NAV Navigation
cURL Java Python C# JavaScript

Risk Cloud API v2024.7.0

Scroll down for code samples, example requests and responses. Select a language for code samples from the tabs above or the mobile navigation menu.

Welcome to the Risk Cloud API v2! This is a collection of new API-first and RESTful API endpoints to streamline the creation of custom integrations with the Risk Cloud.

For the API documentation of our legacy API v1 endpoints, reference Risk Cloud API v1.

Base URLs:

Email: developer-relations@logicgate.com

Postman

Build and refine your custom integration with our user-friendly Risk Cloud API Postman Workspace, which you can import to your Postman setup in the button below.

For more Postman setup information, reference our guide Risk Cloud API: Postman.

OpenAPI Specification

Download and view the latest OpenAPI Specification per-release from the GitHub repository below. This OpenAPI Specification serves as the primary reference for Risk Cloud API across all releases.

@LogicGateTech/openapi

This specification is compatible with various OpenAPI client libraries, and you can also subscribe to the GitHub repository to stay updated on the latest Risk Cloud API developments.

Authentication

Getting Started: How to create an API Access Token to begin integrating with the Risk Cloud API

POSTCreate an API Access Token

Code samples

curl --request POST \
--url https:///%7Benv%7D.logicgate.com/api/v1/account/token \
--header 'Accept: application/json' \
--header 'Authorization: Basic {ENCODED}'
HttpResponse<String> response = Unirest.post("https:///%7Benv%7D.logicgate.com/api/v1/account/token")
.header("Accept", "application/json")
.header("Authorization", "Basic {ENCODED}")
.asString();
import http.client

conn = http.client.HTTPSConnection("")

headers = {
'Accept': "application/json",
'Authorization': "Basic {ENCODED}"
}

conn.request("POST", "%7Benv%7D.logicgate.com/api/v1/account/token", headers=headers)

res = conn.getresponse()
data = res.read()

print(data.decode("utf-8"))
var client = new RestClient("https:///%7Benv%7D.logicgate.com/api/v1/account/token");
var request = new RestRequest(Method.POST);
request.AddHeader("Accept", "application/json");
request.AddHeader("Authorization", "Basic {ENCODED}");
IRestResponse response = client.Execute(request);
const data = null;

const xhr = new XMLHttpRequest();
xhr.withCredentials = true;

xhr.addEventListener("readystatechange", function () {
if (this.readyState === this.DONE) {
console.log(this.responseText);
}
});

xhr.open("POST", "https:///%7Benv%7D.logicgate.com/api/v1/account/token");
xhr.setRequestHeader("Accept", "application/json");
xhr.setRequestHeader("Authorization", "Basic {ENCODED}");

xhr.send(data);

POST /api/v1/account/token

Permissions: Authenticated User

Generates a new, expiring access token from the provided Client and Secret keys.

Parameters

Name In Type Required Description
Authorization header string true A basic authorization header containing a Risk Cloud API access token in the format Authorization: Basic {TOKEN}.

Example responses

200 Response

{
"access_token": "string",
"token_type": "string",
"expires_in": 0,
"scope": "string"
}

Responses

Status Meaning Description Schema
200 OK OK LegacyApiTokenOut

Response Schema

Status Code 200

Name Type Description
» access_token string An API access token to be used within the bearer authorization header of subsequent Risk Cloud API requests
» token_type string The token type, expected to be “bearer” for the Risk Cloud API
» expires_in integer(int64) The remaining time in seconds until the token expires
» scope string The privilege scope of the token, expected to be “read write” for the Risk Cloud API

Application

An Application is a collection of Workflows, Steps, and logic that collectively solve a business use case

GETRetrieve applications

Code samples

curl --request GET \
--url https:///%7Benv%7D.logicgate.com/api/v2/applications \
--header 'Accept: application/json' \
--header 'Authorization: Bearer {TOKEN}'
HttpResponse<String> response = Unirest.get("https:///%7Benv%7D.logicgate.com/api/v2/applications")
.header("Accept", "application/json")
.header("Authorization", "Bearer {TOKEN}")
.asString();
import http.client

conn = http.client.HTTPSConnection("")

headers = {
'Accept': "application/json",
'Authorization': "Bearer {TOKEN}"
}

conn.request("GET", "%7Benv%7D.logicgate.com/api/v2/applications", headers=headers)

res = conn.getresponse()
data = res.read()

print(data.decode("utf-8"))
var client = new RestClient("https:///%7Benv%7D.logicgate.com/api/v2/applications");
var request = new RestRequest(Method.GET);
request.AddHeader("Accept", "application/json");
request.AddHeader("Authorization", "Bearer {TOKEN}");
IRestResponse response = client.Execute(request);
const data = null;

const xhr = new XMLHttpRequest();
xhr.withCredentials = true;

xhr.addEventListener("readystatechange", function () {
if (this.readyState === this.DONE) {
console.log(this.responseText);
}
});

xhr.open("GET", "https:///%7Benv%7D.logicgate.com/api/v2/applications");
xhr.setRequestHeader("Accept", "application/json");
xhr.setRequestHeader("Authorization", "Bearer {TOKEN}");

xhr.send(data);

GET /api/v2/applications

Beta: This endpoint is in an open beta state and is subject to modifications.

Permissions: Build Access

Retrieve a page of all applications that the current user has Build Access to.

Parameters

Name In Type Required Description
page query integer(int32) false The zero-indexed page number (must not be less than 0, defaults to 0)
size query integer(int32) false The size of the page and maximum number of items to be returned (must not be less than 1, defaults to 20)
Authorization header string true A bearer authorization header containing a Risk Cloud API access token in the format Authorization: Bearer {TOKEN}.

