Drata API Overview
Drata is the world’s most advanced security and compliance automation platform with the mission to help companies earn and keep the trust of their users, customers, partners and prospects. We help thousands of companies streamline compliance for SOC 2, ISO 27001, HIPAA, GDPR, your own custom frameworks, and many more through continuous, automated control monitoring and evidence collection. Using the Drata API, you can access your data to power internal workflows and build creative solutions.
Our APIs use the REST architecture and are defined using the OpenAPI specification. All our APIs accept and return JSON and require HTTPS.
All calls to Drata APIs are authenticated with an API key that a user can generate within your Drata app. Allowed resources can be customized per API key.
Please keep your API keys private.
Each request is tracked by its unique IP. The limit is 500 requests per minute. Hitting the limit will block requests for the following 10 minutes.