Find vendors by search terms and filters

List vendors given the provided search terms and filters

Securitybearer
Request
query Parameters
page
number >= 1
Default: 1

Which page of data are you requesting

limit
number [ 1 .. 50 ]
Default: 20

How many items are you requesting

q
string

Filter data to search term

Example: q=Acme
sort
string

Which type of sort (default: NAME)

Enum: "CATEGORY" "NAME" "POLICY" "RISK" "USER" "TYPE" "STATUS" "IMPACT_LEVEL"
Example: sort=NAME
sortDir
string

Which direction to sort the data (default: ASC)

Enum: "ASC" "DESC"
Example: sortDir=ASC
category
string

Filter data to vendors of this category

Enum: "ENGINEERING" "PRODUCT" "MARKETING" "CS" "SALES" "FINANCE" "HR" "ADMINISTRATIVE" "SECURITY" "LEGAL" "INFORMATION_TECHNOLOGY" "NONE"
Example: category=ENGINEERING
risk
string

Filter data to vendors of this risk level

Enum: "NONE" "LOW" "MODERATE" "HIGH"
Example: risk=MODERATE
status
string

The status of vendor

Enum: "POTENTIAL" "ACTIVE" "ARCHIVED" "APPROVED" "REJECTED" "FLAGGED" "ON_HOLD" "OFFBOARDED" "UNDER_REVIEW" "NONE"
Example: status=UNDER_REVIEW
contactEmail
string

The contact email of vendor

contactName
string

The name of the primary contact person

Example: contactName=John Doe
critical
boolean

Filter data to vendors depending on if it is considered critical

passwordPolicy
string

Filter data to vendors with this password policy

Enum: "USERNAME_PASSWORD" "SSO" "LDAP" "NONE"
Example: passwordPolicy=USERNAME_PASSWORD
userId
number <= 1000000000

Filter data to a person responsible for vendors

Example: userId=1
withLastQuestionnaires
boolean

Add last questionnaires to vendors

type
string

Filter data to vendors of this type

Enum: "VENDOR" "SUPPLIER" "CONTRACTOR" "PARTNER" "OTHER" "NONE"
Example: type=CONTRACTOR
impactLevel
string

Vendor overall impact level

Enum: "INSIGNIFICANT" "MINOR" "MODERATE" "MAJOR" "CRITICAL" "UNSCORED"
Example: impactLevel=INSIGNIFICANT
isArchived
boolean

Get archived or unarchived vendors

renewalDate
string

Vendor renewal date

Example: renewalDate=2024-12-24
renewalScheduleType
string

Vendor renewal schedule type

Enum: "ONE_MONTH" "TWO_MONTHS" "THREE_MONTHS" "SIX_MONTHS" "ONE_YEAR" "CUSTOM" "NONE"
Example: renewalScheduleType=ONE_YEAR
renewalDateStatus
string

Vendor renewal status based on how close it is to the renewal due date

Enum: "NO_RENEWAL" "COMPLETED" "RENEWAL_DUE_SOON" "RENEWAL_DUE"
Example: renewalDateStatus=COMPLETED
sharedAccountId
string