Example responses

200 Response

{
"content": [
{
"id": "a1b2c3d4",
"name": "Cyber Risk Management Application",
"color": "#00a3de",
"icon": "CUBES",
"type": "CONTROLS_COMPLIANCE",
"live": false,
"restrictBuildAccess": false,
"object": "application"
}
],
"links": {
"first": "/api/v2/resource?page=0&size=20",
"prev": "/api/v2/resource?page=2&size=20",
"self": "/api/v2/resource?page=3&size=20",
"next": "/api/v2/resource?page=4&size=20",
"last": "/api/v2/resource?page=6&size=20"
},
"page": {
"size": 20,
"totalElements": 50,
"totalPages": 3,
"number": 0
}
}

Responses

Status Meaning Description Schema
200 OK OK PageModelOutApplicationApiOut

Response Schema

Status Code 200

Name Type Description
» content [ApplicationApiOut] A array of returned items
»» Application (Response) ApplicationApiOut none
»»» id string The unique ID of this Risk Cloud resource
»»» name string The name of the application
»»» color string The hex representation of the icon color of the application
»»» icon string The icon type of the application
»»» type string The type of Risk Cloud application
»»» live boolean Whether the application is live
»»» restrictBuildAccess boolean Whether users with the Build entitlement must be explicitly granted permission to edit this application
»»» object string Identifies the type of object this data represents
» links PageLinksOut A collection of page URL links for navigation and iteration
»» first string A URL path to the first page of requested data
»» prev string A URL path to the next page of requested data or null if currently on first page
»» self string A URL path to the current page of requested data
»» next string A URL link to the next page of requested data or null if currently on last page
»» last string A URL link to the last page of requested data
» page PageInfoOut A collection page metadata
»» size integer(int64) The size of the page and maximum number of items to be returned (must not be less than 1, defaults to 20)
»» totalElements integer(int64) The total number of items available
»» totalPages integer(int64) The total number of pages available based on the size
»» number integer(int64) The zero-indexed page number (must not be less than 0, defaults to 0)

Enumerated Values

Property Value
icon BOOKMARK
icon BOLT
icon BULLHORN
icon CERTIFICATE
icon CHECK_SQUARE_O
icon CLOUD
icon COMMENTS
icon CUBES
icon DOLLAR
icon EXCLAMATION_TRIANGLE
icon TEXT_O
icon FOLDER
icon GIFT
icon GLOBE
icon HEARTBEAT
icon LEAF
icon LEGAL
icon LIFE_RING
icon MEDKIT
icon MONEY
icon PERCENT
icon ROCKET
icon SIGNAL
icon UNIVERSITY
icon USER_CIRCLE
type ACCESS_MANAGEMENT
type AML_KYC
type ASSET_MANAGEMENT
type AUDIT_MANAGEMENT
type BUSINESS_CONTINUITY_PLANNING
type CHANGE_MANAGEMENT
type COMPLAINT_MANAGEMENT
type COMPLIANCE_MANAGEMENT
type CONTRACT_MANAGEMENT
type CONTROLS_COMPLIANCE
type CONTROLS_MANAGEMENT
type CRISIS_MANAGEMENT
type CUSTOM
type CUSTOM_GRC_USE_CASE
type CYBER_RISK_MANAGEMENT
type DATA_PRIVACY_MANAGEMENT
type EMPLOYEE_COMPLIANCE
type ENTERPRISE_RISK_MANAGEMENT
type ESG
type INCIDENT_MANAGEMENT
type INTERNAL_AUDIT_MANAGEMENT
type IT_RISK_MANAGEMENT
type NONE
type OPERATIONAL_RESILIENCY
type OTHER
type POLICY_AND_PROCEDURE_MANAGEMENT
type POLICY_MANAGEMENT
type PRIVACY_MANAGEMENT
type QUANTIFY
type REGULATORY_COMPLIANCE
type REPOSITORY
type RISK_QUANTIFICATION
type SOX_TESTING
type STANDARDS_REGULATIONS
type SURVEY
type THIRD_PARTY_RISK_MANAGEMENT

POSTCreate an application

Code samples

curl --request POST \
--url https:///%7Benv%7D.logicgate.com/api/v2/applications \
--header 'Accept: application/json' \
--header 'Authorization: Bearer {TOKEN}' \
--header 'Content-Type: application/json' \
--data '{"name":"Cyber Risk Management Application","color":"#00a3de","icon":"CUBES","type":"CONTROLS_COMPLIANCE"}'
HttpResponse<String> response = Unirest.post("https:///%7Benv%7D.logicgate.com/api/v2/applications")
.header("Content-Type", "application/json")
.header("Accept", "application/json")
.header("Authorization", "Bearer {TOKEN}")
.body("{\"name\":\"Cyber Risk Management Application\",\"color\":\"#00a3de\",\"icon\":\"CUBES\",\"type\":\"CONTROLS_COMPLIANCE\"}")
.asString();
import http.client

conn = http.client.HTTPSConnection("")

payload = "{\"name\":\"Cyber Risk Management Application\",\"color\":\"#00a3de\",\"icon\":\"CUBES\",\"type\":\"CONTROLS_COMPLIANCE\"}"

headers = {
'Content-Type': "application/json",
'Accept': "application/json",
'Authorization': "Bearer {TOKEN}"
}

conn.request("POST", "%7Benv%7D.logicgate.com/api/v2/applications", payload, headers)

res = conn.getresponse()
data = res.read()

