Personnel are people who work for your organization. The help docs have more information.
Get a paginated list of Personnel records.
๐ Requires Personnel: List Personnel permission.
Successful
Malformed data and/or validation errors
Invalid Authorization
You are not allowed to perform this action
You must accept the Drata terms and conditions to use the API
Internal server error
{- "data": [
- {
- "id": 1,
- "userId": 1,
- "user": {
- "id": 1,
- "firstName": "Sally",
- "lastName": "Smith",
- "createdAt": "2025-07-01T16:45:55.246Z",
- "updatedAt": "2025-07-01T16:45:55.246Z"
}, - "employmentStatus": "CURRENT_EMPLOYEE",
- "notHumanReason": "This is not a real personnel, but a placeholder for anyone in charge of X",
- "reasonProvider": {
- "id": 1,
- "firstName": "Sally",
- "lastName": "Smith",
- "createdAt": "2025-07-01T16:45:55.246Z",
- "updatedAt": "2025-07-01T16:45:55.246Z"
}, - "complianceChecks": [
- {
- "id": 1,
- "type": "FULL_COMPLIANCE",
- "status": "MISCONFIGURED",
- "checkFrequency": "ONCE",
- "expiresAt": "2019-08-24T14:15:22Z",
- "lastCheckedAt": "2019-08-24T14:15:22Z",
- "completionDate": "2019-08-24T14:15:22Z",
- "createdAt": "2023-01-01T00:00:00.000Z",
- "updatedAt": "2023-01-01T00:00:00.000Z",
- "exclusion": {
- "id": 1,
- "reason": "Employee is on extended leave",
- "createdById": 1,
- "createdAt": "2025-07-01T16:45:55.246Z",
- "startDate": "2025-07-01T16:45:55.246Z",
- "endDate": "2025-07-01T16:45:55.246Z"
}
}
], - "startedAt": "2023-01-01T00:00:00.000Z",
- "separatedAt": "2023-12-31T00:00:00.000Z",
- "statusUpdatedAt": "2019-08-24T14:15:22Z",
- "createdAt": "2023-01-01T00:00:00.000Z",
- "updatedAt": "2023-01-01T00:00:00.000Z",
- "customFields": [
- {
- "customFieldId": 1,
- "name": "Stakeholders",
- "value": "Security & IT"
}
]
}
], - "pagination": {
- "cursor": "string",
- "totalCount": 0
}
}Same query surface as GET /workspaces/:workspaceId/personnel-search, but unscoped to any single workspace. When RELEASE_PERSONNEL_SCOPING is enabled for the tenant, results are restricted to the union of group scopes across every workspace the caller can reach โ semantically equivalent to issuing the per-workspace call for each accessible workspace and unioning the results. Grants no access the caller wouldn't already have through the per-workspace endpoint.
๐ Requires Personnel: List Personnel permission.
| cursor | string This parameter is used to paginate through results. No value is needed for the first request. If there are additional results, the response will contain a | ||||||||||||||||||||||
| size | number [ 1 .. 500 ] Default: 50 Number of results to return | ||||||||||||||||||||||
| sort | string (PersonnelSortEnum) Which field to sort by | ||||||||||||||||||||||
| sortDir | string (SortDirectionEnum) The direction to sort the data | ||||||||||||||||||||||
| includeTotalCount | boolean Default: false Include total count of all matching records in response. Only honored on first page (when cursor is null). Example: includeTotalCount=false | ||||||||||||||||||||||
| expand[] | Array of strings (PersonnelSearchExpandEnum) List of subcollections and sub-objects to expand | ||||||||||||||||||||||
| facets[] | Array of strings (PersonnelSearchFacetEnum) Filter dimensions for which to return value counts in the response. Only honored on the first page (when | ||||||||||||||||||||||
| q | string <= 191 characters Free-text search across Example: q=Smith | ||||||||||||||||||||||
| firstName | string <= 191 characters Filter Personnel whose first name starts with the provided value (prefix match, case-insensitive). For example, Example: firstName=John | ||||||||||||||||||||||
| lastName | string <= 191 characters Filter Personnel whose last name starts with the provided value (prefix match, case-insensitive). For example, Example: lastName=Sm | ||||||||||||||||||||||
| employmentStatus[] | Array of strings (EmploymentStatusEnum) Filter Personnel by one or more employment statuses.
