NAV

API Reference

The ThirdPartyTrust API is organized around REST. Our API has predictable, resource-oriented URLs, and uses HTTP response codes to indicate API errors. We use built-in HTTPS features, like HTTPS authentication and HTTPS verbs, which are understood by off-the-shelf HTTPS clients.

API Endpoint

https://api.thirdpartytrust.com/api/

Authentication

Token

ThirdPartyTrust API endpoints require an authentication token to be passed in an authorization header in order to return data. If you do not already have a token, you can create one by going to the “Integration” area in your Settings page and then clicking Generate New Token. Please note tokens do not expire and you can re-use them over and over again.

Once you have your token you can pass it in using the Authorization http header as shown in the Request example.

Example Request

  curl -X GET \
  https://api.thirdpartytrust.com/api/companyinfo \
  -H 'authorization: Token <your token>'

Attention: If you have multiple profiles, please contact support for further assistance.

Company

All company info

Fetches all company info for the logged in user.

Example Request

curl
  https://api.thirdpartytrust.com/api/companyinfo \
  -H "Authorization: Token eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."

Example Response

{
  "tech_contact_last_name": "Harris",
  "domain": "mycompany.com",
  "business_phone_number": "7675987887",
  "risk_committee": true,
  "year_founded": "1999",
  "company_logo_url": "https://mycompany.com/logo.png",
  "tech_phone_number": "9982234444",
  "postal_code": "60181",
  "incorp_state": "IL",
  "it_budget": "2M_4.9M",
  "it_sec_staff": "14",
  "tech_email": "elizabethharris@mycompany.com",
  "business_fax_number": "",
  "uuid": "f23f5ecc-e88b-41db-9266-7e8229200573",
  "business_contact_first_name": "fsak",
  "user_info":
  {
    "first_name": "Johnny",
    "last_name": "Appleseed",
    "uuid": "dbd174cd-df74-491b-96de-1e053cf20780",
    "email": "demo_user@mycompany.com",
    "isActive": true,
    "job_title": "Demo"
  },
  "state": "IL",
  "company_logo": "",
  "tech_contact_first_name": "Elizabeth",
  "public": false,
  "is_company_setup": true,
  "website": "mycompany.com",
  "company_legal_name": "My Company",
  "description": "Company Description",
  "city": "Oakbrook Terrace",
  "no_employees": "100_499",
  "address1": "2 Mid America Plz",
  "address2": "Ste 201",
  "it_staff": 15,
  "business_email": "test@testfake.com",
  "trust_score": 55,
  "packages":
  [
    {
      "name": "Standard Vendor Plan",
      "price": "199.99",
      "uuid": "3d3c9823-73hfjs-asdjrndi2-a27c-bbb49rhjs-1ks",
      "code_name": "STDVNDPL",
      "description": "The Standard Vendor Plan is a special plan offering to securely connect and share your data with your partners."
    }
  ],
  "ticker": "myco",
  "isActive": true,
  "isTest": true,
  "name": "My Company",
  "country": "US",
  "industry": "Health Care/Hospital/Medical Center/Retirement Home",
  "org_type": "c_corp",
  "ciso": true,
  "annual_revenue": "Undisclosed",
  "business_contact_last_name": "lastname",
  "it_sec_budget": "2M_4.9M",
  "tech_fax_number": "5126781768"
}

HTTP Request

GET https://api.thirdpartytrust.com/api/companyinfo

Query Parameters

None

Users

Get All Users

Fetches all the users as part of the company along with their role.

Example Request

curl --request
  https://api.thirdpartytrust.com/api/company/users \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json"

Example Response

{
"first_name": "Thomas",
"last_name": "Jefferson",
"uuid": "7301af3b-abcf-4561-80c3-eee877e1a22c",
"role": null,
"email": "demo_user@mycompany.com",
"isActive": true
}

HTTP Request

GET https://api.thirdpartytrust.com/api/company/users

Query Parameters

None

Register a new user

Endpoint to automatically register a user.

Example Request

curl --request
  https://api.thirdpartytrust.com/api/signup \
  -H "Content-Type: application/json"
    -d '{
          "email": "test@testcompany.com",
          "first_name": "FirstName",
          "job_title": "MyTitle",
          "last_name": "LastName",
          "password": "Test1234",
          "phone_number": "123456789",
          "terms": "on"
      }'

Example Response

{
"data": "User Registered Successfully."
}

HTTP Request

POST https://api.thirdpartytrust.com/api/signup

Query Parameters

None

Request Body

Key Value
email The email of the users that you want to register
first_name First name of the user
last_name Last name of the user
job_title Job title of the user
password Password must be at least 8 characters long and contain one upper and one lower case letter
phone_number Phone number of the user
terms This indicates if the user is accepting the ThirdPartyTrust terms and conditions. Only valid value is “on”

Invite a new user

Send an email inviation to a new user(s)

Example Request

curl --request
   https://api.thirdpartytrust.com/api/company/users/invitation \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json" \
  -d '{
        "recipient_emails":["test@company.com"],
        "message": "<p>Hi -</p>Test Message<br><p>Thanks,</p>",
        "subject": "Sample Subject",
        "role":"admin"
    }'

Example Response

{
"data": "Users Invited Successfully"
}

HTTP Request

POST https://api.thirdpartytrust.com/api/company/users/invitation

Query Parameters

None

Request Body

Key Value
recipient_emails The emai of the user(s) that you want to add
message An optional custom message that you can include on the invitiation
subject An optional custom subject that you can include on the invitiation
role The user role that you want the user(s) to have. Valid values: admin, operations, view_only, internal_business_user

Add a department to a user

Add a department to a user. The department restricts what vendors a user can see

Example Request

curl --request
  https://api.thirdpartytrust.com/api/company/users/1178865c-9c26-4b2d-8e90-c14430c9191c/department/91a79670-af13-46b9-be51-9e2ce7a39103 \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json" \
  -d department:"91a79670-af13-46b9-be51-9e2ce7a39103" \

Example Response

{
"primary_type": "user",
"secondary_type": "department",
"primary_uuid": "0a7c7a4d-49d0-4082-9a56-b89f36e8846b",
"relation": "user-department",
"secondary_uuid": "4c99249d-e4fc-49a1-8233-8da8ab59bfcb",
"model_name": "Map",
"uuid": "7877c1e8-3559-4b29-8a62-6e12905ab257"
}

HTTP Request

POST https://api.thirdpartytrust.com/api/company/users/{userId}/department/{departmentId}

Query Parameters

Parameter Description
userId The uuid of the the user that you want to add a department to
departmentId The uuid of the department you want to add from the user

Remove a department from a user

Remove a department from the user. The department restricts what vendors a user can see

Example Request

curl --request
   https://api.thirdpartytrust.com/api/company/users/1178865c-9c26-4b2d-8e90-c14430c9191c/department/91a79670-af13-46b9-be51-9e2ce7a39103 \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json" \
  -d remove:"true"

Example Response

{
  "data": "91a79670-af13-46b9-be51-9e2ce7a39103"
}

HTTP Request

POST https://api.thirdpartytrust.com/api/company/users/{userId}/department/{departmentId}

Query Parameters

Parameter Description
userId The uuid of the the user that you want to remove the department from
departmentId The uuid of the department you want to remove from the user

Request Body

Key Value
remove Hard code the value “true”

Update user role

Change a user role

Example Request

curl --request
    https://api.thirdpartytrust.com/api/company/users/87261d0e-9ff8-4395-afc1-d51e6e51ee8f
   -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
   -H "Content-Type: application/json" \
   -d role:"operations"

Example Response

{
  "identifier": "25726363-bc50-4a0a-b46d-7f890c71d730",
  "name": "map"
}

HTTP Request

POST https://api.thirdpartytrust.com/api/company/users/{userId}

Query Parameters

Parameter Description
userId The uuid of the user that you want to remove

Request Body

Key Value
role The user role that you want the user(s) to have. Valid values: admin, operations, view_only, internal_business_user

Delete a user

Delete a user from the system

Example Request

curl --request
  https://api.thirdpartytrust.com/api/company/users/afc3f1df-3628-4909-86ec-1e3ac4b3b875 \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json" \
  -d remove:"true"

Example Response

{
"data": "null"
}

HTTP Request

POST https://api.thirdpartytrust.com/api/company/users/{userId}

Query Parameters

Parameter Description
userId The uuid of the user that you want to remove

Request Body

Key Value
remove Hard code the value “true”

Reporting

All reporting data

Fetches all reporting data for the company of the logged in user.

Example Request

curl
  https://api.thirdpartytrust.com/api/v2/reporting.get_dashboard_data \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json" \
   --data-binary '{}'

Example Response

{
   "vendors_by_label":[
      {
         "uuid":"7dae0634-4bab-45d5-a470-57abf832a300",
         "name":"Blacklisted",
         "vendors":[
            "fc450fe9-c213-4747-8c5f-0bc8bebf7d83",
            "96f0de40-31ea-4819-935a-1314462877b1"
         ]
      },
      {
         "uuid":"4e1c5edb-f8af-4a3e-ad0f-fe30e4a3c763",
         "name":"Tier 4",
         "vendors":[
            "89f3dad7-d043-4dba-bc9e-e6e616a0d463",
            "e9585b08-f611-4c15-8adc-055e0d240cbf"
         ]
      },
      {
         "uuid":"936b04a1-be09-4c0e-8e08-934bb10d9d94",
         "name":"Tier 1",
         "vendors":[
            "39d5d697-8aac-4348-97d6-8a63f86d2553",
            "86c5e165-6342-428f-867b-4872e02dd5c3",
            "a3c3fc18-2d39-4e68-adb9-905b1a4277ff",
            "b2296245-89a8-444d-934f-13aff8a8a166",
            "f7223af0-1e03-4813-a279-60de94d7ac25",
            "92d47ff9-527e-478a-8291-3da904765cf6",
            "bfd0fbd7-25e3-4821-a723-74899b731f0c",
            "ce921ee6-80d5-4a15-bcd9-2c43083567fe",
            "098fe77b-f311-4b5a-94ce-86df4f8a5e08"
         ]
      },
      {
         "uuid":"49b8e070-a173-486a-8935-1073ea527206",
         "name":"Tier 2",
         "vendors":[
            "c54d52b5-fced-418f-8795-1edc056d3a72",
            "8686f593-23c4-4ad8-a671-4a60ded95a1c",
            "a7e42161-08dd-4cf2-8933-2bfdb13db15e",
            "c0672b39-bbb4-4135-8ece-34d11aff5af1",
            "96f0de40-31ea-4819-935a-1314462877b1",
            "b6df4b0d-e7e8-4b62-a167-9f779ea53177"
         ]
      },
      {
         "uuid":"97f8986d-63fe-4c73-9609-25ed9c111da7",
         "name":"Cloud",
         "vendors":[
            "afebb303-7b8b-45b0-9d79-dc06b8338694",
            "92d47ff9-527e-478a-8291-3da904765cf6",
            "6832d5ba-3492-487b-aedf-4153b7aa3b31"
         ]
      },
      {
         "uuid":"80161abf-b7ba-44ac-b25a-50b19f168253",
         "name":"SOC",
         "vendors":[
            "54b5079d-d28e-4424-bdd8-ae92a3bff4fd",
            "5080e1f5-4b91-4a4d-a687-0c4571efb598",
            "2655f6b3-69c6-4c60-b606-a3649effe6cd",
            "dfd4a6a8-0d57-45df-b00a-6d6a009e97db",
            "f7110286-dafb-4d94-ae98-2b07be20cf62"
         ]
      },
      {
         "uuid":"651be650-9ff6-47e5-8024-e3ecd21390e9",
         "name":"Tier 3",
         "vendors":[
            "1967731b-a320-4af2-b38b-a27fc7c7346c",
            "fc7dadd1-8ca5-4f1b-b09e-d267c38eb0d7",
            "0ca0464a-6ae0-407f-8982-e57fd128cbf4",
            "a77a1e61-e1a9-4aab-8416-a76eede40256",
            "dea9a137-d567-43f8-92ef-744620ee1d7b",
            "be1374ee-1eb4-489f-85cb-28c36c75d9e8",
            "0e7f8457-b581-4ed2-8eba-5a20e34b4229"
         ]
      },
      {
         "uuid":"8a833da0-d397-4877-a8b2-dce6f035cd4a",
         "name":"GDPR",
         "vendors":[
            "92d47ff9-527e-478a-8291-3da904765cf6",
            "8442c702-f34b-4751-8e64-5b83da247545"
         ]
      }
   ],
   "vendors_by_department":[
      {
         "name":"Brookfield Dept A",
         "uuid":"a26283f9-062d-430e-b11f-0320d9bf26ec",
         "vendors":[
            "92d47ff9-527e-478a-8291-3da904765cf6",
            "96f0de40-31ea-4819-935a-1314462877b1"
         ]
      },
      {
         "name":"Business Development",
         "uuid":"4c99249d-e4fc-49a1-8233-8da8ab59bfcb",
         "vendors":[
            "fc450fe9-c213-4747-8c5f-0bc8bebf7d83",
            "c54d52b5-fced-418f-8795-1edc056d3a72",
            "afebb303-7b8b-45b0-9d79-dc06b8338694",
            "c0672b39-bbb4-4135-8ece-34d11aff5af1",
            "2655f6b3-69c6-4c60-b606-a3649effe6cd"
         ]
      },
      {
         "name":"Customer Service",
         "uuid":"009cda01-8a76-4d6d-8a7e-a81e180017bd",
         "vendors":[
            "b2296245-89a8-444d-934f-13aff8a8a166",
            "f7110286-dafb-4d94-ae98-2b07be20cf62"
         ]
      },
      {
         "name":"Customers",
         "uuid":"6ac5234c-1bd0-4e7f-98c1-17ab10a7d859",
         "vendors":[
            "8686f593-23c4-4ad8-a671-4a60ded95a1c",
            "a7e42161-08dd-4cf2-8933-2bfdb13db15e",
            "2655f6b3-69c6-4c60-b606-a3649effe6cd",
            "92d47ff9-527e-478a-8291-3da904765cf6",
            "bfd0fbd7-25e3-4821-a723-74899b731f0c",
            "be1374ee-1eb4-489f-85cb-28c36c75d9e8",
            "0e7f8457-b581-4ed2-8eba-5a20e34b4229"
         ]
      },
      {
         "name":"Engineering",
         "uuid":"2a6f5416-3080-45a4-ac85-cbffecff88d9",
         "vendors":[
            "afebb303-7b8b-45b0-9d79-dc06b8338694",
            "5080e1f5-4b91-4a4d-a687-0c4571efb598"
         ]
      },
      {
         "name":"Financial",
         "uuid":"618e97ce-3bbf-4c0d-a7ab-403adf2d544d",
         "vendors":[
            "a7e42161-08dd-4cf2-8933-2bfdb13db15e",
            "5080e1f5-4b91-4a4d-a687-0c4571efb598",
            "bfd0fbd7-25e3-4821-a723-74899b731f0c"
         ]
      },
      {
         "name":"Human Resources",
         "uuid":"91a79670-af13-46b9-be51-9e2ce7a39103",
         "vendors":[
            "39d5d697-8aac-4348-97d6-8a63f86d2553",
            "f7223af0-1e03-4813-a279-60de94d7ac25",
            "2655f6b3-69c6-4c60-b606-a3649effe6cd"
         ]
      },
      {
         "name":"Insurance",
         "uuid":"73ff0659-24de-4dea-b17e-6f68e1dc232a",
         "vendors":[
            "5080e1f5-4b91-4a4d-a687-0c4571efb598"
         ]
      },
      {
         "name":"Management",
         "uuid":"c46f4724-44ba-485e-8f22-9116798c7217",
         "vendors":[
            "bfd0fbd7-25e3-4821-a723-74899b731f0c"
         ]
      },
      {
         "name":"Other",
         "uuid":"73c34a78-10ba-4683-bf49-8cd658ff15bf",
         "vendors":[
            "8686f593-23c4-4ad8-a671-4a60ded95a1c",
            "54b5079d-d28e-4424-bdd8-ae92a3bff4fd",
            "1967731b-a320-4af2-b38b-a27fc7c7346c",
            "fc7dadd1-8ca5-4f1b-b09e-d267c38eb0d7"
         ]
      },
      {
         "name":"Research & Development",
         "uuid":"23e74e3e-6283-4287-b397-5e198956389b",
         "vendors":[
            "89f3dad7-d043-4dba-bc9e-e6e616a0d463"
         ]
      },
      {
         "name":"Sales",
         "uuid":"15e37724-de4a-401d-b789-93dfe3b5e9a1",
         "vendors":[
            "54b5079d-d28e-4424-bdd8-ae92a3bff4fd"
         ]
      },
      {
         "name":"Services",
         "uuid":"282ce40c-1f71-4443-b86a-2ea912dfa139",
         "vendors":[
            "8686f593-23c4-4ad8-a671-4a60ded95a1c"
         ]
      },
      {
         "name":"Mortgage",
         "uuid":"d0e8e1f1-2e16-4a3d-8593-c3a20c28e0cc",
         "vendors":[
            "fc7dadd1-8ca5-4f1b-b09e-d267c38eb0d7"
         ]
      },
      {
         "name":"Commercial",
         "uuid":"014e152c-85f3-4e00-9a65-5553dc99ae55",
         "vendors":[
            "a3c3fc18-2d39-4e68-adb9-905b1a4277ff",
            "b2296245-89a8-444d-934f-13aff8a8a166",
            "098fe77b-f311-4b5a-94ce-86df4f8a5e08"
         ]
      }
   ],
   "vendors_status":{
      "d5a7d399-cb2f-430e-8fce-af449d51771b":{
         "added":"2018-11-30T18:32:15.292504",
         "approved":null
      },
      "9138b113-3070-4145-bd4d-370c67adc620":{
         "added":"2018-12-13T15:47:59.567138",
         "approved":null
      },
      "fc450fe9-c213-4747-8c5f-0bc8bebf7d83":{
         "added":"2018-07-06T21:03:59.104678",
         "approved":"2018-06-25 00:00:00"
      },
      "89f3dad7-d043-4dba-bc9e-e6e616a0d463":{
         "added":"2016-05-03T22:54:07.969152",
         "approved":"2016-02-15 00:00:00"
      },
      "c4e406a7-954e-46f5-b76a-228f448947f6":{
         "added":"2018-12-14T16:56:20.787318",
         "approved":null
      }
   },
   "vendors_by_state":[
      {
         "code":"TX",
         "value":[
            "fc7dadd1-8ca5-4f1b-b09e-d267c38eb0d7"
         ]
      },
      {
         "code":null,
         "value":[
            "e9585b08-f611-4c15-8adc-055e0d240cbf",
            "ce921ee6-80d5-4a15-bcd9-2c43083567fe",
            "a241f5fb-e1d0-4c59-9b06-5bd80c9d9522"
         ]
      },
      {
         "code":"CA",
         "value":[
            "8442c702-f34b-4751-8e64-5b83da247545",
            "89f3dad7-d043-4dba-bc9e-e6e616a0d463"
         ]
      },
      {
         "code":"IL",
         "value":[
            "a3c3fc18-2d39-4e68-adb9-905b1a4277ff",
            "dfd4a6a8-0d57-45df-b00a-6d6a009e97db"
         ]
      },
      {
         "code":"AK",
         "value":[
            "2655f6b3-69c6-4c60-b606-a3649effe6cd"
         ]
      },
      {
         "code":"AL",
         "value":[
            "92d47ff9-527e-478a-8291-3da904765cf6",
            "96f0de40-31ea-4819-935a-1314462877b1",
            "54b5079d-d28e-4424-bdd8-ae92a3bff4fd"
         ]
      },
      {
         "code":"AZ",
         "value":[
            "098fe77b-f311-4b5a-94ce-86df4f8a5e08"
         ]
      },
      {
         "code":"IN",
         "value":[
            "c0672b39-bbb4-4135-8ece-34d11aff5af1"
         ]
      },
      {
         "code":"ID",
         "value":[
            "0ca0464a-6ae0-407f-8982-e57fd128cbf4"
         ]
      },
      {
         "code":"AR",
         "value":[
            "0e7f8457-b581-4ed2-8eba-5a20e34b4229"
         ]
      },
      {
         "code":"VA",
         "value":[
            "39d5d697-8aac-4348-97d6-8a63f86d2553"
         ]
      }
   ],
   "vendors_by_country":[
      {
         "code":"US",
         "value":[
            "fc7dadd1-8ca5-4f1b-b09e-d267c38eb0d7",
            "8442c702-f34b-4751-8e64-5b83da247545",
            "098fe77b-f311-4b5a-94ce-86df4f8a5e08",
            "c0672b39-bbb4-4135-8ece-34d11aff5af1",
            "96f0de40-31ea-4819-935a-1314462877b1",
            "0e7f8457-b581-4ed2-8eba-5a20e34b4229",
            "afebb303-7b8b-45b0-9d79-dc06b8338694",
            "c54d52b5-fced-418f-8795-1edc056d3a72",
            "5080e1f5-4b91-4a4d-a687-0c4571efb598",
            "89f3dad7-d043-4dba-bc9e-e6e616a0d463",
            "f7223af0-1e03-4813-a279-60de94d7ac25",
            "1967731b-a320-4af2-b38b-a27fc7c7346c",
            "54b5079d-d28e-4424-bdd8-ae92a3bff4fd",
            "39d5d697-8aac-4348-97d6-8a63f86d2553",
            "dfd4a6a8-0d57-45df-b00a-6d6a009e97db"
         ]
      },
      {
         "code":"DZ",
         "value":[
            "e9585b08-f611-4c15-8adc-055e0d240cbf",
            "a241f5fb-e1d0-4c59-9b06-5bd80c9d9522"
         ]
      },
      {
         "code":"AX",
         "value":[
            "a3c3fc18-2d39-4e68-adb9-905b1a4277ff",
            "ce921ee6-80d5-4a15-bcd9-2c43083567fe"
         ]
      },
      {
         "code":null,
         "value":[
            "2655f6b3-69c6-4c60-b606-a3649effe6cd"
         ]
      },
      {
         "code":"BT",
         "value":[
            "92d47ff9-527e-478a-8291-3da904765cf6"
         ]
      },
      {
         "code":"AL",
         "value":[
            "0ca0464a-6ae0-407f-8982-e57fd128cbf4"
         ]
      }
   ],
   "vendors_info":[
      {
         "uuid":"d5a7d399-cb2f-430e-8fce-af449d51771b",
         "name":"koehler-eclinical",
         "domain":"koehler-eclinical.com",
         "industry":null,
         "type":"inactive",
         "connected_on":"2018-11-30 18:32:14"
      },
      {
         "uuid":"5080e1f5-4b91-4a4d-a687-0c4571efb598",
         "name":"Liberty Mutual Insurance",
         "domain":"libertymutual.com",
         "industry":"Insurance",
         "type":"inactive",
         "connected_on":"2017-04-28 18:33:59"
      }
   ],
   "vendor_assessment_status":{
      "Approved":16,
      "Re-Approval in 30 days":0,
      "Re-Approval in 30-90 days":0,
      "Pending":22
   },
   "findings_by_status":[
      {
         "status":"Complete",
         "value":2
      },
      {
         "status":"90 day plus remediation",
         "value":3
      },
      {
         "status":"Completed",
         "value":2
      },
      {
         "status":"Pending",
         "value":2
      },
      {
         "status":null,
         "value":5
      },
      {
         "status":"Won't  remediate",
         "value":0
      }
   ],
   "newest_vendors":[
      {
         "uuid":"c4e406a7-954e-46f5-b76a-228f448947f6",
         "value":"2018-12-14 16:56:20"
      },
      {
         "uuid":"9138b113-3070-4145-bd4d-370c67adc620",
         "value":"2018-12-13 15:47:59"
      },
      {
         "uuid":"a241f5fb-e1d0-4c59-9b06-5bd80c9d9522",
         "value":"2018-12-03 18:21:31"
      },
      {
         "uuid":"d5a7d399-cb2f-430e-8fce-af449d51771b",
         "value":"2018-11-30 18:32:14"
      },
        {
         "uuid":"0e7f8457-b581-4ed2-8eba-5a20e34b4229",
         "value":"2018-08-02 15:42:15"
      }
   ],
   "next_review_date_by_vendor":{
      "89f3dad7-d043-4dba-bc9e-e6e616a0d463":"2017-02-14 00:00:00",
      "afebb303-7b8b-45b0-9d79-dc06b8338694":"2018-02-13 00:00:00",
      "a241f5fb-e1d0-4c59-9b06-5bd80c9d9522":" ",
      "a7e42161-08dd-4cf2-8933-2bfdb13db15e":" ",
      "96f0de40-31ea-4819-935a-1314462877b1":" ",
      "39d5d697-8aac-4348-97d6-8a63f86d2553":"2018-09-12 00:00:00",
      "dfd4a6a8-0d57-45df-b00a-6d6a009e97db":" ",
      "2655f6b3-69c6-4c60-b606-a3649effe6cd":"2019-10-21 00:00:00",
      "f7223af0-1e03-4813-a279-60de94d7ac25":" ",
      "8686f593-23c4-4ad8-a671-4a60ded95a1c":"2018-05-04 00:00:00",
      "fc450fe9-c213-4747-8c5f-0bc8bebf7d83":"2021-06-24 00:00:00",
      "a3c3fc18-2d39-4e68-adb9-905b1a4277ff":" ",
       "098fe77b-f311-4b5a-94ce-86df4f8a5e08":" ",
      "b6df4b0d-e7e8-4b62-a167-9f779ea53177":" "
   },
   "upcoming_review_dates":[
      {
         "uuid":"89f3dad7-d043-4dba-bc9e-e6e616a0d463",
         "value":"2017-02-14 00:00:00"
      },
      {
         "uuid":"5080e1f5-4b91-4a4d-a687-0c4571efb598",
         "value":"2018-01-13 00:00:00"
      },
      {
         "uuid":"fc7dadd1-8ca5-4f1b-b09e-d267c38eb0d7",
         "value":"2018-02-03 00:00:00"
      },
      {
         "uuid":"afebb303-7b8b-45b0-9d79-dc06b8338694",
         "value":"2018-02-13 00:00:00"
      },
      {
         "uuid":"0ca0464a-6ae0-407f-8982-e57fd128cbf4",
         "value":"2018-03-02 00:00:00"
      },
       {
         "uuid":"1577a954-bd32-4cb8-8c5e-0b8dcf86880d",
         "value":"2019-06-25 00:00:00"
      }
   ],
   "riskiest_vendors":[
      {
         "uuid":"a3c3fc18-2d39-4e68-adb9-905b1a4277ff",
         "value":85.0
      },
      {
         "uuid":"c54d52b5-fced-418f-8795-1edc056d3a72",
         "value":76.5
      },
      {
         "uuid":"6832d5ba-3492-487b-aedf-4153b7aa3b31",
         "value":75.175
      },
      {
         "uuid":"afebb303-7b8b-45b0-9d79-dc06b8338694",
         "value":67.80219780219781
      },
      {
         "uuid":"be1374ee-1eb4-489f-85cb-28c36c75d9e8",
         "value":51.75
      }
   ],
   "trustscore":21.875,
   "trustscore_average":58.53516519052853,
   "riskscore_average":44.23373319420941,
   "impactscore_average":59.53666666666665,
   "riskscores_by_vendor":{
      "a7e42161-08dd-4cf2-8933-2bfdb13db15e":48.0,
      "8686f593-23c4-4ad8-a671-4a60ded95a1c":40.5,
      "f7110286-dafb-4d94-ae98-2b07be20cf62":44.5,
      "c4e406a7-954e-46f5-b76a-228f448947f6":50.0
   },
   "trustscores_by_vendor":{
      "9138b113-3070-4145-bd4d-370c67adc620":0,
      "0ca0464a-6ae0-407f-8982-e57fd128cbf4":0,
      "a241f5fb-e1d0-4c59-9b06-5bd80c9d9522":0.0,
      "dfd4a6a8-0d57-45df-b00a-6d6a009e97db":0.0
   },
   "impactscores_by_vendor":{
      "c54d52b5-fced-418f-8795-1edc056d3a72":95.0,
      "a77a1e61-e1a9-4aab-8416-a76eede40256":27.95,
      "1967731b-a320-4af2-b38b-a27fc7c7346c":50.35,
      "54b5079d-d28e-4424-bdd8-ae92a3bff4fd":40.35
   }
}

HTTP Request

GET https://api.thirdpartytrust.com/api/v2/reporting.get_dashboard_data

Query Parameters

None

Connections

Get Active Connections

This will get all active company connections, both vendor and customer

The way to identify if a connection is a customer or a vendor is by checking the outgoing and incoming properties. If outgoing is not null it means that is a customer. If incoming is not null it means is a vendor.