print(data.decode("utf-8"))
var client = new RestClient("https:///%7Benv%7D.logicgate.com/api/v2/applications");
var request = new RestRequest(Method.POST);
request.AddHeader("Content-Type", "application/json");
request.AddHeader("Accept", "application/json");
request.AddHeader("Authorization", "Bearer {TOKEN}");
request.AddParameter("application/json", "{\"name\":\"Cyber Risk Management Application\",\"color\":\"#00a3de\",\"icon\":\"CUBES\",\"type\":\"CONTROLS_COMPLIANCE\"}", ParameterType.RequestBody);
IRestResponse response = client.Execute(request);
const data = JSON.stringify({
"name": "Cyber Risk Management Application",
"color": "#00a3de",
"icon": "CUBES",
"type": "CONTROLS_COMPLIANCE"
});

const xhr = new XMLHttpRequest();
xhr.withCredentials = true;

xhr.addEventListener("readystatechange", function () {
if (this.readyState === this.DONE) {
console.log(this.responseText);
}
});

xhr.open("POST", "https:///%7Benv%7D.logicgate.com/api/v2/applications");
xhr.setRequestHeader("Content-Type", "application/json");
xhr.setRequestHeader("Accept", "application/json");
xhr.setRequestHeader("Authorization", "Bearer {TOKEN}");

xhr.send(data);

POST /api/v2/applications

Beta: This endpoint is in an open beta state and is subject to modifications.

Permissions: Build Access

Create an application from a JSON request body.

Body parameter

{
"name": "Cyber Risk Management Application",
"color": "#00a3de",
"icon": "CUBES",
"type": "CONTROLS_COMPLIANCE"
}

Parameters

Name In Type Required Description
Authorization header string true A bearer authorization header containing a Risk Cloud API access token in the format Authorization: Bearer {TOKEN}.
body body ApplicationApiCreateIn true none
» name body string true The name of the application
» color body string false The hex representation of the icon color of the application (defaults to #00a3de)
» icon body string false The icon type of the application (defaults to CUBES)
» type body string false The type of Risk Cloud application (defaults to NONE)

Enumerated Values

Parameter Value
» icon BOOKMARK
» icon BOLT
» icon BULLHORN
» icon CERTIFICATE
» icon CHECK_SQUARE_O
» icon CLOUD
» icon COMMENTS
» icon CUBES
» icon DOLLAR
» icon EXCLAMATION_TRIANGLE
» icon TEXT_O
» icon FOLDER
» icon GIFT
» icon GLOBE
» icon HEARTBEAT
» icon LEAF
» icon LEGAL
» icon LIFE_RING
» icon MEDKIT
» icon MONEY
» icon PERCENT
» icon ROCKET
» icon SIGNAL
» icon UNIVERSITY
» icon USER_CIRCLE
» type ACCESS_MANAGEMENT
» type AML_KYC
» type ASSET_MANAGEMENT
» type AUDIT_MANAGEMENT
» type BUSINESS_CONTINUITY_PLANNING
» type CHANGE_MANAGEMENT
» type COMPLAINT_MANAGEMENT
» type COMPLIANCE_MANAGEMENT
» type CONTRACT_MANAGEMENT
» type CONTROLS_COMPLIANCE
» type CONTROLS_MANAGEMENT
» type CRISIS_MANAGEMENT
» type CUSTOM
» type CUSTOM_GRC_USE_CASE
» type CYBER_RISK_MANAGEMENT
» type DATA_PRIVACY_MANAGEMENT
» type EMPLOYEE_COMPLIANCE
» type ENTERPRISE_RISK_MANAGEMENT
» type ESG
» type INCIDENT_MANAGEMENT
» type INTERNAL_AUDIT_MANAGEMENT
» type IT_RISK_MANAGEMENT
» type NONE
» type OPERATIONAL_RESILIENCY
» type OTHER
» type POLICY_AND_PROCEDURE_MANAGEMENT
» type POLICY_MANAGEMENT
» type PRIVACY_MANAGEMENT
» type QUANTIFY
» type REGULATORY_COMPLIANCE
» type REPOSITORY
» type RISK_QUANTIFICATION
» type SOX_TESTING
» type STANDARDS_REGULATIONS
» type SURVEY
» type THIRD_PARTY_RISK_MANAGEMENT

Example responses

200 Response

{
"id": "a1b2c3d4",
"name": "Cyber Risk Management Application",
"color": "#00a3de",
"icon": "CUBES",
"type": "CONTROLS_COMPLIANCE",
"live": false,
"restrictBuildAccess": false,
"object": "application"
}

Responses

Status Meaning Description Schema
200 OK OK ApplicationApiOut

Response Schema

Status Code 200

Name Type Description
» id string The unique ID of this Risk Cloud resource
» name string The name of the application
» color string The hex representation of the icon color of the application
» icon string The icon type of the application
» type string The type of Risk Cloud application
» live boolean Whether the application is live
» restrictBuildAccess boolean Whether users with the Build entitlement must be explicitly granted permission to edit this application
» object string Identifies the type of object this data represents

