Offboard employees
Once an employee's offboarding admin tasks are complete, you can mark unmonitored accounts deactivated, confirm the user offboarding.
Offboard a list of Employees
In order to offboard a list of Employees through this endpoint, each employee must be eligible to be offboarded.
This means they are currently in an offboarding state with in Vanta, have no incomplete Admin tasks associated, and all Monitored accounted marked deactivated( Should be automatic when deactivated in those Vanta connected integrations in most cases).
Using the /People/Offboard Endpoint will only mark any Unmonitored accounts deactivated, and Complete Offboarding.
Endpoint overview
The /People/Offboard Endpoint takes in a request body containing a List of Eligible users to offboard, and the acknowledging admin's user Id.
To retrieve a user's user Id, send a GET request to the list /people endpoint, or copy it from the URL when viewing that user on the Vanta portal's People page.
{
"offboardingAcknowledgerId": "<string>",
"employeeIds": [
"<string>",
"<string>"
]
}
Code Example
View the request below. In this example, we're only offboarding a single employee, however you can offboard as many as you need.
curl --location 'https://api.vanta.com/v1/people/offboard' \
--header 'Content-Type: application/json' \
--header 'Accept: application/json' \
--header 'Authorization: Bearer vat_TOKEN' \
--data '{
"offboardingAcknowledgerId": "5df91759d463fd48218e9f15",
"employeeIds": [
"635c369a274dff2743f29160"
]
}'
const myHeaders = new Headers();
myHeaders.append("Content-Type", "application/json");
myHeaders.append("Accept", "application/json");
myHeaders.append("Authorization", "Bearer vat_TOKEN");
const raw = JSON.stringify({
"offboardingAcknowledgerId": "5df91759d463fd48218e9f15",
"employeeIds": [
"635c369a274dff2743f29160"
]
});
const requestOptions = {
method: "POST",
headers: myHeaders,
body: raw,
redirect: "follow"
};
fetch("https://api.vanta.com/v1/people/offboard", requestOptions)
.then((response) => response.text())
.then((result) => console.log(result))
.catch((error) => console.error(error));
const axios = require('axios');
let data = JSON.stringify({
"offboardingAcknowledgerId": "5df91759d463fd48218e9f15",
"employeeIds": [
"635c369a274dff2743f29160"
]
});
let config = {
method: 'post',
maxBodyLength: Infinity,
url: 'https://api.vanta.com/v1/people/offboard',
headers: {
'Content-Type': 'application/json',
'Accept': 'application/json',
'Authorization': 'Bearer vat_TOKEN'
},
data : data
};
axios.request(config)
.then((response) => {
console.log(JSON.stringify(response.data));
})
.catch((error) => {
console.log(error);
});
import requests
import json
url = "https://api.vanta.com/v1/people/offboard"
payload = json.dumps({
"offboardingAcknowledgerId": "5df91759d463fd48218e9f15",
"employeeIds": [
"635c369a274dff2743f29160"
]
})
headers = {
'Content-Type': 'application/json',
'Accept': 'application/json',
'Authorization': 'Bearer vat_TOKEN'
}
response = requests.request("POST", url, headers=headers, data=payload)
print(response.text)
Example Response
If successful, your response should 200 and return the list of successfully offboarded users
{
"offboardedPeople": [
"635c369a274dff2743f29160"
]
}
You can then query these users with the GET /person:id Endpoint if needed.
