### Example Data for Training Record Source: https://developer.secureframe.com/tag/Custom-Integration This snippet provides an example JSON structure for importing training records into Secureframe. This is useful for bringing data from external training systems into Secureframe. It specifies required fields such as 'id', 'completed_at' (ISO 8601 format), 'user_email', and 'training_slug'. ```JSON { "id": "123", // required, type: string "completed_at": "2024-01-01T00:00:00Z", // required, type: datetime, format: ISO 8601 "user_email": "john.doe@example.com", // required, type: string "training_slug": "security_awareness_training" // required, type: string, supported values listed below } ``` -------------------------------- ### API Reference: POST /knowledge_base_questions JSON Response Body Example Source: https://developer.secureframe.com/tag/Knowledge-Base-Question Provides an example JSON structure for a successful response when creating a Knowledge Base Question, detailing the 'data' object with its 'id', 'type', 'attributes' (including content, timestamps, and review status), 'relationships', and 'links', along with an 'includes' object. ```JSON { "data": { "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08", "type": "string", "attributes": { "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08", "content": "string", "created_at": "2019-08-24T14:15:22Z", "manual_review_requested": true, "review_frequency": 0, "reviewed_at": "2019-08-24T14:15:22Z", "updated_at": "2019-08-24T14:15:22Z" }, "relationships": {}, "links": {} }, "includes": {} } ``` -------------------------------- ### Example Data for Cloud Resource Source: https://developer.secureframe.com/tag/Custom-Integration This snippet provides an example JSON structure for importing cloud resources into Secureframe. Cloud resources include cloud-based or on-premise servers, virtual machines, VPNs, databases, and other infrastructure components relevant to your compliance plan. It specifies required fields like 'id' and 'cloud_resource_type', and an optional 'description'. ```JSON { "id": "123", // required, type: string "cloud_resource_type": "aws_ec2_instance", // required, type: string, supported values listed below "description": "My Cloud Resource" // optional, type: string } ``` -------------------------------- ### Get Evidence API JSON Response Example Source: https://developer.secureframe.com/tag/Evidence An example JSON response structure for a successful GET /evidences/{id} request, detailing the data, attributes, relationships, and links for an Evidence object. ```APIDOC { "data": { "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08", "type": "string", "attributes": { "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08", "created_at": "2019-08-24T14:15:22Z", "updated_at": "2019-08-24T14:15:22Z" }, "relationships": { }, "links": { } }, "includes": { } } ``` -------------------------------- ### Sample JSON Response for GET /controls/{id} Source: https://developer.secureframe.com/tag/Control Provides a sample JSON structure returned by the GET /controls/{id} endpoint, detailing the data, attributes, relationships, and links fields. ```APIDOC { "data": { "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08", "type": "string", "attributes": { "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08", "at_risk_test_count": 0, "author_name": "string", "created_at": "2019-08-24T14:15:22Z", "custom": true, "description": "string", "disabled_justification": "string", "disabled_test_count": 0, "enabled": true, "failing_test_count": 0, "first_failed_at": "2019-08-24T14:15:22Z", "framework_ids": [ "497f6eca-6276-4993-bfeb-53cbbbba6f08" ], "framework_keys": [ "string" ], "framework_requirement_keys": [ "string" ], "health_status": "string", "implementation_date": "2019-08-24T14:15:22Z", "implementation_status": "string", "key": "string", "name": "string", "owner_assigned_at": "2019-08-24T14:15:22Z", "owner_name": "string", "passing_test_count": 0, "updated_at": "2019-08-24T14:15:22Z" }, "relationships": { }, "links": { } }, "includes": { } } ``` -------------------------------- ### Device API: List Devices Endpoint Documentation Source: https://developer.secureframe.com/tag/Device Detailed API documentation for the 'List Devices' endpoint, including available search parameters for filtering, query parameters for pagination and relationship inclusion, expected HTTP responses, and a full example of the Device object's JSON response schema. ```APIDOC Endpoint: GET /devices Description: Returns a list of Devices. ``` ```APIDOC Search parameters: - cpu: The cpu info available for this Device - created_at: The date this Device object was created - device_name: The name of the Device - device_user_name: The Device user's name - hard_drive_encrypted: Flag to indicate if the hard drive is encrypted - id: The ID of the Device - in_audit_scope: Flag to indicate if this Device is in scope - last_checkin_at: The date this Device last checked in - local_firewall_enabled: Flag to indicate if the local firewall is enabled - mac_address: The MAC address of the Device - make: The make of the Device - memory: The memory of the Device - model: The model of the Device - native_anti_virus_enabled: Flag to indicate if native antivirus is enabled - os: The operating system of the Device - out_of_audit_scope_reason: Out of scope reason if the Device is not in scope - owner_name: The Device owner's name - password_enforcement_enabled: Flag to indicate if password enforcement is enabled - remote_ip: The remote IP of the Device - serial_number: The serial number of the Device - session_timeout_enabled: Flag to indicate if session timeout is enabled - updated_at: The date this Device was last updated ``` ```APIDOC Query Parameters: - include: boolean. Set to true along with relationships to return the entire relationship data in the `included` key within the response. - page: integer. Used for pagination of response data (default: page 1). Specifies the offset of the next block of data to receive. - per_page: integer. Used for pagination of response data (default: 100 items per response). Specifies the number of results for a given page. - q: string. Search and filter the Device data using Lucene syntax. - relationships: boolean. Set to true to return the associated relationships data within the response. (default: false) ``` ```APIDOC Responses: - 400: Bad Request - 401: Unauthorized - 403: Forbidden - default: get/devices ``` ```APIDOC Request samples available for: - Node.js - JavaScript - Ruby - curl - Python - C# - Java - PHP ``` ```APIDOC Response samples available for: - default: application/json ``` ```APIDOC [ { "data": { "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08", "type": "string", "attributes": { "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08", "created_at": "2019-08-24T14:15:22Z", "cpu": "string", "device_name": "string", "hard_drive_encrypted": true, "in_audit_scope": true, "last_checkin_at": "2019-08-24T14:15:22Z", "local_firewall_enabled": true, "mac_address": "string", "make": "string", "memory": "string", "model": "string", "native_anti_virus_enabled": true, "os": "string", "out_of_audit_scope_reason": "development_asset", "password_enforcement_enabled": true, "remote_ip": "string", "serial_number": "string", "session_timeout_enabled": true, "updated_at": "2019-08-24T14:15:22Z" }, "relationships": {}, "links": {} }, "includes": {} } ] ``` -------------------------------- ### Sample JSON Response for Update Repository Source: https://developer.secureframe.com/tag/Repository An example JSON response body returned upon successfully updating a repository, showing the data structure including ID, type, attributes, relationships, and links. This illustrates the expected format of the API's successful response. ```JSON { "data": { "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08", "type": "string", "attributes": { "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08", "created_at": "2019-08-24T14:15:22Z", "name": "string", "in_audit_scope": true, "out_of_audit_scope_reason": "development_asset", "private": true, "third_party_id": "string", "vendor_name": "string", "updated_at": "2019-08-24T14:15:22Z" }, "relationships": { }, "links": { } }, "includes": { } } ``` -------------------------------- ### Knowledge Base Answer API Default JSON Response Sample Source: https://developer.secureframe.com/tag/Knowledge-Base-Answer An example of the default JSON response structure returned by the Knowledge Base Answer API, illustrating the data, attributes, relationships, and links. ```APIDOC { "data": { "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08", "type": "string", "attributes": { "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08", "content": "string", "created_at": "2019-08-24T14:15:22Z", "primary_answer": true, "type": "KnowledgeBaseAnswerFreeForm", "updated_at": "2019-08-24T14:15:22Z" }, "relationships": {}, "links": {} }, "includes": {} } ``` -------------------------------- ### Secureframe API Endpoint Overview Source: https://developer.secureframe.com/tag/Evidence A high-level overview of available API categories and their respective operations, including GET, PUT, POST methods for managing various resources like vendors, users, and trust center requests. ```APIDOC Third Party Risk Management Vendor: - GET /tag/Third-Party-Risk-Management-Vendor#operation/tprmVendorRiskDetailsShow (Get a Third Party Risk Management Vendor) - PUT /tag/Third-Party-Risk-Management-Vendor#operation/tprmVendorRiskDetailsArchive (Archive a Third Party Risk Management Vendor) Trust Center Request: - GET /tag/Trust-Center-Request#operation/trustCenterRequestsIndex (List Trust Center Requests) - GET /tag/Trust-Center-Request#operation/trustCenterRequestsShow (Get a Trust Center Request) - PUT /tag/Trust-Center-Request#operation/trustCenterRequestsUpdate (Update a Trust Center Request) User: - GET /tag/User#operation/companyUsersIndex (List Users) - GET /tag/User#operation/companyUsersShow (Get a User) - PUT /tag/User#operation/companyUsersUpdate (Update a User) User Account: - GET /tag/User-Account#operation/companyUserVendorsIndex (List User Accounts) - GET /tag/User-Account#operation/companyUserVendorsShow (Get a User Account) - PUT /tag/User-Account#operation/companyUserVendorsLink (Link a User Account) User Evidence: - POST /tag/User-Evidence#operation/companyUsersEvidencesCreate (Create a User Evidence) Vendor: - GET /tag/Vendor#operation/companyVendorsIndex (List Vendors) - GET /tag/Vendor#operation/companyVendorsShow (Get a Vendor) - PUT /tag/Vendor#operation/companyVendorsArchive (Archive a Vendor) ``` -------------------------------- ### Sample JSON Payload for Custom Connection Data Push Source: https://developer.secureframe.com/tag/Custom-Integration Provides an example of a valid JSON request body for pushing resource data to a custom connection. It demonstrates the structure for `schema_slug`, `vendor_slug`, and an array of `resource_data` objects, each with `id`, `name`, and `email`. ```JSON { "schema_slug": "users", "vendor_slug": "acme", "resource_data": [ { "id": "123", "name": "John Doe", "email": "john.doe@example.com" }, { "id": "456", "name": "Jane Doe", "email": "jane.doe@example.com" } ] } ``` -------------------------------- ### API Documentation for Get Device by ID Source: https://developer.secureframe.com/tag/Device Comprehensive API documentation for retrieving a single device record using its ID. Includes endpoint details, security requirements, path parameters, and a detailed JSON response schema. ```APIDOC Endpoint: GET /devices/{id} Security: header_authorization Path Parameters: - id (required, string): Scope response to id Responses: - 400: Bad Request - 401: Unauthorized - 403: Forbidden - 404: Resource not found - default: Success response with JSON schema Response Schema (application/json): { "data": { "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08", "type": "string", "attributes": { "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08", "created_at": "2019-08-24T14:15:22Z", "cpu": "string", "device_name": "string", "hard_drive_encrypted": true, "in_audit_scope": true, "last_checkin_at": "2019-08-24T14:15:22Z", "local_firewall_enabled": true, "mac_address": "string", "make": "string", "memory": "string", "model": "string", "native_anti_virus_enabled": true, "os": "string", "out_of_audit_scope_reason": "development_asset", "password_enforcement_enabled": true, "remote_ip": "string", "serial_number": "string", "session_timeout_enabled": true, "updated_at": "2019-08-24T14:15:22Z" }, "relationships": {}, "links": {} }, "includes": {} } ``` -------------------------------- ### Create Test Export API Endpoint Details Source: https://developer.secureframe.com/tag/Test-Export Details the `POST /tests/{test_id}/exports` API endpoint, including required security headers, path and query parameters, and possible HTTP responses with an example JSON success body. ```APIDOC Endpoint: post /tests/{test_id}/exports Security: header_authorization Request Parameters: Path: test_id: type: string required: true description: The ID of the test to attach the evidence Query: framework_id: type: string description: The ID of the Company's Framework for the export is_json: type: boolean description: If the export should be a JSON file or not (default: false) Responses: 400: Bad Request 401: Unauthorized 403: Forbidden 404: Resource not found default: Content-Type: application/json Example Body: { "data": { "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08", "type": "string", "attributes": { "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08", "created_at": "2019-08-24T14:15:22Z", "status": "string", "url": "string", "updated_at": "2019-08-24T14:15:22Z" }, "relationships": {}, "links": {} }, "includes": {} } ``` -------------------------------- ### API Endpoint: Create Framework Asset Scope Source: https://developer.secureframe.com/tag/Repository-Framework-Asset-Scope Documents the POST endpoint for creating a Framework Asset Scope within a repository, including query parameters, possible responses, and an example JSON response body. ```APIDOC Endpoint: POST /repositories/{id}/framework_asset_scopes Query Parameters: active: boolean - Flag to indicate if this Framework Asset Scope is active. framework_id: string - The ID of the Framework assigned to this Framework Asset Scope. manually_scoped_reason: string - Reason if this Framework Asset Scope is manually scoped. ``` ```APIDOC Responses: 400: Bad Request 401: Unauthorized 403: Forbidden 404: Resource not found default: (Generic Response) ``` ```json [ { "data": { "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08", "type": "string", "attributes": { "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08", "active": true, "asset_id": "b4695157-0d1d-4da0-8f9e-5c53149389e4", "asset_type": "string", "created_at": "2019-08-24T14:15:22Z", "framework_id": "4c1c36c9-0232-44b3-bdd8-4bdb3daaf53b", "framework_title": "string", "manually_scoped": true, "manually_scoped_reason": "string", "updated_at": "2019-08-24T14:15:22Z" }, "relationships": {}, "links": {} }, "includes": {} } ] ``` -------------------------------- ### JSON Response Sample for Create Test Evidence Source: https://developer.secureframe.com/tag/Test-Evidence An example JSON structure returned as a response after successfully creating test evidence. It includes fields for data, id, type, attributes (id, created_at, updated_at), relationships, and links. ```JSON { "data": { "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08", "type": "string", "attributes": { "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08", "created_at": "2019-08-24T14:15:22Z", "updated_at": "2019-08-24T14:15:22Z" }, "relationships": {}, "links": {} }, "includes": {} } ``` -------------------------------- ### Get a Framework by ID API Source: https://developer.secureframe.com/tag/Framework Returns a single Framework by its ID. The framework ID must be provided as a path parameter. ```APIDOC Endpoint: GET /frameworks/{id} Description: Returns a Framework by ID Security: header_authorization Path Parameters: - id: string (required). Scope response to id Responses: - 400: Bad Request - 401: Unauthorized - 403: Forbidden - 404: Resource not found - default: Success ``` ```json { "data": { "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08", "type": "string", "attributes": { "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08", "applicable_controls_count": 0, "applicable_framework_requirements_count": 0, "at_risk_test_count": 0, "created_at": "2019-08-24T14:15:22Z", "description": "string", "discarded_at": "2019-08-24T14:15:22Z", "disabled_test_count": 