Example Request

curl --request
  https://api.thirdpartytrust.com/api/v2/connections.actives \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json" \

Example Response

[
   {
      "company":{
         "model_name":"Company",
         "uuid":"a7e42161-08dd-4cf2-8933-2bfdb13db15e",
         "domain":"ngenx.com",
         "company_legal_name":"nGenx Corp.",
         "name":"nGenx Corp.",
         "website":"ngenx.com",
         "labels":[
            {
               "model_name":"CompanyLabel",
               "color":"#B5CC18",
               "name":"Tier 2",
               "uuid":"49b8e070-a173-486a-8935-1073ea527206"
            }
         ],
         "departments":[
            {
               "model_name":"Tier",
               "name":"Financial",
               "uuid":"618e97ce-3bbf-4c0d-a7ab-403adf2d544d"
            },
            {
               "model_name":"Tier",
               "name":"Customers",
               "uuid":"6ac5234c-1bd0-4e7f-98c1-17ab10a7d859"
            }
         ],
         "upcoming_due_dates":{
            "a0df1a60-2c5e-461a-886c-c1def221b61e":{
               "date":"2018-09-25",
               "fulfilled":false
            }
         },
         "logo_url":"https://s3.amazonaws.com/fileservice3.thirdpartytrust.com/b892ad10-83e6-4a24-a501-c68f2cea748a",
         "generic":{
            "connection_date":"2016-05-03T22:54:10.007697",
            "description":"",
            "approval_date":"2016-12-04 00:00:00",
            "lifecycle_state":{
               "model_name":"LifeCycle",
               "base_value":true,
               "type":1,
               "uuid":"18f45915-d9cf-4524-b920-692e9d8219a1",
               "value":"Pending Internal Data"
            }
         },
         "tier_score":75.0,
         "trust_score":79.0,
         "number_of_requirements":3,
         "next_review_date":" ",
         "due_date":{
            "date":"2018-09-25",
            "fulfilled":false
         }
      },
      "outgoing":null,
      "incoming":{
         "model_name":"CompanyConnection",
         "created_on":"2016-05-03 22:54:09",
         "manual":"False",
         "primary_uuid":"a7e42161-08dd-4cf2-8933-2bfdb13db15e",
         "secondary_uuid":"a0df1a60-2c5e-461a-886c-c1def221b61e",
         "uuid":"972c14d6-ffec-44d0-bc61-b9802ac8c4d1"
      }
   },
   {
      "company":{
         "model_name":"Company",
         "uuid":"8686f593-23c4-4ad8-a671-4a60ded95a1c",
         "domain":"broadviewnet.com",
         "company_legal_name":"Broadview Networks Inc.",
         "name":"Broadview Networks Inc.",
         "website":"broadviewnet.com",
         "labels":[
            {
               "model_name":"CompanyLabel",
               "color":"#B5CC18",
               "name":"Tier 2",
               "uuid":"49b8e070-a173-486a-8935-1073ea527206"
            }
         ],
         "departments":[
            {
               "model_name":"Tier",
               "name":"Services",
               "uuid":"282ce40c-1f71-4443-b86a-2ea912dfa139"
            },
            {
               "model_name":"Tier",
               "name":"Customers",
               "uuid":"6ac5234c-1bd0-4e7f-98c1-17ab10a7d859"
            },
            {
               "model_name":"Tier",
               "name":"Other",
               "uuid":"73c34a78-10ba-4683-bf49-8cd658ff15bf"
            }
         ],
         "upcoming_due_dates":{
            "a0df1a60-2c5e-461a-886c-c1def221b61e":{
               "date":"2019-02-02",
               "fulfilled":true
            }
         },
         "logo_url":"https://s3.amazonaws.com/fileservice3.thirdpartytrust.com/25907001-4c6e-4326-abb9-a6d170afb24e",
         "generic":{
            "approval_boolean":true,
            "connection_date":"2016-05-03T22:54:10.943478",
            "approval_date":"2018-04-06 00:00:00",
            "lifecycle_state":{
               "model_name":"LifeCycle",
               "base_value":true,
               "type":2,
               "uuid":"64f3b89c-046a-4dce-8263-0751a306fca1",
               "value":"Validated"
            }
         },
         "tier_score":80.0,
         "trust_score":99.0,
         "number_of_requirements":3,
         "next_review_date":"2018-05-04 00:00:00",
         "due_date":{
            "date":"2019-02-02",
            "fulfilled":true
         }
      },
      "outgoing":null,
      "incoming":{
         "model_name":"CompanyConnection",
         "created_on":"2016-05-03 22:54:10",
         "manual":"False",
         "primary_uuid":"8686f593-23c4-4ad8-a671-4a60ded95a1c",
         "secondary_uuid":"a0df1a60-2c5e-461a-886c-c1def221b61e",
         "uuid":"09e1a214-8974-4621-8e19-eb72dd43b364"
      }
   },
   {
      "company":{
         "model_name":"Company",
         "uuid":"afebb303-7b8b-45b0-9d79-dc06b8338694",
         "domain":"air-watch.com",
         "company_legal_name":"AirWatch",
         "name":"AirWatch",
         "website":"air-watch.com",
         "labels":[
            {
               "model_name":"CompanyLabel",
               "color":"#E03997",
               "name":"Cloud",
               "uuid":"97f8986d-63fe-4c73-9609-25ed9c111da7"
            }
         ],
         "departments":[
            {
               "model_name":"Tier",
               "name":"Engineering",
               "uuid":"2a6f5416-3080-45a4-ac85-cbffecff88d9"
            },
            {
               "model_name":"Tier",
               "name":"Business Development",
               "uuid":"4c99249d-e4fc-49a1-8233-8da8ab59bfcb"
            }
         ],
         "upcoming_due_dates":{
            "a0df1a60-2c5e-461a-886c-c1def221b61e":{
               "date":"2018-11-17",
               "fulfilled":true
            }
         },
         "logo_url":"https://s3.amazonaws.com/fileservice3.thirdpartytrust.com/f4ed5df0-06ee-4dac-b61f-00d61a413391",
         "generic":{
            "description":"",
            "relationship_date":"2017-11-27 00:00:00",
            "approval_date":"2017-11-21 00:00:00",
            "approval_boolean":true,
            "connection_date":"2016-05-03T22:54:12.369913",
            "lifecycle_state":{
               "model_name":"LifeCycle",
               "base_value":true,
               "type":2,
               "uuid":"64f3b89c-046a-4dce-8263-0751a306fca1",
               "value":"Validated"
            }
         },
         "tier_score":80.0,
         "trust_score":44.395604395604394,
         "number_of_requirements":0,
         "next_review_date":"2018-02-13 00:00:00",
         "due_date":{
            "date":"2018-11-17",
            "fulfilled":true
         }
      },
      "outgoing":null,
      "incoming":{
         "model_name":"CompanyConnection",
         "created_on":"2016-05-03 22:54:12",
         "manual":"False",
         "primary_uuid":"afebb303-7b8b-45b0-9d79-dc06b8338694",
         "secondary_uuid":"a0df1a60-2c5e-461a-886c-c1def221b61e",
         "uuid":"49249ce9-a6e5-4fa0-845f-203f7a939a7e"
      }
   },
   {
      "company":{
         "model_name":"Company",
         "uuid":"dfd4a6a8-0d57-45df-b00a-6d6a009e97db",
         "domain":"ezras.com",
         "company_legal_name":"Ezras",
         "name":"ezras",
         "website":"ezras.com",
         "labels":[
            {
               "model_name":"CompanyLabel",
               "color":"#21BA45",
               "name":"SOC",
               "uuid":"80161abf-b7ba-44ac-b25a-50b19f168253"
            }
         ],
         "departments":[

         ],
         "upcoming_due_dates":{
            "a0df1a60-2c5e-461a-886c-c1def221b61e":{
               "date":"2018-11-23 13:55:36",
               "fulfilled":true
            }
         },
         "logo_url":"https://s3.amazonaws.com/fileservice3.thirdpartytrust.com/b164bd02-9d58-401d-8e14-53a292ce4d30",
         "generic":{
            "connection_date":"2018-09-24T13:55:35.322618",
            "lifecycle_state":{
               "model_name":"LifeCycle",
               "base_value":true,
               "type":1,
               "uuid":"18f45915-d9cf-4524-b920-692e9d8219a1",
               "value":"Pending Internal Data"
            }
         },
         "tier_score":1,
         "trust_score":0.0,
         "number_of_requirements":1,
         "next_review_date":" ",
         "due_date":{
            "date":"2018-11-23 13:55:36",
            "fulfilled":true
         }
      },
      "outgoing":null,
      "incoming":{
         "model_name":"CompanyConnection",
         "created_on":"2018-09-24 13:57:31",
         "manual":"False",
         "primary_uuid":"dfd4a6a8-0d57-45df-b00a-6d6a009e97db",
         "secondary_uuid":"a0df1a60-2c5e-461a-886c-c1def221b61e",
         "type_relation":"secondary_views_primary",
         "uuid":"bedb5e89-fa14-42dc-b955-191426d8cca2"
      }
   }
]

HTTP Request

GET https://api.thirdpartytrust.com/api/v2/connections.actives

Query Parameters

None

Request Body

None

Get Connections Requests

Return the Connections Requests the authenticated company made to a Company

Example Request

curl --request
  https://api.thirdpartytrust.com/api/v2/connections.views?uuid=f2d603bb-2356-48e9-85db-9bc77c33043b \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json" \

Example Response

[
  {
    "model_name": "CompanyConnectionRequest",
    "created_on": "2019-01-11 20:01:30",
    "from_user_uuid": "61a91ea3-0c0a-4689-a792-15cdd2a75e20",
    "message": "",
    "primary_uuid": "a0df1a60-2c5e-461a-886c-c12ef221b61e",
    "request_type": "view",
    "secondary_uuid": "f2d603bb-2356-48e9-85db-9bc77c33043b",
    "status": "pending",
    "subject": "",
    "to_user_uuid": "0d1846c2-3911-4cb1-b4b4-7a30d8ae8535",
    "uuid": "8eef3e3b-453a-4a3c-87ed-01e73705af71",
    "from_user": {
      "first_name": "First Name",
      "last_name": "Last Name",
      "email": "user@fromdomain.com",
      "uuid": "61a91ea3-0c0a-4689-a792-35cdd2a73e20",
      "title": null
    },
    "to_user": {
      "first_name": null,
      "last_name": null,
      "email": "user@todomain.com",
      "uuid": "0d1846c2-3911-4cb1-b4b4-7a31d8ae3535",
      "title": null,
      "is_active": false
    },
    "from_company": {
      "uuid": "a0df1a60-2c5e-461a-886c-c1def111b61e",
      "name": "From Company",
      "description": "Company Description",
      "domain": "fromdomain.com",
      "company_legal_name": null
    },
    "to_company": {
      "uuid": "f2d603bb-2356-48e9-85db-9bc77c33043b",
      "name": "To Company Name",
      "description": null,
      "domain": "todomain.com",
      "company_legal_name": null,
      "upcoming_due_dates": "2019-06-09 14:16:56",
      "departments": [],
      "is_active": false
    }
  }
]

HTTP Request

GET https://api.thirdpartytrust.com/api/v2/connections.views?uuid={company_uuid}

Query Parameters

Key Value
company_uuid The Company UUID we are getting the requests we made

Request Body

None

Get Customers Connections

Get all active customers company connections

Example Request

curl --request
  https://api.thirdpartytrust.com/api/v2/connections.customers \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json" \

Example Response

[
  {
    "company": {
      "is_beacon": false,
      "model_name": "Company",
      "uuid": "3e57604d-e8c0-43eb-a8d3-df773b70ef25",
      "domain": "domain.com",
      "company_legal_name": "Customer Legal Name",
      "name": "Customer Name",
      "website": "www.customer.com",
      "labels": [],
      "departments": [],
      "lifecycle_state": "",
      "logo_url": "https://s3.amazonaws.com/fileservice3.thirdpartytrust.com/678ce82c-4275-4b9e-b167-47c8165bd53f",
      "domains": [],
      "is_selective_sharing_enabled": false,
      "generic": {
        "approval_boolean": true,
        "approval_date": "2020-02-27 00:00:00",
        "connection_date": "2019-10-31T19:39:28.561501",
        "lifecycle_state": {
          "model_name": "VendorLifeCycleState",
          "_EntityBase__entity_type": "<class 'intrustmo.entities.lifecycle.EntityVendorLifeCycleState'>",
          "customer_id": "3e57604d-e8c0-43eb-a8d3-df773b70ef25",
          "state_id": "d9a0d0d7-50be-4739-b3b3-b1d222a33931",
          "uuid": "eced93f8-5e51-4ea3-b3b9-2bfc31b7de76",
          "vendor_id": "c0672b39-bbb4-4135-8ece-34d11aff5af1"
        }
      },
      "tier_score": 1,
      "trust_score": "--",
      "next_review_date": "--",
      "due_date": {
        "date": null
      }
    },
    "outgoing": {
      "model_name": "CompanyConnection",
      "created_on": "2019-10-31 19:42:54",
      "department_uuids": [],
      "internal_contacts": [
        "74d35dde-0270-44a2-990f-01bbb3686735"
      ],
      "label_uuids": [
        "23a75458-5baf-4c70-b4e6-1197103ea0d2",
        "d588a42f-2cee-455b-b29a-d6c34fe10d94",
        "224846ea-3895-4362-86b7-af0975ba12ac"
      ],
      "manual": "False",
      "owner_contacts": [
        "74d35dde-0270-44a2-990f-01bbb3686735"
      ],
      "primary_uuid": "c0672b39-bbb4-4135-8ece-34d11aff5af1",
      "secondary_uuid": "3e57604d-e8c0-43eb-a8d3-df773b70ef25",
      "type_relation": "secondary_views_primary",
      "uuid": "7860daca-e040-41ac-b31a-8342caf32809",
      "approval_boolean": true
    },
    "incoming": null,
    "selective_sharing": {
      "enabled": false
    },
    "document_share": {
      "enabled": false
    }
  }
]

HTTP Request

GET https://api.thirdpartytrust.com/api/v2/connections.customers

Query Parameters

None

Request Body

None

Get Inactive Connections

This will get all inactive company connections

Example Request

curl --request
  https://api.thirdpartytrust.com/api/v2/connections.inactives \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json" \

Example Response

[
   {
      "company":{
         "model_name":"Company",
         "uuid":"9138b113-3070-4145-bd4d-370c67adc620",
         "domain":"homesite.com",
         "company_legal_name":"homesite",
         "name":"Homesite Insurance",
         "website":"www.homesite.com",
         "labels":[

         ],
         "departments":[

         ],
         "upcoming_due_dates":{

         },
         "due_date":{
            "fulfilled":false
         },
         "logo_url":"https://s3.amazonaws.com/fileservice3.thirdpartytrust.com/928b5935-5e44-4d68-ba13-f3a62e0a3254",
         "generic":{
            "connection_date":"2018-12-13T15:47:59.567138",
            "lifecycle_state":{
               "model_name":"LifeCycle",
               "base_value":true,
               "type":1,
               "uuid":"776b7b82-0adb-42e7-9804-fa8bed234d9d",
               "value":"Base Pending"
            }
         },
         "tier_score":1,
         "trust_score":0,
         "next_review_date":" "
      },
      "outgoing":null,
      "incoming":{
         "model_name":"CompanyConnection",
         "created_on":"2018-12-13 15:47:59",
         "manual":"True",
         "primary_uuid":"9138b113-3070-4145-bd4d-370c67adc620",
         "secondary_uuid":"a0df1a60-2c5e-461a-886c-c1def221b61e",
         "type_relation":"secondary_views_primary",
         "uuid":"ca43fd10-4415-48b1-84ea-06be2bd22173"
      }
   },
   {
      "company":{
         "model_name":"Company",
         "uuid":"d5a7d399-cb2f-430e-8fce-af449d51771b",
         "domain":"koehler-eclinical.com",
         "company_legal_name":"koehler-eclinical",
         "name":"koehler-eclinical",
         "website":null,
         "labels":[

         ],
         "departments":[

         ],
         "upcoming_due_dates":{
            "a0df1a60-2c5e-461a-886c-c1def221b61e":{
               "date":"2019-01-29 18:32:16",
               "fulfilled":false
            }
         },
         "due_date":{
            "date":"2019-01-29 18:32:16",
            "fulfilled":false
         },
         "logo_url":"https://s3.amazonaws.com/fileservice3.thirdpartytrust.com/71cbba3b-af9e-4cc7-92e6-d58709d7eb25",
         "generic":{
            "connection_date":"2018-11-30T18:32:15.292504",
            "lifecycle_state":{
               "model_name":"LifeCycle",
               "base_value":true,
               "type":1,
               "uuid":"776b7b82-0adb-42e7-9804-fa8bed234d9d",
               "value":"Base Pending"
            }
         },
         "tier_score":1,
         "trust_score":90,
         "next_review_date":" "
      },
      "outgoing":null,
      "incoming":{
         "model_name":"CompanyConnection",
         "created_on":"2018-11-30 18:32:14",
         "manual":"True",
         "primary_uuid":"d5a7d399-cb2f-430e-8fce-af449d51771b",
         "secondary_uuid":"a0df1a60-2c5e-461a-886c-c1def221b61e",
         "type_relation":"secondary_views_primary",
         "uuid":"0cb8e07f-539d-4da8-8b05-59693017158d"
      }
   },
   {
      "company":{
         "model_name":"Company",
         "uuid":"fc450fe9-c213-4747-8c5f-0bc8bebf7d83",
         "domain":"guidepoint.com",
         "company_legal_name":"guidepoint",
         "name":"guidepoint",
         "website":null,
         "labels":[
            {
               "model_name":"CompanyLabel",
               "color":"#1B1C1D",
               "name":"Blacklisted",
               "uuid":"7dae0634-4bab-45d5-a470-57abf832a300"
            }
         ],
         "departments":[
            {
               "model_name":"Tier",
               "name":"Business Development",
               "uuid":"4c99249d-e4fc-49a1-8233-8da8ab59bfcb"
            }
         ],
         "upcoming_due_dates":{
            "a0df1a60-2c5e-461a-886c-c1def221b61e":{
               "date":"2018-09-04 21:04:00",
               "fulfilled":false
            }
         },
         "due_date":{
            "date":"2018-09-04 21:04:00",
            "fulfilled":false
         },
         "logo_url":"https://s3.amazonaws.com/fileservice3.thirdpartytrust.com/502d0c68-b259-4965-84cd-9f7fc1a900c9",
         "generic":{
            "approval_boolean":true,
            "connection_date":"2018-07-06T21:03:59.104678",
            "approval_date":"2018-06-25 00:00:00",
            "lifecycle_state":{
               "model_name":"LifeCycle",
               "base_value":true,
               "type":1,
               "uuid":"18f45915-d9cf-4524-b920-692e9d8219a1",
               "value":"Pending Internal Data"
            }
         },
         "tier_score":55.35,
         "trust_score":21,
         "next_review_date":"2021-06-24 00:00:00"
      },
      "outgoing":null,
      "incoming":{
         "model_name":"CompanyConnection",
         "created_on":"2018-07-06 21:03:58",
         "manual":"True",
         "primary_uuid":"fc450fe9-c213-4747-8c5f-0bc8bebf7d83",
         "secondary_uuid":"a0df1a60-2c5e-461a-886c-c1def221b61e",
         "type_relation":"secondary_views_primary",
         "uuid":"ba49b6f5-76c9-474f-b61b-0272438c28bf"
      }
   },
   {
      "company":{
         "model_name":"Company",
         "uuid":"b2296245-89a8-444d-934f-13aff8a8a166",
         "domain":"jnj.com",
         "company_legal_name":"jnj",
         "name":"Johnson & Johnson",
         "website":"www.jnj.com www.jnjbtw.com www.kilmerhouse.com www.youtube.com/jnjhealth http://www.linkedin.com/company/johnson-&-johnson/careers http://careers.jnj.com/",
         "labels":[
            {
               "model_name":"CompanyLabel",
               "color":"#A333C8",
               "name":"Tier 1",
               "uuid":"936b04a1-be09-4c0e-8e08-934bb10d9d94"
            }
         ],
         "departments":[
            {
               "model_name":"Tier",
               "name":"Customer Service",
               "uuid":"009cda01-8a76-4d6d-8a7e-a81e180017bd"
            },
            {
               "model_name":"Department",
               "name":"Commercial",
               "uuid":"014e152c-85f3-4e00-9a65-5553dc99ae55"
            }
         ],
         "upcoming_due_dates":{
            "a0df1a60-2c5e-461a-886c-c1def221b61e":{
               "date":"2018-09-08",
               "fulfilled":true
            }
         },
         "due_date":{
            "date":"2018-09-08",
            "fulfilled":true
         },
         "logo_url":"https://s3.amazonaws.com/fileservice3.thirdpartytrust.com/4585b980-9f9f-44e2-ab22-f7eaae278b5a",
         "generic":{
            "approval_boolean":true,
            "connection_date":"2017-02-22T21:00:39.199560",
            "description":"",
            "approval_date":"2017-10-25 00:00:00",
            "lifecycle_state":{
               "model_name":"LifeCycle",
               "base_value":true,
               "type":2,
               "uuid":"64f3b89c-046a-4dce-8263-0751a306fca1",
               "value":"Validated"
            }
         },
         "tier_score":52.800000000000004,
         "trust_score":71,
         "next_review_date":"2022-10-24 00:00:00"
      },
      "outgoing":null,
      "incoming":{
         "model_name":"CompanyConnection",
         "created_on":"2017-02-22 21:00:38",
         "manual":"True",
         "primary_uuid":"b2296245-89a8-444d-934f-13aff8a8a166",
         "secondary_uuid":"a0df1a60-2c5e-461a-886c-c1def221b61e",
         "type_relation":"secondary_views_primary",
         "uuid":"6fecaab6-df8a-4cda-a6b9-f987a7eeec6e"
      }
   },
    {
      "company":{
         "model_name":"Company",
         "uuid":"be1374ee-1eb4-489f-85cb-28c36c75d9e8",
         "domain":"workday.com",
         "company_legal_name":"workday",
         "name":"Workday",
         "website":"http://www.workday.com http://www.workdayrising.com",
         "labels":[
            {
               "model_name":"CompanyLabel",
               "color":"#FBBD08",
               "name":"Tier 3",
               "uuid":"651be650-9ff6-47e5-8024-e3ecd21390e9"
            }
         ],
         "departments":[
            {
               "model_name":"Tier",
               "name":"Customers",
               "uuid":"6ac5234c-1bd0-4e7f-98c1-17ab10a7d859"
            }
         ],
         "upcoming_due_dates":{
            "a0df1a60-2c5e-461a-886c-c1def221b61e":{
               "date":"2019-03-30",
               "fulfilled":false
            }
         },
         "due_date":{
            "date":"2019-03-30",
            "fulfilled":false
         },
         "logo_url":"https://s3.amazonaws.com/fileservice3.thirdpartytrust.com/5744d485-0ea8-4dc4-bb37-c3b93d427689",
         "generic":{
            "connection_date":"2018-01-08T19:41:17.935072",
            "lifecycle_state":{
               "model_name":"LifeCycle",
               "base_value":true,
               "type":1,
               "uuid":"18f45915-d9cf-4524-b920-692e9d8219a1",
               "value":"Pending Internal Data"
            }
         },
         "tier_score":77.5,
         "trust_score":74,
         "next_review_date":" "
      },
      "outgoing":null,
      "incoming":{
         "model_name":"CompanyConnection",
         "created_on":"2018-01-08 19:41:17",
         "manual":"True",
         "primary_uuid":"be1374ee-1eb4-489f-85cb-28c36c75d9e8",
         "secondary_uuid":"a0df1a60-2c5e-461a-886c-c1def221b61e",
         "type_relation":"secondary_views_primary",
         "uuid":"e4b42df4-de39-405e-9d73-39d2c6db7199"
      }
   },
   {
      "company":{
         "model_name":"Company",
         "uuid":"1577a954-bd32-4cb8-8c5e-0b8dcf86880d",
         "domain":"hamburgsa.com",
         "company_legal_name":"hamburgsa",
         "name":"hamburgsa",
         "website":null,
         "labels":[

