Quick start

🚧

Notice: We’re shifting our development focus to the Vanta REST API

While the GraphQL API is still available, we are no longer continuing development on it. For the best experience, please use our Rest API. View our introduction guide to get started.

Vanta's GraphQL API GraphQL, is built using the same technology we use internally.

If you're new to GraphQL, Apollo's tutorial is a great place to learn.

1. Make an API token

Generate a personal API token in Vanta Settings.

Only admin users can generate API tokens, and all API tokens can access the entire public graph.

2. Explore the graph

Explore the available fields and mutations. We recommend doing this by playing around in the GraphQL Explorer, but you can also reference our Schema or API Structure guide.

3. Start sending requests

Query or mutate the graph by sending POST requests to <https://api.vanta.com/graphql>.

Include your GraphQL request in the body, as well as the following headers:

  • Authorization: token <your token>
  • Content-Type: application/json

We recommend using a client library to make this simple, such as:

# Using the GQL library (pip install gql[all])
from gql import gql, Client
from gql.transport.aiohttp import AIOHTTPTransport

# Create a GraphQL client
client = Client(
    transport=AIOHTTPTransport(
        url="https://api.vanta.com/graphql",
        headers={
            'Authorization': 'token YOUR_TOKEN_HERE'
        }
    )
)

# Specify the GraphQL query
query = gql(
    """
    query getTestResults {
      organization {
        currentTestResults {
          name
          outcome
        }
      }
    }
"""
)

# Execute the query
# NOTE: If you're using a Jupyter Notebook, you may need to use 'await' as shown below
# print(await client.execute(query))
print(client.execute(query))
// Using the graphql-request library (npm install graphql-request graphql)
import { GraphQLClient, gql } from "graphql-request";

const endpoint = "https://api.vanta.com/graphql";

// Initialize client
const graphQLClient = new GraphQLClient(endpoint, {
  headers: {
    Authorization: "token YOUR_TOKEN_HERE",
  },
});

// Set up query
const query = gql`
  query getTestResults {
    organization {
      currentTestResults {
        name
        outcome
      }
    }
  }
`;

// Run query
graphQLClient
  .request(query)
  .then((data) => console.log(JSON.stringify(data, undefined, 2)));
❯ curl --silent --request POST \
  --url https://api.vanta.com/graphql \
  --header 'Authorization: token YOUR_TOKEN_GOES_HERE' \
  --header 'Content-Type: application/json' \
  --data '{"query":"query exampleQuery { organization { displayName } }"}' | jq

{
  "data": {
    "organization": {
      "displayName": "Vanta"
    }
  }
}