Upload document by vendor id

Upload vendor documents

Securitybearer
Request
path Parameters
id
required
number
Request Body schema: multipart/form-data
required
type
string or null

Vendor document type

Enum: "COMPLIANCE_REPORT" "COMPLIANCE_REPORT_REVIEW" "BRIDGE_LETTER" "UPLOADED_COMPLIANCE_REPORT_REVIEW" "QUESTIONNAIRE_ATTACHMENT" "SOC_DOCUMENT"
file
required
string <binary>

Accepted file extensions: .pdf, .docx, .odt, .xlsx, .ods, .pptx, .odp, .gif, .jpeg, .jpg, .png

Responses
201

Record created!

400

Malformed data and/or validation errors

401

Invalid Authorization

403

You are not allowed to perform this action

413

The file was too large to upload

500

Internal server error

503

Third party system was unavailable

default

Response Code: 412

You must accept the Drata terms and conditions to use the API

post/vendors/{id}/documents
Request samples
Response samples
application/json
{
  • "data": [
    • {
      • "id": 1,
      • "name": "Acme",
      • "category": "ENGINEERING",
      • "risk": "MODERATE",
      • "type": "CONTRACTOR",
      • "critical": false,
      • "location": "USA",
      • "privacyUrl": "https://acme.com",
      • "termsUrl": "https://acme.com",
      • "servicesProvided": "Perform security scans once a month",
      • "dataStored": "Resulting reports of security scans",
      • "hasPii": true,
      • "passwordPolicy": "USERNAME_PASSWORD",
      • "passwordRequiresMinLength": true,
      • "passwordMinLength": 8,
      • "passwordRequiresNumber": true,
      • "passwordRequiresSymbol": true,
      • "passwordMfaEnabled": true,
      • "contactAtVendor": "John Doe",
      • "contactsEmail": "[email protected]",
      • "notes": "Meeting once a month to adjust contract",
      • "createdAt": "2020-07-06 12:00:00.000000",
      • "updatedAt": "2020-07-06 12:00:00.000000",
      • "user": { },
      • "documents": [],
      • "lastQuestionnaire": { },
      • "isSubProcessor": false,
      • "isSubProcessorActive": false,
      • "archivedAt": "2020-07-06 12:00:00.000000",
      • "status": "ACTIVE",
      • "renewalDate": "2020-07-06",
      • "renewalScheduleType": "ONE_YEAR",
      • "renewalDateStatus": "COMPLETED",
      • "confirmedAt": "2020-07-06 12:00:00.000000",
      • "reviews": [
        • {
          • "id": 1,
          • "updatedAt": "2024-12-24",
          • "reviewer": "John Doe",
          • "reviewDate": "2024-12-24",
          • "reportIssueDate": "2024-12-24",
          • "socReport": "SOC_1",
          • "socReportType1": true,
          • "socReportType2": true,
          • "socType1StartDate": "2024-12-24",
          • "socType1EndDate": "2024-12-24",
          • "socType2StartDate": "2024-12-24",
          • "socType2EndDate": "2024-12-24",
          • "reportOpinion": "UNQUALIFIED",
          • "encompassBusinessNeeds": true,
          • "followUpActivity": "User must proceed to...",
          • "hasMaterialImpact": true,
          • "cpaFirm": "CPA firm name",
          • "cpaProcedurePerformed": "The following procedures were performed...",
          • "subserviceOrganization": "Subservice Inc.",
          • "subserviceOrganizationUsingInclusiveMethod": true,
          • "subserviceOrganizationProcedurePerformed": "The following procedures were performed...",
          • "trustServiceCategories": [
            • {
              • "id": 1,
              • "category": "AVAILABILITY"
              }
            ],
          • "userControls": [
            • {
              • "id": 1,
              • "name": "End User Control 1",
              • "inPlace": true
              }
            ],
          • "services": [
            • {
              • "id": 1,
              • "name": "Service 1"
              }
            ],
          • "locations": [
            • {
              • "id": 1,
              • "city": "San Diego",
              • "stateCountry": "CA"
              }
            ],
          • "findings": [
            • {
              • "id": 1,
              • "description": "Finding 1"
              }
            ]
          }
        ],
      • "sharedAccountId": "aaaaaaaa-bbbb-0000-cccc-dddddddddddd",
      • "isDrataUser": false,
      • "events": 4,
      • "impactLevel": "INSIGNIFICANT",
      • "securityReview": [
        • {
          • "id": 1,
          • "requestedAt": "2019-08-24T14:15:22Z",
          • "reviewDeadlineAt": "2019-08-24T14:15:22Z",
          • "decision": "APPROVED",
          • "note": "string",
          • "status": "NOT_YET_STARTED",
          • "type": "SECURITY",
          • "requesterUser": {
            • "id": 1,
            • "email": "[email protected]",
            • "firstName": "Sally",
            • "lastName": "Smith",
            • "jobTitle": "CEO",
            • "drataTermsAgreedAt": "2020-07-06 12:00:00.000000",
            • "createdAt": "2020-07-06 12:00:00.000000",
            • "updatedAt": "2020-07-06 12:00:00.000000",
            • "roles": [
              • "ROLE",
              • "ANOTHER_ROLE"
              ],
            • "backgroundChecks": [
              • {
                • "id": null,
                • "userId": null,
                • "status": null,
                • "caseId": null,
                • "caseInvitationId": null,
                • "url": null,
                • "manualCheckDate": null,
                • "manuallyCheckUrl": null,
                • "type": null,
                • "source": null,
                • "reportData": null,
                • "user": null,
                • "outOfScopeReason": null,
                • "outOfScopeAt": null,
                • "invitationEmail": null,
                • "linkedAt": null,
                • "createdAt": null,
                • "updatedAt": null