Enumerated Values

Property Value
icon BOOKMARK
icon BOLT
icon BULLHORN
icon CERTIFICATE
icon CHECK_SQUARE_O
icon CLOUD
icon COMMENTS
icon CUBES
icon DOLLAR
icon EXCLAMATION_TRIANGLE
icon TEXT_O
icon FOLDER
icon GIFT
icon GLOBE
icon HEARTBEAT
icon LEAF
icon LEGAL
icon LIFE_RING
icon MEDKIT
icon MONEY
icon PERCENT
icon ROCKET
icon SIGNAL
icon UNIVERSITY
icon USER_CIRCLE
type ACCESS_MANAGEMENT
type AML_KYC
type ASSET_MANAGEMENT
type AUDIT_MANAGEMENT
type BUSINESS_CONTINUITY_PLANNING
type CHANGE_MANAGEMENT
type COMPLAINT_MANAGEMENT
type COMPLIANCE_MANAGEMENT
type CONTRACT_MANAGEMENT
type CONTROLS_COMPLIANCE
type CONTROLS_MANAGEMENT
type CRISIS_MANAGEMENT
type CUSTOM
type CUSTOM_GRC_USE_CASE
type CYBER_RISK_MANAGEMENT
type DATA_PRIVACY_MANAGEMENT
type EMPLOYEE_COMPLIANCE
type ENTERPRISE_RISK_MANAGEMENT
type ESG
type INCIDENT_MANAGEMENT
type INTERNAL_AUDIT_MANAGEMENT
type IT_RISK_MANAGEMENT
type NONE
type OPERATIONAL_RESILIENCY
type OTHER
type POLICY_AND_PROCEDURE_MANAGEMENT
type POLICY_MANAGEMENT
type PRIVACY_MANAGEMENT
type QUANTIFY
type REGULATORY_COMPLIANCE
type REPOSITORY
type RISK_QUANTIFICATION
type SOX_TESTING
type STANDARDS_REGULATIONS
type SURVEY
type THIRD_PARTY_RISK_MANAGEMENT

GETRetrieve an application

Code samples

curl --request GET \
--url https:///%7Benv%7D.logicgate.com/api/v2/applications/string \
--header 'Accept: application/json' \
--header 'Authorization: Bearer {TOKEN}'
HttpResponse<String> response = Unirest.get("https:///%7Benv%7D.logicgate.com/api/v2/applications/string")
.header("Accept", "application/json")
.header("Authorization", "Bearer {TOKEN}")
.asString();
import http.client

conn = http.client.HTTPSConnection("")

headers = {
'Accept': "application/json",
'Authorization': "Bearer {TOKEN}"
}

conn.request("GET", "%7Benv%7D.logicgate.com/api/v2/applications/string", headers=headers)

res = conn.getresponse()
data = res.read()

print(data.decode("utf-8"))
var client = new RestClient("https:///%7Benv%7D.logicgate.com/api/v2/applications/string");
var request = new RestRequest(Method.GET);
request.AddHeader("Accept", "application/json");
request.AddHeader("Authorization", "Bearer {TOKEN}");
IRestResponse response = client.Execute(request);
const data = null;

const xhr = new XMLHttpRequest();
xhr.withCredentials = true;

xhr.addEventListener("readystatechange", function () {
if (this.readyState === this.DONE) {
console.log(this.responseText);
}
});

xhr.open("GET", "https:///%7Benv%7D.logicgate.com/api/v2/applications/string");
xhr.setRequestHeader("Accept", "application/json");
xhr.setRequestHeader("Authorization", "Bearer {TOKEN}");

xhr.send(data);

GET /api/v2/applications/{id}

Beta: This endpoint is in an open beta state and is subject to modifications.

Permissions: Build Access to application

Retrieve an application specified by the ID in the URL path.

Parameters

Name In Type Required Description
id path string true The unique ID of the application
Authorization header string true A bearer authorization header containing a Risk Cloud API access token in the format Authorization: Bearer {TOKEN}.

Example responses

200 Response

{
"id": "a1b2c3d4",
"name": "Cyber Risk Management Application",
"color": "#00a3de",
"icon": "CUBES",
"type": "CONTROLS_COMPLIANCE",
"live": false,
"restrictBuildAccess": false,
"object": "application"
}

Responses

Status Meaning Description Schema
200 OK OK ApplicationApiOut

Response Schema

Status Code 200

Name Type Description
» id string The unique ID of this Risk Cloud resource
» name string The name of the application
» color string The hex representation of the icon color of the application
» icon string The icon type of the application
» type string The type of Risk Cloud application
» live boolean Whether the application is live
» restrictBuildAccess boolean Whether users with the Build entitlement must be explicitly granted permission to edit this application
» object string Identifies the type of object this data represents

Enumerated Values

Property Value
icon BOOKMARK
icon BOLT
icon BULLHORN
icon CERTIFICATE
icon CHECK_SQUARE_O
icon CLOUD
icon COMMENTS
icon CUBES
icon DOLLAR
icon EXCLAMATION_TRIANGLE
icon TEXT_O
icon FOLDER
icon GIFT
icon GLOBE
icon HEARTBEAT
icon LEAF
icon LEGAL
icon LIFE_RING
icon MEDKIT
icon MONEY
icon PERCENT
icon ROCKET
icon SIGNAL
icon UNIVERSITY
icon USER_CIRCLE
type ACCESS_MANAGEMENT
type AML_KYC
type ASSET_MANAGEMENT
type AUDIT_MANAGEMENT
type BUSINESS_CONTINUITY_PLANNING
type CHANGE_MANAGEMENT
type COMPLAINT_MANAGEMENT
type COMPLIANCE_MANAGEMENT
type CONTRACT_MANAGEMENT
type CONTROLS_COMPLIANCE
type CONTROLS_MANAGEMENT
type CRISIS_MANAGEMENT
type CUSTOM
type CUSTOM_GRC_USE_CASE
type CYBER_RISK_MANAGEMENT
type DATA_PRIVACY_MANAGEMENT
type EMPLOYEE_COMPLIANCE
type ENTERPRISE_RISK_MANAGEMENT
type ESG
type INCIDENT_MANAGEMENT
type INTERNAL_AUDIT_MANAGEMENT
type IT_RISK_MANAGEMENT
type NONE
type OPERATIONAL_RESILIENCY
type OTHER
type POLICY_AND_PROCEDURE_MANAGEMENT
type POLICY_MANAGEMENT
type PRIVACY_MANAGEMENT
type QUANTIFY
type REGULATORY_COMPLIANCE
type REPOSITORY
type RISK_QUANTIFICATION
type SOX_TESTING
type STANDARDS_REGULATIONS
type SURVEY
type THIRD_PARTY_RISK_MANAGEMENT

