Drata API – Beta 🧪 (V2)

Download OpenAPI specification:Download

Beta Status

We've made API version 2 available for beta testing. We would appreciate your feedback.

What's New in V2

Support for Custom Fields
Get and acknowledge user's assigned policies
Payloads are streamlined to include only the essential information. You can expand related objects and collections using the expand query parameter.
Cursor-based pagination for greater efficiency and stability with large datasets

Getting Started

Please visit our help article to learn how to create an API key.

Upgrading From Version 1

API V2 is designed to provide a faster an more flexible way of accessing Drata. There are several differences from V1:

The listing endpoints now use cursor-based pagination. This provides faster responses and ensures that all records can be retrieved even, if they are changed during the process.

async function fetchAll() {
  // The first request doesn't send a value for the cursor.
  let cursor = undefined;
  do {
    const query = new URLSearchParams({ cursor });
    const resp = await fetch(
      `https://public-api.drata.com/public/v2/users?${query}`,
      {
        method: 'GET',
        headers: { Authorization: 'Bearer <YOUR_API_KEY_HERE>' }
      }
    );
    const data = await resp.json();
    console.log(data);

    // If there's a cursor value returned, then there are more results.
    // Pass that back as a query parameter to get the next page of data.
    cursor = data?.pagination?.cursor;
  } while (cursor)
}
fetchAll();

You'll notice smaller responses. Most endpoints accept an expand query parameter that let's you specify which related objects and collections you want to expand.

Company

The Company tracks essential information about your organization. The help docs have more information on the purpose of each field.

Get Company

🔒 Requires Company Settings: Get Company Settings permission.

Securitybearer

Responses

200

Successful

400

Malformed data and/or validation errors

401

Invalid Authorization

402

You must upgrade your plan to use this feature

403

You are not allowed to perform this action

404

Not Found

412

You must accept the Drata terms and conditions to use the API

500

Internal server error

get/company

Request samples

Response samples

application/json

{"accountId": "aaaaaaaa-bbbb-0000-cccc-dddddddddddd",
"domain": "domain.com",
"name": "Acme",
"legalName": "Acme Inc.",
"year": 2014,
"description": "We make tools",
"phoneNumber": "800-555-5555",
"address": "742 Evergreen Terrace, Springfield, OH 45501",
"privacyUrl": "https://domain.com/privacy",
"termsUrl": "https://domain.com/terms",
"supportUrl": "https://help.domain.com",
"jobsUrl": "https://jobs.domain.com",
"securityEmail": "[email protected]",
"logoUrl": "https://domain.com/logo.png",
"securityTraining": "DRATA_PROVIDED",
"hipaaTraining": "DRATA_PROVIDED",
"backgroundCheck": "CERTN",
"securityReport": {"visibility": "PASSING",
"sharing": true,
"shareToken": "aaaaaaaa-bbbb-0000-cccc-dddddddddddd"
},
"adminOnboardedAt": "2025-07-01T16:45:55.246Z",
"renewalPeriodStartDate": "2025-07-01T16:45:55.246Z",
"securityTrainingLink": "https://security-training.domain.com",
"hipaaTrainingLink": "https://hipaa-training.domain.com",
"createdAt": "2025-07-01T16:45:55.246Z",
"updatedAt": "2025-07-01T16:45:55.246Z",
"agentEnabled": false,
"manualUploadEnabled": false,
"drataSupportAccess": {"enabledAt": "2025-07-01T16:45:55.246Z",
"expiresAt": "2025-07-01T16:45:55.246Z",
"type": "READ_ONLY"
},
"entitlements": [{"name": "string",
"description": "string",
"type": "string",
"featureId": 0,
"metadata": { }
}
],
"language": "ENGLISH_US"
}