         ],
         "departments":[

         ],
         "upcoming_due_dates":{
            "a0df1a60-2c5e-461a-886c-c1def221b61e":{
               "date":"2018-11-26 17:47:34",
               "fulfilled":true
            }
         },
         "due_date":{
            "date":"2018-11-26 17:47:34",
            "fulfilled":true
         },
         "logo_url":"https://s3.amazonaws.com/fileservice3.thirdpartytrust.com/2c21ef78-29c3-4e0e-b375-d84d741269c0",
         "generic":{
            "approval_boolean":true,
            "connection_date":"2018-09-27T17:47:32.872855",
            "approval_date":"2018-06-25 00:00:00",
            "lifecycle_state":{
               "model_name":"LifeCycle",
               "base_value":true,
               "type":2,
               "uuid":"64f3b89c-046a-4dce-8263-0751a306fca1",
               "value":"Validated"
            }
         },
         "tier_score":1,
         "trust_score":0,
         "next_review_date":"2019-06-25 00:00:00"
      },
      "outgoing":null,
      "incoming":{
         "model_name":"CompanyConnection",
         "created_on":"2018-09-27 17:47:32",
         "manual":"True",
         "primary_uuid":"1577a954-bd32-4cb8-8c5e-0b8dcf86880d",
         "secondary_uuid":"a0df1a60-2c5e-461a-886c-c1def221b61e",
         "type_relation":"secondary_views_primary",
         "uuid":"818a57de-28d3-4b15-a5be-2015d4525aaa"
      }
   },
   {
      "company":{
         "model_name":"Company",
         "uuid":"8442c702-f34b-4751-8e64-5b83da247545",
         "domain":"visa.com",
         "company_legal_name":"VISA",
         "name":"Visa",
         "website":"https://usa.visa.com/",
         "labels":[
            {
               "model_name":"CompanyLabel",
               "color":"#767676",
               "name":"GDPR",
               "uuid":"8a833da0-d397-4877-a8b2-dce6f035cd4a"
            }
         ],
         "departments":[

         ],
         "upcoming_due_dates":{
            "a0df1a60-2c5e-461a-886c-c1def221b61e":{
               "date":"2018-11-25 20:39:43",
               "fulfilled":false
            }
         },
         "due_date":{
            "date":"2018-11-25 20:39:43",
            "fulfilled":false
         },
         "logo_url":"https://s3.amazonaws.com/fileservice3.thirdpartytrust.com/5ebace15-ee4a-4fb9-8562-204774b4ab09",
         "generic":{
            "connection_date":"2017-12-14T21:25:43.393145",
            "approval_date":"2017-12-18 00:00:00",
            "lifecycle_state":{
               "model_name":"LifeCycle",
               "type":1,
               "uuid":"130b80f1-0488-4cbd-811b-0dbb072c02bd",
               "value":"Sent to vendor"
            }
         },
         "tier_score":82.5,
         "trust_score":79,
         "next_review_date":" "
      },
      "outgoing":null,
      "incoming":{
         "model_name":"CompanyConnection",
         "created_on":"2018-09-26 20:39:39",
         "manual":"True",
         "primary_uuid":"8442c702-f34b-4751-8e64-5b83da247545",
         "secondary_uuid":"a0df1a60-2c5e-461a-886c-c1def221b61e",
         "type_relation":"secondary_views_primary",
         "uuid":"cce5091c-7ee2-4503-9be7-188bd788a42f"
      }
   },
   {
      "company":{
         "model_name":"Company",
         "uuid":"0e7f8457-b581-4ed2-8eba-5a20e34b4229",
         "domain":"bose.com",
         "company_legal_name":"Bose, Inc",
         "name":"Bose Incorporated",
         "website":"www.bose.com",
         "labels":[
            {
               "model_name":"CompanyLabel",
               "color":"#FBBD08",
               "name":"Tier 3",
               "uuid":"651be650-9ff6-47e5-8024-e3ecd21390e9"
            }
         ],
         "departments":[
            {
               "model_name":"Tier",
               "name":"Customers",
               "uuid":"6ac5234c-1bd0-4e7f-98c1-17ab10a7d859"
            }
         ],
         "upcoming_due_dates":{
            "a0df1a60-2c5e-461a-886c-c1def221b61e":{
               "date":"2019-01-18",
               "fulfilled":false
            }
         },
         "due_date":{
            "date":"2019-01-18",
            "fulfilled":false
         },
         "logo_url":"https://s3.amazonaws.com/fileservice3.thirdpartytrust.com/bd945bea-a132-43c0-82ca-368639da9fa6",
         "generic":{
            "connection_date":"2018-08-02T15:42:16.064926",
            "lifecycle_state":{
               "model_name":"LifeCycle",
               "base_value":true,
               "type":1,
               "uuid":"18f45915-d9cf-4524-b920-692e9d8219a1",
               "value":"Pending Internal Data"
            }
         },
         "tier_score":42.85,
         "trust_score":79,
         "next_review_date":" "
      },
      "outgoing":null,
      "incoming":{
         "model_name":"CompanyConnection",
         "created_on":"2018-08-02 15:42:15",
         "manual":"True",
         "primary_uuid":"0e7f8457-b581-4ed2-8eba-5a20e34b4229",
         "secondary_uuid":"a0df1a60-2c5e-461a-886c-c1def221b61e",
         "type_relation":"secondary_views_primary",
         "uuid":"52595b8b-06fe-4add-9052-d410e1340e79"
      }
   },
   {
      "company":{
         "model_name":"Company",
         "uuid":"c4e406a7-954e-46f5-b76a-228f448947f6",
         "domain":"sharperimage.com",
         "company_legal_name":"sharperimage",
         "name":"sharperimage",
         "website":null,
         "labels":[

         ],
         "departments":[

         ],
         "upcoming_due_dates":{

         },
         "due_date":{
            "fulfilled":false
         },
         "logo_url":null,
         "generic":{
            "connection_date":"2018-12-14T16:56:20.787318",
            "lifecycle_state":{
               "model_name":"LifeCycle",
               "base_value":true,
               "type":1,
               "uuid":"776b7b82-0adb-42e7-9804-fa8bed234d9d",
               "value":"Base Pending"
            }
         },
         "tier_score":1,
         "trust_score":0,
         "next_review_date":" "
      },
      "outgoing":null,
      "incoming":{
         "model_name":"CompanyConnection",
         "created_on":"2018-12-14 16:56:20",
         "manual":"True",
         "primary_uuid":"c4e406a7-954e-46f5-b76a-228f448947f6",
         "secondary_uuid":"a0df1a60-2c5e-461a-886c-c1def221b61e",
         "type_relation":"secondary_views_primary",
         "uuid":"62c99f40-0760-42e1-a4f2-fc002fb83d2a"
      }
   }
]

HTTP Request

GET https://api.thirdpartytrust.com/api/v2/connections.inactives

Query Parameters

None

Request Body

None

Get Vendor Connections

Get all active vendor company connections

Example Request

curl --request
  https://api.thirdpartytrust.com/api/v2/connections.vendors \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json" \

Example Response

[
  {
    "company": {
      "is_beacon": false,
      "model_name": "Company",
      "uuid": "f8ec881b-82a7-4cc5-a6af-4087cd358d6a",
      "domain": "domain.com",
      "company_legal_name": "Vendor Legal Name",
      "name": "Vendor Name",
      "website": "www.vendor.com",
      "labels": [
        {
          "model_name": "CompanyLabel",
          "color": "#6435C9",
          "name": "beacon_surveys",
          "uuid": "f2f33335-9322-4281-8e90-035291e5063e"
        }
      ],
      "departments": [],
      "lifecycle_state": {
        "model_name": "LifeCycle",
        "base_value": true,
        "type": 1,
        "uuid": "d9a0d0d7-50be-4739-b3b3-b1d222a33931",
        "value": "Base Pending",
        "color": "#767676",
        "icon": "x"
      },
      "logo_url": "",
      "domains": [],
      "is_selective_sharing_enabled": false,
      "generic": {
        "approval_boolean": false,
        "approval_date": "",
        "lifecycle_state": {
          "model_name": "LifeCycle",
          "base_value": true,
          "type": 1,
          "uuid": "d9a0d0d7-50be-4739-b3b3-b1d222a33931",
          "value": "Base Pending",
          "color": "#767676",
          "icon": "x"
        }
      },
      "tier_score": 1,
      "trust_score": 0.03663003663003663,
      "next_review_date": "--",
      "due_date": {
        "date": null,
        "fulfilled": false
      }
    },
    "outgoing": null,
    "incoming": {
      "model_name": "CompanyConnection",
      "created_on": "2020-10-02 00:14:14",
      "department_uuids": [],
      "label_uuids": [
        "f2f33335-9322-4281-8e90-035291e5063e"
      ],
      "manual": "False",
      "primary_uuid": "f8ec881b-82a7-4cc5-a6af-4087cd358d6a",
      "secondary_uuid": "c0672b39-bbb4-4135-8ece-34d11aff5af1",
      "type_relation": "secondary_views_primary",
      "uuid": "2f7110aa-98f5-4162-9869-4a0e9b02b4aa",
      "is_owner": true
    }
  }
]

HTTP Request

GET https://api.thirdpartytrust.com/api/v2/connections.vendors

Query Parameters

None

Request Body

None

Get Shares Connections

Get all pending invitations to the companies you have shared your profile

Example Request

curl --request
  https://api.thirdpartytrust.com/api/v2/connections.shares \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json"

Example Response

  {
    "model_name": "CompanyConnectionRequest",
    "created_on": "2021-07-16 19:35:50",
    "from_user_uuid": "aa874da7-05b2-49bb-91aa-8d17b4b3d716",
    "message": "message",
    "primary_uuid": "92d47ff9-527e-478a-8291-3da904765cf6",
    "request_type": "share",
    "secondary_uuid": "ef76a1a9-c74a-45c1-bc6a-542a5edec69b",
    "status": "pending",
    "subject": "subject",
    "to_user_uuid": "d6fb19e8-548a-4901-86ce-eba888e546a7",
    "uuid": "100de190-e6b6-4f0f-92a0-47c691377c1e",
    "from_user": {
      "first_name": "From User",
      "last_name": "API User",
      "email": "email@domain.com",
      "uuid": "aa874da7-05b2-49bb-91aa-8d17b4b3d716",
      "title": null
    },
    "to_user": {
      "first_name": null,
      "last_name": null,
      "email": "user@touserdomain.com",
      "uuid": "d6fb19e8-548a-4901-86ce-eba888e546a7",
      "title": null
    },
    "from_company": {
      "uuid": "92d47ff9-527e-478a-8291-3da904765cf6",
      "name": "Company Name",
      "description": "Description",
      "domain": "fromdomain.com",
      "company_legal_name": "Company Legal Name"
    },
    "to_company": {
      "uuid": "ef76a1a9-c74a-45c1-bc6a-542a5edec69b",
      "name": null,
      "description": null,
      "domain": "todomain.com",
      "company_legal_name": "Company Legal Name",
      "upcoming_due_dates": null,
      "departments": []
    },
    "selective_sharing": {
      "enabled": false
    },
    "document_share": {
      "enabled": true
    }
  }

HTTP Request

GET https://api.thirdpartytrust.com/api/v2/connections.shares

Query Parameters

None

Request Body

None

Add company manually

This will add a company to your list of inactive connections. This action is only allowed for TPRM companies

Example Request

curl --request POST
  https://api.thirdpartytrust.com/api/connections/requests/manual \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json" \
  -d '{
        "company_domain": "sharperimage.com"
      }'

Example Response status code: 200

[
  {
    "company_domain": "sharperimage.com",
    "vendor_id": "5fb47505-6b6c-45db-b8e5-2df143a99100"
  }
]

Example Response status code: 403 Forbidden

"Only paid customer."

HTTP Request

POST https://api.thirdpartytrust.com/api/connections/requests/manual

Query Parameters

None

Request Body

The request body is JSON string encoded and include the key value pair

Key Value
company_domain The domain that you wish to add

Cancel connection request

Cancel connection request

Example Request

curl --request POST
  https://api.thirdpartytrust.com/api/connections/requests/cancel \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json" \
  -d '{
        "request_uuid": "8eef3e3b-453a-4a3c-87ed-01e73705af71"
      }'

Example Response

{}

HTTP Request

POST https://api.thirdpartytrust.com/api/connections/requests/cancel

Query Parameters

None

Request Body

Key Value
request_uuid The UUID of the request we are going to cancel. We can get this UUID from this endpoint

Issue company connection request

This will add a company to your list of inactive connections and also issue an email to the vendor. This action is only allowed for TPRM companies

Example Request

curl --request POST
  https://api.thirdpartytrust.com/api/connections/requests/outgoing \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json" \
  -d '{
       "recipient_emails":["test@examples.com"],
       "message":"<p>Hi -</p><br><p>I would like to connect with you.I would like to connect with you.</p>",
       "subject":"ACTION REQUIRED. TIER 1"
      }'

Example Response status code: 200


 {
    "recipient_emails":["test@examples.com"],
    "message":"<p>Hi -</p><br><p>I would like to connect with you.I would like to connect with you.</p>",
    "subject":"ACTION REQUIRED. TIER 1"
  }

Example Response status code: 403 Forbidden

"Only paid customer."

HTTP Request

POST https://api.thirdpartytrust.com/api/connections/requests/outgoing

Query Parameters

None

Request Body

The request body is JSON string encoded and include the key value pair

Key Value
recipient_emails An array of email address that you wish to add
message Custom message that you wish to include in your connection request
subject Custome email subject

Add/Invite a Customer Contact

Adds a contact to your Customer’s contact list and email the user with the registration or login link accordingly.

Parameters

Authentication

The endpoint should require an authentication token to be passed in an authorization header as any other endpoint.

The user roles allowed to successfully call this endpoint are: - Admin - Operations - Sales - Sales Operations

The following user roles are NOT allowed to use the endpoint: - Internal Business Users - View only

Example Request

curl --location --request POST 'https://api.thirdpartytrust.com/api/connections/add_customer_contact' \
-H 'Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9...' \
-H 'Content-Type: application/json' \
-d '{
    "recipient_email": "demo_user@example.com",
    "subject": "test email subject",
    "message": "this is a test"
}'

Example Response status code: 200

{
  "message": "Contact was added and registration email was sent to the user",
  "contact_uuid": "123e4567-e89b-12d3-a456-426614174000"
}

Example Response status code: 400 Bad Request

"The contact is already added to your Contacts list'"

Get Discovered Vendors

Get your top 50 Vendors discovered by Netskope that are not in your ThirdPartyTrust instance. To use this endpoint a subscription to Netskope is required.

Example Request

curl 'https://api.thirdpartytrust.com/api/v3/connections/netskope/discovered_vendors?page=0&page_size=10&cluster_name=&sort_by=users_amount&sort_direction=desc&ignored=false' \
  -H 'Accept: application/json, text/plain, */*' \
  -H 'Authorization: Bearer eyJ0eXAiOiJ...'

Example Response

{
  "page": 0,
  "page_size": 10,
  "total_results": 16,
  "is_feature_enabled": true,
  "last_update": "2022-06-19T19:17:21.475337",
  "results": [{
    "cluster_domain": "bdo.com",
    "cluster_uuid": null,
    "cluster_name": "BDO Unibank",
    "cluster_logo_url": "https://s3.amazonaws.com/thirdpartytrust.com/f995d2bf-c277-4327-a49f-f01fe53f209d",
    "users_amount": 0.03,
    "uploaded_data": 792.3666666666667,
    "downloaded_data": 3021.9333333333334,
    "connections_amount": 0.03333333333333333,
    "usage_duration": 1,
    "ignored": false
  }, {
    "cluster_domain": "cloudflare-dns.com",
    "cluster_uuid": null,
    "cluster_name": "Cloudflare",
    "cluster_logo_url": "https://s3.amazonaws.com/thirdpartytrust.com/45d35d89-1f20-47e7-a4c9-5f33ab5c297e",
    "users_amount": 0.03,
    "uploaded_data": 21546.966666666667,
    "downloaded_data": 39813.0,
    "connections_amount": 0.7333333333333333,
    "usage_duration": 535,
    "ignored": false
  }
  ]
}

HTTP Request

GET https://api.thirdpartytrust.com/api/v3/connections/netskope/discovered_vendors

Query Parameters

Key Value
ignored If the value is not present or it’s false, returns the top 50 vendors without including the ignored ones. If the value is true, returns the top 50 vendors including the ignored ones
cluster_name To filter by a specific name of Company/Domain

Request Body

None

Response

For each Vendor the results return the following fields:

Key Value
cluster_name Name of the company.
cluster_uuid Internal ID of the company in ThirdPartyTrust. Null if the company is not in the 3PT network.
cluster_logo_url Logo of the company if it’s available.
users_amount Shows the daily average of unique users in the last 30 days.
uploaded_data Shows the daily average of total bytes uploaded from client to server in the last 30 days.
downloaded_data Shows the daily average of total bytes downloaded from server to client in the last 30 days.
connections_amount Shows the daily average of unique connections in the last 30 days.
usage_duration Shows the daily average of the usage between all the users and apps in the last 30 days in seconds.
ignored Indicates if the vendor is ignored or not.

Notifications

Get all notifications

Fetches all notifications that have been received by your Company

Example Request

curl --request
  https://api.thirdpartytrust.com/api/v3/notifications/notifications \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json" \

Example Response

[
  {
    "id": "8ffed9be-3cc1-4cce-9334-aa8619c19ee7",
    "template": {
      "slug": "insurance_expiring_soon_customers"
    },
    "from_user_uuid": null,
    "from_company_uuid": "466944ee-1810-479c-9dd1-b25ea0457ccc",
    "to_user_uuid": "37e894fd-3e07-9957-a68d-68c0aed10789",
    "to_company_uuid": "b2867754-b9b4-4b06-90ea-95a12c016985",
    "values": {
      "feature": {
        "company_uuid": "466944ee-1810-479c-9dd1-b25ea0457ccc",
        "insurance_uuid": "de1507e3-f622-4df6-b7aa-f370f577a57a",
        "company_insurance_uuid": "b5ca5696-e820-cd6e-cc74-77a4f90d1d40"
      },
      "service": "assurance",
      "company_name": "Test company",
      "insurance_name": "Errors and Omissions Liability",
      "days_until_expiration": 60,
      "assurance_company_uuid": "466944ee-1810-479c-9dd1-b25ea0457ccc"
    },
    "created_at": "2022-08-16T00:23:40.733525",
    "is_read": false,
    "title": "Insurance Expiring Soon",
    "message": "Test company has their Errors and Omissions Liability Insurance expiring in 60 days"
  },
  {
    "id": "5c216efd-5562-49a8-b805-b0a508c6ee82",
    "template": {
      "slug": "audit_expiring_today_customers"
    },
    "from_user_uuid": null,
    "from_company_uuid": "677c4e3c-43c2-6754-b33d-999aff9f89b5",
    "to_user_uuid": "37e894fd-3e07-8937-a68d-68c0aed109c9",
    "to_company_uuid": "b2867754-b9b4-4b06-90ea-95a12c016985",
    "values": {
      "feature": {
        "company_uuid": "677c4e3c-43c2-6754-b33d-999aff9f89b5",
        "external_audit_uuid": "94a1e92d-85c7-47ac-8510-a7d0f35bed04",
        "assurance_audit_uuid": "eed156e7-8eec-4315-8454-fc204c8370a3"
      },
      "service": "assurance",
      "audit_name": "Application Scan",
      "company_name": "Mate",
      "days_until_expiration": 0,
      "assurance_company_uuid": "677c4e3c-43c2-6754-b33d-999aff9f89b5"
    },
    "created_at": "2022-08-16T00:22:51.048866",
    "is_read": false,
    "title": "Audit Expiring Today",
    "message": "Mate has Application Scan expiring today"
  }
]

HTTP Request

GET https://api.thirdpartytrust.com/api/v3/notifications/notifications

Response

For each Notification the results return the following fields:

Key Value
template.slug Type of notification
created_at Notification creation date
title Title of the notification
message Body of the notification
from_user_uuid User ID sender of the notification
from_company_uuid Company profile ID sender of the notification
to_user_uuid User ID target of the notification
to_company_uuid Company profile ID target of the notification
is_read Indicates if the notification was read or not

Vendor Tiering

HOW TO: FIRST STEPS

Make a connection

First we need to make a connection with a vendor. We have two endpoints for that:

Both will add the vendor as an inactive connection but the last one will also send an email.

Requirements

There are three ways to associate a vendor with a requirement:

Once we have defined how to associate the vendor we can continue with the creation of the requirement:

Add a description to a vendor

We can add a description to the vendor using this endpoint:

Add contacts to a vendor

We can add contacts (internal/external) using this endpoint:

The backend differentiates an internal or external contact by checking the domain. If the domain is the same of the company authenticated is a internal contact.

Set lifecycle status

To update the vendor’s review lifecycle we have this endpoint:

And to get the history of updates

Approval Cycle

Setting/Updating a vendor’s approval cycle.

Example Request

curl --request POST
  https://api.thirdpartytrust.com/api/tier/provision/{vendor_uuid} \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json"
  -d '{
        "cycle_period": "tr"
      }'

Example Response

{
   "status_code": "success",
   "status_message": "Review cycle has been set",
   "data": {
      "name": "provision",
      "identifier": "da45602d-2c1c-4ba3-a56a-3dd8087c5e33"
   },
   "meta": {}
}

Query Parameters

Key Value
vendor_uuid The unique identifier for the vendor you are setting/updating the cycle

HTTP Request

POST https://api.thirdpartytrust.com/api/tier/provision/{vendor_uuid}

Request Body

Key Value
cycle_period Cycle period value

Cycle Period Values

Value Description
“dec” “120 months”
“qui” “60 months”
“48m” “48 months”
“tr” “36 months”
“bie” “24 months”
“18m” “18 months”
“an” “12 months”
“bi” “6 months”
“qu” “3 months”
“mo” “1 month”
“none” “None”

Approval Date

Setting/Updating a vendor’s approval date.

Example Request

curl --request POST
  https://api.thirdpartytrust.com/api/tier/date/{vendor_uuid} \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json"
  -d '{
        "approval_date": "2020-02-14"
      }'

Example Response

{
   "status_code": "success",
   "status_message": "Review approval set",
   "data": "94a1e988-2c79-41b2-8461-5080c9bbae25",
   "meta": {}
}

Query Parameters

Key Value
vendor_uuid The unique identifier for the vendor you are setting/updating the date

HTTP Request

POST https://api.thirdpartytrust.com/api/tier/date/{vendor_uuid}

Request Body

Key Value
approval_date Date on a YYYY-MM-DD format

Connection Date

Setting/Updating the date when the user company connected to the vendor.

