> ## Documentation Index
> Fetch the complete documentation index at: https://developer.vanta.com/llms.txt
> Use this file to discover all available pages before exploring further.

# List snapshotted issues for an audit

> Retrieves a list of all issues that have been shared with an audit.

The issues returned are immutable, point-in-time snapshots; there may be duplicates of issues that have been snapshotted at different times.
The GET /audits/{auditId}/issues/snapshots endpoint can be used to retrieve metadata about the snapshots that issues belong to.
Issues represent compliance findings from a variety of sources that need to be tracked and remediated.

Supports filtering by:
- `search`: full text search across issue title and description
- `snapshotId`: filtering to a specific snapshot or snapshots, which represent point-in-time captures of issues. Use the GET /audits/{auditId}/issues/snapshots endpoint to retrieve snapshot IDs and metadata.
- `createdAfterDate` / `createdBeforeDate`: filter to issues created within a date range (inclusive)
- `detectedAfterDate` / `detectedBeforeDate`: filter to issues detected within a date range (inclusive)

Results are sorted by issue creation date in descending order (newest first) by default.
Use `orderBy` and `orderDirection` to customize sorting.
Sort parameters must remain consistent across paginated requests.

Uses cursor-based pagination. To paginate:
1. Make initial request with desired `pageSize`
2. Check `results.pageInfo.hasNextPage`
3. Use `results.pageInfo.endCursor` as `pageCursor` for next request

Rate limit: 10 requests / minute.