DELETEDelete an application

Code samples

curl --request DELETE \
--url https:///%7Benv%7D.logicgate.com/api/v2/applications/string \
--header 'Authorization: Bearer {TOKEN}'
HttpResponse<String> response = Unirest.delete("https:///%7Benv%7D.logicgate.com/api/v2/applications/string")
.header("Authorization", "Bearer {TOKEN}")
.asString();
import http.client

conn = http.client.HTTPSConnection("")

headers = { 'Authorization': "Bearer {TOKEN}" }

conn.request("DELETE", "%7Benv%7D.logicgate.com/api/v2/applications/string", headers=headers)

res = conn.getresponse()
data = res.read()

print(data.decode("utf-8"))
var client = new RestClient("https:///%7Benv%7D.logicgate.com/api/v2/applications/string");
var request = new RestRequest(Method.DELETE);
request.AddHeader("Authorization", "Bearer {TOKEN}");
IRestResponse response = client.Execute(request);
const data = null;

const xhr = new XMLHttpRequest();
xhr.withCredentials = true;

xhr.addEventListener("readystatechange", function () {
if (this.readyState === this.DONE) {
console.log(this.responseText);
}
});

xhr.open("DELETE", "https:///%7Benv%7D.logicgate.com/api/v2/applications/string");
xhr.setRequestHeader("Authorization", "Bearer {TOKEN}");

xhr.send(data);

DELETE /api/v2/applications/{id}

Beta: This endpoint is in an open beta state and is subject to modifications.

Permissions: Build Access to application

Delete an application specified by the ID in the URL path.

Parameters

Name In Type Required Description
id path string true The unique ID of the application
Authorization header string true A bearer authorization header containing a Risk Cloud API access token in the format Authorization: Bearer {TOKEN}.

Responses

Status Meaning Description Schema
204 No Content No Content None

PATCHUpdate an application

Code samples

curl --request PATCH \
--url https:///%7Benv%7D.logicgate.com/api/v2/applications/string \
--header 'Accept: application/json' \
--header 'Authorization: Bearer {TOKEN}' \
--header 'Content-Type: application/json' \
--data '{"name":"Cyber Risk Management Application","color":"#00a3de","icon":"CUBES","type":"CONTROLS_COMPLIANCE","live":false,"restrictBuildAccess":false}'
HttpResponse<String> response = Unirest.patch("https:///%7Benv%7D.logicgate.com/api/v2/applications/string")
.header("Content-Type", "application/json")
.header("Accept", "application/json")
.header("Authorization", "Bearer {TOKEN}")
.body("{\"name\":\"Cyber Risk Management Application\",\"color\":\"#00a3de\",\"icon\":\"CUBES\",\"type\":\"CONTROLS_COMPLIANCE\",\"live\":false,\"restrictBuildAccess\":false}")
.asString();
import http.client

conn = http.client.HTTPSConnection("")

payload = "{\"name\":\"Cyber Risk Management Application\",\"color\":\"#00a3de\",\"icon\":\"CUBES\",\"type\":\"CONTROLS_COMPLIANCE\",\"live\":false,\"restrictBuildAccess\":false}"

headers = {
'Content-Type': "application/json",
'Accept': "application/json",
'Authorization': "Bearer {TOKEN}"
}

conn.request("PATCH", "%7Benv%7D.logicgate.com/api/v2/applications/string", payload, headers)

res = conn.getresponse()
data = res.read()

print(data.decode("utf-8"))
var client = new RestClient("https:///%7Benv%7D.logicgate.com/api/v2/applications/string");
var request = new RestRequest(Method.PATCH);
request.AddHeader("Content-Type", "application/json");
request.AddHeader("Accept", "application/json");
request.AddHeader("Authorization", "Bearer {TOKEN}");
request.AddParameter("application/json", "{\"name\":\"Cyber Risk Management Application\",\"color\":\"#00a3de\",\"icon\":\"CUBES\",\"type\":\"CONTROLS_COMPLIANCE\",\"live\":false,\"restrictBuildAccess\":false}", ParameterType.RequestBody);
IRestResponse response = client.Execute(request);
const data = JSON.stringify({
"name": "Cyber Risk Management Application",
"color": "#00a3de",
"icon": "CUBES",
"type": "CONTROLS_COMPLIANCE",
"live": false,
"restrictBuildAccess": false
});

const xhr = new XMLHttpRequest();
xhr.withCredentials = true;

xhr.addEventListener("readystatechange", function () {
if (this.readyState === this.DONE) {
console.log(this.responseText);
}
});

xhr.open("PATCH", "https:///%7Benv%7D.logicgate.com/api/v2/applications/string");
xhr.setRequestHeader("Content-Type", "application/json");
xhr.setRequestHeader("Accept", "application/json");
xhr.setRequestHeader("Authorization", "Bearer {TOKEN}");

xhr.send(data);

PATCH /api/v2/applications/{id}

Beta: This endpoint is in an open beta state and is subject to modifications.

Permissions: Build Access to application

Update an application specified by the ID in the URL path from a JSON request body. Only present properties with non-empty values are updated.