| ||||||||||||||||||||||
| complianceStatus[] | Array of strings (ComplianceCheckStatusPublicV2Enum) Filter Personnel by overall compliance status. | ||||||||||||||||||||||
| acceptedPoliciesStatus[] | Array of strings (ComplianceCheckStatusPublicV2Enum) Filter Personnel by accepted-policies compliance status. | ||||||||||||||||||||||
| bgCheckStatus[] | Array of strings (ComplianceCheckStatusPublicV2Enum) Filter Personnel by background-check compliance status. | ||||||||||||||||||||||
| identityMfaStatus[] | Array of strings (ComplianceCheckStatusPublicV2Enum) Filter Personnel by identity MFA compliance status. | ||||||||||||||||||||||
| securityTrainingStatus[] | Array of strings (ComplianceCheckStatusPublicV2Enum) Filter Personnel by security training compliance status. | ||||||||||||||||||||||
| hipaaTrainingStatus[] | Array of strings (ComplianceCheckStatusPublicV2Enum) Filter Personnel by HIPAA training compliance status. | ||||||||||||||||||||||
| aiAwarenessTrainingStatus[] | Array of strings (ComplianceCheckStatusPublicV2Enum) Filter Personnel by AI awareness training compliance status. | ||||||||||||||||||||||
| offboardingStatus[] | Array of strings (ComplianceCheckStatusPublicV2Enum) Filter Personnel by offboarding compliance status. Only matches personnel who have started or completed offboarding (i.e. have a separation date); currently-active personnel are not in scope for this filter. | ||||||||||||||||||||||
| agentInstalledStatus[] | Array of strings (ComplianceCheckStatusPublicV2Enum) Filter Personnel by whether the Drata Agent compliance check passes on their devices. | ||||||||||||||||||||||
| passwordManagerStatus[] | Array of strings (ComplianceCheckStatusPublicV2Enum) Filter Personnel by the device-rollup password-manager compliance status (worst-of-N across their devices). โ ๏ธ Coverage limitation: this filter excludes personnel without applicable device compliance data. This includes out-of-scope employment statuses, personnel with no devices, and personnel whose only device has an unknown management source. Filtering by | ||||||||||||||||||||||
| diskEncryptionStatus[] | Array of strings (ComplianceCheckStatusPublicV2Enum) Filter Personnel by the device-rollup disk-encryption compliance status (worst-of-N across their devices). โ ๏ธ Coverage limitation: this filter excludes personnel without applicable device compliance data. This includes out-of-scope employment statuses, personnel with no devices, and personnel whose only device has an unknown management source. Filtering by | ||||||||||||||||||||||
| antivirusStatus[] | Array of strings (ComplianceCheckStatusPublicV2Enum) Filter Personnel by the device-rollup antivirus compliance status (worst-of-N across their devices). โ ๏ธ Coverage limitation: this filter excludes personnel without applicable device compliance data. This includes out-of-scope employment statuses, personnel with no devices, and personnel whose only device has an unknown management source. Filtering by | ||||||||||||||||||||||
