Skip to main content
GET
/
vendors
List vendors
curl --request GET \
  --url https://api.vanta.com/v1/vendors \
  --header 'Authorization: Bearer <token>'
{
  "results": {
    "data": [
      {
        "id": "a2f7e1b9d0c3f4e5a6c7b8d8",
        "name": "Vanta",
        "websiteUrl": "https://www.vanta.com/",
        "accountManagerName": "John Doe",
        "accountManagerEmail": "john@doe.com",
        "servicesProvided": "SaaS",
        "additionalNotes": "Automate compliance and streamline security reviews with the leading trust management platform.",
        "authDetails": {
          "method": "O_AUTH",
          "passwordMFA": true,
          "passwordRequiresNumber": true,
          "passwordRequiresSymbol": true,
          "passwordMinimumLength": 16
        },
        "securityOwnerUserId": "6626afa6490ec920099773e7",
        "businessOwnerUserId": "6626afb14c912f0a50e85619",
        "contractStartDate": "2024-02-01T00:00:00.000Z",
        "contractRenewalDate": "2025-02-01T00:00:00.000Z",
        "contractTerminationDate": null,
        "lastSecurityReviewCompletionDate": "2024-01-01T00:00:00.000Z",
        "nextSecurityReviewDueDate": "2025-01-01T00:00:00.000Z",
        "isVisibleToAuditors": true,
        "isRiskAutoScored": true,
        "category": {
          "displayName": "cloudMonitoring"
        },
        "riskAttributeIds": [
          "6626b0298acc44f8674390da",
          "6626b02ea4cd9ba80d773c20"
        ],
        "status": "MANAGED",
        "inherentRiskLevel": "HIGH",
        "residualRiskLevel": "MEDIUM",
        "vendorHeadquarters": "USA",
        "contractAmount": {
          "amount": 1000000,
          "currency": "USD"
        },
        "customFields": null,
        "latestDecision": {
          "status": "APPROVED",
          "lastUpdatedAt": "2024-01-01T00:00:00.000Z"
        },
        "linkedTaskTrackerTaskProcurementRequest": {
          "service": "jira",
          "url": "https://random-company.atlassian.net/browse/PROJ-123"
        }
      }
    ],
    "pageInfo": {
      "hasNextPage": false,
      "hasPreviousPage": false,
      "startCursor": "6696ea0595df50d5cd6ec3b7",
      "endCursor": "6696ece48eb1f98ff3d927c6"
    }
  }
}

Authorizations

Authorization
string
header
required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Query Parameters

pageSize
integer<int32>
default:10

Controls the maximum number of items returned in one response from the API.

Required range: 1 <= x <= 100
pageCursor
string

A marker or pointer, telling the API where to start fetching items for the subsequent page in a paginated dataset. Note that the requested page will not include the item that corresponds to this cursor but will start from the one immediately after this cursor.

name
string

Filter vendors by name (case-insensitive, partial match)

statusMatchesAny
enum<string>[]

Filter vendors by status (can specify multiple)

The current state of a vendor:

  • MANAGED: The vendor is actively managed.
  • ARCHIVED: The vendor has been archived
  • IN_PROCUREMENT: The vendor is in the procurement process
Available options:
MANAGED,
ARCHIVED,
IN_PROCUREMENT

Response

200 - application/json

Ok

results
object
required