Example Request

curl --request POST
  https://api.thirdpartytrust.com/api/tier/relationship/{vendor_uuid} \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json"
  -d '{
        "relationship_date": "02-08-2020"
      }'

Example Response

The response is the uuid of the connection between the two companies

   "94a1e988-2c79-41b2-8461-5080c9bbae25"

Query Parameters

Key Value
vendor_uuid The unique identifier for the vendor you are setting/updating the date

HTTP Request

POST https://api.thirdpartytrust.com/api/tier/relationship/{vendor_uuid}

Request Body

Key Value
relationship_date Date on a DD-MM-YYYY format

Contacts: add to vendor

You can give add contacts to a vendor. This end point works both of internal and external contacts. If you want to add internal contacts it will be matched on the domain(s) of your company.

Example Request

curl --request POST
  https://api.thirdpartytrust.com/api/tier/8686f593-23c4-4ad8-a671-4a60ded95a1c/contacts \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json"
  -d '{
        "user":
          {
            "first_name":"Jack",
            "last_name":"Skellington",
            "phone_number":"773-888-9933",
            "job_title":"Chief of Xmas",
            "email":"jack@broadview.com",
            "is_owner":false
          }
      }'

Example Response

    {
        "vendor_contact":
          {
            "phone_number": "773-888-9933",
            "first_name": "Jack",
            "last_name": "Skellington",
            "is_owner": false,
            "uuid": "0169c6a6-cda7-4983-8269-b2d853e9d7ca",
            "email": "jack@broadview.com",
            "job_title": "Chief of Xmas"
          }
    }

Example Request enabling weekly report for an internal contact

curl --request POST
  https://api.thirdpartytrust.com/api/tier/8686f593-23c4-4ad8-a671-4a60ded95a1c/contacts \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json"
  -d '{
        "user":
          {
            "first_name":"Jack",
            "last_name":"Skellington",
            "phone_number":"773-888-9933",
            "job_title":"Chief of Xmas",
            "email":"jack@broadview.com",
            "is_owner":false,
            "enable_weekly_vendor_report": true
          }
      }'

Example Response

    {
        "vendor_contact":
          {
            "phone_number": "773-888-9933",
            "first_name": "Jack",
            "last_name": "Skellington",
            "is_owner": false,
            "uuid": "0169c6a6-cda7-4983-8269-b2d853e9d7ca",
            "email": "jack@broadview.com",
            "job_title": "Chief of Xmas",
            "enable_weekly_vendor_report": true
          }
    }

HTTP Request

POST https://api.thirdpartytrust.com/api/tier/{vendorUUID}/contacts

Query Parameters

None

Request Body

Key Value
is_owner This will set this contact as the owner if marked “true”
email This is the email address of the contact you want to add. Required field.
phone_number Contact phone number
job_title Contacts title
first_name First name of contact
last_name Last name of contact
enable_weekly_vendor_report Optional. Boolean value. Enables weekly vendor report. Only works for internal contacts

Contacts: get information of external contacts from vendor

You can get external contacts from a vendor.

Example Request

curl --request GET
  https://api.thirdpartytrust.com/api/tier/8686f593-23c4-4ad8-a671-4a60ded95a1c/contacts \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json"

Example Response

   [
      {
         "email": "jack@broadview.com",
         "first_name": "Jack",
         "last_name": "Skellington",
         "isActive": true,
         "job_title": "Chief of Xmas",
         "phone_number": "773-888-9933",
         "uuid": "0169c6a6-cda7-4983-8269-b2d853e9d7ca"
      }
   ]

HTTP Request

GET https://api.thirdpartytrust.com/api/tier/{vendorUUID}/contacts

Query Parameters

None

Request Body

None

Contacts: get information of internal contacts from vendor

You can get internal contacts from a vendor.

Example Request

curl --request GET
  https://api.thirdpartytrust.com/api/tier/8686f593-23c4-4ad8-a671-4a60ded95a1c/internalcontacts \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json"

Example Response

   [
      {
         "email": "jack@broadview.com",
         "first_name": "Jack",
         "last_name": "Skellington",
         "isActive": true,
         "job_title": "Chief of Xmas",
         "phone_number": "773-888-9933",
         "uuid": "0169c6a6-cda7-4983-8269-b2d853e9d7ca"
      }
   ]

HTTP Request

GET https://api.thirdpartytrust.com/api/tier/{vendorUUID}/internalcontacts

Query Parameters

None

Request Body

None

Departments: add to vendor

Tag a Vendor as related to a company department

Example Request

curl --request POST
  https://api.thirdpartytrust.com/api/tier/{vendor_uuid}/department/{department_uuid} \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json"
  -d '{
        "department": "f3205b6d-0e42-41f8-8e38-736b7171caba"
      }'

Example Response

The response is the relationship map between the department uuid and the vendor uuid

{
   "model_name": "Map",
   "primary_uuid": "94a1e988-2c79-41b2-8461-5080c9bbae25",
   "secondary_uuid": "f3205b6d-0e42-41f8-8e38-736b7171caba",
   "relation": "generic-department",
   "primary_type": "generic",
   "secondary_type": "department",
   "uuid": "1a6abad5-bc6e-4b5b-9362-075e781b6a76"
}

Query Parameters

Key Value
vendor_uuid The unique identifier for the vendor that we are rating
department_uuid The unique identifier for department we are assigning to a vendor

HTTP Request

POST https://api.thirdpartytrust.com/api/tier/ccd40c7d-fec9-4594-bb3b-dac97f9b5548/department/f3205b6d-0e42-41f8-8e38-736b7171caba

Request Body

Key Value
department A department uuid

Departments: create

Create a new department

Example Request

curl --request POST
  https://api.thirdpartytrust.com/api/tier/departments \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json"
  -d '{
        "name":"accounting"
      }'

Example Response

{
   "identifier":"c85eb996-21f5-4023-9478-a3ec69fe9474",
   "name":"department"
}

HTTP Request

POST https://api.thirdpartytrust.com/api/tier/department

Query Parameters

None

Request Body

Key Value
name The name of the department you want to add

Departments: get all

Fetch all departments that have established connections for the company of the currently logged in user.

Example Request

curl --request GET
  https://api.thirdpartytrust.com/api/tier/departments \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json"

Example Response

{
  "model_name": "Department",
  "name": "Business Development",
  "uuid": "4c99249d-e4fc-49a1-8233-8da8ab59bfcb"
}

HTTP Request

GET https://api.thirdpartytrust.com/api/tier/departments

Query Parameters

None

Departments: remove from vendor

Remove a department from a vendor

Example Request

curl --request POST
  https://api.thirdpartytrust.com/api/tier/ccd40c7d-fec9-4594-bb3b-dac97f9b5548/department/8b734928-f57b-45b2-9f04-3937e653e83d \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json"
  -d '{"remove": "true"}'

Example Response

{
  "model_name": "Department",
  "copy": true,
  "name": "Test",
  "original_uuid": null,
  "uuid": "8b734928-f57b-45b2-9f04-3937e653e83d"
}

Query Parameters

Key Value
vendor_uuid The unique identifier for the vendor that we are rating
department_uuid The unique identifier for department we are assigning to a vendor

HTTP Request

POST https://api.thirdpartytrust.com/api/tier/{vendor_uuid}/department/{department_uuid}

Request Body

Key Value
remove true

Documents: add to vendor

You can add documents to your connected companies. This will be done in two steps, first you upload the document, that will return an ID, then you save that file using the given ID.

Example Request (First Call)

curl --request POST https://api.thirdpartytrust.com/api/documents/ \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: multipart/form-data" \
  -F "file=@Path/to/file.ext"

Example Response (First Call)

{
  "uuid": "4bb073d5-0bc5-4587-a11b-7635851d6765"
}

Example Request (Second Call)

curl --request POST https://api.thirdpartytrust.com/api/tier/92d47ff9-527e-478a-8291-3da904765cf6/documents \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json"
  -d '{
      "file_name":"PD MNDA .pdf",
      "expiration_date":"2019-02-21",
      "document_label_uuids":["a99bf004-adf3-4977-8cbb-47d81a26dd1f"],
      "metadata_uuid":"4bb073d5-0bc5-4587-a11b-7635851d6765"
      }'

Example Response (Second Call)

{
  "file_name": "PD MNDA .pdf",
  "expiration_date": "2019-02-21",
  "model_name": "TieringDocument",
  "uuid": "8af74f63-6de5-4ed0-b941-43e00e4dae9f"

}

HTTP Request

POST https://api.thirdpartytrust.com/api/documents

POST https://api.thirdpartytrust.com/api/tier/{companyUuid}/documents

Query Parameters

None

Request Body

Key Value
file the path and file name that you want to upload
file_name The name you want to give the file
expiration_date Optional date you want the document to expire on (Format: YYYY-MM-DD)
document_label_uuids The ID of any document label you want to add
metadata_uuid This is the ID of the file given by the system

Documents: download

How to download a document file.

  1. First we need to call the Documents: get vendor documents to get all documents associated to a vendor
  2. From the document we are going to download we use the metadata uuid value of the document and call Documents: generate document url
  3. With the redirect_url obtained from the response we download the file adding the base_url:

For example: https://api.thirdpartytrust.com/api/tier{redirect_url}

File format

The file will be in binary format.

Documents: generate document url

Generates an url from where to download the file

Example Request

curl --request GET https://api.thirdpartytrust.com/api/tier/92d47ff9-527e-478a-8291-3da904765cf6/documents/b48fad13-8561-448d-847f-f0ccc1b1c9a2/contents \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json"

Example Response

{
  "redirect_url": "/92d47ff9-527e-478a-8291-3da904765cf6/documents/3f6fae60-d800-476f-8bb5-4c2a34a21786/contents/-3671293231058280129/03a8b13ccf735004481b18a117f7b1f997ca1552c99fc0a38592630c2c93be9e"
}

HTTP Request

GET https://api.thirdpartytrust.com/api/tier/{vendor_uuid}/documents/{document_metadata_uuid}/contents

Query Parameters

Key Value
vendor_uuid The uuid of the vendor
document_metadata_uuid The document metadata uuid of the document

Request Body

None

Download file

The redirect url comes without the base url. To download the file we need to point to

https://api.thirdpartytrust.com/api/tier{redirect_url}

For example:

https://api.thirdpartytrust.com/api/tier/92d47ff9-527e-478a-8291-3da904765cf6/documents/3f6fae60-d800-476f-8bb5-4c2a34a21786/contents/-3671293231058280129/03a8b13ccf735004481b18a117f7b1f997ca1552c99fc0a38592630c2c93be9e

The redirect url expires after using it. It can only be used once.

Documents: get vendor documents

To get all the documents attached to a vendor.

Example Request

curl --request GET https://api.thirdpartytrust.com/api/tier/92d47ff9-527e-478a-8291-3da904765cf6/documents \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json"

Example Response

{
  "uuid": "7f6dbf38-72f0-4e96-9da9-21177b66bd40",
  "file_name": "Contract Advent",
  "labels":
      [{"model_name": "DocumentLabel", "name": "Contract", "uuid": "ae213799-f160-4b38-a5e5-6d2842b7f1f3"}],
  "expiration_date": "2017-10-13",
  "model_name": "TieringDocument",
  "metadata": "b48fad13-8561-448d-847f-f0ccc1b1c9a2"
}

HTTP Request

GET https://api.thirdpartytrust.com/api/tier/{vendorUuid}/documents

Query Parameters

Key Value
vendorUuid The companyID for the vendor you are adding the document to

Request Body

None

File UUID

The metadata value in the response is the uuid we will need to use to download the file

In this example the uuid to use is b48fad13-8561-448d-847f-f0ccc1b1c9a2

Document labels: create

Create a new document label.

Example Request

curl --request POST https://api.thirdpartytrust.com/api/tier/label \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json"
  -d '{
        "name":"global"
      }'

Example Response

{
  "name": "DocumentLabel",
  "identifier": "d7e9e801-9564-406f-bc60-04385a0060a0"
}

HTTP Request

POST https://api.thirdpartytrust.com/api/tier/label

Query Parameters

None

Request Body

Key Value
name The name of the document label

Document labels: get all

Fetch all document labels for the company of the currently logged in user.

Example Request

curl --request GET https://api.thirdpartytrust.com/api/tier/labels \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json"

Example Response

[
  {"model_name": "DocumentLabel", "name": "global", "uuid": "d7e9e801-9564-406f-bc60-04385a0060a0"}, 
  {"model_name": "DocumentLabel", "is_base": true, "name": "Certification", "uuid": "2854a23a-5308-42ab-94ce-8d1adcee9cbd"}, 
  {"model_name": "DocumentLabel", "is_base": true, "name": "Contract", "uuid": "ae213799-f160-4b38-a5e5-6d2842b7f1f3"}, 
  {"model_name": "DocumentLabel", "is_base": true, "name": "Report", "uuid": "c77427f6-3e20-4984-b80a-1cf68ae329e4"}, 
  {"model_name": "DocumentLabel", "is_base": true, "name": "Assessment", "uuid": "6e2157ed-a7d2-42a4-b85c-2d41c381de36"}, 
  {"model_name": "DocumentLabel", "is_base": true, "name": "NDA", "uuid": "a74e1f3f-8cd5-426c-b542-cf805ccac2cf"}, 
  {"model_name": "DocumentLabel", "is_base": true, "name": "Insurance", "uuid": "4a6ae53a-e52d-411f-bb5e-f3c62783d303"}
]

HTTP Request

GET https://api.thirdpartytrust.com/api/tier/labels

Query Parameters

None

Request Body

None

Document labels: edit

Edit a document label.

Example Request

curl --request https://api.thirdpartytrust.com/api/tier/labels/d7e9e801-9564-406f-bc60-04385a0060a0 \
  -X 'PATCH'
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json"
  -d '{
        "name":"global2"
      }'

Example Response

{
  "message": "Document label successfully updated"
}

HTTP Request

PATCH https://api.thirdpartytrust.com/api/tier/labels/d7e9e801-9564-406f-bc60-04385a0060a0

Query Parameters

None

Request Body

Key Value
name The name of the document label

Document labels: remove

Remove a document label.

Example Request

curl --request https://api.thirdpartytrust.com/api/tier/labels/d7e9e801-9564-406f-bc60-04385a0060a0 \
  -X 'DELETE'
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json"

Example Response

{
  "message": "Document label successfully removed"
}

HTTP Request

DELETE https://api.thirdpartytrust.com/api/tier/labels/d7e9e801-9564-406f-bc60-04385a0060a0

Query Parameters

None

Request Body

None

Impact Score Rating

There is no way to directly adjust the impact score, since the impact score is calculated depending on the category weights and the value set in the Tiering page. The following example will show how to change the value assigned to a category using the API, which will trigger a recalculation of the impact score.

Example Request

curl --request POST
  https://api.thirdpartytrust.com/api/tier/{category_uuid}/level/{vendor_uuid} \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json"
  -d '{
        "level": 50
      }'

Example Response

The response is the relationship map between the category uuid and the vendor uuid

{
   "name": "map",
   "identifier": "83885dc1-baad-4701-8299-aca731ea5c0c"
}

Query Parameters

Key Value
vendor_uuid The unique identifier for the vendor that we are rating
category_uuid The unique identifier for the tiering category we are changing the rating value

HTTP Request

POST https://api.thirdpartytrust.com/api/tier/6e0c9bec-0fd6-4504-9cc9-b037703840be/level/ccd40c7d-fec9-4594-bb3b-dac97f9b5548

Request Body

Key Value
level An integer value that ranges from 1 to 100

Labels: add to vendor

Add a label to one of your vendors

Example Request

curl --request POST
  https://api.thirdpartytrust.com/api/tier/e8c61519-1e87-42c2-9717-0e1856d9ede5/tag/4cf475ce-3c56-44cd-8125-76e4318e4fa2 \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json"
  --data-raw '{}'

Example Response

{
  "color": "#FBBD08", "model_name": "CompanyLabel", "name": "Test", "uuid": "4cf475ce-3c56-44cd-8125-76e4318e4fa2"
}

HTTP Request

POST https://api.thirdpartytrust.com/api/tier/{vendor_uuid}/tag/{label_uuid}

Query Parameters

Key Value
vendor_uuid The unique identifier of the vendor you want to add the label to
label_uuid The unique identifier of the label that you want to add to the vendor

Request Body

Empty dictionary {}

Labels: get all

Fetch all labels that you can be added to a vendor

Example Request

curl --request GET
  https://api.thirdpartytrust.com/api/tier/tags \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json"

Example Response

{
  "color": "#FBBD08", "model_name": "CompanyLabel", "name": "Test", "uuid": "4cf475ce-3c56-44cd-8125-76e4318e4fa2"
}

HTTP Request

GET https://api.thirdpartytrust.com/api/tier/tags

Query Parameters

None

Labels: remove from vendor

Remove a label from one of your vendors

Example Request

curl --request POST
  https://api.thirdpartytrust.com/api/tier/e8c61519-1e87-42c2-9717-0e1856d9ede5/tag/4cf475ce-3c56-44cd-8125-76e4318e4fa2 \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json"
  --data-raw '{"remove":true}'

Example Response

{
  "color": "#FBBD08", "model_name": "CompanyLabel", "name": "Test", "uuid": "4cf475ce-3c56-44cd-8125-76e4318e4fa2"
}

HTTP Request

POST https://api.thirdpartytrust.com/api/tier/{vendor_uuid}/tag/{label_uuid}

Query Parameters

Key Value
vendor_uuid The unique identifier of the vendor you want to remove the label from
label_uuid The unique identifier of the label that you want to remove from the vendor

Request Body

Key Value
remove true

Lifecycle Status (Review Cycle): update vendor

Updating the status of a vendor’s review cycle.

Example Request

curl --request POST
  https://api.thirdpartytrust.com/api/v2/connections.update_state \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json"
  -d '{
        "vendor_id": "ccd406c7d-fec9-4544-bb3b-dac93b9b5540",
        "new_state": "c93b9b554-4544-bb3b-fec9-cd406c7ddac9"
      }'

Example Response

{
   "state": {
      "model_name": "LifeCycle",
      "base_value": true,
      "type": 2,
      "uuid": "c93b9b554-4544-bb3b-fec9-cd406c7ddac9",
      "value": "Completed"
   },
   "vendor_uuid": "ccd406c7d-fec9-4544-bb3b-dac93b9b5540"
}

HTTP Request

POST https://api.thirdpartytrust.com/api/v2/connections.update_state

Request Body

Key Value
vendor_id The unique identifier of the vendor you are updating the state
new_state The unique identifier of the state you are assigning the vendor to

Lifecycle Status (Review Cycle) : get vendor history of updates

Returns the details of the different updates to the lifecycle over time

Example Request

curl --request POST
  https://api.thirdpartytrust.com/api/v2/connections.list_state_history \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json"
  -d '{
        "vendor_id": "ccd406c7d-fec9-4544-bb3b-dac93b9b5540"
      }'

Example Response

[
  {
    "user": {
      "first_name": "Test",
      "last_name": "User",
      "uuid": "61a91ea3-0c0a-4689-a792-35cdd2a75e20"
    },
    "uuid": "7cfd5ffa-4305-4108-91cb-9499ecb783a7",
    "change_date": "2019-12-19T17:51:57Z",
    "state": {
      "model_name": "LifeCycle",
      "base_value": true,
      "type": 2,
      "uuid": "64f3b89c-046a-4dce-8263-0751a306fca1",
      "value": "Validated"
    },
    "deleted": false
  },
  ...
]

HTTP Request

POST https://api.thirdpartytrust.com/api/v2/connections.list_state_history

Request Body

Key Value
vendor_id The unique identifier of the vendor you are getting the history of changes

Notes

Adding an HTML note to a vendor

Example Request

curl --request POST
  https://api.thirdpartytrust.com/api/tier/{vendor_uuid}/note/ \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json"
  -d '{
        "notes": "<p>This is a note</p>"
      }'

Example Response

{
   "notes": "<p>This is a note</p>",
   "model_name": "TieringNote",
   "uuid": "a9b73ad2-08c4-4aeb-926a-d76609087186",
   "created":  {
         "name": "Nico Ferro",
         "date": "2020-02-07T16:20:05.021872"
      }
   }

Query Parameters

Key Value
vendor_uuid The unique identifier for the vendor you are adding the note to

HTTP Request

POST https://api.thirdpartytrust.com/api/tier/{vendor_uuid}/note/

Request Body

Key Value
notes A note in a string format. Can be a string with and without html tags.

Review Date: get next review

Get next review date for a particular vendor

curl --request GET
   https://api.thirdpartytrust.com/api/tier/nextreview/ccd40c7d-fec9-4594-bb3b-dac97f9b5548 \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json"

HTTP Request

GET https://api.thirdpartytrust.com/api/tier/nextreview/{vendor_uuid}

Query Parameters

Key Value
vendor_uuid The unique identifier for the vendor

Review Date: update

The next review date is not meant to be updated manually. This date is calculted using the approval date and the approval cycle to understand which should be the next date where a review is needed for a vendor.

Please refer to Approval Date and Approval Cycle to understand how these two values can be changed.

Vendors: adjust TrustScore

You can add in an adjustment to a vendors trust score

Example Request

curl --request POST
  https://api.thirdpartytrust.com/api/v2/trustscore.update_trustscore_adjustment \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json"
  -d '{
        "adjustment_message": "Test",
        "amount_adjusted": [-11],
        "vendor_uuid": "098fe77b-f311-4b5a-94ce-86df4f8a5e08"
      }'

Example Response

{
  "adjustment": 45,
  "message": "Test"
}

HTTP Request

POST https://api.thirdpartytrust.com/api/v2/trustscore.update_trustscore_adjustment'

Query Parameters

None

Request Body

Key Value
adjustment_message The message you want to include specifying why the edit was made
amount_adjusted The adjustment you would like to make between -100 to 100
vendor_uuid the uuid of the vendor you are changing the score for

Vendors: add description

You can add in a description of how you use the vendor

Example Request

curl --request POST
  https://api.thirdpartytrust.com/api/tier/description/92d47ff9-527e-478a-8291-3da904765cf6 \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json"
  -d '{
        "description":"This is my test description"
      }'

Example Response

{
"status_code": "success", "meta": {}, "status_message":
"Company description set", "data": "a7d90597-ef4b-4619-a71d-fdd4e407c85b"
}

HTTP Request

POST https://api.thirdpartytrust.com/api/tier/description/{vendorUuid}

Query Parameters

Key Value
vendorUuid The companyID for the vendor you are adding the document to

Request Body

Key Value
description Free form text for the description of the vendor

Vendors: set nickname

You can give a vendors and nickname

Example Request

curl --request POST
  https://api.thirdpartytrust.com/api/v2/connections.update \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json"
  -d '{
        "nickname": "Test",
        "connection_uuid": "19daeff6-10a2-47ca-b655-c761526f6de9"
      }'

Example Response

    {
      "model_name": "CompanyConnection",
      "created_on": "2019-05-01 14:55:00",
      "manual": "False",
      "nickname": "Express-Scripts",
      "primary_uuid": "f8ec881b-82a7-4cc5-a6af-4087cd358d6a",
      "secondary_uuid": "a0df1a60-2c5e-461a-886c-c1def221b61e",
      "type_relation": "secondary_views_primary",
      "uuid": "19daeff6-10a2-47ca-b655-c761526f6de9"
    }

HTTP Request

POST https://api.thirdpartytrust.com/api/v2/connections.update

Query Parameters

None

Request Body

Key Value
nickname The new name you want to give the vendor
connection_uuid the uuid of the connection

Assurance Programs

Certifications

Fetch all certification information for the company of the currently logged in user.

Example Request

curl --request GET
  https://api.thirdpartytrust.com/api/assurance/certifications \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..."

Example Response

[
  {
    "model_name": "certification",
    "date_acheived": "2018-05-01",
    "expires_on": "2022-02-28",
    "note": "Certifications Note",
    "scope": "company wide",
    "uuid": "cabd565d-f231-4568-af43-e3954f90384e",
    "code_name": "ISO9001",
    "description": "Certification Description",
    "isTest": true,
    "isa": true,
    "name": "Certification Name",
    "score_value": 50,
    "certification_uuid": "acd2e47c-c0a0-4abf-8f88-e25b955bd62b",
    "logo": "https://s3.amazonaws.com/fileservice3.thirdpartytrust.com/97f83a3b-0826-4091-a0e3-0c4f1e2c2bd5",
    "@documents": "/assurance/certifications/cabd565d-f231-4568-af43-e3954f90384e/documents"
  }
]

HTTP Request

GET https://api.thirdpartytrust.com/api/assurance/certifications

Query Parameters

None

Certifications {uuid}

Fetch a single certification’s information by certification uuid.

Example Request

curl --request
  https://api.thirdpartytrust.com/api/assurance/certifications/3325139b-4fb3-45e6-804b-07ee8643717b \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json"

HTTP Request

GET https://api.thirdpartytrust.com/api/assurance/certifications/{uuid}

Query Parameters

None

URL Parameters

Parameter Description
uuid The uuid of the certification

Certifications Available

Fetch all information on certifications that are available to the company of the currently logged in user.

Example Request

curl --request
  https://api.thirdpartytrust.com/api/assurance/certifications/available \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json"

HTTP Request

GET https://api.thirdpartytrust.com/api/assurance/certifications/available

Query Parameters

None

Certification’s documents

Fetch all documents associated to a Certification using the certification uuid

Example Request

curl --request GET
  https://api.thirdpartytrust.com/api/assurance/certifications/cabd565d-f231-4568-af43-e3954f90384e/documents \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..."

