Find vendors by search terms and filters

List vendors given the provided search terms and filters

Securitybearer

Request

query Parameters

page	number >= 1 Default: 1 Which page of data are you requesting
limit	number [ 1 .. 50 ] Default: 20 How many items are you requesting
q	string Filter data to search term Example: q=Acme
sort	string Which type of sort (default: NAME) Enum: "CATEGORY" "NAME" "POLICY" "RISK" "USER" "TYPE" "STATUS" "IMPACT_LEVEL" Example: sort=NAME
sortDir	string Which direction to sort the data (default: ASC) Enum: "ASC" "DESC" Example: sortDir=ASC
category	string Filter data to vendors of this category Enum: "ENGINEERING" "PRODUCT" "MARKETING" "CS" "SALES" "FINANCE" "HR" "ADMINISTRATIVE" "SECURITY" "LEGAL" "INFORMATION_TECHNOLOGY" "NONE" Example: category=ENGINEERING
risk	string Filter data to vendors of this risk level Enum: "NONE" "LOW" "MODERATE" "HIGH" Example: risk=MODERATE
status	string The status of vendor Enum: "PROSPECTIVE" "ACTIVE" "ARCHIVED" "APPROVED" "REJECTED" "FLAGGED" "ON_HOLD" "OFFBOARDED" "UNDER_REVIEW" "NONE" Example: status=UNDER_REVIEW
contactEmail	string The contact email of vendor Example: [email protected]
contactName	string The name of the primary contact person Example: contactName=John Doe
critical	boolean Filter data to vendors depending on if it is considered critical
passwordPolicy	string Filter data to vendors with this password policy Enum: "USERNAME_PASSWORD" "SSO" "LDAP" "NONE" Example: passwordPolicy=USERNAME_PASSWORD
userId	number <= 1000000000 Filter data to a person responsible for vendors Example: userId=1
withLastQuestionnaires	boolean Add last questionnaires to vendors
type	string Filter data to vendors of this type Enum: "VENDOR" "SUPPLIER" "CONTRACTOR" "PARTNER" "OTHER" "NONE" Example: type=CONTRACTOR
impactLevel	string Vendor overall impact level Enum: "INSIGNIFICANT" "MINOR" "MODERATE" "MAJOR" "CRITICAL" "UNSCORED" Example: impactLevel=INSIGNIFICANT
isArchived	boolean Get archived or unarchived vendors
renewalDate	string Vendor renewal date Example: renewalDate=2025-01-29
renewalScheduleType	string Vendor renewal schedule type Enum: "ONE_MONTH" "TWO_MONTHS" "THREE_MONTHS" "SIX_MONTHS" "ONE_YEAR" "CUSTOM" "NONE" Example: renewalScheduleType=ONE_YEAR
renewalDateStatus	string Vendor renewal status based on how close it is to the renewal due date Enum: "NO_RENEWAL" "COMPLETED" "RENEWAL_DUE_SOON" "RENEWAL_DUE" Example: renewalDateStatus=COMPLETED
nextReviewDeadlineStatus	string Vendor next review deadline from security review Enum: "NO_RENEWAL" "DUE_SOON" "OVERDUE" Example: nextReviewDeadlineStatus=NO_RENEWAL
scheduledQuestionnaireStatus	string Vendor scheduled questionnaire status Enum: "ENABLED" "DISABLED" Example: scheduledQuestionnaireStatus=ENABLED
securityReviewStatus	string Vendor security review status Enum: "NO_SECURITY" "UP_TO_DATE" "IN_PROGRESS" "NEEDS_REVIEW" "COMPLETED" "NO_PAST_REVIEW" Example: securityReviewStatus=NO_SECURITY
sharedAccountId	string Shared account id