## OpenAPI

````yaml https://spec.speakeasy.com/vanta/vanta/conduct-an-audit-with-code-samples get /audits/{auditId}/issues/items
openapi: 3.0.0
info:
  title: Conduct an audit
  version: 1.0.0
  description: >-
    The Auditor API lets audit firms conduct audits from a tool outside of
    Vanta. Unlock data syncing with Vanta through this API.


    **Note for Vanta Gov (FedRAMP) customers:** Select `Vanta Gov (FedRAMP)`
    from the server dropdown to issue requests against
    `https://api.vanta-gov.com`. The OAuth token URL shown below defaults to the
    commercial host — replace it with `https://api.vanta-gov.com/oauth/token`.
  termsOfService: https://www.vanta.com/terms
  license:
    name: UNLICENSED
  contact:
    name: API Support
    url: https://help.vanta.com/
    email: support@vanta.com
servers:
  - url: https://api.vanta.com/v1
    description: Vanta (Commercial)
  - url: https://api.vanta-gov.com/v1
    description: Vanta Gov (FedRAMP)
security: []
paths:
  /audits/{auditId}/issues/items:
    get:
      tags:
        - Audits
      summary: List snapshotted issues for an audit
      description: >-
        Retrieves a list of all issues that have been shared with an audit.


        The issues returned are immutable, point-in-time snapshots; there may be
        duplicates of issues that have been snapshotted at different times.

        The GET /audits/{auditId}/issues/snapshots endpoint can be used to
        retrieve metadata about the snapshots that issues belong to.

        Issues represent compliance findings from a variety of sources that need
        to be tracked and remediated.


        Supports filtering by:

        - `search`: full text search across issue title and description

        - `snapshotId`: filtering to a specific snapshot or snapshots, which
        represent point-in-time captures of issues. Use the GET
        /audits/{auditId}/issues/snapshots endpoint to retrieve snapshot IDs and
        metadata.

        - `createdAfterDate` / `createdBeforeDate`: filter to issues created
        within a date range (inclusive)

        - `detectedAfterDate` / `detectedBeforeDate`: filter to issues detected
        within a date range (inclusive)


        Results are sorted by issue creation date in descending order (newest
        first) by default.

        Use `orderBy` and `orderDirection` to customize sorting.

        Sort parameters must remain consistent across paginated requests.


        Uses cursor-based pagination. To paginate:

        1. Make initial request with desired `pageSize`

        2. Check `results.pageInfo.hasNextPage`

        3. Use `results.pageInfo.endCursor` as `pageCursor` for next request


        Rate limit: 10 requests / minute.
      operationId: ListAuditIssues
      parameters:
        - description: The audit ID
          in: path
          name: auditId
          required: true
          schema:
            type: string
        - description: Maximum number of results per page (1-100, default 10)
          in: query
          name: pageSize
          required: false
          schema:
            $ref: '#/components/schemas/PageSize'
        - description: Pagination cursor from previous response
          in: query
          name: pageCursor
          required: false
          schema:
            $ref: '#/components/schemas/PageCursor'
        - description: Search term for filtering by issue title and description
          in: query
          name: search
          required: false
          schema:
            type: string
        - description: Filter issues to specific snapshots by snapshot ID
          in: query
          name: snapshotIdMatchesAny
          required: false
          schema:
            items:
              type: string
            type: array
        - description: Filter to issues created on or after this date (ISO 8601)
          in: query
          name: createdAfterDate
          required: false
          schema:
            type: string
            format: date-time
        - description: Filter to issues created on or before this date (ISO 8601)
          in: query
          name: createdBeforeDate
          required: false
          schema:
            type: string
            format: date-time
        - description: Filter to issues detected on or after this date (ISO 8601)
          in: query
          name: detectedAfterDate
          required: false
          schema:
            type: string
            format: date-time
        - description: Filter to issues detected on or before this date (ISO 8601)
          in: query
          name: detectedBeforeDate
          required: false
          schema:
            type: string
            format: date-time
        - description: >-
            Field to sort results by. Allowed: "createdAt", "lastModifiedAt",
            "detectedAt". Default: "createdAt"
          in: query
          name: orderBy
          required: false
          schema:
            $ref: '#/components/schemas/IssueSnapshotItemOrderBy'
        - description: 'Sort direction: "asc" or "desc". Default: "desc"'
          in: query
          name: orderDirection
          required: false
          schema:
            $ref: '#/components/schemas/OrderDirection'
      responses:
        '200':
          description: Ok
          content:
            application/json:
              schema:
                $ref: '#/components/schemas/PaginatedIssueSnapshotItemsResponse'
              examples:
                Example 1:
                  value:
                    results:
                      pageInfo:
                        hasNextPage: false
                        hasPreviousPage: false
                        startCursor: null
                        endCursor: null
                      data:
                        - id: 5f2c939a52855e725c8d5824
                          title: User accounts with weak passwords
                          readableIssueId: ISS-1234
                          issueId: 5f2c939a52855e725c8d5825
                          description: >-
                            The following user accounts have passwords that do
                            not meet the company's password policy: [list of
                            accounts]. Weak passwords increase the risk of
                            unauthorized access to systems and data.
                          snapshotId: 5f2c939a52855e725c8d5823
                          dueDate: '2023-12-31T23:59:59.000Z'
                          status: CLOSED
                          lastModifiedAt: '2024-06-15T10:30:00.000Z'
                          createdAt: '2024-06-01T09:00:00.000Z'
                          detectedAt: '2024-05-30T14:45:00.000Z'
      security:
        - bearerAuth: []
      x-codeSamples:
        - lang: typescript
          label: ListAuditIssues
          source: |-
            import { Vanta } from "vanta-auditor-api-sdk";

            const vanta = new Vanta({
              bearerAuth: process.env["VANTA_BEARER_AUTH"] ?? "",
            });

            async function run() {
              const result = await vanta.audits.listAuditIssues({
