Find assets by search terms and filters

List all the assets

    1. You cannot create net new device records via the Public API. You can only create devices
     in Drata via the Drata Agent or one of our native MDM integrations.
    2. You need to assess whether the device to which you want to map evidence already exists.
        a. If a device already exists in Drata, you can upload evidence to this device specifically
         using the device ID at this endpoint.
        b. If the device does not exist in Drata, you can only upload evidence to the personnel record.
         Use the same endpoint, but use the personnel ID as the device ID.
    3. If you are pursuing use case 2a, Drata will have already created the following mappings:
        a. Asset <--> user (as asset owner)
        b. Device <--> personnel (as device owner)
        c. Asset <--> device (i.e. all devices are assets, but not all assets are devices)
             i. You cannot create, modify, or delete these mappings via the API
    4. If you are pursuing use case 2b, the ability to create the same above mappings is reduced:
        a. Via the API, you can create the desired Asset <--> user (as asset owner) mapping
        b. Drata does not create, and you cannot create, the Device <--> personnel (as device owner) mapping
            i. Drata creates a default “null” device record, where the device ID here is the same as the
             personnel ID
            ii. This is why you use the personnel ID as the device ID when uploading device compliance evidence
             to the personnel record
        c. Drata does not create, and you cannot create, the Asset <--> device (i.e. all devices are assets, but
             not all assets are devices) mapping
            i. You cannot create, modify, or delete this mapping via the API
Securitybearer
Request
query Parameters
page
number [ 1 .. 1000 ]
Default: 1

Which page of data are you requesting

limit
number [ 1 .. 50 ]
Default: 20

How many items are you requesting

q
string

Filter data by searching by asset names

Example: q=Security Program Overview
sort
string

Which type of sort (default: CREATED)

Enum: "NAME" "ASSET_TYPE" "COMPANY_NAME" "DESCRIPTION" "ASSET_PROVIDER" "USER" "APPROVED_AT" "REMOVED_AT" "CREATED" "UPDATED" "EMPLOYMENT_STATUS"
Example: sort=NAME
sortDir
string

Which direction to sort the data (default: ASC)

Enum: "ASC" "DESC"
Example: sortDir=ASC
assetClassType
string

Filter assets by class type (associated assets)

Enum: "HARDWARE" "POLICY" "DOCUMENT" "PERSONNEL" "SOFTWARE" "CODE" "CONTAINER" "COMPUTE" "NETWORKING" "DATABASE" "STORAGE"
Example: assetClassType=DOCUMENT
assetType
string

Filter assets by type

Enum: "PHYSICAL" "VIRTUAL"
Example: assetType=PHYSICAL
assetProvider
string

Filter assets by provider

Enum: "DRATA_DEV" "AGENT" "DRATA" "GOOGLE" "MICROSOFT_365" "JAMF" "INTUNE" "OKTA_IDENTITY" "KANDJI" "JUMPCLOUD" "HEXNODE_UEM" "RIPPLING" "AWS" "MERGEDEV_ONELOGIN" "MERGEDEV_JUMPCLOUD" "WORKSPACE_ONE" "CSV_IDP" "AWS_GOV_CLOUD" "AZURE" "GCP"
Example: assetProvider=AGENT
userId
number <= 1000000000

Filter data to a user associated to the assets

Example: userId=1
employmentStatus
string

Filter data to personnel of this employment status

Enum: "CURRENT_EMPLOYEE" "FORMER_EMPLOYEE" "CURRENT_CONTRACTOR" "FORMER_CONTRACTOR" "OUT_OF_SCOPE" "UNKNOWN" "SPECIAL_FORMER_EMPLOYEE" "SPECIAL_FORMER_CONTRACTOR" "FUTURE_HIRE" "SERVICE_ACCOUNT"
Example: employmentStatus=CURRENT_EMPLOYEE
Responses
200
401

Invalid Authorization

403

You are not allowed to perform this action

500

Internal server error

default

Response Code: 412

You must accept the Drata terms and conditions to use the API

get/public/assets
Request samples
Response samples
application/json
{
  • "data": [ ],
  • "page": 1,
  • "limit": 10,
  • "total": 100
}