| autoUpdatesStatus[] | Array of strings (ComplianceCheckStatusPublicV2Enum) Filter Personnel by the device-rollup auto-updates compliance status (worst-of-N across their devices). โ ๏ธ Coverage limitation: this filter excludes personnel without applicable device compliance data. This includes out-of-scope employment statuses, personnel with no devices, and personnel whose only device has an unknown management source. Filtering by | ||||||||||||||||||||||
| lockScreenStatus[] | Array of strings (ComplianceCheckStatusPublicV2Enum) Filter Personnel by the device-rollup lock-screen compliance status (worst-of-N across their devices). โ ๏ธ Coverage limitation: this filter excludes personnel without applicable device compliance data. This includes out-of-scope employment statuses, personnel with no devices, and personnel whose only device has an unknown management source. Filtering by | ||||||||||||||||||||||
| groupIds[] | Array of numbers Filter Personnel by membership in any of the supplied group IDs. | ||||||||||||||||||||||
| syncStatus | string (PersonnelSyncStatusPublicV2Enum) Filter Personnel by whether they have any identity (HRIS/IDP) connection. | ||||||||||||||||||||||
| idpConnectionIds[] | Array of numbers Filter Personnel by their identity provider connection IDs. | ||||||||||||||||||||||
| hrisConnectionIds[] | Array of numbers Filter Personnel by their HRIS provider connection IDs. | ||||||||||||||||||||||
Array of objects (CustomFieldFilterPublicV2Dto) Filter Personnel by Custom Field equality. Repeat the parameter with bracketed indices, e.g. | |||||||||||||||||||||||
Array of objects (CustomRangeFieldFilterPublicV2Dto) Filter Personnel by Custom Field range. Repeat the parameter with bracketed indices, e.g. |
Successful
Malformed data and/or validation errors
Invalid Authorization
You are not allowed to perform this action
You must accept the Drata terms and conditions to use the API
Internal server error
{- "data": [
- {
- "id": 1,
- "userId": 1,
- "user": {
- "id": 1,
- "firstName": "Sally",
- "lastName": "Smith",
- "createdAt": "2025-07-01T16:45:55.246Z",
- "updatedAt": "2025-07-01T16:45:55.246Z"
}, - "employmentStatus": "CURRENT_EMPLOYEE",
- "notHumanReason": "This is not a real personnel, but a placeholder for anyone in charge of X",
- "reasonProvider": {
- "id": 1,
- "firstName": "Sally",
- "lastName": "Smith",
- "createdAt": "2025-07-01T16:45:55.246Z",
- "updatedAt": "2025-07-01T16:45:55.246Z"
}, - "syncStatus": "SYNCED",
- "idpConnectionId": 1,
- "hrisConnectionId": 2,
- "startedAt": "2023-01-01T00:00:00.000Z",
- "separatedAt": "2023-12-31T00:00:00.000Z",
- "statusUpdatedAt": "2019-08-24T14:15:22Z",
- "createdAt": "2023-01-01T00:00:00.000Z",
- "updatedAt": "2023-01-01T00:00:00.000Z",
- "complianceChecks": {
- "data": [
- {
- "id": 1,
- "type": "FULL_COMPLIANCE",
- "status": "MISCONFIGURED",
- "checkFrequency": "ONCE",
- "expiresAt": "2019-08-24T14:15:22Z",
- "lastCheckedAt": "2019-08-24T14:15:22Z",
- "completionDate": "2019-08-24T14:15:22Z",
- "createdAt": "2023-01-01T00:00:00.000Z",
- "updatedAt": "2023-01-01T00:00:00.000Z",
- "exclusion": {
- "id": 1,
- "reason": "Employee is on extended leave",
- "createdById": 1,
- "createdAt": "2025-07-01T16:45:55.246Z",
- "startDate": "2025-07-01T16:45:55.246Z",
- "endDate": "2025-07-01T16:45:55.246Z"
}
}
], - "totalCount": 142
}, - "customFields": {
- "data": [
- {
- "customFieldId": 1,
- "name": "Stakeholders",