Responses

200

400

Malformed data and/or validation errors

401

Invalid Authorization

402

Response Code 402

You must pay to activate this feature

403

You are not allowed to perform this action

500

Internal server error

default

Response Code: 412

You must accept the Drata terms and conditions to use the API

get/vendors

Request samples

Response samples

application/json

{"data": [{"id": 1,
"name": "Acme",
"category": "ENGINEERING",
"risk": "MODERATE",
"type": "CONTRACTOR",
"critical": false,
"location": "USA",
"url": "https://acme.com",
"privacyUrl": "https://acme.com",
"termsUrl": "https://acme.com",
"servicesProvided": "Perform security scans once a month",
"dataStored": "Resulting reports of security scans",
"hasPii": true,
"passwordPolicy": "USERNAME_PASSWORD",
"passwordRequiresMinLength": true,
"passwordMinLength": 8,
"passwordRequiresNumber": true,
"passwordRequiresSymbol": true,
"passwordMfaEnabled": true,
"contactAtVendor": "John Doe",
"contactsEmail": "[email protected]",
"notes": "Meeting once a month to adjust contract",
"logoUrl": "https://cdn-prod.imgpilot.com/logo.png",
"createdAt": "2020-07-06 12:00:00.000000",
"updatedAt": "2020-07-06 12:00:00.000000",
"user": { },
"documents": [{"id": 1,
"name": "AWS SOC 2 2018",
"fileUrl": "http://localhost:5000/download/vendors/1",
"createdAt": "2020-07-06 12:00:00.000000",
"updatedAt": "2020-07-06 12:00:00.000000"
}
],
"lastQuestionnaire": { },
"isSubProcessor": false,
"isSubProcessorActive": false,
"archivedAt": "2020-07-06 12:00:00.000000",
"status": "ACTIVE",
"renewalDate": "2020-07-06",
"renewalScheduleType": "ONE_YEAR",
"renewalDateStatus": "COMPLETED",
"confirmedAt": "2020-07-06 12:00:00.000000",
"reviews": [{"id": 1,
"updatedAt": "2025-01-29",
"reviewer": "John Doe",
"reviewDate": "2025-01-29",
"reportIssueDate": "2025-01-29",
"socReport": "SOC_1",
"socReportType1": true,
"socReportType2": true,
"socType1StartDate": "2025-01-29",
"socType1EndDate": "2025-01-29",
"socType2StartDate": "2025-01-29",
"socType2EndDate": "2025-01-29",
"reportOpinion": "UNQUALIFIED",
"encompassBusinessNeeds": true,
"followUpActivity": "User must proceed to...",
"hasMaterialImpact": true,
"cpaFirm": "CPA firm name",
"cpaProcedurePerformed": "The following procedures were performed...",
"subserviceOrganization": "Subservice Inc.",
"subserviceOrganizationUsingInclusiveMethod": true,
"subserviceOrganizationProcedurePerformed": "The following procedures were performed...",
"trustServiceCategories": [{"id": 1,
"category": "AVAILABILITY"
}
],
"userControls": [{"id": 1,
"name": "End User Control 1",
"inPlace": true
}
],
"services": [{"id": 1,
"name": "Service 1"
}
],
"locations": [{"id": 1,
"city": "San Diego",
"stateCountry": "CA"
}
],
"findings": [{"id": 1,
"description": "Finding 1"
}
]
}
],
"sharedAccountId": "aaaaaaaa-bbbb-0000-cccc-dddddddddddd",
"isDrataUser": false,
"events": 4,
"impactLevel": "INSIGNIFICANT",
"securityReview": [{"id": 1,
"requestedAt": "2019-08-24T14:15:22Z",
"reviewDeadlineAt": "2019-08-24T14:15:22Z",
"decision": "APPROVED",
"note": "string",
"status": "NOT_YET_STARTED",
"type": "SECURITY",
"requesterUser": {"id": 1,
"email": "[email protected]",
"firstName": "Sally",
"lastName": "Smith",
"jobTitle": "CEO",
"avatarUrl": "https://cdn-prod.imgpilot.com/avatar.png",
"drataTermsAgreedAt": "2020-07-06 12:00:00.000000",
"createdAt": "2020-07-06 12:00:00.000000",
"updatedAt": "2020-07-06 12:00:00.000000",
"roles": ["ROLE",
"ANOTHER_ROLE"
],
"backgroundChecks": [{"id": null,
"userId": null,
"status": null,
"caseId": null,
"caseInvitationId": null,
"url": null,
"manualCheckDate": null,
"manuallyCheckUrl": null,
"type": null,
"source": null,
"reportData": null,
"user": null,
"outOfScopeReason": null,
"outOfScopeAt": null,
"invitationEmail": null,