Code Example
curl --location 'https://api.vanta.com/v1/people/635c369a274dff2743f29160' \
--header 'Accept: application/json' \
--header 'Authorization: Bearer vat_TOKEN'
const myHeaders = new Headers();
myHeaders.append("Accept", "application/json");
myHeaders.append("Authorization", "Bearer vat_TOKEN");
const requestOptions = {
method: "GET",
headers: myHeaders,
redirect: "follow"
};
fetch("https://api.vanta.com/v1/people/635c369a274dff2743f29160", requestOptions)
.then((response) => response.text())
.then((result) => console.log(result))
.catch((error) => console.error(error));
const axios = require('axios');
let config = {
method: 'get',
maxBodyLength: Infinity,
url: 'https://api.vanta.com/v1/people/635c369a274dff2743f29160',
headers: {
'Accept': 'application/json',
'Authorization': 'Bearer vat_TOKEN'
}
};
axios.request(config)
.then((response) => {
console.log(JSON.stringify(response.data));
})
.catch((error) => {
console.log(error);
});
import requests
url = "https://api.vanta.com/v1/people/635c369a274dff2743f29160"
payload = {}
headers = {
'Accept': 'application/json',
'Authorization': 'Bearer vat_TOKEN'
}
response = requests.request("GET", url, headers=headers, data=payload)
print(response.text)
Example Response
The response from the Get person by ID endpoint is the full Employee schema, including task status and policy acceptance:
{
"id": "635c369a274dff2743f29160",
"emailAddress": "[email protected]",
"employment": {
"endDate": "2023-09-21T19:48:04.406Z",
"jobTitle": null,
"startDate": "2022-10-28T07:00:00.000Z",
"status": "FORMER"
},
"name": {
"display": "Adrian Test",
"last": "Test",
"first": "Adrian"
},
"groupIds": [
"6042d90831b0ef1977131cf5",
"654e4e99e527d4a47f7a5111",
],
"sources": {
"emailAddress": {
"type": "VANTA"
},
"employment": {
"startDate": {
"type": "VANTA"
},
"endDate": {
"type": "VANTA"
}
}
},
"tasksSummary": {
"completionDate": "2024-05-01T01:01:57.685Z",
"dueDate": null,
"status": "OFFBOARDING_COMPLETE",
"details": {
"completeTrainings": {
"taskType": "COMPLETE_TRAININGS",
"status": "DUE_SOON",
"dueDate": null,
"completionDate": null,
"disabled": null,
"incompleteTrainings": [
{
"name": "GENERAL_SECURITY_TRAINING"
},
{
"name": "HIPAA_SECURITY_TRAINING"
},
{
"name": "PCI_SECURITY_TRAINING"
},
{
"name": "GDPR_SECURITY_TRAINING"
},
{
"name": "INSIDER_THREAT_SECURITY_TRAINING"
},
{
"name": "SECURE_CODE_SECURITY_TRAINING"
},
{
"name": "SOCIAL_ENGINEERING_SECURITY_TRAINING"
}
],
"completedTrainings": []
},
"completeCustomTasks": {
"taskType": "COMPLETE_CUSTOM_TASKS",
"incompleteCustomTasks": [
{
"name": "CUSTOM_CHECKLIST_TASK"
},
{
"name": "CUSTOM_CHECKLIST_TASK"
},
{
"name": "CUSTOM_CHECKLIST_TASK"
},
{
"name": "CUSTOM_CHECKLIST_TASK"
},
{
"name": "CUSTOM_CHECKLIST_TASK"
}
],
"completedCustomTasks": [],
"status": "OVERDUE",
"completionDate": null,
"dueDate": "2022-12-09T07:00:00.000Z",
"disabled": null
},
"completeOffboardingCustomTasks": {
"taskType": "COMPLETE_CUSTOM_OFFBOARDING_TASKS",
"incompleteCustomOffboardingTasks": [],
"completedCustomOffboardingTasks": [
{
"name": "this is a custom task"
},
{
"name": "other task"
}
],
"status": "COMPLETE",
"completionDate": "2024-05-01T01:01:57.685Z",
"dueDate": null,
"disabled": null
},
"completeBackgroundChecks": {
"taskType": "COMPLETE_BACKGROUND_CHECKS",
"status": "NONE",
"completionDate": null,
"dueDate": null,
"disabled": null
},
"acceptPolicies": {
"taskType": "ACCEPT_POLICIES",
"status": "DUE_SOON",
"dueDate": null,
"completionDate": null,
"disabled": null,
"unacceptedPolicies": [],
"acceptedPolicies": [
{
"name": "Business Continuity and Disaster Recovery Plan"
},
{
"name": "GDPR Compliance Policy"
},
{
"name": "01-ISMS Scope of the ISMS"
}
]
},
"installDeviceMonitoring": {
"taskType": "INSTALL_DEVICE_MONITORING",
"status": "NONE",
"completionDate": null,
"dueDate": null,
"disabled": null
}
}
}
}
Updated 17 days ago