- "value": "Security & IT"
}
], - "totalCount": 6
}, - "groups": {
- "data": [
- {
- "id": 1,
- "name": "Engineering Team",
- "externalId": "external-group-123",
- "source": "GOOGLE",
- "connectionId": 1,
- "createdAt": "2025-07-01T16:45:55.246Z",
- "updatedAt": "2025-07-01T16:45:55.246Z"
}
], - "totalCount": 12
}, - "idpConnection": {
- "id": "1",
- "clientType": "GOOGLE",
- "clientId": "drata.com",
- "clientAlias": "My-connection-alias-1",
- "state": "ACTIVE",
- "createdAt": "2025-07-01T16:45:55.246Z",
- "updatedAt": "2025-07-01T16:45:55.246Z",
- "connectedAt": "2025-07-01T16:45:55.246Z",
- "failedAt": "2025-07-01T16:45:55.246Z",
- "deletedAt": "2025-07-01T16:45:55.246Z"
}, - "hrisConnection": {
- "id": "1",
- "clientType": "GOOGLE",
- "clientId": "drata.com",
- "clientAlias": "My-connection-alias-1",
- "state": "ACTIVE",
- "createdAt": "2025-07-01T16:45:55.246Z",
- "updatedAt": "2025-07-01T16:45:55.246Z",
- "connectedAt": "2025-07-01T16:45:55.246Z",
- "failedAt": "2025-07-01T16:45:55.246Z",
- "deletedAt": "2025-07-01T16:45:55.246Z"
}
}
], - "pagination": {
- "cursor": "string",
- "totalCount": 0
}, - "facets": {
- "employmentStatus": [
- {
- "value": "CURRENT_EMPLOYEE",
- "count": 312
}, - {
- "value": "FORMER_EMPLOYEE",
- "count": 24
}
]
}
}Workspace-scoped Personnel listing backed by OpenSearch. Supports full-text search via q, prefix matching on firstName/lastName, and a richer filter / sort surface than GET /personnel. Results are eventually consistent (indexing is event-driven); use GET /personnel if read-your-writes freshness is required.
๐ Requires Personnel: List Personnel permission.
| cursor | string This parameter is used to paginate through results. No value is needed for the first request. If there are additional results, the response will contain a | ||||||||||||||||||||||
| size | number [ 1 .. 500 ] Default: 50 Number of results to return | ||||||||||||||||||||||
| sort | string (PersonnelSortEnum) Which field to sort by | ||||||||||||||||||||||
| sortDir | string (SortDirectionEnum) The direction to sort the data | ||||||||||||||||||||||
| includeTotalCount | boolean Default: false Include total count of all matching records in response. Only honored on first page (when cursor is null). Example: includeTotalCount=false | ||||||||||||||||||||||
| expand[] | Array of strings (PersonnelSearchExpandEnum) List of subcollections and sub-objects to expand | ||||||||||||||||||||||
| facets[] | Array of strings (PersonnelSearchFacetEnum) Filter dimensions for which to return value counts in the response. Only honored on the first page (when | ||||||||||||||||||||||
| q | string <= 191 characters Free-text search across Example: q=Smith | ||||||||||||||||||||||
| firstName | string <= 191 characters Filter Personnel whose first name starts with the provided value (prefix match, case-insensitive). For example, Example: firstName=John | ||||||||||||||||||||||
| lastName | string <= 191 characters Filter Personnel whose last name starts with the provided value (prefix match, case-insensitive). For example, Example: lastName=Sm | ||||||||||||||||||||||
| employmentStatus[] | Array of strings (EmploymentStatusEnum) Filter Personnel by one or more employment statuses.