0, "failing_test_count": 0, "key": "string", "title": "string", "passing_test_count": 0, "updated_at": "2019-08-24T14:15:22Z" }, "relationships": {}, "links": {} }, "includes": {} } ``` -------------------------------- ### Integration Connection API Endpoints Source: https://developer.secureframe.com/tag/Repository Endpoints for managing connections to various integrations, including listing, getting details, and archiving connections. ```APIDOC GET /companyVendorConnectionsIndex: List Integration Connections GET /companyVendorConnectionsShow: Get an Integration Connection PUT /companyVendorConnectionsArchive: Archive an Integration Connection ``` -------------------------------- ### Get a Knowledge Base Question by ID Source: https://developer.secureframe.com/tag/Knowledge-Base-Question Returns a single Knowledge Base Question resource based on its unique identifier. Requires header authorization. ```APIDOC Endpoint: GET /knowledge_base_questions/{id} Security: header_authorization Path Parameters: id: type: string required: true description: Scope response to id Responses: 400: Bad Request 401: Unauthorized 403: Forbidden 404: Resource not found default: Content-Type: application/json Schema: data: id: "497f6eca-6276-4993-bfeb-53cbbbba6f08" type: "string" attributes: id: "497f6eca-6276-4993-bfeb-53cbbbba6f08" content: "string" created_at: "2019-08-24T14:15:22Z" manual_review_requested: true review_frequency: 0 reviewed_at: "2019-08-24T14:15:22Z" updated_at: "2019-08-24T14:15:22Z" relationships: {} links: {} includes: {} ``` -------------------------------- ### Secureframe API cURL Request Template Source: https://developer.secureframe.com/index A cURL template demonstrating how to construct a GET request to the Secureframe API, including authentication headers and query parameters. The API does not directly support bulk updates, but loops can be utilized to mimic such operations. ```cURL curl --location -g --request GET \ --header 'Authorization: ' \ 'https://api.secureframe.com/?include[]=' ``` -------------------------------- ### API Documentation: Get a Single Test by ID Source: https://developer.secureframe.com/tag/Test Documents the API endpoint for retrieving a specific Test resource by its unique identifier. It includes details on the required path parameter and a sample response structure for a single test. ```APIDOC Endpoint: GET /tests/{id} Path Parameters: id: string (required) Description: Scope response to id Responses: 400: Bad Request 401: Unauthorized 403: Forbidden 404: Resource not found default: Success (get/tests/{id}) Sample Response (application/json): { "data": { "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08", "type": "string", "attributes": { "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08", "created_at": "2019-08-24T14:15:22Z", "custom": true, "description": "string", "detailed_remediation_steps": "string", "disabled_justification": "string", "enabled": true, "enabled_field_updated_by_user_name": "string", "failure_message": "string", "first_failed_at": "2019-08-24T14:15:22Z", "framework_ids": [ "497f6eca-6276-4993-bfeb-53cbbbba6f08" ], "framework_keys": [ "string" ], "health_status": "string", "key": "string", "last_evaluated": "2019-08-24T14:15:22Z", "last_passed_at": "2019-08-24T14:15:22Z", "next_due_date": "2019-08-24T14:15:22Z", "owner_assigned_at": "2019-08-24T14:15:22Z", "owner_name": "string", "pass": true, "passed_with_upload": true, "passed_with_upload_justification": "string", "promote_at": "2019-08-24T14:15:22Z", "promoted_by ``` -------------------------------- ### Get Cloud Resource by ID API Documentation Source: https://developer.secureframe.com/tag/Cloud-Resource Documents the API endpoint to retrieve a single cloud resource by its unique identifier. This section details the required path parameters, possible HTTP response codes, and a sample JSON response body for successful requests. ```APIDOC Endpoint: GET /cloud_resources/{id} Description: Retrieve a Cloud Resource by ID. Path Parameters: id: Type: string Required: true Description: Scope response to id. Responses: 400: Bad Request 401: Unauthorized 403: Forbidden 404: Resource not found default: Description: Successful response Content-Type: application/json Schema: { "data": { "id": "497feca-6276-4993-bfeb-53cbbbba6f08", "type": "string", "attributes": { "id": "497feca-6276-4993-bfeb-53cbbbba6f08", "cloud_resource_type": "string", "created_at": "2019-08-24T14:15:22Z", "in_audit_scope": true, "out_of_audit_scope_reason": "development_asset", "region": "string", "tags": [ "string" ], "third_party_id": "string", "vendor_name": "string", "updated_at": "2019-08-24T14:15:22Z" }, "relationships": {}, "links": {} }, "includes": {} } ``` -------------------------------- ### Trust Center Request JSON Response Schema Source: https://developer.secureframe.com/tag/Trust-Center-Request An example JSON structure representing the response body for both GET and PUT operations on a Trust Center Request. It details the data, attributes, relationships, and links associated with a request. ```JSON { "data": { "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08", "type": "string", "attributes": { "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08", "company_name": "string", "created_at": "2019-08-24T14:15:22Z", "document_security": "clickwrap", "requester_name": "string", "job_title": "string", "reason": "string", "resources": [ "string" ], "reviewed": true, "updated_at": "2019-08-24T14:15:22Z", "email": "string", "trust_center_resource_requests": [ { "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08", "approved_at": "2019-08-24T14:15:22Z", "trust_center_resource": { "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08", "description": "string", "name": "string", "nda_required": true, "resource_type": "string" } } ] }, "relationships": {}, "links": {} }, "includes": {} } ``` -------------------------------- ### Create a Knowledge Base Question Source: https://developer.secureframe.com/tag/Knowledge-Base-Question Initiates the creation of a new Knowledge Base Question resource. Requires header authorization. ```APIDOC Endpoint: POST /knowledge_base_questions Security: header_authorization Request: (Details not provided in snippet) ``` -------------------------------- ### Get Evidence API Endpoint Specification Source: https://developer.secureframe.com/tag/Evidence Detailed specification for the GET /evidences/{id} endpoint, including security requirements, path parameters, and possible HTTP response codes. ```APIDOC Endpoint: GET /evidences/{id} Description: Returns a single Evidence by ID Security: header_authorization Request: Path Parameters: id: Type: string Required: true Description: Scope response to id Responses: 400: Bad Request 401: Unauthorized 403: Forbidden 404: Resource not found default: Success (implies 200 OK with the provided JSON structure) ``` -------------------------------- ### Secureframe API Endpoints Reference Source: https://developer.secureframe.com/tag/Cloud-Resource Detailed listing of all Secureframe API endpoints, grouped by resource, showing the HTTP method, operation ID (used as path), and a brief description of each operation. ```APIDOC Endpoints: Cloud Resource: GET /cloudResourcesIndex: List Cloud Resources GET /cloudResourcesShow: Get a Cloud Resource PUT /cloudResourcesUpdate: Update a Cloud Resource Cloud Resource Framework Asset Scope: GET /cloudResourcesCompanyFrameworkAssetScopesIndex: List Framework Asset Scopes POST /cloudResourcesCompanyFrameworkAssetScopesCreate: Create Framework Asset Scope Control: GET /companyControlV2sIndex: List Controls GET /companyControlV2sShow: Get a Control Custom Integration: POST /customConnectionsResourceDataCreate: Publish data Device: GET /devicesIndex: List Devices GET /devicesShow: Get a Device Evidence: GET /evidencesShow: Get an Evidence Framework: GET /companyFrameworksIndex: List Frameworks GET /companyFrameworksShow: Get a Framework Integration Connection: GET /companyVendorConnectionsIndex: List Integration Connections GET /companyVendorConnectionsShow: Get an Integration Connection PUT /companyVendorConnectionsArchive: Archive an Integration Connection Knowledge Base Answer: GET /knowledgeBaseAnswersShow: Get a Knowledge Base Answer PUT /knowledgeBaseAnswersUpdate: Update a Knowledge Base Answer DEL /knowledgeBaseAnswersDestroy: Delete a Knowledge Base Answer POST /knowledgeBaseAnswersCreate: Create a Knowledge Base Answer Knowledge Base Question: GET /knowledgeBaseQuestionsShow: Get a Knowledge Base Question PUT /knowledgeBaseQuestionsUpdate: Update a Knowledge Base Question DEL /knowledgeBaseQuestionsDestroy: Delete a Knowledge Base Question POST /knowledgeBaseQuestionsCreate: Create a Knowledge Base Question Repository: GET /repositoriesIndex: List Repositories GET /repositoriesShow: Get a Repository PUT /repositoriesUpdate: Update a Repository Repository Framework Asset Scope: GET /repositoriesCompanyFrameworkAssetScopesIndex: List Framework Asset Scopes POST /repositoriesCompanyFrameworkAssetScopesCreate: Create Framework Asset Scope Security Questionnaire: POST /securityQuestionnairesCreate: Create a Security Questionnaire Test: GET /companyTestsIndex: List Tests GET /companyTestsShow: Get a Test PUT /companyTestsUpdate: Update a Test Test Evidence: POST /companyTestsEvidencesCreate: Create a Test Evidence Test Export: POST /companyTestsTestExportsCreate: Create a Test Export Third Party Risk Management Vendor: GET /tprmVendorRiskDetailsIndex: List Third Party Risk Management Vendors GET /tprmVendorRiskDetailsShow: Get a Third Party Risk Management Vendor ``` -------------------------------- ### API Endpoint Definition: GET /controls/{id} Source: https://developer.secureframe.com/tag/Control Documents the GET /controls/{id} API endpoint, which retrieves a specific control's details. It specifies the required path parameter and lists possible HTTP response codes. ```APIDOC Endpoint: GET /controls/{id} Description: Retrieve details for a specific control by its ID. Path Parameters: id: type: string required: true description: Scope response to id Responses: 400: Bad Request 401: Unauthorized 403: Forbidden 404: Resource not found default: Successful response ``` -------------------------------- ### Secureframe API Endpoints Reference Source: https://developer.secureframe.com/tag/User-Evidence This section lists all available API endpoints, categorized by resource, along with their respective HTTP methods and brief descriptions of their operations. ```APIDOC Endpoints: Cloud Resource: - GET /cloudResourcesIndex: List Cloud Resources - GET /cloudResourcesShow: Get a Cloud Resource - PUT /cloudResourcesUpdate: Update a Cloud Resource Cloud Resource Framework Asset Scope: - GET /cloudResourcesCompanyFrameworkAssetScopesIndex: List Framework Asset Scopes - POST /cloudResourcesCompanyFrameworkAssetScopesCreate: Create Framework Asset Scope Control: - GET /companyControlV2sIndex: List Controls - GET /companyControlV2sShow: Get a Control Custom Integration: - POST /customConnectionsResourceDataCreate: Publish data Device: - GET /devicesIndex: List Devices - GET /devicesShow: Get a Device Evidence: - GET /evidencesShow: Get an Evidence Framework: - GET /companyFrameworksIndex: List Frameworks - GET /companyFrameworksShow: Get a Framework Integration Connection: - GET /companyVendorConnectionsIndex: List Integration Connections - GET /companyVendorConnectionsShow: Get an Integration Connection - PUT /companyVendorConnectionsArchive: Archive an Integration Connection Knowledge Base Answer: - GET /knowledgeBaseAnswersShow: Get a Knowledge Base Answer - PUT /knowledgeBaseAnswersUpdate: Update a Knowledge Base Answer - DELETE /knowledgeBaseAnswersDestroy: Delete a Knowledge Base Answer - POST /knowledgeBaseAnswersCreate: Create a Knowledge Base Answer Knowledge Base Question: - GET /knowledgeBaseQuestionsShow: Get a Knowledge Base Question - PUT /knowledgeBaseQuestionsUpdate: Update a Knowledge Base Question - DELETE /knowledgeBaseQuestionsDestroy: Delete a Knowledge Base Question - POST /knowledgeBaseQuestionsCreate: Create a Knowledge Base Question Repository: - GET /repositoriesIndex: List Repositories - GET /repositoriesShow: Get a Repository - PUT /repositoriesUpdate: Update a Repository Repository Framework Asset Scope: - GET /repositoriesCompanyFrameworkAssetScopesIndex: List Framework Asset Scopes - POST /repositoriesCompanyFrameworkAssetScopesCreate: Create Framework Asset Scope Security Questionnaire: - POST /securityQuestionnairesCreate: Create a Security Questionnaire Test: - GET /companyTestsIndex: List Tests - GET /companyTestsShow: Get a Test - PUT /companyTestsUpdate: Update a Test Test Evidence: - POST /companyTestsEvidencesCreate: Create a Test Evidence Test Export: - POST /companyTestsTestExportsCreate: Create a Test Export Third Party Risk Management Vendor: - GET /tprmVendorRiskDetailsIndex: List Third Party Risk Management Vendors ``` -------------------------------- ### Secureframe API Endpoints Overview Source: https://developer.secureframe.com/tag/Framework This section lists all available API endpoints, categorized by resource, along with their supported HTTP methods and descriptions of their operations. ```APIDOC Endpoints: Cloud Resource: - GET List Cloud Resources - GET Get a Cloud Resource - PUT Update a Cloud Resource Cloud Resource Framework Asset Scope: - GET List Framework Asset Scopes - POST Create Framework Asset Scope Control: - GET List Controls - GET Get a Control Custom Integration: - POST Publish data Device: - GET List Devices - GET Get a Device Evidence: - GET Get an Evidence Framework: - GET List Frameworks - GET Get a Framework Integration Connection: - GET List Integration Connections - GET Get an Integration Connection - PUT Archive an Integration Connection Knowledge Base Answer: - GET Get a Knowledge Base Answer - PUT Update a Knowledge Base Answer - DEL Delete a Knowledge Base Answer - POST Create a Knowledge Base Answer Knowledge Base Question: - GET Get a Knowledge Base Question - PUT Update a Knowledge Base Question - DEL Delete a Knowledge Base Question - POST Create a Knowledge Base Question Repository: - GET List Repositories - GET Get a Repository - PUT Update a Repository Repository Framework Asset Scope: - GET List Framework Asset Scopes - POST Create Framework Asset Scope Security Questionnaire: - POST Create a Security Questionnaire Test: - GET List Tests - GET Get a Test - PUT Update a Test Test Evidence: - POST Create a Test Evidence Test Export: - POST Create a Test Export Third Party Risk Management Vendor: - GET List Third Party Risk Management Vendors - GET Get a Third Party Risk Management Vendor ``` -------------------------------- ### Secureframe API Endpoints Reference Source: https://developer.secureframe.com/tag/Trust-Center-Request Detailed listing of all available Secureframe API endpoints, organized by resource category, including the HTTP method and a brief description of each operation. ```APIDOC Endpoints: Cloud Resource: GET /cloudResourcesIndex - List Cloud Resources GET /cloudResourcesShow - Get a Cloud Resource PUT /cloudResourcesUpdate - Update a Cloud Resource Cloud Resource Framework Asset Scope: GET /cloudResourcesCompanyFrameworkAssetScopesIndex - List Framework Asset Scopes POST /cloudResourcesCompanyFrameworkAssetScopesCreate - Create Framework Asset Scope Control: GET /companyControlV2sIndex - List Controls GET /companyControlV2sShow - Get a Control Custom Integration: POST /customConnectionsResourceDataCreate - Publish data Device: GET /devicesIndex - List Devices GET /devicesShow - Get a Device Evidence: GET /evidencesShow - Get an Evidence Framework: GET /companyFrameworksIndex - List Frameworks GET /companyFrameworksShow - Get a Framework Integration Connection: GET /companyVendorConnectionsIndex - List Integration Connections GET /companyVendorConnectionsShow - Get an Integration Connection PUT /companyVendorConnectionsArchive - Archive an Integration Connection Knowledge Base Answer: GET /knowledgeBaseAnswersShow - Get a Knowledge Base Answer PUT /knowledgeBaseAnswersUpdate - Update a Knowledge Base Answer DEL /knowledgeBaseAnswersDestroy - Delete a Knowledge Base Answer POST /knowledgeBaseAnswersCreate - Create a Knowledge Base Answer Knowledge Base Question: GET /knowledgeBaseQuestionsShow - Get a Knowledge Base Question PUT /knowledgeBaseQuestionsUpdate - Update a Knowledge Base Question DEL /knowledgeBaseQuestionsDestroy - Delete a Knowledge Base Question POST /knowledgeBaseQuestionsCreate - Create a Knowledge Base Question Repository: GET /repositoriesIndex - List Repositories GET /repositoriesShow - Get