Skip to main content
Subscribe to stay up to date on changes to the Vanta API and developer documentation — new endpoints, breaking changes, and release notes. Subscribe via RSS.
2026-06-05
Manage Vanta APINew

Trust Center resource categories

Five new endpoints let you organize Trust Center resources into categories: list, add, reorder, update, and delete. Use them to model the same category structure customers see in your Trust Center. See the Manage Vanta API reference.
2026-06-05
Manage Vanta APINew

Update Trust Center viewers

A new PATCH /trust-centers/{slugId}/viewers/{viewerId} endpoint updates a viewer’s access on a Trust Center without removing and re-adding them.
2026-06-05
Manage Vanta APINew

Trust Center FAQ category on responses

Trust Center FAQ endpoints now return the FAQ’s category (id and name) so you can group FAQs in your own UI.
2026-06-05
Auditor APIUpdated

Richer test snapshot evidence

The test-snapshot evidence detail endpoint now returns two new fields. apiRequests lists HTTP requests captured during API introspection tests. outOfScopeResources lists resources excluded at the test level (customer-disabled) and the framework level (segment configuration). See the Audits API reference.
2026-06-05
Auditor APIUpdated

More filters on audit issues

GET /audits/{auditId}/issues/items now accepts createdAfterDate, createdBeforeDate, detectedAfterDate, and detectedBeforeDate query parameters, and orderBy now accepts detectedAt.
2026-06-05
Auditor APIUpdated

Code changes date filter rename

The startDate and endDate query parameters on GET /audits/{auditId}/assets/code-changes were renamed to closedAfterDate and closedBeforeDate for consistency with other Auditor API endpoints. Update any clients that hardcoded the old names.
2026-06-05
Manage Vanta APIUpdated

More event log actions and targets

The event log reference now lists new action types covering Trust Center FAQ and resource categories, program segments, risk register updates, subscription renewals, in-app purchases, and Trust Center viewer reminders. It also adds three new target types: TRUST_CENTER_FAQ_CATEGORY, TRUST_CENTER_RESOURCE_CATEGORY, and QUESTIONNAIRE_AUTOMATION.
2026-06-05
Auditor APIDeprecated

Legacy Auditor API list endpoints

The following endpoints are deprecated and at end of life. They work for legacy audits only and do not support controlled audit view. They remain available for existing legacy audits for now, but will be removed once legacy audits are fully phased out — don’t build new integrations on them.
  • GET /audits/{auditId}/monitored-computers
  • GET /audits/{auditId}/people
  • GET /audits/{auditId}/vendors
  • GET /audits/{auditId}/vulnerabilities
  • GET /audits/{auditId}/vulnerability-remediations
  • GET /audits/{auditId}/vulnerable-assets
For audits in controlled audit view, this data is served by separate endpoints (personnel/people for people, personnel/computers for monitored computers, and managed-vendors for vendors). These are not drop-in replacements: which endpoint you use depends on whether the audit is in controlled audit view.
2026-05-22
Auditor APINew

Code changes population for auditors

A new GET /audits/{auditId}/assets/code-changes endpoint returns the pull requests visible to auditors during an audit engagement. Each record includes the PR title, identifier, repository, source (GitHub, GitLab, Bitbucket, or Azure DevOps), and opened/closed dates. Supports search, source filtering, date-range filtering, and cursor pagination. See the Audits API reference.
2026-05-08
Manage Vanta APINew

Event logs API

A new GET /event-logs endpoint lets you list audit events from your Vanta account, including the actor, date, and event type. Useful for streaming activity into your SIEM or building custom audit trails. See the Manage Vanta API reference.
2026-05-08
Auditor APINew

Audit issue snapshots

Two new endpoints surface the issues an auditor sees during an audit: list snapshotted issues and list audit snapshots. See the Audits API reference.
2026-05-08
Auditor APINew

Test snapshot evidence detail

A new endpoint returns rich detail for a single test-snapshot evidence row attached to an information request, including test metadata, integrations, SLA remediation policy, and the raw test data captured at snapshot time. See the Audits API reference.
2026-05-08
Manage Vanta APIUpdated

Trust Center categories on Knowledge Base resources

Knowledge Base resource endpoints now include a categoryId field, so you can read and set the Trust Center category a resource is filed under when creating or updating webpage and document resources. Pass null to keep a resource uncategorized. Only valid for REQUEST_ACCESS and PUBLIC resources.
2026-05-08
Manage Vanta APIUpdated

Identification date on risk scenarios

Risk scenario responses now include identificationDate, matching the “Identified Date” field in the Vanta UI. The value defaults to the scenario’s creation time when not explicitly set.
2026-05-08
Manage Vanta APIUpdated

Stricter validation for Knowledge Base webpage resources

Webpage resource title now requires at least one character, and url is validated as a URI. Existing valid payloads are unaffected.
2026-05-04

Welcome to the Vanta developer changelog

Future updates to the Vanta API and developer documentation will be listed here.