| ||||||||||||||||||||||
| complianceStatus[] | Array of strings (ComplianceCheckStatusPublicV2Enum) Filter Personnel by overall compliance status. | ||||||||||||||||||||||
| acceptedPoliciesStatus[] | Array of strings (ComplianceCheckStatusPublicV2Enum) Filter Personnel by accepted-policies compliance status. | ||||||||||||||||||||||
| bgCheckStatus[] | Array of strings (ComplianceCheckStatusPublicV2Enum) Filter Personnel by background-check compliance status. | ||||||||||||||||||||||
| identityMfaStatus[] | Array of strings (ComplianceCheckStatusPublicV2Enum) Filter Personnel by identity MFA compliance status. | ||||||||||||||||||||||
| securityTrainingStatus[] | Array of strings (ComplianceCheckStatusPublicV2Enum) Filter Personnel by security training compliance status. | ||||||||||||||||||||||
| hipaaTrainingStatus[] | Array of strings (ComplianceCheckStatusPublicV2Enum) Filter Personnel by HIPAA training compliance status. | ||||||||||||||||||||||
| aiAwarenessTrainingStatus[] | Array of strings (ComplianceCheckStatusPublicV2Enum) Filter Personnel by AI awareness training compliance status. | ||||||||||||||||||||||
| offboardingStatus[] | Array of strings (ComplianceCheckStatusPublicV2Enum) Filter Personnel by offboarding compliance status. Only matches personnel who have started or completed offboarding (i.e. have a separation date); currently-active personnel are not in scope for this filter. | ||||||||||||||||||||||
| agentInstalledStatus[] | Array of strings (ComplianceCheckStatusPublicV2Enum) Filter Personnel by whether the Drata Agent compliance check passes on their devices. | ||||||||||||||||||||||
| passwordManagerStatus[] | Array of strings (ComplianceCheckStatusPublicV2Enum) Filter Personnel by the device-rollup password-manager compliance status (worst-of-N across their devices). โ ๏ธ Coverage limitation: this filter excludes personnel without applicable device compliance data. This includes out-of-scope employment statuses, personnel with no devices, and personnel whose only device has an unknown management source. Filtering by | ||||||||||||||||||||||
| diskEncryptionStatus[] | Array of strings (ComplianceCheckStatusPublicV2Enum) Filter Personnel by the device-rollup disk-encryption compliance status (worst-of-N across their devices). โ ๏ธ Coverage limitation: this filter excludes personnel without applicable device compliance data. This includes out-of-scope employment statuses, personnel with no devices, and personnel whose only device has an unknown management source. Filtering by | ||||||||||||||||||||||
| antivirusStatus[] | Array of strings (ComplianceCheckStatusPublicV2Enum) Filter Personnel by the device-rollup antivirus compliance status (worst-of-N across their devices). โ ๏ธ Coverage limitation: this filter excludes personnel without applicable device compliance data. This includes out-of-scope employment statuses, personnel with no devices, and personnel whose only device has an unknown management source. Filtering by | ||||||||||||||||||||||
| autoUpdatesStatus[] | Array of strings (ComplianceCheckStatusPublicV2Enum) Filter Personnel by the device-rollup auto-updates compliance status (worst-of-N across their devices). โ ๏ธ Coverage limitation: this filter excludes personnel without applicable device compliance data. This includes out-of-scope employment statuses, personnel with no devices, and personnel whose only device has an unknown management source. Filtering by | ||||||||||||||||||||||
| lockScreenStatus[] | Array of strings (ComplianceCheckStatusPublicV2Enum) Filter Personnel by the device-rollup lock-screen compliance status (worst-of-N across their devices). โ ๏ธ Coverage limitation: this filter excludes personnel without applicable device compliance data. This includes out-of-scope employment statuses, personnel with no devices, and personnel whose only device has an unknown management source. Filtering by | ||||||||||||||||||||||