                auditId: "<id>",
              });

              console.log(result);
            }

            run();
        - lang: java
          label: ListAuditIssues
          source: >-
            package hello.world;


            import com.vanta.vanta_auditor_api.Vanta;

            import
            com.vanta.vanta_auditor_api.models.operations.ListAuditIssuesRequest;

            import
            com.vanta.vanta_auditor_api.models.operations.ListAuditIssuesResponse;

            import java.lang.Exception;


            public class Application {

                public static void main(String[] args) throws Exception {

                    Vanta sdk = Vanta.builder()
                            .bearerAuth(System.getenv().getOrDefault("BEARER_AUTH", ""))
                        .build();

                    ListAuditIssuesRequest req = ListAuditIssuesRequest.builder()
                            .auditId("<id>")
                            .build();

                    ListAuditIssuesResponse res = sdk.audits().listAuditIssues()
                            .request(req)
                            .call();

                    if (res.paginatedIssueSnapshotItemsResponse().isPresent()) {
                        System.out.println(res.paginatedIssueSnapshotItemsResponse().get());
                    }
                }
            }
components:
  schemas:
    PageSize:
      type: integer
      format: int32
      default: 10
      description: >-
        Controls the maximum number of items returned in one response from the
        API.
      minimum: 1
      maximum: 100
    PageCursor:
      type: string
      description: >-
        A marker or pointer, telling the API where to start fetching items for
        the subsequent page in a paginated dataset.

        Note that the requested page will not include the item that corresponds
        to this cursor but will start from the one immediately

        after this cursor.
    IssueSnapshotItemOrderBy:
      type: string
      enum:
        - createdAt
        - lastModifiedAt
        - detectedAt
      description: >-
        Allowed values for the `orderBy` query parameter on issue snapshot item
        endpoints.
    OrderDirection:
      type: string
      enum:
        - asc
        - desc
      description: >-
        Sort direction shared across the external REST API surface.


        `"asc"` for ascending, `"desc"` for descending. Endpoints expose this as
        the

        `orderDirection` / `sortDirection` query parameter and map it onto
        whatever

        internal direction representation the underlying service expects.
    PaginatedIssueSnapshotItemsResponse:
      $ref: '#/components/schemas/PaginatedResponse_IssueSnapshotItem_'
    PaginatedResponse_IssueSnapshotItem_:
      properties:
        results:
          properties:
            data:
              items:
                $ref: '#/components/schemas/IssueSnapshotItem'
              type: array
            pageInfo:
              $ref: '#/components/schemas/PageInfo'
          required:
            - data
            - pageInfo
          type: object
      required:
        - results
      type: object
      additionalProperties: false
    IssueSnapshotItem:
      properties:
        id:
          type: string
          description: >-
            The unique identifier for the snapshot of an issue.


            This is distinct from the issueId, which identifies the underlying
            issue across snapshots.

            The snapshot item ID is unique to this specific snapshot of the
            issue.
          example: 5f2c939a52855e725c8d5824
        title:
          type: string
          description: The issue title
          example: User accounts with weak passwords
        description:
          type: string
          description: The issue description
          example: >-
            The following user accounts have passwords that do not meet the
            company's password policy: [list of accounts]. Weak passwords
            increase the risk of unauthorized access to systems and data.
        readableIssueId:
          type: string
          description: >-
            The human-readable identifier for the issue.


            This field is unique per-domain, and can be used to correlate

            this issue snapshot item to the underlying issue across different
            snapshots.
        issueId:
          type: string
          description: >-
            The globally unique identifier for the underlying issue across
            snapshots.


            This field can be used to correlate this snapshot item to the
            underlying issue across different snapshots.
          example: 5f2c939a52855e725c8d5825
        snapshotId:
          type: string
          description: The identifier for the snapshot this issue item belongs to.
          example: 5f2c939a52855e725c8d5823
        dueDate:
          type: string
          format: date-time
          nullable: true
          description: The due date for the issue.
          example: '2023-12-31T23:59:59.000Z'
        status:
          $ref: '#/components/schemas/IssueStatusTypeForSnapshot'
          description: The status of the issue.
          example: CLOSED
        lastModifiedAt:
          type: string
          format: date-time
          description: The date and time when the issue was last modified.
          example: '2024-06-15T10:30:00.000Z'
        createdAt:
          type: string
          format: date-time
          description: The date and time when the issue was created.
          example: '2024-06-01T09:00:00.000Z'
        detectedAt:
          type: string
          format: date-time
          description: The date and time when the issue was detected.
          example: '2024-05-30T14:45:00.000Z'
      required:
        - id
        - readableIssueId
        - issueId
        - snapshotId
      type: object
      additionalProperties: false
    PageInfo:
      description: Provides information about the pagination of a dataset.
      properties:
        endCursor:
          type: string
          nullable: true
          description: >-
            The cursor that points to the end of the current page, or null if
            there is no such cursor.
        hasNextPage:
          type: boolean
          description: Indicates if there is another page after the current page.
        hasPreviousPage:
          type: boolean
          description: Indicates if there is a page before the current page.
        startCursor:
          type: string
          nullable: true
          description: >-
            The cursor that points to the start of the current page, or null if
            there is no such cursor.
      required:
        - endCursor
        - hasNextPage
        - hasPreviousPage
        - startCursor
      type: object
      additionalProperties: false
    IssueStatusTypeForSnapshot:
      type: string
      enum:
        - IN_PROGRESS
        - NOT_STARTED
        - CLOSED
  securitySchemes:
    bearerAuth:
      type: http
      scheme: bearer

````