"linkedAt": null,
"createdAt": null,
"updatedAt": null
}
],
"identities": [{"id": null,
"identityId": null,
"username": null,
"connectedAt": null,
"disconnectedAt": null,
"hasMfa": null,
"user": null,
"connection": null,
"hasIdp": null,
"secondaryEmail": null,
"firstName": null,
"lastName": null,
"startedAt": null,
"separatedAt": null,
"isContractor": null,
"jobTitle": null,
"managerId": null,
"managerName": null
}
]
},
"user": {"id": 1,
"email": "[email protected]",
"firstName": "Sally",
"lastName": "Smith",
"jobTitle": "CEO",
"avatarUrl": "https://cdn-prod.imgpilot.com/avatar.png",
"drataTermsAgreedAt": "2020-07-06 12:00:00.000000",
"createdAt": "2020-07-06 12:00:00.000000",
"updatedAt": "2020-07-06 12:00:00.000000",
"roles": ["ROLE",
"ANOTHER_ROLE"
],
"backgroundChecks": [{"id": null,
"userId": null,
"status": null,
"caseId": null,
"caseInvitationId": null,
"url": null,
"manualCheckDate": null,
"manuallyCheckUrl": null,
"type": null,
"source": null,
"reportData": null,
"user": null,
"outOfScopeReason": null,
"outOfScopeAt": null,
"invitationEmail": null,
"linkedAt": null,
"createdAt": null,
"updatedAt": null
}
],
"identities": [{"id": null,
"identityId": null,
"username": null,
"connectedAt": null,
"disconnectedAt": null,
"hasMfa": null,
"user": null,
"connection": null,
"hasIdp": null,
"secondaryEmail": null,
"firstName": null,
"lastName": null,
"startedAt": null,
"separatedAt": null,
"isContractor": null,
"jobTitle": null,
"managerId": null,
"managerName": null
}
]
},
"vendor": {"id": 1,
"name": "Acme",
"category": "ENGINEERING",
"risk": "MODERATE",
"type": "CONTRACTOR",
"critical": false,
"location": "USA",
"url": "https://acme.com",
"privacyUrl": "https://acme.com",
"termsUrl": "https://acme.com",
"servicesProvided": "Perform security scans once a month",
"dataStored": "Resulting reports of security scans",
"hasPii": true,
"passwordPolicy": "USERNAME_PASSWORD",
"passwordRequiresMinLength": true,
"passwordMinLength": 8,
"passwordRequiresNumber": true,
"passwordRequiresSymbol": true,
"passwordMfaEnabled": true,
"contactAtVendor": "John Doe",
"contactsEmail": "[email protected]",
"notes": "Meeting once a month to adjust contract",
"logoUrl": "https://cdn-prod.imgpilot.com/logo.png",
"createdAt": "2020-07-06 12:00:00.000000",
"updatedAt": "2020-07-06 12:00:00.000000",
"user": { },
"documents": [{"id": null,
"name": null,
"fileUrl": null,
"createdAt": null,
"updatedAt": null
}
],
"lastQuestionnaire": { },
"isSubProcessor": false,
"isSubProcessorActive": false,
"archivedAt": "2020-07-06 12:00:00.000000",
"status": "ACTIVE",
"renewalDate": "2020-07-06",
"renewalScheduleType": "ONE_YEAR",
"renewalDateStatus": "COMPLETED",
"confirmedAt": "2020-07-06 12:00:00.000000",
"reviews": [{"id": null,
"updatedAt": null,
"reviewer": null,
"reviewDate": null,
"reportIssueDate": null,
"socReport": null,
"socReportType1": null,
"socReportType2": null,
"socType1StartDate": null,
"socType1EndDate": null,
"socType2StartDate": null,
"socType2EndDate": null,
"reportOpinion": null,
"encompassBusinessNeeds": null,
"followUpActivity": null,
"hasMaterialImpact": null,
"cpaFirm": null,
"cpaProcedurePerformed": null,
"subserviceOrganization": null,
"subserviceOrganizationUsingInclusiveMethod": null,
"subserviceOrganizationProcedurePerformed": null,
"trustServiceCategories": [ ],
"userControls": [ ],
"services": [ ],
"locations": [ ],
"findings": [ ]
}
],
"sharedAccountId": "aaaaaaaa-bbbb-0000-cccc-dddddddddddd",
"isDrataUser": false,
"events": 4,
"integrations": [{ }
],
"cost": "1088",
"operationalImpact": "CRITICAL",
"environmentAccess": "READ_ONLY",
"impactLevel": "INSIGNIFICANT",
"dataAccessedOrProcessedList": [{ }
],
"latestSecurityReviews": [{ }
],
"riskCount": 0
}
}
],
"riskCount": 0
}
],
"page": 1,
"limit": 10,
"total": 100
}