Skip to main content
PATCH
/
audits
/
{auditId}
/
evidence
/
{auditEvidenceId}
TypeScript
import { Vanta } from "vanta-auditor-api-sdk";

const vanta = new Vanta({
  bearerAuth: process.env["VANTA_BEARER_AUTH"] ?? "",
});

async function run() {
  const result = await vanta.audits.updateEvidence({
    auditId: "<id>",
    auditEvidenceId: "<id>",
    auditEvidenceUpdateInput: {},
  });

  console.log(result);
}

run();
{
  "id": "65fc81a3359c8508c9af880f",
  "externalId": "cG9saWN5OmFjY2Vzcy1jb250cm9sLXBvbGljeQo=",
  "status": "Ready for audit",
  "statusUpdatedDate": "2024-03-07T21:25:56.000Z",
  "name": "Access Control Policy",
  "deletionDate": "2024-03-07T21:25:56.000Z",
  "creationDate": "2024-03-07T21:25:56.000Z",
  "testStatus": "The test was passing during this period",
  "evidenceType": "Policy",
  "evidenceId": "access-control-policy",
  "relatedControls": [
    {
      "name": "CRY-104",
      "sectionNames": [
        "Article 13"
      ]
    }
  ],
  "description": "example description of test"
}

Authorizations

Authorization
string
header
required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Path Parameters

auditId
string
required
auditEvidenceId
string
required

Body

application/json
statusUpdate
object

Response

200 - application/json

Ok

id
string
required

Vanta internal reference to evidence

externalId
string
required

This is a static UUID to map Audit Firm controls to Vanta controls

status
enum<string>
required

Vanta internal statuses for audit evidence

Available options:
Accepted,
Flagged,
Initialized,
NA,
Not ready for audit,
Ready for audit
name
string
required

Mutable name for evidence. Not guaranteed to be unique.

deletionDate
string<date-time> | null
required

The date this Audit Evidence was deleted

creationDate
string<date-time>
required

The date this Audit Evidence was created

statusUpdatedDate
string<date-time>
required

Point in time that status was last updated

testStatus
string | null
required

The outcome of the automated test run, for Test-type evidence

evidenceType
enum<string>
required

The type of Audit Evidence

Available options:
Evidence Request,
Policy,
Test
evidenceId
string
required

Unique identifier for evidence

relatedControls
object[]
required

The controls associated to this evidence

description
string | null
required

The description for the evidence. It will be set to null if the evidence is deleted