Audits

Audits represent compliance assessments for a specific framework and time period. Audit Requests are evidence requests associated with an audit.

List Audits

🔒 Requires Audits: Get Audits permission.

Securitybearer
Request
path Parameters
workspaceId
required
number

The Workspace ID associated to the Account

query Parameters
cursor
string

This parameter is used to paginate through results. No value is needed for the first request. If there are additional results, the response will contain a pagination.cursor value that can be used in the subsequent request to retrieve the next page of results

size
number [ 1 .. 500 ]
Default: 50

Number of results to return

sort
string (SortTypeLimitedEnum)

Which field to sort by

Enum: "createdAt" "updatedAt"
sortDir
string (SortDirectionEnum)

The direction to sort the data

Enum: "ASC" "DESC"
expand[]
Array of strings (AuditListExpandEnum)

List of subcollections and sub-objects to expand

Items Enum: "auditors" "internalAuditors"
Responses
200

Successful

400

Malformed data and/or validation errors

401

Invalid Authorization

403

You are not allowed to perform this action

404

Not Found

412

You must accept the Drata terms and conditions to use the API

500

Internal server error

get/workspaces/{workspaceId}/audits
Request samples 
Response samples 
application/json
{
  • "data": [
    • {
      • "id": "aaaaaaaa-bbbb-0000-cccc-dddddddddddd",
      • "frameworkType": "SOC_2_TYPE_2",
      • "auditType": "FULL_AUDIT",
      • "isInternalAudit": false,
      • "status": "ACTIVE",
      • "startDate": "2020-07-06",
      • "endDate": "2020-07-06",
      • "completedAt": "2025-07-01T16:45:55.246Z",
      • "createdAt": "2025-07-01T16:45:55.246Z",
      • "updatedAt": "2025-07-01T16:45:55.246Z",
      • "auditors": [
        • {
          • "id": "aaaaaaaa-bbbb-0000-cccc-dddddddddddd",
          • "name": "Jane Smith",
          • "email": "[email protected]"
          }
        ],
      • "internalAuditors": [
        • {
          • "id": 1,
          • "email": "[email protected]",
          • "firstName": "Sally",
          • "lastName": "Smith",
          • "createdAt": "2025-07-01T16:45:55.246Z",
          • "updatedAt": "2025-07-01T16:45:55.246Z"
          }
        ]
      }
    ],
  • "pagination": {
    • "cursor": "string"
    }
}
Get Audit
🔒 Requires Audits: Get Audits permission.


Securitybearer 
Request 
path Parameters
workspaceId
required
number
The Workspace ID associated to the Account


 
auditId
required
string
 
query Parameters
expand[]
Array of strings (AuditExpandEnum) 
List of subcollections and sub-objects to expand


Items Enum: "auditors" "internalAuditors" "controls"  
Responses 
200
Successful


400
Malformed data and/or validation errors


401
Invalid Authorization


403
You are not allowed to perform this action


404
Not Found


412
You must accept the Drata terms and conditions to use the API


500
Internal server error


get/workspaces/{workspaceId}/audits/{auditId}
Request samples 
Response samples 
application/json
{
  • "id": "aaaaaaaa-bbbb-0000-cccc-dddddddddddd",
  • "frameworkType": "SOC_2_TYPE_2",
  • "auditType": "FULL_AUDIT",
  • "isInternalAudit": false,
  • "status": "ACTIVE",
  • "startDate": "2020-07-06",
  • "endDate": "2020-07-06",
  • "completedAt": "2025-07-01T16:45:55.246Z",
  • "createdAt": "2025-07-01T16:45:55.246Z",
  • "updatedAt": "2025-07-01T16:45:55.246Z",
  • "auditors": [
    • {
      • "id": "aaaaaaaa-bbbb-0000-cccc-dddddddddddd",
      • "name": "Jane Smith",
      • "email": "[email protected]"
      }
    ],
  • "internalAuditors": [
    • {
      • "id": 1,
      • "email": "[email protected]",
      • "firstName": "Sally",
      • "lastName": "Smith",
      • "createdAt": "2025-07-01T16:45:55.246Z",
      • "updatedAt": "2025-07-01T16:45:55.246Z"
      }
    ],
  • "controls": [
    • {
      • "id": 1,
      • "code": "DCF-1001",
      • "name": "Vulnerability Management",
      • "controlNumber": 1
      }
    ]
}