| groupIds[] | Array of numbers Filter Personnel by membership in any of the supplied group IDs. | ||||||||||||||||||||||
| syncStatus | string (PersonnelSyncStatusPublicV2Enum) Filter Personnel by whether they have any identity (HRIS/IDP) connection. | ||||||||||||||||||||||
| idpConnectionIds[] | Array of numbers Filter Personnel by their identity provider connection IDs. | ||||||||||||||||||||||
| hrisConnectionIds[] | Array of numbers Filter Personnel by their HRIS provider connection IDs. | ||||||||||||||||||||||
Array of objects (CustomFieldFilterPublicV2Dto) Filter Personnel by Custom Field equality. Repeat the parameter with bracketed indices, e.g. | |||||||||||||||||||||||
Array of objects (CustomRangeFieldFilterPublicV2Dto) Filter Personnel by Custom Field range. Repeat the parameter with bracketed indices, e.g. |
Successful
Malformed data and/or validation errors
Invalid Authorization
You are not allowed to perform this action
You must accept the Drata terms and conditions to use the API
Internal server error
{- "data": [
- {
- "id": 1,
- "userId": 1,
- "user": {
- "id": 1,
- "firstName": "Sally",
- "lastName": "Smith",
- "createdAt": "2025-07-01T16:45:55.246Z",
- "updatedAt": "2025-07-01T16:45:55.246Z"
}, - "employmentStatus": "CURRENT_EMPLOYEE",
- "notHumanReason": "This is not a real personnel, but a placeholder for anyone in charge of X",
- "reasonProvider": {
- "id": 1,
- "firstName": "Sally",
- "lastName": "Smith",
- "createdAt": "2025-07-01T16:45:55.246Z",
- "updatedAt": "2025-07-01T16:45:55.246Z"
}, - "syncStatus": "SYNCED",
- "idpConnectionId": 1,
- "hrisConnectionId": 2,
- "startedAt": "2023-01-01T00:00:00.000Z",
- "separatedAt": "2023-12-31T00:00:00.000Z",
- "statusUpdatedAt": "2019-08-24T14:15:22Z",
- "createdAt": "2023-01-01T00:00:00.000Z",
- "updatedAt": "2023-01-01T00:00:00.000Z",
- "complianceChecks": {
- "data": [
- {
- "id": 1,
- "type": "FULL_COMPLIANCE",
- "status": "MISCONFIGURED",
- "checkFrequency": "ONCE",
- "expiresAt": "2019-08-24T14:15:22Z",
- "lastCheckedAt": "2019-08-24T14:15:22Z",
- "completionDate": "2019-08-24T14:15:22Z",
- "createdAt": "2023-01-01T00:00:00.000Z",
- "updatedAt": "2023-01-01T00:00:00.000Z",
- "exclusion": {
- "id": 1,
- "reason": "Employee is on extended leave",
- "createdById": 1,
- "createdAt": "2025-07-01T16:45:55.246Z",
- "startDate": "2025-07-01T16:45:55.246Z",
- "endDate": "2025-07-01T16:45:55.246Z"
}
}
], - "totalCount": 142
}, - "customFields": {
- "data": [
- {
- "customFieldId": 1,
- "name": "Stakeholders",
- "value": "Security & IT"
}
], - "totalCount": 6
}, - "groups": {
- "data": [
- {
- "id": 1,
- "name": "Engineering Team",
- "externalId": "external-group-123",
- "source": "GOOGLE",
- "connectionId": 1,
- "createdAt": "2025-07-01T16:45:55.246Z",
- "updatedAt": "2025-07-01T16:45:55.246Z"
}
], - "totalCount": 12
}, - "idpConnection": {
- "id": "1",
- "clientType": "GOOGLE",
- "clientId": "drata.com",
- "clientAlias": "My-connection-alias-1",
- "state": "ACTIVE",
- "createdAt": "2025-07-01T16:45:55.246Z",
- "updatedAt": "2025-07-01T16:45:55.246Z",
- "connectedAt": "2025-07-01T16:45:55.246Z",
- "failedAt": "2025-07-01T16:45:55.246Z",
- "deletedAt": "2025-07-01T16:45:55.246Z"
}, - "hrisConnection": {
- "id": "1",
- "clientType": "GOOGLE",
- "clientId": "drata.com",
- "clientAlias": "My-connection-alias-1",
- "state": "ACTIVE",
- "createdAt": "2025-07-01T16:45:55.246Z",
- "updatedAt": "2025-07-01T16:45:55.246Z",
- "connectedAt": "2025-07-01T16:45:55.246Z",
- "failedAt": "2025-07-01T16:45:55.246Z",
- "deletedAt": "2025-07-01T16:45:55.246Z"
}
}
], - "pagination": {
- "cursor": "string",
- "totalCount": 0
}, - "facets": {
- "employmentStatus": [
- {
- "value": "CURRENT_EMPLOYEE",
- "count": 312
}, - {
- "value": "FORMER_EMPLOYEE",
- "count": 24
}
]
}
}Get a single Personnel record.
