Skip to main content
POST
/
trust-centers
/
{slugId}
/
compliance-frameworks
Create Trust Center compliance framework
curl --request POST \
  --url https://api.vanta.com/v1/trust-centers/{slugId}/compliance-frameworks \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: application/json' \
  --data '
{
  "name": "<string>",
  "description": "<string>"
}
'
{
  "id": "b3c8d4e5f6a7b8c9d0e1f2a3",
  "name": "SOC 2 Type II",
  "standard": "soc2",
  "description": "Service Organization Control 2 Type II compliance"
}

Authorizations

Authorization
string
header
required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Path Parameters

slugId
string
required

Body

application/json
name
string
required

Display name of the framework.

standard
enum<string> | null

Compliance standard to associate with this framework.

Available options:
aiact,
aiuc1,
aue8,
awsFTR,
ccpa,
cisv8,
cjis,
cmmc2,
cps234,
cri,
dora,
fedRAMPr5,
fedramp,
fedramp20x,
fedramp20x_2026,
gdpr,
hipaa,
hitruste1,
iso9001,
iso27001,
iso27001_2022,
iso27017,
iso27018,
iso27701,
iso27701_2025,
iso42001,
msftSSPA,
mvsp,
nis2d,
nist53,
nist171,
nistAiRmf,
nistCSF,
nistcsf2,
ofdss,
pciDss4,
pciSaqA,
pciSaqAEP,
pciSaqDMerchant,
pciSaqDSP,
soc2,
soxITGC,
t23nycrr500,
tisax,
iso22301,
trust,
ukCyberEssentials,
ukCyberEssentials33,
usDataPrivacy,
fedrampKSI,
null
description
string

Description of the framework.

Response

201 - application/json

Trust Center compliance framework created

id
string
required

Unique identifier for the framework.

name
string
required

Display name of the framework.

standard
string | null
required

Compliance standard associated with this framework.

description
string | null
required

Description of the framework.