Example Response

[
  {
    "model_name": "FileMetadata",
    "file_name": "Document filename",
    "file_type": "pdf",
    "owner_uuid": "0e7f8457-b581-4ed2-8eba-5a20e34b4229",
    "uuid": "58a3f684-8bb3-4474-9ac3-1de499feff4d",
    "url": "https://s3.amazonaws.com/fileservice3.thirdpartytrust.com/58a3f684-8bb3-4474-9ac3-1de499feff4d"
  }
]

HTTP Request

GET https://api.thirdpartytrust.com/api/assurance/certifications/{uuid}/documents

Query Parameters

None

URL Parameters

Parameter Description
uuid The uuid of the certification

Certification get the document url

Fetch the Certification document’s url to download

Example Request

curl --request GET
  https://api.thirdpartytrust.com/api/assurance/certifications/cabd565d-f231-4568-af43-e3954f90384e/documents/58a3f684-8bb3-4474-9ac3-1de499feff4d/contents
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..."

Example Response

{
  "redirect_url": "/cabd565d-f231-4568-af43-e3954f90384e/documents/58a3f684-8bb3-4474-9ac3-1de499feff4d/contents/-2786861953131050974/983387064e30dbeace8d6477c4d9c689027c51da4296fddf027edfc29dfd4314"
}

HTTP Request

GET https://api.thirdpartytrust.com/api/assurance/audits/{uuid}/documents/{document_uuid}/contents

Query Parameters

None

URL Parameters

Parameter Description
uuid The uuid of the certification
document_uuid The uuid of the document

Certification download document

Download a Certification document. We need to use the redirect_url obtained in the previous step.

Example Request

curl --request GET
  https://api.thirdpartytrust.com/api/assurance/certifications/cabd565d-f231-4568-af43-e3954f90384e/documents/58a3f684-8bb3-4474-9ac3-1de499feff4d/contents/-2786861953131050974/983387064e30dbeace8d6477c4d9c689027c51da4296fddf027edfc29dfd4314
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..."

Example Response

Returns a binary file

HTTP Request

GET https://api.thirdpartytrust.com/api/assurance/certifications{redirect_url}

Query Parameters

None

URL Parameters

Parameter Description
redirect_url The redirect_url value from the previous endpoint

Insurance

Fetch all insurance information for the company of the currently logged in user.

Example Request

curl --request GET
  https://api.thirdpartytrust.com/api/assurance/insurance \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..."

Example Response

[
  {
    "@documents":"/assurance/insurance/3325139b-4fb3-45e6-804b-07ee8643717b/documents",
    "name": "Cyber Liability / Data Privacy",
    "modified":
    {
      "date": "2016-03-15T21:53:07.219086",
      "name": "Johnny Appleseed"
    },
    "insurance_uuid": "3325139b-4fb3-45e6-804b-07ee8643717b",
    "provider": "IBM Security",
    "uuid": "3325139b-4fb3-45e6-804b-07ee8643717b"
  }
]

HTTP Request

GET https://api.thirdpartytrust.com/api/assurance/insurance

Query Parameters

None

Insurance {uuid}

Fetch a single insurance policy’s information by insurance uuid.

Example Request

curl --request GET
  https://api.thirdpartytrust.com/api/assurance/insurance/3325139b-4fb3-45e6-804b-07ee8643717b \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..."

Example Response

{
  "@documents": "/assurance/insurance/3325139b-4fb3-45e6-804b-07ee8643717b/documents",
  "name": "Cyber Liability / Data Privacy",
  "modified":
  {
    "date": "2016-03-15T21:53:07.219086",
    "name": "Johnny Appleseed"
  },
  "insurance_uuid": "3325139b-4fb3-45e6-804b-07ee8643717b",
  "provider": "IBM Security",
  "uuid": "3325139b-4fb3-45e6-804b-07ee8643717b"
}

HTTP Request

GET https://api.thirdpartytrust.com/api/assurance/insurance/{uuid}

Query Parameters

None

URL Parameters

Parameter Description
uuid The uuid of the insurance

Insurance Inventory

Fetch all insurance inventory information for the company of the currently logged in user.

Example Request

curl --request GET
  https://api.thirdpartytrust.com/api/assurance/insurance/inventory \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..."

Example Response

[
  {
    "insurance_uuid": "498386c8-d4ce-4ba3-88f6-21c2b261f56d",
    "provider": "IBM Security",
    "uuid": "6a2e8ece-59ee-436f-a7ac-07352ec12aac"
  }
]

HTTP Request

GET https://api.thirdpartytrust.com/api/assurance/insurance/inventory

Query Parameters

None

Insurance’s documents

Fetch all documents associated to an Insurance using the insurance uuid

Example Request

curl --request GET
  https://api.thirdpartytrust.com/api/assurance/insurance/f949b5f2-2a65-4cd1-b22c-586533a70d7d/documents \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..."

Example Response

[
  {
    "model_name": "FileMetadata",
    "file_name": "Document filename",
    "file_type": "pdf",
    "owner_uuid": "0e7f8457-b581-4ed2-8eba-5a20e34b4229",
    "uuid": "81dc3d0c-285b-405a-9d85-eebded5cc541",
    "url": "https://s3.amazonaws.com/fileservice3.thirdpartytrust.com/81dc3d0c-285b-405a-9d85-eebded5cc541"
  }
]

HTTP Request

GET https://api.thirdpartytrust.com/api/assurance/insurance/{uuid}/documents

Query Parameters

None

URL Parameters

Parameter Description
uuid The uuid of the insurance

Insurance get the document url

Fetch the Insurance document’s url to download

Example Request

curl --request GET
  https://api.thirdpartytrust.com/api/assurance/insurance/f949b5f2-2a65-4cd1-b22c-586533a70d7d/documents/81dc3d0c-285b-405a-9d85-eebded5cc541/contents
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..."

Example Response

{
  "redirect_url": "/f949b5f2-2a65-4cd1-b22c-586533a70d7d/documents/81dc3d0c-285b-405a-9d85-eebded5cc541/contents/-5976933449140052135/bb0a89f749872662a8331285d7dbfea0e9d4b886d684ea4665a9eae9a8cf2fe2"
}

HTTP Request

GET https://api.thirdpartytrust.com/api/assurance/insurance/{insurance_uuid}/documents/{document_uuid}/contents

Query Parameters

None

URL Parameters

Parameter Description
insurance_uuid The uuid of the insurance
document_uuid The uuid of the document

Insurance download document

Download an Insurance document. We need to use the redirect_url obtained in the previous step.

Example Request

curl --request GET
  https://api.thirdpartytrust.com/api/assurance/insurance/f949b5f2-2a65-4cd1-b22c-586533a70d7d/documents/81dc3d0c-285b-405a-9d85-eebded5cc541/contents/-5976933449140052135/bb0a89f749872662a8331285d7dbfea0e9d4b886d684ea4665a9eae9a8cf2fe2
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..."

Example Response

Returns a binary file

HTTP Request

GET https://api.thirdpartytrust.com/api/assurance/insurance{redirect_url}

Query Parameters

None

URL Parameters

Parameter Description
redirect_url The redirect_url value from the previous endpoint

Audits

Fetch all audit information for the company of the currently logged in user.

Example Request

curl --request GET
  https://api.thirdpartytrust.com/api/assurance/audits \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..."

Example Response

[
  {
    "@documents": "/assurance/audits/3325139b-4fb3-45e6-804b-07ee8643717b/documents",
    "uuid": "3325139b-4fb3-45e6-804b-07ee8643717b",
    "modified":
    {
      "date": "2016-03-02T19:46:18.841455",
      "name": "Johnny Appleseed"
    },
    "audited_on": "2016-02-29",
    "auditor": "Accenture",
    "audit_uuid": "3325139b-4fb3-45e6-804b-07ee8643717b",
    "expires_on": null,
    "name": "General Security Audit"
  }
]

HTTP Request

GET https://api.thirdpartytrust.com/api/assurance/audits

Query Parameters

None

Audits {uuid}

Fetch a single audit’s information by audit uuid.

Example Request

curl --request GET
  https://api.thirdpartytrust.com/api/assurance/audits/3325139b-4fb3-45e6-804b-07ee8643717b \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..."

Example Response

{
  "@documents": "/assurance/audits/3325139b-4fb3-45e6-804b-07ee8643717b/documents",
  "uuid": "3325139b-4fb3-45e6-804b-07ee8643717b",
  "modified":
  {
    "date": "2016-03-02T19:46:18.841455",
    "name": "Johnny Appleseed"
  },
  "audited_on": "2016-02-29",
  "auditor": "Accenture",
  "audit_uuid": "3325139b-4fb3-45e6-804b-07ee8643717b",
  "expires_on": null,
  "name": "General Security Audit"
}

HTTP Request

GET https://api.thirdpartytrust.com/api/assurance/audits/{uuid}

Query Parameters

None

URL Parameters

Parameter Description
uuid The uuid of the audit

Audits Inventory

Fetch all audit inventory information for the company of the currently logged in user.

Example Request

curl --request GET
  https://api.thirdpartytrust.com/api/assurance/audits/inventory \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..."

Example Response

[
  {
    "code_name": "PT",
    "isActive": "true",
    "isTest": "true",
    "name": "Penetration Test",
    "score_value": "50",
    "uuid": "714571fd-857c-4a00-8ce6-32d249a8e272"
  }
]

HTTP Request

GET https://api.thirdpartytrust.com/api/assurance/audits/inventory

Query Parameters

None

Audit’s documents

Fetch all documents associated to an Audit using the audit uuid

Example Request

curl --request GET
  https://api.thirdpartytrust.com/api/assurance/audits/9cd7cba7-d05c-4ddf-aed6-1c412b0cf10a/documents \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..."

Example Response

[
  {
    "model_name": "FileMetadata",
    "file_name": "Document filename",
    "file_type": "pdf",
    "owner_uuid": "0e7f8457-b581-4ed2-8eba-5a20e34b4229",
    "uuid": "2f4701b1-6a0f-4140-a94a-fd4c009abb15",
    "url": "https://s3.amazonaws.com/fileservice3.thirdpartytrust.com/2f4701b1-6a0f-4140-a94a-fd4c009abb15"
  }
]

HTTP Request

GET https://api.thirdpartytrust.com/api/assurance/audits/{uuid}/documents

Query Parameters

None

URL Parameters

Parameter Description
uuid The uuid value of the response from api/assurance/audits

Audit get document url

Fetch the Audit document’s url to download

Example Request

curl --request GET
  https://api.thirdpartytrust.com/api/assurance/audits/9cd7cba7-d05c-4ddf-aed6-1c412b0cf10a/documents/2f4701b1-6a0f-4140-a94a-fd4c009abb15/contents
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..."

Example Response

{
  "redirect_url": "/9cd7cba7-d05c-4ddf-aed6-1c412b0cf10a/documents/2f4701b1-6a0f-4140-a94a-fd4c009abb15/contents/-5976933449140052135/34c225fa18cf3be671b542910b4d9e598a2c64a97b46f03864cefa93df29b848"
}

HTTP Request

GET https://api.thirdpartytrust.com/api/assurance/audits/{uuid}/documents/{document_uuid}/contents

Query Parameters

None

URL Parameters

Parameter Description
uuid The uuid value of the response from api/assurance/audits
document_uuid The uuid of the document

Audit download document

Download an Audit document. We need to use the redirect_url obtained in the previous step.

Example Request

curl --request GET
  https://api.thirdpartytrust.com/api/assurance/audits/9cd7cba7-d05c-4ddf-aed6-1c412b0cf10a/documents/2f4701b1-6a0f-4140-a94a-fd4c009abb15/contents/-5976933449140052135/2ce1db4b838d37983f345bfbead9b51ec558bb6a091947eb580d39f471e92a96
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..."

Example Response

Returns a binary file

HTTP Request

GET https://api.thirdpartytrust.com/api/assurance/audits{redirect_url}

Query Parameters

None

URL Parameters

Parameter Description
redirect_url The url of the document to download

Requirements

Adjustment: create

Create an adjustment to a company. Is the way we have to mark a requirements as incomplete/complete.

Example Request

curl --request POST
  https://api.thirdpartytrust.com/api/v3/progress/adjustments/
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..."
  -H "Content-Type: application/json" \
  --data-raw ' {
      "company_id": "92d47ff9-527e-478a-8291-3da904765cf6",
      "requirement_id": "23ccecf1-babb-42d5-9844-f60ddcf2a17a",
      "is_complete": true,
      "note": "Adjustment Note"
  }'

Example Response

[
  {
    "adjustment_id": "cf8c7eef-014d-4d24-a376-601080457cef",
    "company_id": "92d47ff9-527e-478a-8291-3da904765cf6",
    "requirement_id": "23ccecf1-babb-42d5-9844-f60ddcf2a17a",
    "is_complete": true,
    "note": "paper",
    "user_id": "e3e96010-da98-4478-96f2-81c167ba83c2",
    "completed_date": "2021-05-20T17:35:47.017286"
  }
]

HTTP Request

POST https://api.thirdpartytrust.com/api/v3/progress/adjustments/

Query Parameters

None

Request Body

Key Value
company_id The uuid of the company
requirement_id The uuid of the requirement
is_complete Boolean
note String

Adjustments: delete

Delete an adjustment

Example Request

curl --request DELETE
  https://api.thirdpartytrust.com/api/v3/progress/adjustments/01458727-58b9-425a-913d-05281c71a3af
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..."

Example Response

{
  "adjustment_id": "9df97a96-f5bd-424b-8d2a-e7d53d847855",
  "company_id": "92d47ff9-527e-478a-8291-3da904765cf6",
  "requirement_id": "46753645-dbcd-413a-8139-4ce0063e0ae4",
  "is_complete": false,
  "note": "a",
  "user_id": "e3e96010-da98-4478-96f2-81c167ba83c2",
  "completed_date": "2021-05-03T17:49:33.558400"
}

HTTP Request

DELETE https://api.thirdpartytrust.com/api/v3/progress/adjustments/{adjustment_id}

Query Parameters

Key Value
adjustment_id The id of the adjustment

Request Body

None

Adjustments: get by company

Fetch all the adjustments by company id

Example Request

curl --request GET
  https://api.thirdpartytrust.com/api/v3/progress/adjustments/
  -G -d company_id="92d47ff9-527e-478a-8291-3da904765cf6"
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..."

Example Response

[
  {
    "adjustment_id": "9df97a96-f5bd-424b-8d2a-e7d53d847855",
    "company_id": "92d47ff9-527e-478a-8291-3da904765cf6",
    "requirement_id": "46753645-dbcd-413a-8139-4ce0063e0ae4",
    "is_complete": false,
    "note": "a",
    "user_id": "e3e96010-da98-4478-96f2-81c167ba83c2",
    "completed_date": "2021-05-03T17:49:33.558400"
  },
  {
    "adjustment_id": "cf8c7eef-014d-4d24-a376-601080457cef",
    "company_id": "92d47ff9-527e-478a-8291-3da904765cf6",
    "requirement_id": "23ccecf1-babb-42d5-9844-f60ddcf2a17a",
    "is_complete": true,
    "note": "paper",
    "user_id": "e3e96010-da98-4478-96f2-81c167ba83c2",
    "completed_date": "2021-05-20T17:35:47.017286"
  }
]

HTTP Request

GET https://api.thirdpartytrust.com/api/v3/progress/adjustments/?company_id={company_id}

Query Parameters

Key Value
company_id The uuid of the company

Request Body

None

Adjustments: get by requirement

Fetch all the adjustments by requirement id

Example Request

curl --request GET
  https://api.thirdpartytrust.com/api/v3/progress/adjustments/
  -G -d requirement_id="23ccecf1-babb-42d5-9844-f60ddcf2a17a"
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..."

Example Response

[
  {
    "adjustment_id": "cf8c7eef-014d-4d24-a376-601080457cef",
    "company_id": "92d47ff9-527e-478a-8291-3da904765cf6",
    "requirement_id": "23ccecf1-babb-42d5-9844-f60ddcf2a17a",
    "is_complete": true,
    "note": "paper",
    "user_id": "e3e96010-da98-4478-96f2-81c167ba83c2",
    "completed_date": "2021-05-20T17:35:47.017286"
  }
]

HTTP Request

GET https://api.thirdpartytrust.com/api/v3/progress/adjustments/?requirement_id={requirement_id}

Query Parameters

Key Value
requirement_id The uuid of the requirement

Request Body

None

Adjustments: update

Update an adjustment

Example Request

curl --request PUT
  https://api.thirdpartytrust.com/api/v3/progress/adjustments/01458727-58b9-425a-913d-05281c71a3af
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..."
  -H "Content-Type: application/json" \
  --data-raw ' {
      "requirement_id": "23ccecf1-babb-42d5-9844-f60ddcf2a17a",
      "is_complete": true,
      "note": "Adjustment Note"
  }'

Example Response

{
  "adjustment_id": "01458727-58b9-425a-913d-05281c71a3af",
  "company_id": "92d47ff9-527e-478a-8291-3da904765cf6",
  "requirement_id": "46753645-dbcd-413a-8139-4ce0063e0ae4",
  "is_complete": true,
  "note": "Adjustment Note",
  "user_id": "a70f5f8a-c877-4b2f-9c71-03a01f5c2c67",
  "completed_date": "2021-05-20T20:11:43.544865"
}

HTTP Request

PUT https://api.thirdpartytrust.com/api/v3/progress/adjustments/{adjustment_id}

Query Parameters

Key Value
adjustment_id The id of the adjustment

Request Body

Key Value
requirement_id The id of the requirement (optional)
is_complete Boolean (optional)
note String (optional)

Mark a requirement as incomplete/complete

Please use the Adjustments endpoints to create, delete, update or fetch different adjustments made to the requirements of the vendors.

Mark certificate as not available

Mark a required certificate as not available to notify that you don’t have it

Example Request

curl --request
  https://api.thirdpartytrust.com/api/assurance/certifications/not_available/ \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json" \
  -d '{
        "parent_uuid":"7301af3b-abcf-4561-80c3-eee877e1a22c",
        "note":"A note explaining the reason"
      }'

Example Response

{
    "model_name": "CompanyCertification",
    "note": "A note explaining the reason",
    "not_available": true,
    "uuid": "dcb8153d-3888-4f4f-ae60-9119dfc37e7d",
    "modified": {
        "name": "John Doe",
        "date": "2020-05-20T13:49:50.490692"
    }
}

HTTP Request

POST https://api.thirdpartytrust.com/api/assurance/certifications/not_available/

Query Parameters

None

Request Body

Key Value
parent_uuid The uuid of the certification that you want to mark as not_available
note A note in a string format.

Mark insurance as not available

Mark a required insurance as not available to notify that you don’t have it

Example Request

curl --request
  https://api.thirdpartytrust.com/api/assurance/insurance/not_available/ \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json" \
  -d '{
        "parent_uuid":"7301af3b-abcf-4561-80c3-eee877e1a22c",
        "note":"A note explaining the reason"
      }'

Example Response

{
    "model_name": "CompanyInsurance",
    "note": "A note explaining the reason",
    "not_available": true,
    "uuid": "dcb8153d-3888-4f4f-ae60-9119dfc37e7d",
    "modified": {
        "name": "John Doe",
        "date": "2020-05-20T13:49:50.490692"
    }
}

HTTP Request

POST https://api.thirdpartytrust.com/api/assurance/insurance/not_available/

Query Parameters

None

Request Body

Key Value
parent_uuid The uuid of the insurance that you want to mark as not_available
note A note in a string format.

Mark audit as not available

Mark a required audit as not available to notify that you don’t have it

Example Request

curl --request
  https://api.thirdpartytrust.com/api/assurance/audit/not_available/ \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json" \
  -d '{
        "parent_uuid":"7301af3b-abcf-4561-80c3-eee877e1a22c",
        "note":"A note explaining the reason"
      }'

Example Response

{
    "model_name": "AssuranceAudit",
    "note": "A note explaining the reason",
    "not_available": true,
    "uuid": "dcb8153d-3888-4f4f-ae60-9119dfc37e7d",
    "modified": {
        "name": "John Doe",
        "date": "2020-05-20T13:49:50.490692"
    }
}

HTTP Request

POST https://api.thirdpartytrust.com/api/assurance/audit/not_available/

Query Parameters

None

Request Body

Key Value
parent_uuid The uuid of the audit that you want to mark as not_available
note A note in a string format.

Progress: Get by customers

Fetch all the Company associated customers requirements progress

Example Request

curl --request GET
  https://api.thirdpartytrust.com/api/v3/progress/progress_company
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..."

Example Response

[
  {
    "requirements_fulfilled": true,
    "progress_average": 100,
    "customer_id": "41fac1eb-d875-46f7-890b-d56f91359533",
    "company_progress": [
      {
        "total_requirement_completion": 100,
        "number_of_requirements": 1,
        "survey_requirement_completion": null,
        "certification_requirement_completion": 100,
        "insurance_requirement_completion": null,
        "audit_requirement_completion": null,
        "survey_finding_requirement_completion": null,
        "survey_requirement_manual_review_state": null,
        "audit_requirement_manual_review_state": null,
        "certification_requirement_manual_review_state": null,
        "insurance_requirement_manual_review_state": null,
        "manual_review_state": 0,
        "requirement_uuid": "6851f813-b634-4c27-bd95-027ef6b8796b",
        "requirement_name": "Tier2",
        "is_completed": false,
        "mark_as_completed_note": null,
        "mark_as_completed_user": null,
        "mark_as_completed_date": null
      }
    ]
  }
]

HTTP Request

GET https://api.thirdpartytrust.com/api/v3/progress/progress_company

Query Parameters

Key Value
company_id The uuid of the company (optional)

Request Body

None

Progress: Get by vendors

Fetch all the Company associated vendors requirements progress

Example Request

curl --request GET
  https://api.thirdpartytrust.com/api/v3/progress/progress_vendors
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..."

