive)

Results are sorted by issue creation date in descending order (newest first) by default. Use orderBy and orderDirection to customize sorting. Sort parameters must remain consistent across paginated requests.

Uses cursor-based pagination. To paginate:

Make initial request with desired pageSize
Check results.pageInfo.hasNextPage
Use results.pageInfo.endCursor as pageCursor for next request

Rate limit: 10 requests / minute.

GET

audits

{auditId}

issues

items

TypeScript

import { Vanta } from "vanta-auditor-api-sdk";

const vanta = new Vanta({
  bearerAuth: process.env["VANTA_BEARER_AUTH"] ?? "",
});

async function run() {
  const result = await vanta.audits.listAuditIssues({
    auditId: "<id>",
  });

  console.log(result);
}

run();

{
  "results": {
    "pageInfo": {
      "hasNextPage": false,
      "hasPreviousPage": false,
      "startCursor": null,
      "endCursor": null
    },
    "data": [
      {
        "id": "5f2c939a52855e725c8d5824",
        "title": "User accounts with weak passwords",
        "readableIssueId": "ISS-1234",
        "issueId": "5f2c939a52855e725c8d5825",
        "description": "The following user accounts have passwords that do not meet the company's password policy: [list of accounts]. Weak passwords increase the risk of unauthorized access to systems and data.",
        "snapshotId": "5f2c939a52855e725c8d5823",
        "dueDate": "2023-12-31T23:59:59.000Z",
        "status": "CLOSED",
        "lastModifiedAt": "2024-06-15T10:30:00.000Z",
        "createdAt": "2024-06-01T09:00:00.000Z",
        "detectedAt": "2024-05-30T14:45:00.000Z"
      }
    ]
  }
}

Authorizations

Authorization

string

header

required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Path Parameters

auditId

string

required

The audit ID

Query Parameters

pageSize

integer<int32>

default:10

Maximum number of results per page (1-100, default 10) Controls the maximum number of items returned in one response from the API.

Required range: 1 <= x <= 100

pageCursor

string

Pagination cursor from previous response A marker or pointer, telling the API where to start fetching items for the subsequent page in a paginated dataset. Note that the requested page will not include the item that corresponds to this cursor but will start from the one immediately after this cursor.

string

Search term for filtering by issue title and description

snapshotIdMatchesAny

string[]

Filter issues to specific snapshots by snapshot ID

createdAfterDate

string<date-time>

Filter to issues created on or after this date (ISO 8601)

createdBeforeDate

string<date-time>

Filter to issues created on or before this date (ISO 8601)

detectedAfterDate

string<date-time>

Filter to issues detected on or after this date (ISO 8601)

detectedBeforeDate

string<date-time>

Filter to issues detected on or before this date (ISO 8601)

orderBy

enum<string>

Field to sort results by. Allowed: "createdAt", "lastModifiedAt", "detectedAt". Default: "createdAt" Allowed values for the orderBy query parameter on issue snapshot item endpoints.

Available options:

createdAt,

lastModifiedAt,

detectedAt

orderDirection

enum<string>

Sort direction: "asc" or "desc". Default: "desc" Sort direction shared across the external REST API surface.

"asc" for ascending, "desc" for descending. Endpoints expose this as the orderDirection / sortDirection query parameter and map it onto whatever internal direction representation the underlying service expects.

Available options:

asc,

desc

Response

200 - application/json

results

object

required

Show child attributes

List snapshotted issues for an auditRetrieves a list of snapshots that have been shared with an audit. The snapshots returned contain metadata about point-in-time captures of issues for an audit. This data can be used to filter down the list of issues to specific snapshots when querying the GET /audits/{auditId}/issues/items endpoint. Supports filtering by: - `search`: full text search across snapshot title and description Results are sorted by snapshot creation date in descending order (newest first). Uses cursor-based pagination. To paginate: 1. Make initial request with desired `pageSize` 2. Check `results.pageInfo.hasNextPage` 3. Use `results.pageInfo.endCursor` as `pageCursor` for next request Rate limit: 10 requests / minute.

⌘I

TypeScript

import { Vanta } from "vanta-auditor-api-sdk";

const vanta = new Vanta({
  bearerAuth: process.env["VANTA_BEARER_AUTH"] ?? "",
});

async function run() {
  const result = await vanta.audits.listAuditIssues({
    auditId: "<id>",
  });

  console.log(result);
}

run();

{
  "results": {
    "pageInfo": {
      "hasNextPage": false,
      "hasPreviousPage": false,
      "startCursor": null,
      "endCursor": null
    },
    "data": [
      {
        "id": "5f2c939a52855e725c8d5824",
        "title": "User accounts with weak passwords",
        "readableIssueId": "ISS-1234",
        "issueId": "5f2c939a52855e725c8d5825",
        "description": "The following user accounts have passwords that do not meet the company's password policy: [list of accounts]. Weak passwords increase the risk of unauthorized access to systems and data.",
        "snapshotId": "5f2c939a52855e725c8d5823",
        "dueDate": "2023-12-31T23:59:59.000Z",
        "status": "CLOSED",
        "lastModifiedAt": "2024-06-15T10:30:00.000Z",
        "createdAt": "2024-06-01T09:00:00.000Z",
        "detectedAt": "2024-05-30T14:45:00.000Z"
      }
    ]
  }
}