๐ Requires Personnel: Get Personnel permission.
Successful
Malformed data and/or validation errors
Invalid Authorization
You are not allowed to perform this action
Not Found
You must accept the Drata terms and conditions to use the API
Internal server error
{- "id": 1,
- "userId": 1,
- "user": {
- "id": 1,
- "firstName": "Sally",
- "lastName": "Smith",
- "createdAt": "2025-07-01T16:45:55.246Z",
- "updatedAt": "2025-07-01T16:45:55.246Z"
}, - "employmentStatus": "CURRENT_EMPLOYEE",
- "notHumanReason": "This is not a real personnel, but a placeholder for anyone in charge of X",
- "reasonProvider": {
- "id": 1,
- "firstName": "Sally",
- "lastName": "Smith",
- "createdAt": "2025-07-01T16:45:55.246Z",
- "updatedAt": "2025-07-01T16:45:55.246Z"
}, - "complianceChecks": [
- {
- "id": 1,
- "type": "FULL_COMPLIANCE",
- "status": "MISCONFIGURED",
- "checkFrequency": "ONCE",
- "expiresAt": "2019-08-24T14:15:22Z",
- "lastCheckedAt": "2019-08-24T14:15:22Z",
- "completionDate": "2019-08-24T14:15:22Z",
- "createdAt": "2023-01-01T00:00:00.000Z",
- "updatedAt": "2023-01-01T00:00:00.000Z",
- "exclusion": {
- "id": 1,
- "reason": "Employee is on extended leave",
- "createdById": 1,
- "createdAt": "2025-07-01T16:45:55.246Z",
- "startDate": "2025-07-01T16:45:55.246Z",
- "endDate": "2025-07-01T16:45:55.246Z"
}
}
], - "startedAt": "2023-01-01T00:00:00.000Z",
- "separatedAt": "2023-12-31T00:00:00.000Z",
- "statusUpdatedAt": "2019-08-24T14:15:22Z",
- "createdAt": "2023-01-01T00:00:00.000Z",
- "updatedAt": "2023-01-01T00:00:00.000Z",
- "customFields": [
- {
- "customFieldId": 1,
- "name": "Stakeholders",
- "value": "Security & IT"
}
]
}Update a single Personnel record. Note: Once fields are manually updated, automatic updates from identity providers (IDP) and HRIS systems will be ignored for those fields. Use the resync endpoint to restore automatic updates.
๐ Requires Personnel: Update Personnel - applies to V2 only permission.
required | number or string An integer Personnel ID or User's email address prefixed with |
| startedAt | string The date when this person started working at the company. Note: Once manually set, automatic updates from identity providers (IDP) and HRIS systems will be ignored. Use the resync endpoint to restore automatic updates. | ||||||||||||||||||||||
| separatedAt | string The date when this person was separated from the company system. | ||||||||||||||||||||||
| employmentStatus | string The desired employment status to be updated
| ||||||||||||||||||||||
| notHumanReason | string <= 30000 characters Explains why the employment status of this personnel is marked as | ||||||||||||||||||||||
Array of objects (CustomFieldSubmitRequestPublicV2Dto) Custom Fields for the Person. ๐ Requires your account have the Custom Fields and Formulas feature. Contact your CSM for help upgrading. |
Successful
Malformed data and/or validation errors
Invalid Authorization
You are not allowed to perform this action
Not Found
You must accept the Drata terms and conditions to use the API
Internal server error
{- "startedAt": "2020-07-06",
- "separatedAt": "2020-07-06",
- "employmentStatus": "CURRENT_CONTRACTOR",
- "notHumanReason": "This is not a real personnel, but a placeholder for anyone in charge of X",
- "customFields": [
- {
- "id": 1,
- "name": "Compliance Status",
- "value": "Security & IT"
}
]
}{- "id": 1,
- "userId": 1,
- "user": {
- "id": 1,
- "firstName": "Sally",
- "lastName": "Smith",
- "createdAt": "2025-07-01T16:45:55.246Z",
- "updatedAt": "2025-07-01T16:45:55.246Z"
}, - "employmentStatus": "CURRENT_EMPLOYEE",