Example Response

[
  {
    "requirements_fulfilled": false,
    "progress_average": 78.96138854425145,
    "vendor_id": "2aa94110-13b3-45fd-b6d2-89dafd6ec6ca",
    "vendor_progress": [
      {
        "total_requirement_completion": 100,
        "number_of_requirements": 2,
        "survey_requirement_completion": 100,
        "certification_requirement_completion": null,
        "insurance_requirement_completion": null,
        "audit_requirement_completion": null,
        "survey_finding_requirement_completion": 100,
        "survey_requirement_manual_review_state": 2,
        "audit_requirement_manual_review_state": null,
        "certification_requirement_manual_review_state": null,
        "insurance_requirement_manual_review_state": null,
        "manual_review_state": 2,
        "requirement_uuid": "9166540f-2109-400e-94ee-6920b395578a",
        "requirement_name": "Findings Testing",
        "is_completed": false,
        "mark_as_completed_note": null,
        "mark_as_completed_user": null,
        "mark_as_completed_date": null
      }
    ]
  }
]

HTTP Request

GET https://api.thirdpartytrust.com/api/v3/progress/progress_vendors

Query Parameters

Key Value
vendor_ids The uuid of the vendor (optional)

Request Body

None

Requirements: create

Create a new Requirement

Example Request

curl --request POST

curl --request POST
     https://api.thirdpartytrust.com/api/v3/requirements/ \
     -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
     -H "content-type: application/json" \
     --data-raw '{
      "name": "Requirement Name",
      "labels_ids": [
        "bdb4a368-3cba-4bef-a1e2-472387ada05a"
      ],
      "departments_ids": [
        "82b7890e-3438-4e21-a7a9-df06a3549fcc"
      ],
      "impact_score_from": 50,
      "impact_score_up_to": 78,
      "requirement_packages": [
        {
          "order": 0,
          "requirement_segments": [
            {
              "type": "questionnaires",
              "requirement_documents": [
                {
                  "document_id": "ce07f405-1bf5-47ee-8d7d-40d05a116078"
                }
              ],
              "inclusion_logic": "any",
              "finding_response_required": false
            },
            {
              "type": "audits",
              "requirement_documents": [
                {
                  "document_id": "93ae259f-57d4-475b-83a8-e596d3c3dca5"
                }
              ],
              "inclusion_logic": "all"
            },
            {
              "type": "insurances",
              "requirement_documents": [
                {
                  "document_id": "854e1cbd-46f9-4230-b739-dc9e77f3c641"
                }
              ],
              "inclusion_logic": "all"
            },
            {
              "type": "certifications",
              "requirement_documents": [
                {
                  "document_id": "68865fed-e891-4886-ab3c-47a1009054fb"
                }
              ],
              "inclusion_logic": "all"
            }
          ]
        }
      ]
    }'

Example Response

{
  "name": "Requirement Name",
  "company_id": "0e7f8457-b581-4ed2-8eba-5a20e34b4229",
  "labels_ids": [
    "bdb4a368-3cba-4bef-a1e2-472387ada05a"
  ],
  "departments_ids": [
    "82b7890e-3438-4e21-a7a9-df06a3549fcc"
  ],
  "impact_score_from": 50,
  "impact_score_up_to": 78,
  "requirement_packages": [
    {
      "order": 0,
      "requirement_segments": [
        {
          "type": "audits",
          "inclusion_logic": "all",
          "finding_response_required": null,
          "minimum_manual_connections": null,
          "requirement_documents": [
            {
              "document_id": "93ae259f-57d4-475b-83a8-e596d3c3dca5",
              "requirement_document_id": "c41f15c4-83b3-4b16-a362-9c63f1f859f6",
              "name": "Unaudited Financial Statements"
            }
          ],
          "requirement_segment_id": "4d62da90-11bf-4751-8716-3500ff3b583a"
        },
        {
          "type": "certifications",
          "inclusion_logic": "all",
          "finding_response_required": null,
          "minimum_manual_connections": null,
          "requirement_documents": [
            {
              "document_id": "68865fed-e891-4886-ab3c-47a1009054fb",
              "requirement_document_id": "ce196f1e-b9de-4ab6-a06e-19d490dba5f7",
              "name": "CJIS"
            }
          ],
          "requirement_segment_id": "28372377-4afe-445c-a4be-6ca127692883"
        },
        {
          "type": "questionnaires",
          "inclusion_logic": "any",
          "finding_response_required": false,
          "minimum_manual_connections": null,
          "requirement_documents": [
            {
              "document_id": "ce07f405-1bf5-47ee-8d7d-40d05a116078",
              "requirement_document_id": "b9954193-947e-4abe-bf26-e78f79c00b9b",
              "name": "Test123"
            }
          ],
          "requirement_segment_id": "f7757535-c3ee-450e-9571-8b635caa87ab"
        },
        {
          "type": "insurances",
          "inclusion_logic": "all",
          "finding_response_required": null,
          "minimum_manual_connections": null,
          "requirement_documents": [
            {
              "document_id": "854e1cbd-46f9-4230-b739-dc9e77f3c641",
              "requirement_document_id": "d8364745-3c29-4e35-9d29-ca0e50518be4",
              "name": "Commercial General Liability"
            }
          ],
          "requirement_segment_id": "f4ed970e-8cca-4e3a-a288-1aaf59386d86"
        }
      ],
      "requirement_package_id": "00da80fb-0865-4e0a-ab10-9ee5f2711374"
    }
  ],
  "requirement_id": "dd602d43-4a91-4d27-ae36-23baa0423fca"
}

HTTP Request

POST https://api.thirdpartytrust.com/api/v3/requirements/

Query Parameters

None

Request Body

Key Value
name The name of the requirement
labels_ids List of labels uuids associated to the requirement
deparments_ids List of departments uuids associated to the requirement
impact_score_from Impact Score range lowest value
impact_score_to Impact Score range highest value
requirements_packages List of requirements packages objects

Request Body: Requirement Package object

Key Value
order The order of the requirement
requirement_segments List of requirement segments objects

Request Body: Requirement Segment object

Key Value
type One of: ‘questionnaires’, 'audits’, 'insurances’, 'certifications’
inclusion_logic One of: 'all’, 'any’
documents List of documents objects
finding_response_required Boolean (only if the type=“questionnaires”)

Request Body: Document object

Key Value
document_id Document uuid

Requirements: delete

Delete Requirement by id

Example Request

curl --request DELETE
  https://api.thirdpartytrust.com/api/v3/requirements/dd602d43-4a91-4d27-ae36-23baa0423fca
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \

Example Response

{
  "requirement_id": "dd602d43-4a91-4d27-ae36-23baa0423fca",
  "name": "Requirement Name",
  "company_id": "0e7f8457-b581-4ed2-8eba-5a20e34b4229",
  "labels_ids": [
    "bdb4a368-3cba-4bef-a1e2-472387ada05a"
  ],
  "departments_ids": [
    "82b7890e-3438-4e21-a7a9-df06a3549fcc"
  ],
  "impact_score_from": 50,
  "impact_score_up_to": 78
}

HTTP Request

DELETE https://api.thirdpartytrust.com/api/v3/requirements/{requirement_id}

Query Parameters

Key Value
requirement_id The uuid of the requirement

Request Body

None

Requirements: get by id

Get Requirement by id

Example Request

curl --request GET
  https://api.thirdpartytrust.com/api/v3/requirements/dd602d43-4a91-4d27-ae36-23baa0423fca
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \

Example Response

{
  "name": "Requirement Name",
  "company_id": "0e7f8457-b581-4ed2-8eba-5a20e34b4229",
  "labels_ids": [
    "bdb4a368-3cba-4bef-a1e2-472387ada05a"
  ],
  "departments_ids": [
    "82b7890e-3438-4e21-a7a9-df06a3549fcc"
  ],
  "impact_score_from": 50,
  "impact_score_up_to": 78,
  "requirement_packages": [
    {
      "order": 0,
      "requirement_segments": [
        {
          "type": "questionnaires",
          "inclusion_logic": "any",
          "finding_response_required": false,
          "minimum_manual_connections": null,
          "requirement_documents": [
            {
              "document_id": "ce07f405-1bf5-47ee-8d7d-40d05a116078",
              "requirement_document_id": "73bf80ab-30ab-4336-a566-6131659a2d0a",
              "name": "Test123"
            }
          ],
          "requirement_segment_id": "1fc9a350-3ea5-444c-b28b-8cfd9d62e6a4"
        },
        {
          "type": "audits",
          "inclusion_logic": "all",
          "finding_response_required": null,
          "minimum_manual_connections": null,
          "requirement_documents": [
            {
              "document_id": "93ae259f-57d4-475b-83a8-e596d3c3dca5",
              "requirement_document_id": "a1081d47-1f44-4753-a8ae-40f8c8f2cdf8",
              "name": "Unaudited Financial Statements"
            }
          ],
          "requirement_segment_id": "00e3b9d6-051a-4b4e-acd7-d9b6b6f1cf16"
        },
        {
          "type": "insurances",
          "inclusion_logic": "all",
          "finding_response_required": null,
          "minimum_manual_connections": null,
          "requirement_documents": [
            {
              "document_id": "854e1cbd-46f9-4230-b739-dc9e77f3c641",
              "requirement_document_id": "d55e7652-4954-4b47-9ae0-35999e509f2a",
              "name": "Commercial General Liability"
            }
          ],
          "requirement_segment_id": "1cd3dfa8-63db-4ca4-8515-451eba4f3942"
        },
        {
          "type": "certifications",
          "inclusion_logic": "all",
          "finding_response_required": null,
          "minimum_manual_connections": null,
          "requirement_documents": [
            {
              "document_id": "68865fed-e891-4886-ab3c-47a1009054fb",
              "requirement_document_id": "3214096a-9bce-4e71-bda7-3b84eb772d7f",
              "name": "CJIS"
            }
          ],
          "requirement_segment_id": "be60c702-9bd7-4fcb-8021-bdca0097e095"
        }
      ],
      "requirement_package_id": "6a422e69-4b94-4718-a88c-2188f3799e5d"
    }
  ],
  "requirement_id": "dd602d43-4a91-4d27-ae36-23baa0423fca"
}

HTTP Request

GET https://api.thirdpartytrust.com/api/v3/requirements/{requirement_id}

Query Parameters

Key Value
requirement_id The uuid of the requirement

Request Body

None

Requirements: get all created

Get all the Requirements created by the company authenticated

Example Request

curl --request GET
  https://api.thirdpartytrust.com/api/v3/requirements/
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \

Example Response

[
  {
    "requirement_id": "deac0c11-0687-472f-a135-3760b5f7294a",
    "name": "Assessment",
    "company_id": "0e7f8457-b581-4ed2-8eba-5a20e34b4229",
    "labels_ids": [
      "bdb4a368-3cba-4bef-a1e2-472387ada05a"
    ],
    "departments_ids": [],
    "impact_score_from": null,
    "impact_score_up_to": null,
    "requirement_packages": [
      {
        "requirement_package_id": "ae117698-d897-47c5-87ee-e24aef007aa3",
        "order": 0,
        "requirement_segments": [
          {
            "requirement_segment_id": "5ad92f53-d4de-4e06-9ef1-dc81dadf3195",
            "type": "certifications",
            "inclusion_logic": "all",
            "finding_response_required": null,
            "requirement_documents": [
              {
                "requirement_document_id": "2369bdfe-6bb9-44ee-abbe-83a20a10265b",
                "document_id": "0f86bdb3-b80c-45cf-98c8-ac0f51c08e36",
                "name": null
              },
              {
                "requirement_document_id": "3e77df57-c323-4eb8-8ab5-33a7e78a4ce8",
                "document_id": "1c369e5b-58cd-4ec5-acfb-f2c4edcf05e9",
                "name": null
              }
            ]
          },
          {
            "requirement_segment_id": "85351b29-e185-4b80-8afa-3371d82c5f98",
            "type": "questionnaires",
            "inclusion_logic": "all",
            "finding_response_required": false,
            "requirement_documents": [
              {
                "requirement_document_id": "6d092622-1fe1-48f0-a944-4446b42e8973",
                "document_id": "168f65e7-2f48-49a1-9193-3f9cf3369003",
                "name": null
              },
              {
                "requirement_document_id": "defeb3a4-8bb1-4798-98f4-e24606859cf1",
                "document_id": "af23f825-981e-4f27-9934-d96a0cc5525f",
                "name": null
              }
            ]
          }
        ]
      }
    ]
  }
]

HTTP Request

GET https://api.thirdpartytrust.com/api/v3/requirements/

Query Parameters

None

Request Body

None

Requirements: get all by vendor

Get all the Requirements associated to a vendor set by the company authenticated

Example Request

curl --request GET
  https://api.thirdpartytrust.com/api/v3/requirements/?vendor_id=92d47ff9-527e-478a-8291-3da904765cf5
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \

Example Response

[
  {
    "requirement_id": "23ccecf1-babb-42d5-9844-f60ddcf2a17a",
    "name": "Requirement Name",
    "company_id": "0e7f8457-b581-4ed2-8eba-5a20e34b4229",
    "labels_ids": [],
    "departments_ids": [],
    "impact_score_from": null,
    "impact_score_up_to": null,
    "requirement_packages": [
      {
        "requirement_package_id": "3cf14a65-81ef-4092-a20e-4e8d9f1be716",
        "order": 0,
        "requirement_segments": [
          {
            "requirement_segment_id": "cbfb3ef5-4974-4d33-b397-1ff65ee2e6b3",
            "type": "audits",
            "inclusion_logic": "all",
            "finding_response_required": null,
            "requirement_documents": [
              {
                "requirement_document_id": "78e91fa7-3a64-4bfa-8d5b-a1166626fa85",
                "document_id": "4a328685-7e62-4671-85c6-e2edc1222663",
                "name": null
              }
            ]
          }
        ]
      }
    ]
  }
]

HTTP Request

GET https://api.thirdpartytrust.com/api/v3/requirements/?vendor_id={vendor_uuid}

Query Parameters

Key Value
vendor_id The uuid of the vendor

Request Body

None

Requirements: update

Update a Requirement

Example Request

We need to send the same json we get as a response while doing a GET request or a POST. This json has the requirement_package_id and the requirement_segment_id.

In the Example Request we are creating one new segment, updating two another and deleting one.

curl --request PUT
     https://api.thirdpartytrust.com/api/v3/requirements/dd602d43-4a91-4d27-ae36-23baa0423fca \
     -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
     -H "content-type: application/json" \
     --data-raw '{
      "name": "Requirement Name",
      "company_id": "0e7f8457-b581-4ed2-8eba-5a20e34b4229",
      "labels_ids": [
        "bdb4a368-3cba-4bef-a1e2-472387ada05a"
      ],
      "departments_ids": [
        "82b7890e-3438-4e21-a7a9-df06a3549fcc"
      ],
      "impact_score_from": 50,
      "impact_score_up_to": 78,
      "requirement_packages": [
        {
        "order": 0,
        "requirement_segments": [
          {
            "type": "questionnaires",
            "inclusion_logic": "any",
            "finding_response_required": false,
            "minimum_manual_connections": null,
            "requirement_documents": [
            {
              "document_id": "ce07f405-1bf5-47ee-8d7d-40d05a116078",
              "requirement_document_id": "73bf80ab-30ab-4336-a566-6131659a2d0a",
              "name": "New Segment without requirement_segment_id"
            }
            ]
          },
          {
            "type": "audits",
            "inclusion_logic": "all",
            "finding_response_required": null,
            "minimum_manual_connections": null,
            "requirement_documents": [
            {
              "document_id": "93ae259f-57d4-475b-83a8-e596d3c3dca5",
              "requirement_document_id": "a1081d47-1f44-4753-a8ae-40f8c8f2cdf8",
              "name": "Updating Segment with requirement_segment_id"
            }
            ],
            "requirement_segment_id": "00e3b9d6-051a-4b4e-acd7-d9b6b6f1cf16"
          },
          {
            "type": "certifications",
            "inclusion_logic": "all",
            "finding_response_required": null,
            "minimum_manual_connections": null,
            "requirement_documents": [
            {
              "document_id": "68865fed-e891-4886-ab3c-47a1009054fb",
              "requirement_document_id": "3214096a-9bce-4e71-bda7-3b84eb772d7f",
              "name": "Updating Segment with requirement_segment_id"
            }
            ],
            "requirement_segment_id": "be60c702-9bd7-4fcb-8021-bdca0097e095"
          }
        ],
        "requirement_package_id": "6a422e69-4b94-4718-a88c-2188f3799e5d"
        }
      ],
      "requirement_id": "dd602d43-4a91-4d27-ae36-23baa0423fca"
    }'

Example Response

{
  "name": "Requirement Name",
  "company_id": "0e7f8457-b581-4ed2-8eba-5a20e34b4229",
  "labels_ids": [
    "bdb4a368-3cba-4bef-a1e2-472387ada05a"
  ],
  "departments_ids": [
    "82b7890e-3438-4e21-a7a9-df06a3549fcc"
  ],
  "impact_score_from": 50,
  "impact_score_up_to": 78,
  "requirement_packages": [
    {
      "order": 0,
      "requirement_segments": [
        {
          "type": "audits",
          "inclusion_logic": "all",
          "finding_response_required": null,
          "minimum_manual_connections": null,
          "requirement_documents": [
            {
              "document_id": "93ae259f-57d4-475b-83a8-e596d3c3dca5",
              "requirement_document_id": "c41f15c4-83b3-4b16-a362-9c63f1f859f6",
              "name": "Unaudited Financial Statements"
            }
          ],
          "requirement_segment_id": "4d62da90-11bf-4751-8716-3500ff3b583a"
        },
        {
          "type": "certifications",
          "inclusion_logic": "all",
          "finding_response_required": null,
          "minimum_manual_connections": null,
          "requirement_documents": [
            {
              "document_id": "68865fed-e891-4886-ab3c-47a1009054fb",
              "requirement_document_id": "ce196f1e-b9de-4ab6-a06e-19d490dba5f7",
              "name": "CJIS"
            }
          ],
          "requirement_segment_id": "28372377-4afe-445c-a4be-6ca127692883"
        },
        {
          "type": "questionnaires",
          "inclusion_logic": "any",
          "finding_response_required": false,
          "minimum_manual_connections": null,
          "requirement_documents": [
            {
              "document_id": "ce07f405-1bf5-47ee-8d7d-40d05a116078",
              "requirement_document_id": "b9954193-947e-4abe-bf26-e78f79c00b9b",
              "name": "Test123"
            }
          ],
          "requirement_segment_id": "f7757535-c3ee-450e-9571-8b635caa87ab"
        },
        {
          "type": "insurances",
          "inclusion_logic": "all",
          "finding_response_required": null,
          "minimum_manual_connections": null,
          "requirement_documents": [
            {
              "document_id": "854e1cbd-46f9-4230-b739-dc9e77f3c641",
              "requirement_document_id": "d8364745-3c29-4e35-9d29-ca0e50518be4",
              "name": "Commercial General Liability"
            }
          ],
          "requirement_segment_id": "f4ed970e-8cca-4e3a-a288-1aaf59386d86"
        }
      ],
      "requirement_package_id": "00da80fb-0865-4e0a-ab10-9ee5f2711374"
    }
  ],
  "requirement_id": "dd602d43-4a91-4d27-ae36-23baa0423fca"
}

HTTP Request

PUT https://api.thirdpartytrust.com/api/v3/requirements/{requirement_id}

Query Parameters

None

Request Body

Key Value
name The name of the requirement
labels_ids List of labels uuids associated to the requirement
deparments_ids List of departments uuids associated to the requirement
impact_score_from Impact Score range lowest value
impact_score_to Impact Score range highest value
requirements_packages List of requirements packages objects
requirement_id The uuid of the requirement we are going to update

Request Body: Requirement Package object

Key Value
order The order of the requirement
requirement_segments List of requirement segments objects
requirement_package_id The uuid of the the requirement package we are going to update

Request Body: Requirement Segment object

Key Value
type One of: 'questionnaires’, 'audits’, 'insurances’, 'certifications’
inclusion_logic One of: 'all’, 'any’
documents List of documents objects
finding_response_required Boolean (only if the type=“questionnaires”)
requirement_segment_id The uuid of the requirement segment we are going to update

Request Body: Document object

Key Value
document_id Document uuid

Questionnaires

Answers: documents

Download the documents attached to a Survey Answer.

Each Answer has a documents property like we can see in the Survey Answers by Category example response.

To download the documents attached we need to generate an url using the file_metadata_uuid property.

Example Request

curl --request GET https://api.thirdpartytrust.com/api/questionnaires/companies/92d47ff9-527e-478a-8291-3da904765cf6/questions/6272e637-15d7-462a-be84-39f0aca9d3c8/documents/d9789b12-dd8f-4e70-8372-cd1e0efa6265/contents \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json"

Example Response

{
  "redirect_url": "/companies/92d47ff9-527e-478a-8291-3da904765cf6/questions/6272e637-15d7-462a-be84-39f0aca9d3c8/documents/d9789b12-dd8f-4e70-8372-cd1e0efa6265/contents/-3671293231058280129/1b99ec67e2edc9592268a0cc0eafc3e1de10cd0b83513096b077d27f7766e8c2"
}

HTTP Request

GET https://api.thirdpartytrust.com/api/questionnaires/companies/{company_uuid}/questions/{question_uuid}/documents/{file_metadata_uuid}/contents

Query Parameters

Key Value
company_uuid The uuid of the company the question is associated
question_uuid The uuid of the question the document is associated
file_metadata_uuid The file metadata uuid of document

Request Body

None

Download file

The redirect url comes without the base url. To download the file we need to point to

https://api.thirdpartytrust.com/api/questionnaires{redirect_url}

For example:

https://api.thirdpartytrust.com/api/questionnaires/companies/92d47ff9-527e-478a-8291-3da904765cf6/questions/6272e637-15d7-462a-be84-39f0aca9d3c8/documents/d9789b12-dd8f-4e70-8372-cd1e0efa6265/contents

The redirect url expires after using it. It can only be used once.

Answers: get by category

Fetch all the Survey Answers by Category uuid. If the as property is not included it will return the answers associated to the authenticated company. If it is provided it will be of that company.

Example Request

curl --request POST
  "https://api.thirdpartytrust.com/api/v2/answers.list" \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json"
   --data-raw '{
    "category_uuid":"caa5e431-a050-4cf3-8fa9-dae1e9b06cf1",
    "as":"168f65e7-2f48-49a1-9193-3f9cf3369003"
   }'

Example Response

{
  "model_name": "AnswerTypeMultipleChoice",
  "created_at": "2019-06-19T22:33:42.998429",
  "isActive": true,
  "uuid": "4f67c8d0-a48d-4a72-87ce-ad7ad4f2370e",
  "value": "No",
  "options": [
    {
      "model_name": "AnswerOption",
      "uuid": "96fbac78-7234-4e88-ac1c-a182854ef69f",
      "value": "No",
      "weight": 0
    }
  ],
  "impact": 0,
  "priority": 0,
  "score": 0,
  "question_id": "6272e637-15d7-462a-be84-39f0aca9d3c8",
  "unanswered": false,
  "reviews": [],
  "notes": {
    "note": "Note",
    "model_name": "CompanyQuestionComment",
    "created_at": "2020-05-15T16:24:53.654963",
    "uuid": "8514a7f5-8172-43b1-8217-b378b8649bc8"
  },
  "documents": [
    {
      "name": "filename.pdf",
      "model_name": "CompanyQuestionDocument",
      "created_at": "2020-05-15T16:25:11.971413",
      "file_metadata_uuid": "d9789b12-dd8f-4e70-8372-cd1e0efa6265",
      "uuid": "3f6fae60-d800-476f-8bb5-4c2a34a21786"
    }
  ],
  "last_modified": "2020-05-15T16:24:57",
  "modified_by": {
    "first_name": "Firstname",
    "last_name": "Lastname",
    "uuid": "ef055271-9202-4140-bf69-237bd89a9829"
  },
  "messages": []
}

HTTP Request

POST https://api.thirdpartytrust.com/api/v2/answers.list

Query Parameters

None

Body Parameters

Key Value
category_uuid The uuid of the category
as This param is OPTIONAL, if provided it will return the survey info of a connected vendor_uuid. If not, it will be the survey info of the logged company

Answers: get progress and scores

Fetch all the Survey Answers progress and scores.

Example Request

curl --request POST
  "https://api.thirdpartytrust.com/api/v2/answers.progress" \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json"
   --data-raw '{
    "survey_uuid":"168f65e7-2f48-49a1-9193-3f9cf3369003",
    "as":"92d47ff9-527e-478a-8291-3da904765cf5"
   }'

Example Response

{
  "survey_id": "168f65e7-2f48-49a1-9193-3f9cf3369003",
  "score": 75.0,
  "raw_score": "--",
  "progress": 100.0,
  "score_by_category": {
    "de713dd8-b19a-474b-acfc-fa35161c4979": 0.0,
    "caa5e431-a050-4cf3-8fa9-dae1e9b06cf1": "--",
    "24caad8e-ce41-45d1-94eb-9e3d6af06cb7": 61.53846153846154
  },
  "raw_score_by_category": {
    "de713dd8-b19a-474b-acfc-fa35161c4979": [0.0, 2.0],
    "caa5e431-a050-4cf3-8fa9-dae1e9b06cf1": ["--", 0.0],
    "24caad8e-ce41-45d1-94eb-9e3d6af06cb7": [8.0, 13.0]
  },
  "flagged_by_category": {
    "de713dd8-b19a-474b-acfc-fa35161c4979": 0,
    "caa5e431-a050-4cf3-8fa9-dae1e9b06cf1": 0,
    "24caad8e-ce41-45d1-94eb-9e3d6af06cb7": 1
  },
  "progress_by_category": {
    "de713dd8-b19a-474b-acfc-fa35161c4979": 100.0,
    "caa5e431-a050-4cf3-8fa9-dae1e9b06cf1": 100.0,
    "24caad8e-ce41-45d1-94eb-9e3d6af06cb7": 100.0
  },
  "category_answers_number": {
    "de713dd8-b19a-474b-acfc-fa35161c4979": 1,
    "caa5e431-a050-4cf3-8fa9-dae1e9b06cf1": 2,
    "24caad8e-ce41-45d1-94eb-9e3d6af06cb7": 5
  },
  "category_questions_number": {
    "de713dd8-b19a-474b-acfc-fa35161c4979": 1,
    "caa5e431-a050-4cf3-8fa9-dae1e9b06cf1": 2,
    "24caad8e-ce41-45d1-94eb-9e3d6af06cb7": 5
  }
}

HTTP Request

POST https://api.thirdpartytrust.com/api/v2/answers.progress

Query Parameters

None

Body Parameters

Key Value
survey_uuid The uuid of the survey
as This param is OPTIONAL, if provided it will return the survey info of a connected vendor_uuid. If not, it will be the survey info of the logged company

Answers: how to download a document

Steps on how to download a Document attached to a Survey Answer

  1. Once we know the Survey we want to fetch the documents we need to query and select one category_uuid
  2. Call the endpoint in Surveys: get detailed Information to get a list of categories and choose one
  3. Get the answers of that category calling the endpoint in Answers: get by category
  4. Each answer will have a documents property. We use the file_metadata_property and call Answers: Documents
  5. With the redirect_url obtained from the response we download the file adding the base_url:

For example: https://api.thirdpartytrust.com/api/questionnaires{redirect_url}

File format

The file will be in binary format.

Answers: internal survey submit

Ability to answer questions on the internal survey

Example Request

curl --request
  https://api.thirdpartytrust.com/api/v2/answers.internal_submit \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json"
   -d '{
        "answer": "Yes",
        "category_uuid": "3aa1461d-fcc5-4a50-a084-f6c6cb04acbb",
        "question_uuid": "dc731211-7ad9-4698-96e0-366e8657d0b4",
        "survey_uuid": "654e9deb-1eca-4fa7-aab3-5bc3435463c7",
        "vendor_uuid": "92d47ff9-527e-478a-8291-3da904765cf6"
      }'

Example Response

{"answer": {"model_name": "AnswerTypeMultipleChoice", "value": "Yes", "created_at": "2018-10-08T17:33:49.723278", "uuid": "14ab39a5-d0dd-4c34-8005-5234246ccd2a", "isActive": true, "impact": 1.0, "options": [{"model_name": "AnswerOption", "uuid": "4f503784-329b-4115-a917-9eaa93c6f701", "value": "Yes", "weight": 100}], "question_id": "dc731211-7ad9-4698-96e0-366e8657d0b4", "messages": []}, "triggers": {}}

HTTP Request

`POST https://api.thirdpartytrust.com/api/v2/answers.internal_submit

Query Parameters

Parameter Description
answer String for the answer you want to add
question_uuid The uuid of the vendor you wish to pull the survey results for
survey_uuid The uuid of survey you are answering
vendor_uuid The uuid of the vendor you are answering the question

URL Parameters

None

Answers: upload a completed survey

You can upload completed surveys directly into a company. This will be done in two steps, first you upload the document, that will return an ID, then you save that file using the given ID.