Shared account id

Responses
200
400

Malformed data and/or validation errors

401

Invalid Authorization

403

You are not allowed to perform this action

500

Internal server error

default

Response Code: 412

You must accept the Drata terms and conditions to use the API

get/vendors
Request samples
Response samples
application/json
{
  • "data": [
    • {
      • "id": 1,
      • "name": "Acme",
      • "category": "ENGINEERING",
      • "risk": "MODERATE",
      • "type": "CONTRACTOR",
      • "critical": false,
      • "location": "USA",
      • "privacyUrl": "https://acme.com",
      • "termsUrl": "https://acme.com",
      • "servicesProvided": "Perform security scans once a month",
      • "dataStored": "Resulting reports of security scans",
      • "hasPii": true,
      • "passwordPolicy": "USERNAME_PASSWORD",
      • "passwordRequiresMinLength": true,
      • "passwordMinLength": 8,
      • "passwordRequiresNumber": true,
      • "passwordRequiresSymbol": true,
      • "passwordMfaEnabled": true,
      • "contactAtVendor": "John Doe",
      • "contactsEmail": "[email protected]",
      • "notes": "Meeting once a month to adjust contract",
      • "createdAt": "2020-07-06 12:00:00.000000",
      • "updatedAt": "2020-07-06 12:00:00.000000",
      • "user": { },
      • "documents": [],
      • "lastQuestionnaire": { },
      • "isSubProcessor": false,
      • "isSubProcessorActive": false,
      • "archivedAt": "2020-07-06 12:00:00.000000",
      • "status": "ACTIVE",
      • "renewalDate": "2020-07-06",
      • "renewalScheduleType": "ONE_YEAR",
      • "renewalDateStatus": "COMPLETED",
      • "confirmedAt": "2020-07-06 12:00:00.000000",
      • "reviews": [
        • {
          • "id": 1,
          • "updatedAt": "2024-12-24",
          • "reviewer": "John Doe",
          • "reviewDate": "2024-12-24",
          • "reportIssueDate": "2024-12-24",
          • "socReport": "SOC_1",
          • "socReportType1": true,
          • "socReportType2": true,
          • "socType1StartDate": "2024-12-24",
          • "socType1EndDate": "2024-12-24",
          • "socType2StartDate": "2024-12-24",
          • "socType2EndDate": "2024-12-24",
          • "reportOpinion": "UNQUALIFIED",
          • "encompassBusinessNeeds": true,
          • "followUpActivity": "User must proceed to...",
          • "hasMaterialImpact": true,
          • "cpaFirm": "CPA firm name",
          • "cpaProcedurePerformed": "The following procedures were performed...",
          • "subserviceOrganization": "Subservice Inc.",
          • "subserviceOrganizationUsingInclusiveMethod": true,
          • "subserviceOrganizationProcedurePerformed": "The following procedures were performed...",
          • "trustServiceCategories": [
            • {
              • "id": 1,
              • "category": "AVAILABILITY"
              }
            ],
          • "userControls": [
            • {
              • "id": 1,
              • "name": "End User Control 1",
              • "inPlace": true
              }
            ],
          • "services": [
            • {
              • "id": 1,
              • "name": "Service 1"
              }
            ],
          • "locations": [
            • {
              • "id": 1,
              • "city": "San Diego",
              • "stateCountry": "CA"
              }
            ],
          • "findings": [
            • {
              • "id": 1,
              • "description": "Finding 1"
              }
            ]
          }
        ],
      • "sharedAccountId": "aaaaaaaa-bbbb-0000-cccc-dddddddddddd",
      • "isDrataUser": false,
      • "events": 4,
      • "impactLevel": "INSIGNIFICANT",
      • "securityReview": [
        • {
          • "id": 1,
          • "requestedAt": "2019-08-24T14:15:22Z",
          • "reviewDeadlineAt": "2019-08-24T14:15:22Z",
          • "decision": "APPROVED",
          • "note": "string",
          • "status": "NOT_YET_STARTED",
          • "type": "SECURITY",
          • "requesterUser": {
            • "id": 1,
            • "email": "[email protected]",
            • "firstName": "Sally",
            • "lastName": "Smith",
            • "jobTitle": "CEO",
            • "drataTermsAgreedAt": "2020-07-06 12:00:00.000000",
            • "createdAt": "2020-07-06 12:00:00.000000",
            • "updatedAt": "2020-07-06 12:00:00.000000",
            • "roles": [
              • "ROLE",
              • "ANOTHER_ROLE"
              ],
            • "backgroundChecks": [
              • {
                • "id": null,
                • "userId": null,
                • "status": null,
                • "caseId": null,
                • "caseInvitationId": null,
                • "url": null,
                • "manualCheckDate": null,
                • "manuallyCheckUrl": null,
                • "type": null,
                • "source": null,
                • "reportData": null,
                • "user": null,
                • "outOfScopeReason": null,
                • "outOfScopeAt": null,
                • "invitationEmail": null,
                • "linkedAt": null,
                • "createdAt": null,
                • "updatedAt": null
                }
              ],
            • "identities": [
              • {
                • "id": null,
                • "identityId": null,
                • "username": null,
                • "connectedAt": null,
                • "disconnectedAt": null,
                • "hasMfa": null,