                }
              ],
            • "identities": [
              • {
                • "id": null,
                • "identityId": null,
                • "username": null,
                • "connectedAt": null,
                • "disconnectedAt": null,
                • "hasMfa": null,
                • "user": null,
                • "connection": null,
                • "hasIdp": null
                }
              ]
            },
          • "user": {
            • "id": 1,
            • "email": "[email protected]",
            • "firstName": "Sally",
            • "lastName": "Smith",
            • "jobTitle": "CEO",
            • "drataTermsAgreedAt": "2020-07-06 12:00:00.000000",
            • "createdAt": "2020-07-06 12:00:00.000000",
            • "updatedAt": "2020-07-06 12:00:00.000000",
            • "roles": [
              • "ROLE",
              • "ANOTHER_ROLE"
              ],
            • "backgroundChecks": [
              • {
                • "id": null,
                • "userId": null,
                • "status": null,
                • "caseId": null,
                • "caseInvitationId": null,
                • "url": null,
                • "manualCheckDate": null,
                • "manuallyCheckUrl": null,
                • "type": null,
                • "source": null,
                • "reportData": null,
                • "user": null,
                • "outOfScopeReason": null,
                • "outOfScopeAt": null,
                • "invitationEmail": null,
                • "linkedAt": null,
                • "createdAt": null,
                • "updatedAt": null
                }
              ],
            • "identities": [
              • {
                • "id": null,
                • "identityId": null,
                • "username": null,
                • "connectedAt": null,
                • "disconnectedAt": null,
                • "hasMfa": null,
                • "user": null,
                • "connection": null,
                • "hasIdp": null
                }
              ]
            },
          • "vendor": {
            • "id": 1,
            • "name": "Acme",
            • "category": "ENGINEERING",
            • "risk": "MODERATE",
            • "type": "CONTRACTOR",
            • "critical": false,
            • "location": "USA",
            • "privacyUrl": "https://acme.com",
            • "termsUrl": "https://acme.com",
            • "servicesProvided": "Perform security scans once a month",
            • "dataStored": "Resulting reports of security scans",
            • "hasPii": true,
            • "passwordPolicy": "USERNAME_PASSWORD",
            • "passwordRequiresMinLength": true,
            • "passwordMinLength": 8,
            • "passwordRequiresNumber": true,
            • "passwordRequiresSymbol": true,
            • "passwordMfaEnabled": true,
            • "contactAtVendor": "John Doe",
            • "contactsEmail": "[email protected]",
            • "notes": "Meeting once a month to adjust contract",
            • "createdAt": "2020-07-06 12:00:00.000000",
            • "updatedAt": "2020-07-06 12:00:00.000000",
            • "user": { },
            • "documents": [
              • {
                • "id": null,
                • "name": null,
                • "fileUrl": null,
                • "createdAt": null,
                • "updatedAt": null
                }
              ],
            • "lastQuestionnaire": { },
            • "isSubProcessor": false,
            • "isSubProcessorActive": false,
            • "archivedAt": "2020-07-06 12:00:00.000000",
            • "status": "ACTIVE",
            • "renewalDate": "2020-07-06",
            • "renewalScheduleType": "ONE_YEAR",
            • "renewalDateStatus": "COMPLETED",
            • "confirmedAt": "2020-07-06 12:00:00.000000",
            • "reviews": [
              • {
                • "id": null,
                • "updatedAt": null,
                • "reviewer": null,
                • "reviewDate": null,
                • "reportIssueDate": null,
                • "socReport": null,
                • "socReportType1": null,
                • "socReportType2": null,
                • "socType1StartDate": null,
                • "socType1EndDate": null,
                • "socType2StartDate": null,
                • "socType2EndDate": null,
                • "reportOpinion": null,
                • "encompassBusinessNeeds": null,
                • "followUpActivity": null,
                • "hasMaterialImpact": null,
                • "cpaFirm": null,
                • "cpaProcedurePerformed": null,
                • "subserviceOrganization": null,
                • "subserviceOrganizationUsingInclusiveMethod": null,
                • "subserviceOrganizationProcedurePerformed": null,
                • "trustServiceCategories": [ ],
                • "userControls": [ ],
                • "services": [ ],
                • "locations": [ ],
                • "findings": [ ]
                }
              ],
            • "sharedAccountId": "aaaaaaaa-bbbb-0000-cccc-dddddddddddd",
            • "isDrataUser": false,
            • "events": 4,
            • "integrations": [
              • { }
              ],
            • "cost": "1088",
            • "operationalImpact": "CRITICAL",
            • "environmentAccess": "READ_ONLY",
            • "impactLevel": "INSIGNIFICANT",
            • "dataAccessedOrProcessedList": [
              • { }
              ],
            • "latestSecurityReviews": [
              • { }
              ],
            • "riskCount": 0
            }
          }
        ],
      • "riskCount": 0
      }
    ],
  • "page": 1,
  • "limit": 10,
  • "total": 100
}