Example Request (First Call)

curl --request POST https://api.thirdpartytrust.com/api/documents/ \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: multipart/form-data" \
  -F "file=@Path/to/file.ext"

Example Response (First Call)

{
  "uuid": "4bb073d5-0bc5-4587-a11b-7635851d6765"
}

Example Request (Second Call)

curl --request POST https://api.thirdpartytrust.com/api/v2/answers.parse_spreadsheet?company_uuid=a0df1a60-2c5e-461a-886c-c1def221b61e&survey_uuid=168f65e7-2f48-49a1-9193-3f9cf3369003&file_uuid=e92fdafd-b511-430e-95f6-d \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json"

Example Response (Second Call)

{
  "ok": true
}

HTTP Request

POST https://api.thirdpartytrust.com/api/documents

POST https://api.thirdpartytrust.com/api/v2/answers.parse_spreadsheet?company_uuid={companyUuid}&survey_uuid={surveyUuid}&file_uuid={fileUuid}

Query Parameters

Key Value
companyUuid The company you want to upload the survey to
surveyUuid The survey you are uploading the document to
fileUuid This is the ID of the file given by the system

Request Body

None

Surveys: get by customer

Fetches a list of surveys for a customer

Example Request

curl --request
  https://api.thirdpartytrust.com/api/v2/surveys.list
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json"

Example Response

[
{
   "model_name":"Survey",
   "is_internal":false,
   "is_lockable":false,
   "logo":{
      "url":"https://s3.amazonaws.com/fileservice3.thirdpartytrust.com/605e2c95-6f3e-433a-80f5-b935b26a6ce1"
   },
   "name":"SIG Lite 2018",
   "questions":"/surveys/168f65e7-2f48-49a1-9193-3f9cf3369003/questions",
   "uploader_is_enabled":true,
   "uuid":"168f65e7-2f48-49a1-9193-3f9cf3369003",
   "scope":"3PTROOT",
   "is_locked":false,
   "logo_url":"https://s3.amazonaws.com/fileservice3.thirdpartytrust.com/605e2c95-6f3e-433a-80f5-b935b26a6ce1",
   "unread_messages":[

   ],
   "reviews":[

   ]
},
{
   "model_name":"Survey",
   "is_internal":false,
   "is_lockable":true,
   "logo":{
      "url":"https://s3.amazonaws.com/fileservice3.thirdpartytrust.com/363bf311-b3be-49e7-a66a-ca13d7476d3b"
   },
   "name":"NIST - 800 - 171a",
   "questions":"/surveys/df5eb24b-9b00-4c3f-9615-d25f01b74282/questions",
   "uploader_is_enabled":true,
   "uuid":"df5eb24b-9b00-4c3f-9615-d25f01b74282",
   "scope":"3PTROOT",
   "is_locked":false,
   "logo_url":"https://s3.amazonaws.com/fileservice3.thirdpartytrust.com/363bf311-b3be-49e7-a66a-ca13d7476d3b",
   "unread_messages":[

   ],
   "reviews":[

   ]
},
{
   "model_name":"Survey",
   "is_internal":false,
   "is_lockable":true,
   "logo":{
      "url":"https://s3.amazonaws.com/fileservice3.thirdpartytrust.com/cf7895cc-2e1f-490d-9f1b-bf4fdb010e1f"
   },
   "name":"CSA - CAIQ v3",
   "questions":"/surveys/af23f825-981e-4f27-9934-d96a0cc5525f/questions",
   "uploader_is_enabled":true,
   "uuid":"af23f825-981e-4f27-9934-d96a0cc5525f",
   "scope":"3PTROOT",
   "is_locked":false,
   "logo_url":"https://s3.amazonaws.com/fileservice3.thirdpartytrust.com/cf7895cc-2e1f-490d-9f1b-bf4fdb010e1f",
   "unread_messages":[

   ],
   "reviews":[

   ]
}
]

HTTP Request

GET https://api.thirdpartytrust.com/api/v2/surveys.list

Query Parameters

None

URL Parameters

None

Surveys: get by vendor

Fetches the surveys that are available to a vendor

Example Request

curl --request
  https://api.thirdpartytrust.com/api/v2/surveys.list_connected?vendor_uuid=92d47ff9-527e-478a-8291-3da904765cf6
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json"

Example Response

[
   {
      "model_name":"Survey",
      "is_internal":false,
      "is_lockable":false,
      "logo":{
         "url":"https://s3.amazonaws.com/fileservice3.thirdpartytrust.com/605e2c95-6f3e-433a-80f5-b935b26a6ce1"
      },
      "name":"SIG Lite 2018",
      "questions":"/surveys/168f65e7-2f48-49a1-9193-3f9cf3369003/questions",
      "uploader_is_enabled":true,
      "uuid":"168f65e7-2f48-49a1-9193-3f9cf3369003",
      "scope":"3PTROOT",
      "is_locked":false,
      "logo_url":"https://s3.amazonaws.com/fileservice3.thirdpartytrust.com/605e2c95-6f3e-433a-80f5-b935b26a6ce1",
      "unread_messages":[

      ],
      "reviews":[

      ]
   },
   {
      "model_name":"Survey",
      "is_internal":false,
      "is_lockable":true,
      "logo":{
         "url":"https://s3.amazonaws.com/fileservice3.thirdpartytrust.com/363bf311-b3be-49e7-a66a-ca13d7476d3b"
      },
      "name":"NIST - 800 - 171a",
      "questions":"/surveys/df5eb24b-9b00-4c3f-9615-d25f01b74282/questions",
      "uploader_is_enabled":true,
      "uuid":"df5eb24b-9b00-4c3f-9615-d25f01b74282",
      "scope":"3PTROOT",
      "is_locked":false,
      "logo_url":"https://s3.amazonaws.com/fileservice3.thirdpartytrust.com/363bf311-b3be-49e7-a66a-ca13d7476d3b",
      "unread_messages":[

      ],
      "reviews":[

      ]
   },
   {
      "model_name":"Survey",
      "is_internal":false,
      "is_lockable":true,
      "logo":{
         "url":"https://s3.amazonaws.com/fileservice3.thirdpartytrust.com/cf7895cc-2e1f-490d-9f1b-bf4fdb010e1f"
      },
      "name":"CSA - CAIQ v3",
      "questions":"/surveys/af23f825-981e-4f27-9934-d96a0cc5525f/questions",
      "uploader_is_enabled":true,
      "uuid":"af23f825-981e-4f27-9934-d96a0cc5525f",
      "scope":"3PTROOT",
      "is_locked":true,
      "logo_url":"https://s3.amazonaws.com/fileservice3.thirdpartytrust.com/cf7895cc-2e1f-490d-9f1b-bf4fdb010e1f",
      "unread_messages":[

      ],
      "reviews":[

      ]
   },
   {
      "model_name":"Survey",
      "domain":"ftd.com",
      "is_internal":false,
      "is_lockable":true,
      "locked_by":"a0df1a60-2c5e-461a-886c-c1def221b61e",
      "logo":{
         "url":"https://s3.amazonaws.com/fileservice3.thirdpartytrust.com/9dda153d-a726-441a-a3ad-6422963390d5"
      },
      "name":"Disaster Recovery - Custom FTD",
      "questions":"/surveys/05b790a4-87b9-49fe-97c5-53ef2d8567a2/questions",
      "uploader_is_enabled":false,
      "uuid":"05b790a4-87b9-49fe-97c5-53ef2d8567a2",
      "scope":"FTD, Inc",
      "is_locked":true,
      "logo_url":"https://s3.amazonaws.com/fileservice3.thirdpartytrust.com/9dda153d-a726-441a-a3ad-6422963390d5",
      "unread_messages":[

      ],
      "reviews":[

      ]
   }
]

Example Response status code: 403 Forbidden

"Company is not authorized to surveys"

HTTP Request

GET https://api.thirdpartytrust.com/api/v2/surveys.list_connected?vendor_uuid={vendorUUID}

Query Parameters

None

URL Parameters

Parameter Description
vendoruuid The uuid of the vendor you wish to pull the available survey for

Surveys: get detailed information

Returns high-level information of a survey

Example Request

curl --request
  "https://api.thirdpartytrust.com/api/v2/surveys.info?survey_uuid={survey_uuid}&as={vendor_uuid}" \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json"

Example Response

{
   "model_name": "Survey",
   "is_internal": false,
   "is_lockable": false,
   "logo": {
      "url": "https://s3.amazonaws.com/fileservice3.thirdpartytrust.com/605e2c95-6f3e-433a-80f5-b935b26a6ce1"
   },
   "name": "SIG Lite 2018",
   "questions": "/surveys/168f65e7-2f48-49a1-9193-3f9cf3369003/questions",
   "uploader_is_enabled": true,
   "uuid": "168f65e7-2f48-49a1-9193-3f9cf3369003",
   "logo_url": "https://s3.amazonaws.com/fileservice2.thirdpartytrust.com/605e2c95-6f3e-433a-80f5-b935b26a6ce1",
   "categories": {
      "caa5e431-a050-4cf3-8fa9-dae1e9b06cf1": {
         "model_name": "Category",
         "name": "Financials",
         "uuid": "caa5e431-a050-4cf3-8fa9-dae1e9b06cf1"
         },
      ...
   },
   "is_locked": false,
   "is_reviewed": true
}

Example Response status code: 403 Forbidden

"Company is not authorized to surveys"

Query Parameters

Key Value
survey_uuid The unique identifier for the questionnaire
as This param is OPTIONAL, if provided it will return the survey info of a connected vendor_uuid. If not, it will be the survey info of the logged company

HTTP Request

GET https://api.thirdpartytrust.com/api/v2/surveys.info?survey_uuid=168f65e7-2f48-49a1-9193-3f9cf3369003&as=92d47ff9-527e-478a-8291-3da904765cf6

Surveys: get scores

Get answers scores by Survey uuid. The response includes both the overall score and the scores by Category uuid.

Example Request

curl --request
  "https://api.thirdpartytrust.com/api/v2/answers.score" \
  -G -d "survey_uuid=168f65e7-2f48-49a1-9193-3f9cf3369003" \
     -d "as=92d47ff9-527e-478a-8291-3da904765cf6" \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json"

Example Response

{
   "score": 75.0,
   "score_by_category":
      {
         "0391867e-451b-433a-829e-f18eed1ec614": 100.0,
         "0fa75c1d-331e-47cf-8258-36fb10706cf3": 0.0,
         "24caad8e-ce41-45d1-94eb-9e3d6af06cb8": 61.53846153846154,
         "29bcff36-b3f1-4b7c-bcb3-ea210d4a12aa": 100.0,
         "43d18777-2068-40ee-848a-436a7dd05c2f": 100.0,
         "542e381e-dd52-4876-9996-55504c9cac0a": 100.0,
         "66bcde74-18ba-4742-85f4-3edb021d8728": 100.0,
         "7ef130a8-64d6-4981-b07b-11d7753be411": 0.0,
         "820c99ae-2f89-40e7-bc89-4bece4b47288": 50.0,
         "8b26511e-b9a8-4e41-a998-cf5c02f84b14": 100.0,
         "976b1ca0-8688-4ab6-be5d-5b37264e0435": 100.0,
         "c0ceaf0e-6234-4c13-abf7-2278d77f4ecf": 100.0,
         "c498b5d4-9f70-4264-ab1f-b66075fff98f": 100.0,
         "caa5e431-a050-4cf3-8fa9-dae1e9b06cf1": "--",
         "d0e20a8b-ee14-433d-ba9b-9bcc51fe8464": 100.0,
         "d94a4156-d47b-4a7d-a5f6-b1e81f279368": 33.33333333333333,
         "de713dd8-b19a-474b-acfc-fa35161c4978": 0.0,
         "f79671cc-2f9b-4388-aaa4-dd0dda60971b": 100.0
      }
}

HTTP Request

GET https://api.thirdpartytrust.com/api/v2/answers.score?survey_uuid={survey_uuid}&as={vendor_uuid}

Query Parameters

Key Value
survey_uuid The unique identifier for the questionnaire
as This param is OPTIONAL, if provided it will return the scores of a connected vendor_uuid. If not, it will be the scores of the logged company

Surveys: vendor download

Fetches all the data related to a surveys for a given vendor / survey

Example Request

curl --request
  https://api.thirdpartytrust.com/api/v2/downloads.survey_as_csv?survey_uuid=168f65e7-2f48-49a1-9193-3f9cf3369003&as=92d47ff9-527e-478a-8291-3da904765cf6
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json"

Example Response

["Category,Question,Priority,Question RefID,Description,Answer,Notes\n\"Employees\",\"test\",
\"None\",\"Test\",,\"Not Applicable\",\"\"\n\"Supplement D \u2013 Multimedia
(ONLY FILL THIS SUPPLEMENT IN IF YOU REQUIRE  THIS COVERAGE)\",
\"Please check all descriptions of website content posted by the Applicant,
including content posted to social media web pages:\",\"High\",,\"\",\"Yes\",\"\"
\n\"Claim sub cat #2a\",\"Within the last 5 years have you ever been subject to any government action,
investigation or subpoena regarding any alleged violation of any privacy/data security law or regulation?
(If yes please provide details) \",\"High\",,\"\",\"No\",\"Test\""]

HTTP Request

GET https://api.thirdpartytrust.com/api/v2/downloads.survey_as_csv?survey_uuid={surveyuuid}&as={vendoruuid}

Query Parameters

None

URL Parameters

Parameter Description
surveyuuid The uuid of the survey you wish to pull the survey results for
vendoruuid The uuid of the vendor you wish to pull the survey results for

Surveys: vendor internal

Fetches the internal surveys that are available to a vendor

Example Request

curl --request
  https://api.thirdpartytrust.com/api/v2/surveys.list_connected?vendor_uuid=92d47ff9-527e-478a-8291-3da904765cf6&is_internal=true \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json"

Example Response

[
  {
 "model_name": "Survey", "is_internal": true, "is_lockable": true,
 "logo": {"url": "https://s3.amazonaws.com/fileservice3.thirdpartytrust.com/7e5b8f9a-c663-471f-a0a4-8d5516a87f43"},
 "name": "Scoping ", "questions": "/surveys/654e9deb-1eca-4fa7-aab3-5bc3435463c7/questions", "uploader_is_enabled": true,
 "uuid": "654e9deb-1eca-4fa7-aab3-5bc3435463c7", "scope": "3PTROOT", "is_locked": false,
 "logo_url": "https://s3.amazonaws.com/fileservice3.thirdpartytrust.com/7e5b8f9a-c663-471f-a0a4-8d5516a87f43",
 "unread_messages": [], "reviews": []
  }
 ]

Example Response status code: 403 Forbidden

"Company is not authorized to surveys"

HTTP Request

GET https://api.thirdpartytrust.com/api/v2/surveys.list_connected?vendor_uuid={vendorUUID}&is_internal=true

Query Parameters

None

URL Parameters

Parameter Description
vendoruuid The uuid of the vendor you wish to pull the available survey for
isinternal Indicator to selec the intern survey related to the vendor

Settings

TrustScore

Fetches TrustScore configuration information for the company of the currently logged in user.

Example Request

curl --request
  https://api.thirdpartytrust.com/api/company/settings/trustscore \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json"

Example Response

{
  "audit_weight": "20",
  "certification_weight": "20",
  "ciso_weight": "20",
  "insurance_weight": "20",
  "survey_weight": "20",
  "uuid": "7f7f1c4b-ec6e-4bbb-9f09-5422c8b3cfd5"
}

HTTP Request

GET https://api.thirdpartytrust.com/api/company/settings/trustscore

Query Parameters

None

Tier

Fetches tier information for the company of the currently logged in user.

Example Request

curl --request
  https://api.thirdpartytrust.com/api/company/settings/tier \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json"

Example Response

[
  {
    "description": "The volume of sensitive company information the third party will...",
    "model_name": "ReferenceEntity",
    "name": "Volume of Information",
    "owner_uuid": "75554495-b796-4602-b60a-30bd8149bbf7",
    "target_uuid": "16d18eaf-09f9-4903-a672-5b97ec0598cc",
    "uuid": "4250801b-6aa3-4a0a-a386-e2087ba48226",
    "weight": "0"
  }
]

HTTP Request

GET https://api.thirdpartytrust.com/api/company/settings/tier

Query Parameters

None

User Settings

Settings

Fetches settings for the specified user.

Example Request

curl --request
  https://api.thirdpartytrust.com/api/users/56853932-2516-4f11-b4d4-e3cb9c386618/settings \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json"

Example Response

{
  "setting":
  {
    "start_page": "dashboard",
    "time_zone": "DST"
  },
  "user_uuid": "56853932-2516-4f11-b4d4-e3cb9c386618"
}

HTTP Request

GET https://api.thirdpartytrust.com/api/users/{uuid}/settings

Query Parameters

None

URL Parameters

Parameter Description
uuid The uuid of the user that you want pull settings for

Bitsight Integration

Settings

Fetches Bitsight api settings for the current user.

Example Request

curl --request
  https://api.thirdpartytrust.com/api/v2/bitsight.settings \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json"

Example Response

{
    "guid_map": {},
    "api_key": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9",
    "domain": "thirdpartytrust.com"
}

HTTP Request

GET https://api.thirdpartytrust.com/api/v2/bitsight.settings

Set API Key

Saves a Bitsight API key

Example Request

curl --request
  https://api.thirdpartytrust.com/api/v2/bitsight.set_api_key \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json" \
    -d '{
          "key": "eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9",
          "enable_api_key": true
      }'

Example Response

{
    "data": "successfully updated api key",
    "status": "ok"
}

HTTP Request

POST https://api.thirdpartytrust.com/api/v2/bitsight.set_api_key

Request Body

Key Value
key A Bitsight api key.
enable_api_key If the key should be enabled or disabled

Remove API Key

Removes a Bitsight API key

Example Request

curl --request
  https://api.thirdpartytrust.com/api/v2/bitsight.remove_api_key \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json"

Example Response

{
    "data": "successfully removed api key",
    "status": "ok"
}

HTTP Request

GET https://api.thirdpartytrust.com/api/v2/bitsight.remove_api_key

Lookup

Gets a list of possible BitSight guids for a 3TP company uuid

Example Request shell curl --request https://api.thirdpartytrust.com/api/v2/bitsight.lookup?as=a0df1a60-2c5e-461a-886c-c1def221b61e \ -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \ -H "Content-Type: application/json"

Example Response

{
    "data": {
        "selected": "6d81eeb0-1724-4fe9-944a-72f63b516c25",
        "companies": [
            {
                "guid": "6d81eeb0-1724-4fe9-944a-72f63b516c25",
                "name": "Third Party Trust",
                "primary_domain": "thirdpartytrust.com"
            }
        ]
    },
    "status": "ok"
}

HTTP Request

GET https://api.thirdpartytrust.com/api/v2/bitsight.lookup?as=a0df1a60-2c5e-461a-886c-c1def221b61e

URL Parameters

Parameter Description
as The uuid of the company that you want pull guids information for

Analysis

Gets the bitsight analysis for a given guid

Example Request shell curl --request https://api.thirdpartytrust.com/api/v2/bitsight.analysis?guid=6d81eeb0-1724-4fe9-944a-72f63b516c25 \ -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \ -H "Content-Type: application/json"

Example Response

{
    "data": { ... },
    "status": "continuous_monitoring"
}

HTTP Request

GET https://api.thirdpartytrust.com/api/v2/bitsight.analysis?guid=6d81eeb0-1724-4fe9-944a-72f63b516c25

URL Parameters

Parameter Description
guid The guid of the company that you get the bitsight analysis for

Response

Possible “status” field values:

Key Value
company_without_api_key The requesting company doesn’t have a BitSight API key.
company_without_subscription The requesting the company has a BitSight API Key but the vendor is not subscribed to any license.
continuous_monitoring The requesting company has a BitSight API key and the vendor is subscribed to “continuous monitoring”.
alerts-only The requesting company has a BitSight API key and the vendor is subscribed to “alerts-only”.
accelerator The requesting company has a BitSight API key and the vendor is subscribed to “accelerator”.

Findings

Get Vendor Findings

Fetches all findings or for a given vendor.

In the response the property remediation_date will only appear if the remediation_date_audit.value is different than null. And it will be of a date type.

Example Request

curl --request
  https://api.thirdpartytrust.com/api/v2/issues.list_opened?vendor_id=92d47ff9-527e-478a-8291-3da904765cf6 \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json"

Example Response

[
  {
    "model_name": "Issue",
    "created_at": "2019-01-17T20:11:02.314767",
    "criticality": 1,
    "description": "Issue Description",
    "enterprise_id": "d7e1365d-3afd-4564-9406-02ff4ef47f2e",
    "reference_entity_id": "c9b50e09-435e-4a63-994c-920c667357e6",
    "state": {
      "model_name": "IssueStateValue",
      "type": 2,
      "uuid": "36fb398f-c23b-4036-8d60-04f54e9df1e6",
      "value": "Pending"
    },
    "uuid": "fe80e097-8569-427a-b48c-4e6340a7dd4c",
    "vendor_id": "fef469ce-5f3b-44e4-b79f-56deda2e3d4d",
    "last_modified": "2021-02-04T17:38:37Z",
    "modified_by": {
      "first_name": "Firstname",
      "last_name": "Lastname",
      "uuid": "009c64c3-7b97-4b7b-a5bb-4f238f9746d6"
    },
    "remediation_date_audit": {
      "created_at": "2019-01-17T20:11:02Z",
      "created_by": {
        "first_name": "Firstname",
        "last_name": "Lastname",
        "uuid": "9857d7cb-8e81-4c81-b2cf-238fe0bad908"
      },
      "modified_at": "2019-01-17T20:11:02Z",
      "modified_by": {
        "first_name": "Firstname",
        "last_name": "Lastname",
        "uuid": "9857d7cb-8e81-4c81-b2cf-238fe0bad908"
      },
      "value": null
    },
    "linking_ids": {
      "category_id": "33de37f6-abe5-4232-b2a1-62ce27cf8ebc",
      "survey_id": "19464217-d958-43f5-823a-371a260c6a8e"
    },
    "reported_on": null,
    "reference_model_name": "Question",
    "reference_survey_name": "ABCD v3.0.1",
    "short_id": "AAAAA"
  },
  {
    "model_name": "Issue",
    "created_at": "2019-09-18T20:12:52.699349",
    "criticality": 3,
    "description": "Issue Description",
    "enterprise_id": "d7e1365d-3afd-4564-9406-02ff4ef47f2e",
    "reference_entity_id": "45d23797-a580-4ba3-b64e-537f7a263299",
    "state": {
      "model_name": "IssueStateValue",
      "type": 2,
      "uuid": "76305705-a773-4641-9355-b3328ff19d8b",
      "value": "Reviewing"
    },
    "uuid": "328b4f6f-7904-492f-bbd0-5d8aaa8d74be",
    "vendor_id": "d792ef68-1bb0-4c73-875a-53db5dabd330",
    "last_modified": "2019-09-18T20:12:55Z",
    "modified_by": {
      "first_name": "Firstname",
      "last_name": "Lastname",
      "uuid": "b8c29896-cdf8-467f-a003-3b7e4600283b"
    },
    "remediation_date_audit": {
      "created_at": "2019-09-18T20:12:52Z",
      "created_by": {
        "first_name": "Firstname",
        "last_name": "Lastname",
        "uuid": "b8c29896-cdf8-467f-a003-3b7e4600283b"
      },
      "modified_at": "2019-09-18T20:12:52Z",
      "modified_by": {
        "first_name": "Firstname",
        "last_name": "Lastname",
        "uuid": "b8c29896-cdf8-467f-a003-3b7e4600283b"
      },
      "value": null
    },
    "linking_ids": {},
    "reported_on": "Audit ",
    "reference_model_name": "GenericData",
    "short_id": "AAAA"
  },
  {
    "model_name": "Issue",
    "created_at": "2020-03-24T15:06:34.890789",
    "criticality": 2,
    "description": "Issue Description",
    "enterprise_id": "d7e1365d-3afd-4564-9406-02ff4ef47f2e",
    "reference_entity_id": "f82a96ec-865b-47c0-b6e8-dffa9df9b930",
    "remediation_date": "2020-12-16",
    "state": {
      "model_name": "IssueStateValue",
      "type": 2,
      "uuid": "36fb398f-c23b-4036-8d60-04f54e9df1e6",
      "value": "Pending"
    },
    "uuid": "39ae96da-8846-49c5-8622-d40931ac2a96",
    "vendor_id": "2aa94110-13b3-45fd-b6d2-89dafd6ec6ca",
    "will_be_resolved": true,
    "last_modified": "2020-11-17T21:08:06Z",
    "modified_by": {
      "first_name": "Firstname",
      "last_name": "Lastname",
      "uuid": "b23aa273-1573-4337-9a4b-e0435599cb5b"
    },
    "remediation_date_audit": {
      "created_at": "2020-11-16T16:27:31Z",
      "created_by": {
        "first_name": "Firstname",
        "last_name": "Lastname",
        "uuid": "f5edf37e-226f-4d4b-8a7c-15014e456250"
      },
      "modified_at": "2020-11-16T16:27:31Z",
      "modified_by": {
        "first_name": "Firstname",
        "last_name": "Lastname",
        "uuid": "f5edf37e-226f-4d4b-8a7c-15014e456250"
      },
      "value": "2020-12-16"
    },
    "linking_ids": {
      "category_id": "6389a50e-1c1d-4ea3-af2c-66862938562f",
      "survey_id": "1e13df76-7291-4958-a733-0eaaf34711ad"
    },
    "reported_on": null,
    "reference_model_name": "Question",
    "reference_survey_name": "Survey Name",
    "short_id": "AAAA"
  }
]

HTTP Request

GET https://api.thirdpartytrust.com/api/v2/issues.list_opened?vendor_id={vendor_uuid}

Request Body

Key Value
vendor_uuid ID of vendor you want to get findings for. Optional. Without this ID you will get all findings.