Body parameter

{
"name": "Cyber Risk Management Application",
"color": "#00a3de",
"icon": "CUBES",
"type": "CONTROLS_COMPLIANCE",
"live": false,
"restrictBuildAccess": false
}

Parameters

Name In Type Required Description
id path string true The unique ID of the application
Authorization header string true A bearer authorization header containing a Risk Cloud API access token in the format Authorization: Bearer {TOKEN}.
body body ApplicationApiUpdateIn true none
» name body string false The name of the application
» color body string false The hex representation of the icon color of the application
» icon body string false The icon type of the application
» type body string false The type of Risk Cloud application
» live body boolean false Whether the application is live
» restrictBuildAccess body boolean false Whether users with the Build entitlement must be explicitly granted permission to edit this application

Enumerated Values

Parameter Value
» icon BOOKMARK
» icon BOLT
» icon BULLHORN
» icon CERTIFICATE
» icon CHECK_SQUARE_O
» icon CLOUD
» icon COMMENTS
» icon CUBES
» icon DOLLAR
» icon EXCLAMATION_TRIANGLE
» icon TEXT_O
» icon FOLDER
» icon GIFT
» icon GLOBE
» icon HEARTBEAT
» icon LEAF
» icon LEGAL
» icon LIFE_RING
» icon MEDKIT
» icon MONEY
» icon PERCENT
» icon ROCKET
» icon SIGNAL
» icon UNIVERSITY
» icon USER_CIRCLE
» type ACCESS_MANAGEMENT
» type AML_KYC
» type ASSET_MANAGEMENT
» type AUDIT_MANAGEMENT
» type BUSINESS_CONTINUITY_PLANNING
» type CHANGE_MANAGEMENT
» type COMPLAINT_MANAGEMENT
» type COMPLIANCE_MANAGEMENT
» type CONTRACT_MANAGEMENT
» type CONTROLS_COMPLIANCE
» type CONTROLS_MANAGEMENT
» type CRISIS_MANAGEMENT
» type CUSTOM
» type CUSTOM_GRC_USE_CASE
» type CYBER_RISK_MANAGEMENT
» type DATA_PRIVACY_MANAGEMENT
» type EMPLOYEE_COMPLIANCE
» type ENTERPRISE_RISK_MANAGEMENT
» type ESG
» type INCIDENT_MANAGEMENT
» type INTERNAL_AUDIT_MANAGEMENT
» type IT_RISK_MANAGEMENT
» type NONE
» type OPERATIONAL_RESILIENCY
» type OTHER
» type POLICY_AND_PROCEDURE_MANAGEMENT
» type POLICY_MANAGEMENT
» type PRIVACY_MANAGEMENT
» type QUANTIFY
» type REGULATORY_COMPLIANCE
» type REPOSITORY
» type RISK_QUANTIFICATION
» type SOX_TESTING
» type STANDARDS_REGULATIONS
» type SURVEY
» type THIRD_PARTY_RISK_MANAGEMENT

Example responses

200 Response

{
"id": "a1b2c3d4",
"name": "Cyber Risk Management Application",
"color": "#00a3de",
"icon": "CUBES",
"type": "CONTROLS_COMPLIANCE",
"live": false,
"restrictBuildAccess": false,
"object": "application"
}

Responses

Status Meaning Description Schema
200 OK OK ApplicationApiOut

Response Schema

Status Code 200

Name Type Description
» id string The unique ID of this Risk Cloud resource
» name string The name of the application
» color string The hex representation of the icon color of the application
» icon string The icon type of the application
» type string The type of Risk Cloud application
» live boolean Whether the application is live
» restrictBuildAccess boolean Whether users with the Build entitlement must be explicitly granted permission to edit this application
» object string Identifies the type of object this data represents

Enumerated Values

Property Value
icon BOOKMARK
icon BOLT
icon BULLHORN
icon CERTIFICATE
icon CHECK_SQUARE_O
icon CLOUD
icon COMMENTS
icon CUBES
icon DOLLAR
icon EXCLAMATION_TRIANGLE
icon TEXT_O
icon FOLDER
icon GIFT
icon GLOBE
icon HEARTBEAT
icon LEAF
icon LEGAL
icon LIFE_RING
icon MEDKIT
icon MONEY
icon PERCENT
icon ROCKET
icon SIGNAL
icon UNIVERSITY
icon USER_CIRCLE
type ACCESS_MANAGEMENT
type AML_KYC
type ASSET_MANAGEMENT
type AUDIT_MANAGEMENT
type BUSINESS_CONTINUITY_PLANNING
type CHANGE_MANAGEMENT
type COMPLAINT_MANAGEMENT
type COMPLIANCE_MANAGEMENT
type CONTRACT_MANAGEMENT
type CONTROLS_COMPLIANCE
type CONTROLS_MANAGEMENT
type CRISIS_MANAGEMENT
type CUSTOM
type CUSTOM_GRC_USE_CASE
type CYBER_RISK_MANAGEMENT
type DATA_PRIVACY_MANAGEMENT
type EMPLOYEE_COMPLIANCE
type ENTERPRISE_RISK_MANAGEMENT
type ESG
type INCIDENT_MANAGEMENT
type INTERNAL_AUDIT_MANAGEMENT
type IT_RISK_MANAGEMENT
type NONE
type OPERATIONAL_RESILIENCY
type OTHER
type POLICY_AND_PROCEDURE_MANAGEMENT
type POLICY_MANAGEMENT
type PRIVACY_MANAGEMENT
type QUANTIFY
type REGULATORY_COMPLIANCE
type REPOSITORY
type RISK_QUANTIFICATION
type SOX_TESTING
type STANDARDS_REGULATIONS
type SURVEY
type THIRD_PARTY_RISK_MANAGEMENT

Field

A Field is used to capture information from and display information to users in a Workflow