                • "user": null,
                • "connection": null,
                • "hasIdp": null
                }
              ]
            },
          • "user": {
            • "id": 1,
            • "email": "[email protected]",
            • "firstName": "Sally",
            • "lastName": "Smith",
            • "jobTitle": "CEO",
            • "drataTermsAgreedAt": "2020-07-06 12:00:00.000000",
            • "createdAt": "2020-07-06 12:00:00.000000",
            • "updatedAt": "2020-07-06 12:00:00.000000",
            • "roles": [
              • "ROLE",
              • "ANOTHER_ROLE"
              ],
            • "backgroundChecks": [
              • {
                • "id": null,
                • "userId": null,
                • "status": null,
                • "caseId": null,
                • "caseInvitationId": null,
                • "url": null,
                • "manualCheckDate": null,
                • "manuallyCheckUrl": null,
                • "type": null,
                • "source": null,
                • "reportData": null,
                • "user": null,
                • "outOfScopeReason": null,
                • "outOfScopeAt": null,
                • "invitationEmail": null,
                • "linkedAt": null,
                • "createdAt": null,
                • "updatedAt": null
                }
              ],
            • "identities": [
              • {
                • "id": null,
                • "identityId": null,
                • "username": null,
                • "connectedAt": null,
                • "disconnectedAt": null,
                • "hasMfa": null,
                • "user": null,
                • "connection": null,
                • "hasIdp": null
                }
              ]
            },
          • "vendor": {
            • "id": 1,
            • "name": "Acme",
            • "category": "ENGINEERING",
            • "risk": "MODERATE",
            • "type": "CONTRACTOR",
            • "critical": false,
            • "location": "USA",
            • "privacyUrl": "https://acme.com",
            • "termsUrl": "https://acme.com",
            • "servicesProvided": "Perform security scans once a month",
            • "dataStored": "Resulting reports of security scans",
            • "hasPii": true,
            • "passwordPolicy": "USERNAME_PASSWORD",
            • "passwordRequiresMinLength": true,
            • "passwordMinLength": 8,
            • "passwordRequiresNumber": true,
            • "passwordRequiresSymbol": true,
            • "passwordMfaEnabled": true,
            • "contactAtVendor": "John Doe",
            • "contactsEmail": "[email protected]",
            • "notes": "Meeting once a month to adjust contract",
            • "createdAt": "2020-07-06 12:00:00.000000",
            • "updatedAt": "2020-07-06 12:00:00.000000",
            • "user": { },
            • "documents": [
              • {
                • "id": null,
                • "name": null,
                • "fileUrl": null,
                • "createdAt": null,
                • "updatedAt": null
                }
              ],
            • "lastQuestionnaire": { },
            • "isSubProcessor": false,
            • "isSubProcessorActive": false,
            • "archivedAt": "2020-07-06 12:00:00.000000",
            • "status": "ACTIVE",
            • "renewalDate": "2020-07-06",
            • "renewalScheduleType": "ONE_YEAR",
            • "renewalDateStatus": "COMPLETED",
            • "confirmedAt": "2020-07-06 12:00:00.000000",
            • "reviews": [
              • {
                • "id": null,
                • "updatedAt": null,
                • "reviewer": null,
                • "reviewDate": null,
                • "reportIssueDate": null,
                • "socReport": null,
                • "socReportType1": null,
                • "socReportType2": null,
                • "socType1StartDate": null,
                • "socType1EndDate": null,
                • "socType2StartDate": null,
                • "socType2EndDate": null,
                • "reportOpinion": null,
                • "encompassBusinessNeeds": null,
                • "followUpActivity": null,
                • "hasMaterialImpact": null,
                • "cpaFirm": null,
                • "cpaProcedurePerformed": null,
                • "subserviceOrganization": null,
                • "subserviceOrganizationUsingInclusiveMethod": null,
                • "subserviceOrganizationProcedurePerformed": null,
                • "trustServiceCategories": [ ],
                • "userControls": [ ],
                • "services": [ ],
                • "locations": [ ],
                • "findings": [ ]
                }
              ],
            • "sharedAccountId": "aaaaaaaa-bbbb-0000-cccc-dddddddddddd",
            • "isDrataUser": false,
            • "events": 4,
            • "integrations": [
              • { }
              ],
            • "cost": "1088",
            • "operationalImpact": "CRITICAL",
            • "environmentAccess": "READ_ONLY",
            • "impactLevel": "INSIGNIFICANT",
            • "dataAccessedOrProcessedList": [
              • { }
              ],
            • "latestSecurityReviews": [
              • { }
              ],
            • "riskCount": 0
            }
          }
        ],
      • "riskCount": 0
      }
    ],
  • "page": 1,
  • "limit": 10,
  • "total": 100
}