Get Customer Findings

Fetches all findings assigned by customers for the authenticated company

Example Request

curl --request
  https://api.thirdpartytrust.com/api/v2/issues.list_assigned \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json"

Example Response

[
  {
    "model_name": "Issue",
    "created_at": "2021-07-20T18:01:09.082287",
    "criticality": 4,
    "description": "Test2",
    "enterprise_id": "a0df1a60-2c5e-461a-886c-c1def221b61e",
    "reference_entity_id": "8a8e5bb7-276a-414f-9270-84781d4dfcca",
    "uuid": "876e5d4f-e54c-4edc-b2d4-46753c7c6c3d",
    "vendor_id": "92d47ff9-527e-478a-8291-3da904765cf6",
    "last_modified": "2021-07-20T18:01:09Z",
    "modified_by": {
      "first_name": "Firstname",
      "last_name": "Lastname",
      "uuid": "61a91ea3-0c0a-4689-a792-35cdd2a75e20"
    },
    "remediation_date_audit": {
      "created_at": "2021-07-20T18:01:09Z",
      "created_by": {
        "first_name": "Firstname",
        "last_name": "Lastname",
        "uuid": "61a91ea3-0c0a-4689-a792-35cdd2a75e20"
      },
      "modified_at": "2021-07-20T18:01:09Z",
      "modified_by": {
        "first_name": "Firstname",
        "last_name": "Lastname",
        "uuid": "61a91ea3-0c0a-4689-a792-35cdd2a75e20"
      },
      "value": null
    },
    "linking_ids": {},
    "reported_on": "Test",
    "reference_model_name": "GenericData",
    "short_id": "C6C3D"
  }
]

HTTP Request

GET https://api.thirdpartytrust.com/api/v2/issues.list_assigned

Get Finding States

Fetches a companies custom created finding states. These are matched to the findings. Hint. Type 2 is 'pending’, type 3 is 'completed’

Example Request

curl --request
  https://api.thirdpartytrust.com/api/v2/m/api/v2/issues.list_state \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json"

Example Response

[
  {
    "model_name": "IssueStateValue",
    "type": 2,
    "uuid": "78aac9af-18c2-4a41-8c92-2f50f9cd1321",
    "value": "90 day plus remediation"
  },
  {
    "model_name": "IssueStateValue",
    "type": 2,
    "uuid": "b356369f-ac5a-4656-bca2-8fc410ea3dev",
    "value": "Pending"
  },
  {
    "model_name": "IssueStateValue",
    "type": 3,
    "uuid": "e0b142fd-bcfb-402f-87ce-40c0edc4ee63",
    "value": "Complete"
  },
  {
    "model_name": "IssueStateValue",
    "type": 3,
    "uuid": "8501dcdb-127f-4b97-ba9c-6a218629893c",
    "value": "Won't  remediate"
  }
]

HTTP Request

GET https://api.thirdpartytrust.com/api/v2/issues.list_state

Documents

Get Documents associated to an Issue

Example Request

curl --request GET
  https://api.thirdpartytrust.com/api/v2/issues.list_doc \
  -G -d issue_id="ba02407a-cc00-4907-af5a-29778a4576e7" \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..."

Example Response

{
  "ok": true,
  "documents": [
    {
      "name": "filename.pdf",
      "uuid": "b1b54f9d-d444-40f3-ab7f-542090359a3a",
      "created_at": "2021-05-25T19:22:51.264628",
      "file_metadata_uuid": "f941643d-07dd-41a5-86cb-5aeaf45c0ca5"
    }
  ]
}

HTTP Request

GET https://api.thirdpartytrust.com/api/v2/issues.list_doc?issue_id={issue_id}

Request Body

None

Query Parameters

Key Value
issue_id The uuid of the Issue

Documents: download

Download Document associated to an Issue

Example Request

curl --request GET
  https://api.thirdpartytrust.com/api/downloads/finding/ba02407a-cc00-4907-af5a-29778a4576e7/document/b1b54f9d-d444-40f3-ab7f-542090359a3a
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \

HTTP Request

GET https://api.thirdpartytrust.com/api/downloads/finding/{issue_id}/document/{document_id}

Request Body

None

Query Parameters

Key Value
issue_id The uuid of the Issue
document_id The uuid of the Document

Response

File in binary format

Selective Sharing

Get customer configuration

This will get the current selective sharing configuration for a customer or a possible one in case exists a pending sent invitation (“Share my Data” action).

Example Request


curl 'https://api.thirdpartytrust.com/api/company/selective_sharing/configuration/742d073a-b01c-4d0a-afaa-5c70f1e4b9d9' \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \

Example Response

{
   "is_selective_sharing_enabled":true,
   "customer_configuration":{
      "enabled":true,
      "scans_allowed":[
         "supply_wisdom",
         "bitsight",
         "risk_recon",
         "security_scorecard",
         "argos_risk",
         "osano",
         "spy_cloud"
      ],
      "scans_mandatory":[
        "risk_recon",
        "bitsight"
      ],
      "surveys_allowed":[
         "1e13df76-7291-4958-a733-0eaaf34711ab",
         "67576261-82f0-4d51-8f84-21161f7fc42b"
      ],
      "surveys_mandatory":[
         "1e13df76-7291-4958-a733-0eaaf34711ab"
      ],
      "certificates_allowed":[
         "e5fc67fb-94f2-4649-9eb7-3e648d8d75fa",
         "b0bf8afc-2511-4e9b-8abe-86ae2daac282"
      ],
      "certificates_mandatory":[
         "b0bf8afc-2511-4e9b-8abe-86ae2daac282"
      ],
      "audits_allowed":[

      ],
      "audits_mandatory":[
         "6931de6d-e591-48b2-9cf8-328e54af6e22",
         "7c7e7adb-13a3-4716-9f0e-dc12d243b525"
      ],
      "insurances_allowed":[
        "ca452402-4a13-4b3d-917b-2cb502780bd5"
      ],
      "insurances_mandatory":[

      ],
      "breaches_allowed":[
         "all"
      ],
      "breaches_mandatory":[
         "all"
      ]
   }
}

HTTP Request

GET https://api.thirdpartytrust.com/api/company/selective_sharing/configuration/{customer_uuid}

Query Parameters

Key Value
customer_uuid The companyID for the customer you are requesting the configuration.

Request Body

None

Response

Key Value
is_selective_sharing_enabled (DO NOT USE THIS FIELD. WILL BE REMOVED) If the feature is enabled for the logged in company. If it’s 'true’ you can configure selective sharing over customers, if it’s 'false’ any configuration over a customer will be ignored (please contact support).
customer_configuration.enabled If selective sharing is enabled over the customer.
customer_configuration.scans_allowed The allowed scans list that the customer can access to (possible values: “supply_wisdom”, “bitsight”, “risk_recon”, “security_scorecard”, “argos_risk”, “osano”, “spy_cloud” ).
customer_configuration.scans_mandatory The mandatory scans list. Indicates which scan/s has a finding/s created by the customer over it and can not be unshared.
customer_configuration.surveys_allowed The allowed surveys uuid list that the customer can access to.
customer_configuration.surveys_mandatory The mandatory surveys uuid list. Indicates which survey/s has a finding/s created(over a survey’s question) or was reviewed(over the survey) by the customer and can not be unshared.
customer_configuration.certificates_allowed The allowed certificates uuid (CompanyCertification) list that the customer can access to.
customer_configuration.certificates_mandatory The mandatory certificates uuid list. Indicates which certificate/s has a finding/s or was reviewed by the customer and can not be unshared.
customer_configuration.audits_allowed The allowed audits uuid (AssuranceAudit) list that the customer can access to.
customer_configuration.audits_mandatory The mandatory audits uuid list. Indicates which audit/s has a finding/s or was reviewed by the customer and can not be unshared.
customer_configuration.insurances_allowed The allowed insurances uuid (CompanyInsurance) list that the customer can access to.
customer_configuration.insurances_mandatory The mandatory insurances uuid list. Indicates which insurance/s has a finding/s or was reviewed by the customer and can not be unshared.
customer_configuration.breaches_allowed “all” means that all breaches are shared (possible values: “all” or empty array to not share breaches ).
customer_configuration.breaches_mandatory “all” means that exists finding/s created by the customer over a breach and can not be unshared. En empty array [] means that it’s possible to unshare breaches.

Set customer configuration

Set the selective sharing configuration for a customer.

Example Request


curl 'https://api.thirdpartytrust.com/api/company/selective_sharing/configuration/088e1e6e-bfb7-4136-a33f-17917fb0a59a' \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H 'Content-Type: application/json' \
  -d '{
        "enabled":true,
        "scans_allowed":["argos_risk", "bitsight"],
        "surveys_allowed":[
             "1e13df76-7291-4958-a733-0eaaf34711ab",
             "67576261-82f0-4d51-8f84-21161f7fc42b"
        ],
        "certificates_allowed":[
             "e5fc67fb-94f2-4649-9eb7-3e648d8d75fa",
             "b0bf8afc-2511-4e9b-8abe-86ae2daac282"
        ],
        "audits_allowed":["313e7b51-c8ad-4d67-98d5-69fc93af2cfa"],
        "insurances_allowed":["ca452402-4a13-4b3d-917b-2cb502780bd5"],
        "breaches_allowed":["all"]
      }'

HTTP Request

POST https://api.thirdpartytrust.com/api/company/selective_sharing/configuration/{customer_uuid}

Query Parameters

Key Value
customer_uuid The companyID for the customer you are setting the configuration.

Request Body

Key Value
enabled Enable or disable selective sharing functionality over the customer.
scans_allowed The scans list that customer will be able to access (See 'Get customer configuration’ for possible values) *.
surveys_allowed The surveys uuid list that customer will be able to access. *
certificates_allowed The certificates uuid list that customer will be able to access. *
audits_allowed The audits uuid list that customer will be able to access. *
insurances_allowed The insurances uuid list that customer will be able to access. *
breaches_allowed “all” for share breaches. if “all” is mandatory then must be included. *

* All mandatory items must be included, if not, the endpoint will return an error (http code 500). See 'Get customer configuration’ endpoint for detail.

Share Document

Get Document

This will get the current document configured to be shared with your customers when you send an invitation (“Share my Data” action).

HTTP Request

GET https://api.thirdpartytrust.com/api/company/document_to_share

Request Body

None

Example Request


curl 'https://api.thirdpartytrust.com/api/company/document_to_share' \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \

Example Response

{
   "body":"Document text with some <strong>html basic tags</strong>.",
   "enabled_by_default":true,
   "has_form":true,
   "form_title":"Please complete required fields",
   "form_definition":[
      {
         "field_name":"First Name",
         "form_order":1,
         "is_required":true
      },
      {
         "field_name":"Last Name",
         "form_order":2,
         "is_required":false
      }
   ]
}

Response

Key Value
body The document body. (basic HTML tags allowed).
enabled_by_default If “Share Document” option is enabled by default when “Share My Data” popup is displayed.
has_form If the document has form fields. if 'true’ a form_definition is mandatory with at least one field. When the document is displayed to the customer, must to be filled in order to complete the invitation approval flow.
form_title The form title.
form_definition The form fields definition list (see Field definition)

Field definition

Key Value
field_name The field name. Must be unique (trimmed and case insensitive validation, Ex: “Email” is equal to “ eMail ”).
form_order The field display order inside the form.
is_required If the field is required or optional.

Set Document

Set the document to be shared on “Share My Data” invitations.

Example Request


curl 'https://api.thirdpartytrust.com/api/company/document_to_share' \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H 'Content-Type: application/json' \
  -d '{
       "body":"Document text with some <strong>html basic tags</strong>.",
       "has_form":true,
       "form_title":"Please complete required fields",
       "form_definition":[
          {
             "field_name":"First Name",
             "form_order":1,
             "is_required":true
          },
          {
             "field_name":"Last Name",
             "form_order":2,
             "is_required":false
          }
       ]
    }'

HTTP Request

POST https://api.thirdpartytrust.com/api/company/document_to_share

Request Body

See parameters definition inside “Get Document” endpoint in “Response” section.
** Parameter “enabled_by_default” is ignored in POST method. See 'Enabled by Default’ endpoint.

Enabled by Default

Set default value for “Share Document” toggle when “Share My Data” popup is displayed.

Example Request


curl 'https://api.thirdpartytrust.com/api/company/document_to_share' \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H 'Content-Type: application/json' \
  -d '{"enabled_by_default" : true }'

HTTP Request

POST https://api.thirdpartytrust.com/api/company/document_to_share/enabled_by_default

Request Body

Key Value
enabled_by_default set if “Share Document” option is enabled by default when “Share My Data” popup is displayed.

Delete Document

Delete the current document. Is not possible to delete the document if there is any pending invitation sent request (“Share My Data” action).

Example Request

curl 'https://api.thirdpartytrust.com/api/company/document_to_share' \
  -X 'DELETE' \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \

HTTP Request

DELETE https://api.thirdpartytrust.com/api/company/document_to_share

Request Body

None

Response

In case we try to delete the document and there is a pending sent invitation, this endpoint return:

{“error”: “The document is in use in one or more pending connection.”}

Get customer configuration

This endpoint return the configuration about “Share Document” over a customer, also data related to the document accepted by the customer.

HTTP Request

GET https://api.thirdpartytrust.com/api/company/document_to_share/{customer_uuid}

Query Parameters

Key Value
customer_uuid The companyID for the customer you are requesting the configuration.

Request Body

None

Example Request

curl 'https://api.thirdpartytrust.com/api/company/document_to_share/customer_configuration/49624574-65fe-48fb-83a5-0285b494056f' \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \

Example Response

{
   "dts_customer_configuration":{
      "enabled":true,
      "accepted_datetime":"2021-04-23T19:19:45",
      "accepted_document":{
         "body":"<p>Document</p>",
         "form_definition":[
            {
               "field_name":"First Name",
               "form_order":1,
               "is_required":true
            },
            {
               "field_name":"Last Name",
               "form_order":1,
               "is_required":true
            }
         ],
         "form_title":"Please complete required fields",
         "form_values":[
            {
               "field_name":"First Name",
               "value":"John"
            },
            {
               "field_name":"Last Name",
               "value":"Doe"
            }
         ],
         "has_form":true
      },
      "accepted_by":{
         "name":"Bob Rony",
         "uuid":"09450670-92b0-4572-b63a-fe63b95bb82e"
      }
   }
}

Response

Key Value
dts_customer_configuration.enabled If “Share Document” is enabled over the customer. if 'true’ when this customer accepts a sent invitation (“Share My Data”), the shared document will be showed.
dts_customer_configuration.accepted_datetime The date and time (GMT 0) where the shared document was accepted (when customer completed the document form) or showed (see has_form field in “Get Document / Set Document” endpoint ).
dts_customer_configuration.accepted_document The accepted document data. (See “Get Document” / “Set Document” endpoint reference) for details. Appended to the document information the 'form_values’ parameter will contains the fields values entered by the user (see Form Values).
dts_customer_configuration.accepted_by The user name and ID that accepted the document.

If the document was not already accepted 'accepted_datetime’, 'accepted_document’, 'accepted_by’ are null. To determinate if the document was already accepted 'accepted_datetime’ must be not null (datetime ISO format, GMT 0).

Form Value (form_values)

Key Value
field_name The field name
value The field value entered by the user

Set customer configuration

Enabled or disabled “Share Document” over a customer.

Example Request


curl 'https://api.thirdpartytrust.com/api/company/document_to_share/customer_configuration/f335fe1c-ea8f-49be-afbf-7540f713fb88' \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H 'Content-Type: application/json' \
  -d ''{"enabled":true}' '

HTTP Request

POST https://api.thirdpartytrust.com/api/company/document_to_share/customer_configuration/{customer_uuid}

Query Parameters

Key Value
customer_uuid The companyID for the customer you are setting the configuration.

Request Body

Key Value
enabled if 'true’, when the customer approve a pending sent invitation (“Share My Data”) a popup is opened showing the shared document.

Get Vendor document

This endpoint returns the configuration and the document set by the vendor related to “Share Document” over the requesting company (This endpoint is called from the customer side). Usually called before approve a “Pending invite to view someone else’s profile” in order to check if it’s necessary to accept (complete) a shared document.

HTTP Request

GET https://api.thirdpartytrust.com/api/company/document_to_share/get_vendor_document/{vendor_uuid}

Query Parameters

Key Value
vendor_uuid The companyID (Vendor).

Request Body

None

Example Request

curl 'https://api.thirdpartytrust.com/api/company/document_to_share/get_vendor_document/92d47ff9-527e-478a-8291-3da904765cf8' \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \

Example Response

{
   "vendor_document":{
      "body":"<p>Document</p>",
      "enabled_by_default":true,
      "has_form":true,
      "form_title":"Please complete required fields",
      "form_definition":[
         {
            "field_name":"First Name",
            "form_order":1,
            "is_required":true
         },
         {
            "field_name":"Last Name",
            "form_order":2,
            "is_required":false
         }
      ]
   },
   "dts_customer_configuration":{
      "enabled":true,
      "accepted_datetime":null,
      "accepted_document":{
      },
      "accepted_by":{
      }
   }
}

Response

Key Value
dts_customer_configuration.enabled If 'true’ it’s necessary to accept (or complete) the shared document (See “Customer Accept Document” endpoint reference for details)
dts_customer_configuration.* For others parameters see “Get customer configuration” endpoint.
vendor_document The vendor shared document (see “Get Document” / “Set Document” endpoint reference for details).

Customer Accept Document

Set the document accepted by the customer (This endpoint is called from a customer side)

Example Request

curl 'https://api.thirdpartytrust.com/api/company/document_to_share/accept_vendor_document/f335fe1c-ea8f-49be-afbf-7540f713fc88' \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H 'Content-Type: application/json' \
  --data-raw '{"form_values":[
                    {"field_name":"First Name",
                     "value":"John"},
                    {"field_name":"Last Name",
                     "value":"Doe"}
              ]}' \

HTTP Request

POST https://api.thirdpartytrust.com/api/company/document_to_share/accept_vendor_document/{vendor_uuid}

Query Parameters

Key Value
vendor_uuid The companyID (Vendor).

Request Body

Key Value
form_values The form values list if the document has form (has_form parameter). See “Get customer configuration” endpoint reference for details.

Download Document (Customer Side)

This endpoint return the accepted document sent by a vendor in pdf version (This endpoint is called from the customer side).

HTTP Request

GET https://api.thirdpartytrust.com/api/downloads/document_to_share/get_accepted_document_sent_by_vendor/{vendor_uuid}

Query Parameters

Key Value
vendor_uuid The companyID (Vendor).

Request Body

None

Example Request

curl 'https://api.thirdpartytrust.com/api/downloads/document_to_share/get_accepted_document_sent_by_vendor/92d47ff9-527e-478a-8291-3da904765cf8' \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \

Response

Binary File (PDF)

Download Document (Vendor Side)

This endpoint return the accepted document accepted by a customer in pdf version (This endpoint is called from the vendor side).

HTTP Request

GET https://api.thirdpartytrust.com/api/downloads/document_to_share/get_accepted_document_by_customer/{customer_uuid}

Query Parameters

Key Value
customer_uuid The companyID (Customer).

Request Body

None

Example Request

curl 'https://api.thirdpartytrust.com/api/downloads/document_to_share/get_accepted_document_by_customer/0e7f8457-b581-4ed2-8eba-5a20e34b4220' \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \

Response

Binary File (PDF)

Share My Data

Share My Data

This will issue an email to the customer to share your security profile with them. You can also choose to enable the Share Document and Selective Sharing functionalities.

Example Request

curl --request
  'https://api.thirdpartytrust.com/api/connections/shares/outgoing' \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json"
  --data-raw '{
     "recipient_emails":["person@customer.com"],
     "document_share":true,
     "selective_sharing":true,
     "subject":"Email Subject",
     "message":"Email Message"
    }'

Example Response

{
  "recipient_emails": ["person@customer.com"],
  "document_share": true,
  "selective_sharing": true,
  "subject": "Email Subject",
  "message": "Email Message"
}

HTTP Request

POST https://api.thirdpartytrust.com/api/connections/shares/outgoing

Query Parameters

None

Request Body

Parameter Description
recipient_emails Array with emails. The emails of the user(s) that you want share your profile
document_share Boolean. Enable/Disable Document Sharing
selective_sharing Boolean. Enable/Disable Selective Sharing
subject String. Email subject
message String. Email body

Cancel request

This will cancel the Share My Data request

Example Request

curl --request
  'https://api.thirdpartytrust.com/api/connections/shares/cancel' \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json"
  --data-raw '{
     "request_uuid":"100de190-e6b6-4f0f-92a0-47c691377c1e"
    }'

Example Response

{}

HTTP Request

POST https://api.thirdpartytrust.com/api/connections/shares/cancel

Query Parameters

None

Request Body

Parameter Description
request_uuid Company UUID we issue the ShareMyData request. This UUID we can get it from the Get Shares Connections endpoint

Resend request

This will retry the Share My Data request

Example Request

curl --request
  'https://api.thirdpartytrust.com/api/connections/shares/resend' \
  -H "Authorization: Token eyJ0eXAiOiJKV1QiLCJhbGciOiJIUzI1NiJ9..." \
  -H "Content-Type: application/json"
  --data-raw '{
     "request_uuid":"100de190-e6b6-4f0f-92a0-47c691377c1e"
    }'

Example Response

{}

HTTP Request

POST https://api.thirdpartytrust.com/api/connections/shares/resend

Query Parameters

None

Request Body

Parameter Description
request_uuid Company UUID we issue the ShareMyData request. This UUID we can get it from the Get Connections Shares endpoint

Messaging

Templates: create

Creates a template for later use in forms

Example Request

curl --request POST
  https://api.thirdpartytrust.com/api/template/template \
  -H "Authorization: Token eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..." \
  -H "Content-Type: application/json" \
  --data-raw ' {
      "title": "Testing",
      "subject": "Subject",
      "message": "<p>Body</p>"
  }'

Example Response

[{"model_name": "MessageTemplate",
  "message": "<p>Body</p>",
  "subject": "Subject",
  "title": "Testing",
  "uuid": "4398b755-bb9d-4f24-82e9-516cceb7f689"}]

HTTP Request

POST https://api.thirdpartytrust.com/api/template/template

Query Parameters

None

Request Body

Key Value
title Name it will appear in the form Template dropdown
subject Email subject
message Email body message

Templates: delete

Deletes an existing template

Example Request

curl --request POST
  https://api.thirdpartytrust.com/api/template/template/4398b755-bb9d-4f24-82e9-516cceb7f689 \
  -H "Authorization: Token eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..." \
  -H "Content-Type: application/json" \
  --data-raw ' {
      "remove": true,
      "title": "",
      "subject": "",
      "message": ""
  }'

Example Response

[{"model_name": "MessageTemplate",
  "message": "<p>New Body</p>",
  "subject": "New Subject",
  "title": "New Testing",
  "uuid": "4398b755-bb9d-4f24-82e9-516cceb7f689"}]

HTTP Request

POST https://api.thirdpartytrust.com/api/template/template/{template_uuid}

Query Parameters

Key Value
template_uuid Template UUID we are deleting

Request Body

Key Value
remove Boolean. true.
title Empty string
subject Empty string
message Empty string

Templates: get all

Fetches all company templates

Example Request

curl --request GET
  https://api.thirdpartytrust.com/api/template/templates \
  -H "Authorization: Token eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..."

Example Response

[{"model_name": "MessageTemplate",
  "message": "<p>Body</p>",
  "subject": "Subject",
  "title": "Testing",
  "uuid": "4398b755-bb9d-4f24-82e9-516cceb7f689"}]

HTTP Request

GET https://api.thirdpartytrust.com/api/template/templates

Query Parameters

None

Templates: update

Updates an existing template

Example Request

curl --request POST
  https://api.thirdpartytrust.com/api/template/template/4398b755-bb9d-4f24-82e9-516cceb7f689 \
  -H "Authorization: Token eyJhbGciOiJIUzI1NiIsInR5cCI6IkpXVCJ9..." \
  -H "Content-Type: application/json" \
  --data-raw ' {
      "title": "New Testing",
      "subject": "New Subject",
      "message": "<p>New Body</p>"
  }'

Example Response

[{"model_name": "MessageTemplate",
  "message": "<p>New Body</p>",
  "subject": "New Subject",
  "title": "New Testing",
  "uuid": "4398b755-bb9d-4f24-82e9-516cceb7f689"}]

HTTP Request

POST https://api.thirdpartytrust.com/api/template/template/{template_uuid}

Query Parameters

Key Value
template_uuid Template UUID we are updating

Request Body

Key Value
title Name it will appear in the form Template dropdown
subject Email subject
message Email body message