GETRetrieve fields

Code samples

curl --request GET \
--url https:///%7Benv%7D.logicgate.com/api/v2/fields \
--header 'Accept: application/json' \
--header 'Authorization: Bearer {TOKEN}'
HttpResponse<String> response = Unirest.get("https:///%7Benv%7D.logicgate.com/api/v2/fields")
.header("Accept", "application/json")
.header("Authorization", "Bearer {TOKEN}")
.asString();
import http.client

conn = http.client.HTTPSConnection("")

headers = {
'Accept': "application/json",
'Authorization': "Bearer {TOKEN}"
}

conn.request("GET", "%7Benv%7D.logicgate.com/api/v2/fields", headers=headers)

res = conn.getresponse()
data = res.read()

print(data.decode("utf-8"))
var client = new RestClient("https:///%7Benv%7D.logicgate.com/api/v2/fields");
var request = new RestRequest(Method.GET);
request.AddHeader("Accept", "application/json");
request.AddHeader("Authorization", "Bearer {TOKEN}");
IRestResponse response = client.Execute(request);
const data = null;

const xhr = new XMLHttpRequest();
xhr.withCredentials = true;

xhr.addEventListener("readystatechange", function () {
if (this.readyState === this.DONE) {
console.log(this.responseText);
}
});

xhr.open("GET", "https:///%7Benv%7D.logicgate.com/api/v2/fields");
xhr.setRequestHeader("Accept", "application/json");
xhr.setRequestHeader("Authorization", "Bearer {TOKEN}");

xhr.send(data);

GET /api/v2/fields

Beta: This endpoint is in an open beta state and is subject to modifications.

Permissions: Build Access

Retrieve a page of all fields whose parent application the current user has Build Access to.

Parameters

Name In Type Required Description
application-id query string false The unique ID of an application where, if provided, the response will only contain fields from the identified application
workflow-id query string false The unique ID of a workflow where, if provided, the response will only contain fields from the identified workflow
step-id query string false The unique ID of a step where, if provided, the response will only contain fields from the identified step
field-type query string false A field type where, if provided, the response will only contain fields of the identified field type
page query integer(int32) false The zero-indexed page number (must not be less than 0, defaults to 0)
size query integer(int32) false The size of the page and maximum number of items to be returned (must not be less than 1, defaults to 20)
Authorization header string true A bearer authorization header containing a Risk Cloud API access token in the format Authorization: Bearer {TOKEN}.

Enumerated Values

Parameter Value
field-type DATE
field-type USER
field-type EXTERNAL_USER
field-type TEXT
field-type TEXT_AREA
field-type NUMBER
field-type E_SIGNATURE
field-type CHECKBOX
field-type MULTI_SELECT
field-type RADIO
field-type SELECT
field-type ATTACHMENT
field-type CALCULATION
field-type TEXT_CONCATENATION
field-type DATE_CALCULATION

Example responses

200 Response

{
"content": [
{
"id": "a1b2c3d4",
"name": "Risk Severity",
"application": {
"id": "a1b2c3d4",
"name": "Cyber Risk Management Application",
"type": "CONTROLS_COMPLIANCE",
"object": "application"
},
"workflow": {
"id": "a1b2c3d4",
"name": "Risk Assessments",
"recordPrefix": "Assessment",
"object": "workflow"
},
"label": "Enter the Risk Severity based on your assessment",
"global": false,
"tooltip": "Select the Risk Severity",
"helpText": "Determine the Risk Severity from your assessment",
"type": "SELECT",
"valueType": "OPTION",
"optionValues": [
{
"id": "a1b2c3d4",
"type": "OPTION",
"textValue": "Medium Risk",
"numericValue": 2,
"object": "value"
}
],
"defaultValues": [
{
"id": "a1b2c3d4",
"type": "OPTION",
"textValue": "Medium Risk",
"numericValue": 2,
"object": "value"
}
],
"object": "field"
}
],
"links": {
"first": "/api/v2/resource?page=0&size=20",
"prev": "/api/v2/resource?page=2&size=20",
"self": "/api/v2/resource?page=3&size=20",
"next": "/api/v2/resource?page=4&size=20",
"last": "/api/v2/resource?page=6&size=20"
},
"page": {
"size": 20,
"totalElements": 50,
"totalPages": 3,
"number": 0
}
}

