Introduction to the REST API

Our API provides our customers with programmatic access to a wide breadth of functionality and data that already exists within Vanta!


The REST API is currently in Beta

We're actively developing the API and it's subject to breaking changes.

API Structure

Our API is a RESTful service that accepts JSON-formatted requests and returns JSON-formatted responses. The base URL for the API is

API Authentication

Vanta leverages OAuth API authentication to successfully perform requests. Click here for our full walkthrough on how to authenticate to the Vanta API.

Rate Limiting

The Vanta API is rate-limited to 100 requests per minute, per unique client application/OAuth credential.

API Versioning

Over time, the Vanta API will continue to evolve and new versions will be released. More on how to receive these updates coming soon.

Making Requests

You can interact with the API through standard HTTP methods:

  • GET to retrieve data
  • POST to create data
  • PATCH & PUT to update data
  • DELETE to remove data.

Responses and Error Handling

Successful responses will return a 200 OK status code along with the requested data in JSON format. In the case of errors, our API uses conventional HTTP response codes to indicate what went wrong (e.g., 400 for bad requests, 401 for unauthorized requests, or 500 for server related errors).

Query Parameters

Each endpoint will support various query parameters:

  1. Pagination: You can leverage the pageSize and pageCursor query parameters to adjust the number of results you want returned or to query starting from a specific object.
  2. Filters: Various endpoints support a variety of filters to help you retrieve the data most important to your use case.

What’s Next

Next, let's learn how to authenticate and send our first API request!