a Repository PUT /repositoriesUpdate - Update a Repository Repository Framework Asset Scope: GET /repositoriesCompanyFrameworkAssetScopesIndex - List Framework Asset Scopes POST /repositoriesCompanyFrameworkAssetScopesCreate - Create Framework Asset Scope Security Questionnaire: POST /securityQuestionnairesCreate - Create a Security Questionnaire Test: GET /companyTestsIndex - List Tests GET /companyTestsShow - Get a Test PUT /companyTestsUpdate - Update a Test Test Evidence: POST /companyTestsEvidencesCreate - Create a Test Evidence Test Export: POST /companyTestsTestExportsCreate - Create a Test Export Third Party Risk Management Vendor: GET /tprmVendorRiskDetailsIndex - List Third Party Risk Management Vendors ``` -------------------------------- ### API: Get a Cloud Resource by ID Source: https://developer.secureframe.com/tag/Cloud-Resource Describes the API endpoint for retrieving a single Cloud Resource using its ID. ```APIDOC Endpoint: GET /cloud_resources/{id} Description: Returns a single Cloud Resource by ID. Security: header_authorization ``` -------------------------------- ### Secureframe API Endpoints Reference Source: https://developer.secureframe.com/tag/Custom-Integration Detailed listing of all available API endpoints, grouped by resource, showing the HTTP method and a brief description of each operation. This section serves as a quick reference for API consumers to understand the scope of available functionalities. ```APIDOC Endpoints: Cloud Resource: - GET: List Cloud Resources (Operation: cloudResourcesIndex) - GET: Get a Cloud Resource (Operation: cloudResourcesShow) - PUT: Update a Cloud Resource (Operation: cloudResourcesUpdate) Cloud Resource Framework Asset Scope: - GET: List Framework Asset Scopes (Operation: cloudResourcesCompanyFrameworkAssetScopesIndex) - POST: Create Framework Asset Scope (Operation: cloudResourcesCompanyFrameworkAssetScopesCreate) Control: - GET: List Controls (Operation: companyControlV2sIndex) - GET: Get a Control (Operation: companyControlV2sShow) Custom Integration: - POST: Publish data (Operation: customConnectionsResourceDataCreate) Device: - GET: List Devices (Operation: devicesIndex) - GET: Get a Device (Operation: devicesShow) Evidence: - GET: Get an Evidence (Operation: evidencesShow) Framework: - GET: List Frameworks (Operation: companyFrameworksIndex) - GET: Get a Framework (Operation: companyFrameworksShow) Integration Connection: - GET: List Integration Connections (Operation: companyVendorConnectionsIndex) - GET: Get an Integration Connection (Operation: companyVendorConnectionsShow) - PUT: Archive an Integration Connection (Operation: companyVendorConnectionsArchive) Knowledge Base Answer: - GET: Get a Knowledge Base Answer (Operation: knowledgeBaseAnswersShow) - PUT: Update a Knowledge Base Answer (Operation: knowledgeBaseAnswersUpdate) - DELETE: Delete a Knowledge Base Answer (Operation: knowledgeBaseAnswersDestroy) - POST: Create a Knowledge Base Answer (Operation: knowledgeBaseAnswersCreate) Knowledge Base Question: - GET: Get a Knowledge Base Question (Operation: knowledgeBaseQuestionsShow) - PUT: Update a Knowledge Base Question (Operation: knowledgeBaseQuestionsUpdate) - DELETE: Delete a Knowledge Base Question (Operation: knowledgeBaseQuestionsDestroy) - POST: Create a Knowledge Base Question (Operation: knowledgeBaseQuestionsCreate) Repository: - GET: List Repositories (Operation: repositoriesIndex) - GET: Get a Repository (Operation: repositoriesShow) - PUT: Update a Repository (Operation: repositoriesUpdate) Repository Framework Asset Scope: - GET: List Framework Asset Scopes (Operation: repositoriesCompanyFrameworkAssetScopesIndex) - POST: Create Framework Asset Scope (Operation: repositoriesCompanyFrameworkAssetScopesCreate) Security Questionnaire: - POST: Create a Security Questionnaire (Operation: securityQuestionnairesCreate) Test: - GET: List Tests (Operation: companyTestsIndex) - GET: Get a Test (Operation: companyTestsShow) - PUT: Update a Test (Operation: companyTestsUpdate) Test Evidence: - POST: Create a Test Evidence (Operation: companyTestsEvidencesCreate) Test Export: - POST: Create a Test Export (Operation: companyTestsTestExportsCreate) Third Party Risk Management Vendor: - GET: List Third Party Risk Management Vendors (Operation: tprmVendorRiskDetailsIndex) - GET: (Incomplete operation) ``` -------------------------------- ### API Endpoints for Devices Source: https://developer.secureframe.com/tag/Test Lists the available API operations for managing Devices, including listing all devices and retrieving a specific device. ```APIDOC Device: GET devicesIndex: List Devices GET devicesShow: Get a Device ``` -------------------------------- ### API Documentation: Get a User by ID Source: https://developer.secureframe.com/tag/User Details the API endpoint for retrieving a single user by their ID, including security requirements. ```APIDOC Endpoint: GET /users/{id} Description: Returns a User by ID. Security: header_authorization Request: (No specific parameters detailed in the provided text for this section beyond security) ``` -------------------------------- ### Secureframe API Endpoints Overview Source: https://developer.secureframe.com/tag/Knowledge-Base-Question This section outlines all available API endpoints, grouped by their respective resource categories. It serves as a quick reference for understanding the scope and functionality of the Secureframe API. ```APIDOC Endpoints: Cloud Resource: GET /cloudResourcesIndex: List Cloud Resources GET /cloudResourcesShow: Get a Cloud Resource PUT /cloudResourcesUpdate: Update a Cloud Resource Cloud Resource Framework Asset Scope: GET /cloudResourcesCompanyFrameworkAssetScopesIndex: List Framework Asset Scopes POST /cloudResourcesCompanyFrameworkAssetScopesCreate: Create Framework Asset Scope Control: GET /companyControlV2sIndex: List Controls GET /companyControlV2sShow: Get a Control Custom Integration: POST /customConnectionsResourceDataCreate: Publish data Device: GET /devicesIndex: List Devices GET /devicesShow: Get a Device Evidence: GET /evidencesShow: Get an Evidence Framework: GET /companyFrameworksIndex: List Frameworks GET /companyFrameworksShow: Get a Framework Integration Connection: GET /companyVendorConnectionsIndex: List Integration Connections GET /companyVendorConnectionsShow: Get an Integration Connection PUT /companyVendorConnectionsArchive: Archive an Integration Connection Knowledge Base Answer: GET /knowledgeBaseAnswersShow: Get a Knowledge Base Answer PUT /knowledgeBaseAnswersUpdate: Update a Knowledge Base Answer DEL /knowledgeBaseAnswersDestroy: Delete a Knowledge Base Answer POST /knowledgeBaseAnswersCreate: Create a Knowledge Base Answer Knowledge Base Question: GET /knowledgeBaseQuestionsShow: Get a Knowledge Base Question PUT /knowledgeBaseQuestionsUpdate: Update a Knowledge Base Question DEL /knowledgeBaseQuestionsDestroy: Delete a Knowledge Base Question POST /knowledgeBaseQuestionsCreate: Create a Knowledge Base Question Repository: GET /repositoriesIndex: List Repositories GET /repositoriesShow: Get a Repository PUT /repositoriesUpdate: Update a Repository Repository Framework Asset Scope: GET /repositoriesCompanyFrameworkAssetScopesIndex: List Framework Asset Scopes POST /repositoriesCompanyFrameworkAssetScopesCreate: Create Framework Asset Scope Security Questionnaire: POST /securityQuestionnairesCreate: Create a Security Questionnaire Test: GET /companyTestsIndex: List Tests GET /companyTestsShow: Get a Test PUT /companyTestsUpdate: Update a Test Test Evidence: POST /companyTestsEvidencesCreate: Create a Test Evidence Test Export: POST /companyTestsTestExportsCreate: Create a Test Export Third Party Risk Management Vendor: GET /tprmVendorRiskDetailsIndex: List Third Party Risk Management Vendors ``` -------------------------------- ### Device API Endpoints Source: https://developer.secureframe.com/tag/Repository Endpoints for managing and retrieving information about devices, including listing all devices or getting details for a specific device. ```APIDOC GET /devicesIndex: List Devices GET /devicesShow: Get a Device ``` -------------------------------- ### Get an Integration Connection by ID API Source: https://developer.secureframe.com/tag/Integration-Connection Returns a single Integration Connection by its ID. Requires the connection ID as a path parameter. ```APIDOC Endpoint: GET /integration_connections/{id} Path Parameters: Parameter | Type | Description --- | --- | --- `id` required | string | Scope response to id ``` ```APIDOC Response Sample (application/json): { "data": { "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08", "type": "string", "attributes": { "id": "497f6eca-6276-4993-bfeb-53cbbbba6f08", "name": "string", "status": "connected", "vendor_name": "string", "updated_at": "2019-08-24T14:15:22Z" }, "relationships": {}, "links": {} }, "includes": {} } ``` -------------------------------- ### API Endpoints for Frameworks Source: https://developer.secureframe.com/tag/Test Lists the available API operations for managing Frameworks, including listing all frameworks and retrieving a specific framework. ```APIDOC Framework: GET companyFrameworksIndex: List Frameworks GET companyFrameworksShow: Get a Framework ``` -------------------------------- ### API: Get a User Account by ID Source: https://developer.secureframe.com/tag/User-Account Retrieves a single User Account resource using its unique identifier. Requires header authorization. ```APIDOC Endpoint: GET /user_accounts/{id} Description: Returns a single User Account by ID. Security: header_authorization ``` -------------------------------- ### Secureframe API Endpoints Overview Source: https://developer.secureframe.com/tag/Device A comprehensive list of available API endpoints categorized by resource, detailing the HTTP methods and their corresponding operations for managing various Secureframe entities. ```APIDOC Third Party Risk Management Vendor: - GET /tprmVendorRiskDetailsShow: Get a Third Party Risk Management Vendor - PUT /tprmVendorRiskDetailsArchive: Archive a Third Party Risk Management Vendor Trust Center Request: - GET /trustCenterRequestsIndex: List Trust Center Requests - GET /trustCenterRequestsShow: Get a Trust Center Request - PUT /trustCenterRequestsUpdate: Update a Trust Center Request User: - GET /companyUsersIndex: List Users - GET /companyUsersShow: Get a User - PUT /companyUsersUpdate: Update a User User Account: - GET /companyUserVendorsIndex: List User Accounts - GET /companyUserVendorsShow: Get a User Account - PUT /companyUserVendorsLink: Link a User Account User Evidence: - POST /companyUsersEvidencesCreate: Create a User Evidence Vendor: - GET /companyVendorsIndex: List Vendors - GET /companyVendorsShow: Get a Vendor - PUT /companyVendorsArchive: Archive a Vendor ``` -------------------------------- ### Control API: Get a Control Endpoint Source: https://developer.secureframe.com/tag/Control Describes the API endpoint for retrieving a single Control by its ID. This operation requires header authorization. ```APIDOC Endpoint: get/controls (by ID) Security: header_authorization Request ```