Audit Requests

List Audit Requests

🔒 Requires Customer Request: Get Customer Request permission.

Securitybearer
Request
path Parameters
workspaceId
required
number

The Workspace ID associated to the Account

auditId
required
string
query Parameters
cursor
string

This parameter is used to paginate through results. No value is needed for the first request. If there are additional results, the response will contain a pagination.cursor value that can be used in the subsequent request to retrieve the next page of results

size
number [ 1 .. 500 ]
Default: 50

Number of results to return

sort
string (SortTypeLimitedEnum)

Which field to sort by

Enum: "createdAt" "updatedAt"
sortDir
string (SortDirectionEnum)

The direction to sort the data

Enum: "ASC" "DESC"
status[]
Array of strings (CustomerRequestStatus)

Filter by audit request status

Items Enum: "OUTSTANDING" "IN_REVIEW" "ACCEPTED" "CHANGES_REQUESTED"
userIds[]
Array of numbers

Filter by IDs of users assigned as owners of the audit request

Example: userIds[]=1&userIds[]=2&userIds[]=3
expand[]
Array of strings (AuditRequestListExpandEnum)

List of subcollections and sub-objects to expand

Items Enum: "owners" "messages"
Responses
200

Successful

400

Malformed data and/or validation errors

401

Invalid Authorization

403

You are not allowed to perform this action

404

Not Found

412

You must accept the Drata terms and conditions to use the API

500

Internal server error

get/workspaces/{workspaceId}/audits/{auditId}/requests
Request samples 
Response samples 
application/json
{
  • "data": [
    • {
      • "id": 1,
      • "code": "REQ-001",
      • "title": "Provide SOC 2 report",
      • "description": "Please provide the latest SOC 2 Type II report.",
      • "status": "OUTSTANDING",
      • "auditId": "aaaaaaaa-bbbb-0000-cccc-dddddddddddd",
      • "createdAt": "2025-07-01T16:45:55.246Z",
      • "updatedAt": "2025-07-01T16:45:55.246Z",
      • "owners": [
        • {
          • "id": 1,
          • "email": "[email protected]",
          • "firstName": "Sally",
          • "lastName": "Smith",
          • "createdAt": "2025-07-01T16:45:55.246Z",
          • "updatedAt": "2025-07-01T16:45:55.246Z"
          }
        ],
      • "messages": [
        • {
          • "id": 1,
          • "message": "Please provide the latest SOC 2 report.",
          • "sentByEmail": "[email protected]",
          • "createdAt": "2025-07-01T16:45:55.246Z",
          • "updatedAt": "2025-07-01T16:45:55.246Z"
          }
        ]
      }
    ],
  • "pagination": {
    • "cursor": "string"
    }
}
Get Audit Request
🔒 Requires Customer Request: Get Customer Request permission.


Securitybearer 
Request 
path Parameters
workspaceId
required
number
The Workspace ID associated to the Account


 
auditId
required
string
 
requestId
required
number
 
query Parameters
expand[]
Array of strings (AuditRequestExpandEnum) 
List of subcollections and sub-objects to expand


Items Enum: "owners" "messages" "controls"  
Responses 
200
Successful


400
Malformed data and/or validation errors


401
Invalid Authorization


403
You are not allowed to perform this action


404
Not Found


412
You must accept the Drata terms and conditions to use the API


500
Internal server error


get/workspaces/{workspaceId}/audits/{auditId}/requests/{requestId}
Request samples 
Response samples 
application/json
{
  • "id": 1,
  • "code": "REQ-001",
  • "title": "Provide SOC 2 report",
  • "description": "Please provide the latest SOC 2 Type II report.",
  • "status": "OUTSTANDING",
  • "auditId": "aaaaaaaa-bbbb-0000-cccc-dddddddddddd",
  • "createdAt": "2025-07-01T16:45:55.246Z",
  • "updatedAt": "2025-07-01T16:45:55.246Z",
  • "owners": [
    • {
      • "id": 1,
      • "email": "[email protected]",
      • "firstName": "Sally",
      • "lastName": "Smith",
      • "createdAt": "2025-07-01T16:45:55.246Z",
      • "updatedAt": "2025-07-01T16:45:55.246Z"
      }
    ],
  • "messages": [
    • {
      • "id": 1,
      • "message": "Please provide the latest SOC 2 report.",
      • "sentByEmail": "[email protected]",
      • "createdAt": "2025-07-01T16:45:55.246Z",
      • "updatedAt": "2025-07-01T16:45:55.246Z"
      }
    ],
  • "controls": [
    • {
      • "id": 1,
      • "code": "DCF-1001",
      • "name": "Vulnerability Management",
      • "controlNumber": 1
      }
    ]
}