Find evidence by workspace id

List evidence given the provided search terms and filters

Securitybearer
Request
path Parameters
workspaceId
required
number

The Workspace ID associated to the Account

query Parameters
page
number >= 1
Default: 1

Which page of data are you requesting

limit
number [ 1 .. 50 ]
Default: 20

How many items are you requesting

q
string or null

Filter data to search term

Example: q=Evidence 1
fileKey
string <= 191 characters

Drata S3 file key

Example: fileKey=UUID-FOLDER/reports/UUID-FOLDER/TestReport.pdf
sort
string

Which type of sort (default: RENEWAL_DATE)

Enum: "DATE" "CREATED_AT" "DESCRIPTION" "RENEWAL_DATE" "NAME"
Example: sort=RENEWAL_DATE
sortDir
string

Which direction to sort the data (default: ASC)

Enum: "ASC" "DESC"
Example: sortDir=ASC
excludeIds
Array of numbers

Evidence ids to exclude from the results

excludeControlId
number

Exclude policies if mapped to control id

Example: excludeControlId=1
status
string

Status for the evidence

Enum: "READY" "EXPIRING_SOON" "EXPIRED" "NEEDS_SOURCE"
Example: status=EXPIRED
Responses
200
400

Malformed data and/or validation errors

401

Invalid Authorization

403

You are not allowed to perform this action

500

Internal server error

default

Response Code: 412

You must accept the Drata terms and conditions to use the API

get/workspaces/{workspaceId}/evidence-library
Request samples
Response samples
application/json
{
  • "data": [
    • {
      • "id": 1,
      • "name": "Security training",
      • "description": "Security Training completed evidence test",
      • "implementationGuidance": "Example of architectural diagram www.drata/arch-diagram-example.com",
      • "createdAt": "2020-07-06 12:00:00.000000",
      • "updatedAt": "2020-07-06 12:00:00.000000",
      • "user": {},
      • "controls": [
        • {
          • "id": "123",
          • "name": "Databases Monitored and Alarmed",
          • "code": "DCF-1002",
          • "description": "Drata has implemented tools to monitor Drata's databases and notify appropriate personnel of any events or incidents based on predetermined criteria. Incidents are escalated per policy.",
          • "question": "Does the organization implement tools to monitor its databases and notify appropriate personnel of incidents based on predetermined criteria?",
          • "activity": "1. Ensure tools are implemented to monitor databases 2. Ensure notifications based on specific criteria are sent to the appropriate personnel 3. Escalate incidents appropriately",
          • "slug": "databases-monitored-and-alarmed",
          • "archivedAt": "2020-07-06 12:00:00.000000"
          }
        ],
      • "renewalSchema": {
        • "renewalDate": "2020-07-06",
        • "renewalScheduleType": "ONE_YEAR"
        },
      • "isExpired": false,
      • "versions": []
      }
    ],
  • "page": 1,
  • "limit": 10,
  • "total": 100
}