- "notHumanReason": "This is not a real personnel, but a placeholder for anyone in charge of X",
- "reasonProvider": {
- "id": 1,
- "firstName": "Sally",
- "lastName": "Smith",
- "createdAt": "2025-07-01T16:45:55.246Z",
- "updatedAt": "2025-07-01T16:45:55.246Z"
}, - "complianceChecks": [
- {
- "id": 1,
- "type": "FULL_COMPLIANCE",
- "status": "MISCONFIGURED",
- "checkFrequency": "ONCE",
- "expiresAt": "2019-08-24T14:15:22Z",
- "lastCheckedAt": "2019-08-24T14:15:22Z",
- "completionDate": "2019-08-24T14:15:22Z",
- "createdAt": "2023-01-01T00:00:00.000Z",
- "updatedAt": "2023-01-01T00:00:00.000Z",
- "exclusion": {
- "id": 1,
- "reason": "Employee is on extended leave",
- "createdById": 1,
- "createdAt": "2025-07-01T16:45:55.246Z",
- "startDate": "2025-07-01T16:45:55.246Z",
- "endDate": "2025-07-01T16:45:55.246Z"
}
}
], - "startedAt": "2023-01-01T00:00:00.000Z",
- "separatedAt": "2023-12-31T00:00:00.000Z",
- "statusUpdatedAt": "2019-08-24T14:15:22Z",
- "createdAt": "2023-01-01T00:00:00.000Z",
- "updatedAt": "2023-01-01T00:00:00.000Z",
- "customFields": [
- {
- "customFieldId": 1,
- "name": "Stakeholders",
- "value": "Security & IT"
}
]
}Perform actions on Personnel records. Supports reset-sync for specific Personnel IDs and reset-sync-all for all Personnel.
๐ Requires Personnel: Reset Personnel's IdP/HRIS Sync Status permission.
Action performed successfully
Malformed data and/or validation errors
Invalid Authorization
You are not allowed to perform this action
There is a conflict in the business rules with this request
You must accept the Drata terms and conditions to use the API
Internal server error
{- "action": "reset-sync",
- "personnelIds": [
- 1,
- 2,
- 3
]
}{- "count": 42
}Returns the personnel groups currently in scope for the workspace, along with the deduplicated scoped personnel count and the tenant-wide IdP-connected personnel total.
๐งช Note: This endpoint is in beta and may change.
๐ Requires Workspaces: View Workspace Personnel Scope permission.
Successful
Malformed data and/or validation errors
Invalid Authorization
You are not allowed to perform this action
Not Found
You must accept the Drata terms and conditions to use the API
Internal server error
{- "groups": [
- {
- "id": 42,
- "name": "IT Ops",
- "connectionProvider": "GOOGLE"
}
], - "scopedPersonnelCount": 42,
- "totalCount": 120
}Full replace of the personnel groups in scope for the workspace. Idempotent: groups in the payload not currently in scope are added, groups currently in scope but absent from the payload are removed. Omit a group to remove it from the scope.
๐งช Note: This endpoint is in beta and may change.
๐ Requires Workspaces: Replace Workspace Personnel Scope permission.
No Content
Malformed data and/or validation errors
Invalid Authorization
You are not allowed to perform this action
Not Found
You must accept the Drata terms and conditions to use the API
Internal server error
{- "groupIds": [
- 1,
- 2,
- 3
]
}{- "name": "string",
- "statusCode": 0,
- "message": "string",
- "code": 0,
- "debugInfo": {
- "name": "string",
- "message": "string",
- "stack": "string"
}
}๐งช Note: This endpoint is in beta and may change.
๐ Requires Workspaces: Remove Group From Workspace Personnel Scope permission.
No Content
Malformed data and/or validation errors
Invalid Authorization
You are not allowed to perform this action
Not Found
You must accept the Drata terms and conditions to use the API
Internal server error
{- "name": "string",
- "statusCode": 0,
- "message": "string",
- "code": 0,
- "debugInfo": {
- "name": "string",
- "message": "string",
- "stack": "string"
}
}