Responses

Status Meaning Description Schema
200 OK OK PageModelOutFieldApiOut

Response Schema

Status Code 200

Name Type Description
» content [FieldApiOut] A array of returned items
»» Field (Response) FieldApiOut A array of returned items
»»» id string The unique ID of this Risk Cloud resource
»»» name string The name of the field
»»» application ApplicationPropertyApiOut The parent application of the record
»»»» id string The unique ID of this Risk Cloud resource
»»»» name string The name of the application
»»»» type string The type of Risk Cloud application
»»»» object string Identifies the type of object this data represents
»»» workflow WorkflowPropertyApiOut The parent workflow of the step
»»»» id string The unique ID of this Risk Cloud resource
»»»» name string The name of the workflow
»»»» recordPrefix string The prefix to be used in the name of every record created from this workflow
»»»» object string Identifies the type of object this data represents
»»» label string The label of the field as shown on the record
»»» global boolean Whether the field is global
»»» tooltip string The tooltip information of the field
»»» helpText string The help text of the field to supply necessary context for filling out the field
»»» type string The type of the field
»»» valueType string The type of the field value
»»» optionValues [ValuePropertyApiOut] The option values of the field for Select, Multi-Select, Radio, Checkbox, and E-Signature field types
»»»» Value (Property) ValuePropertyApiOut The values of the record field
»»»»» id string The unique ID of this Risk Cloud resource
»»»»» type string The type of the value
»»»»» textValue string The text representation of the record value, with the format varying by value type:
- NUMBER: a string representation of the number, with currency if specified on the field (example: "42")
- CALCULATION: a string representation of the label if specified on the field, otherwise the number (example: "Highest Risk")
- ATTACHMENT: the name of the attachment file (example: "my-evidence.pdf")
- DATE: the date formatted according to the requesting user’s settings (example: "1/1/23, 12:00 PM")
- OPTION: the text value of the option (example: "Medium Risk")
- USER: the full name and email of the user (example: "First Last (first.last@example.com)")
- TEXT: the text value (example: "Data Theft")
»»»»» numericValue number(double) The numeric representation of the record value, with the format varying by value type:
- NUMBER: the numeric value of the number (example: 42.0)
- CALCULATION: the numeric value of the calculation (example: 42.0)
- ATTACHMENT: the version count of the attachment (example: 2.0)
- DATE: the date measured in milliseconds since the Unix epoch (example: 1672552800000.0)
- OPTION: the numeric value of the option (example: 2.0)
- USER: a null value (example: null)
- TEXT: a null value (example: null)
»»»»» object string Identifies the type of object this data represents
»»» defaultValues [ValuePropertyApiOut] The default values of the field
»»»» Value (Property) ValuePropertyApiOut The values of the record field
»»» object string Identifies the type of object this data represents
» links PageLinksOut A collection of page URL links for navigation and iteration
»» first string A URL path to the first page of requested data
»» prev string A URL path to the next page of requested data or null if currently on first page
»» self string A URL path to the current page of requested data
»» next string A URL link to the next page of requested data or null if currently on last page
»» last string A URL link to the last page of requested data
» page PageInfoOut A collection page metadata
»» size integer(int64) The size of the page and maximum number of items to be returned (must not be less than 1, defaults to 20)
»» totalElements integer(int64) The total number of items available
»» totalPages integer(int64) The total number of pages available based on the size
»» number integer(int64) The zero-indexed page number (must not be less than 0, defaults to 0)

Enumerated Values

Property Value
type ACCESS_MANAGEMENT
type AML_KYC
type ASSET_MANAGEMENT
type AUDIT_MANAGEMENT
type BUSINESS_CONTINUITY_PLANNING
type CHANGE_MANAGEMENT
type COMPLAINT_MANAGEMENT
type COMPLIANCE_MANAGEMENT
type CONTRACT_MANAGEMENT
type CONTROLS_COMPLIANCE
type CONTROLS_MANAGEMENT
type CRISIS_MANAGEMENT
type CUSTOM
type CUSTOM_GRC_USE_CASE
type CYBER_RISK_MANAGEMENT
type DATA_PRIVACY_MANAGEMENT
type EMPLOYEE_COMPLIANCE
type ENTERPRISE_RISK_MANAGEMENT
type ESG
type INCIDENT_MANAGEMENT
type INTERNAL_AUDIT_MANAGEMENT
type IT_RISK_MANAGEMENT
type NONE
type OPERATIONAL_RESILIENCY
type OTHER
type POLICY_AND_PROCEDURE_MANAGEMENT
type POLICY_MANAGEMENT
type PRIVACY_MANAGEMENT
type QUANTIFY
type REGULATORY_COMPLIANCE
type REPOSITORY
type RISK_QUANTIFICATION
type SOX_TESTING
type STANDARDS_REGULATIONS
type SURVEY
type THIRD_PARTY_RISK_MANAGEMENT
type DATE
type USER
type EXTERNAL_USER
type TEXT
type TEXT_AREA
type NUMBER
type E_SIGNATURE
type CHECKBOX
type MULTI_SELECT
type RADIO
type SELECT
type ATTACHMENT
type CALCULATION
type TEXT_CONCATENATION
type DATE_CALCULATION
type OTHER
valueType NUMBER
valueType CALCULATION
valueType ATTACHMENT
valueType DATE
valueType OPTION
valueType USER
valueType TEXT
valueType OTHER
type NUMBER
type CALCULATION
type ATTACHMENT
type DATE
type OPTION
type USER
type TEXT
type OTHER

Record

A Record is a form that can capture information, store cataloged data, and link to other Records as it moves through each Step of a Workflow

GETRetrieve records

Code samples

curl --request GET \
--url https:///%7Benv%7D.logicgate.com/api/v2/records \
--header 'Accept: application/json' \
--header 'Authorization: Bearer {TOKEN}'
HttpResponse<String> response = Unirest.get("https:///%7Benv%7D.logicgate.com/api/v2/records")
.header("Accept", "application/json")
.header("Authorization", "Bearer {TOKEN}")
.asString();
import http.client

conn = http.client.HTTPSConnection("")

headers = {
'Accept': "application/json",
'Authorization': "Bearer {TOKEN}"
}

conn.request("GET", "%7Benv%7D.logicgate.com/api/v2/records", headers=headers)

res = conn.getresponse()
data = res.read()

print(data.decode("utf-8"))
var client = new RestClient("https:///%7Benv%7D.logicgate.com/api/v2/records");
var request = new RestRequest(Method.GET);
request.AddHeader("Accept", "application/json");
request.AddHeader("Authorization", "Bearer {TOKEN}");
IRestResponse response = client.Execute(request);
const data = null;

const xhr = new XMLHttpRequest();
xhr.withCredentials = true;

xhr.addEventListener("readystatechange", function () {
if (this.readyState === this.DONE) {
console.log(this.responseText);
}
});

xhr.open("GET", "https:///%7Benv%7D.logicgate.com/api/v2/records");
xhr.setRequestHeader("Accept", "application/json");
xhr.setRequestHeader("Authorization", "Bearer {TOKEN}");

xhr.send(data);

GET /api/v2/records

Beta: This endpoint is in an open beta state and is subject to modifications.

Permissions: Authenticated User

Retrieve a page of all records that the current user has Read or Write access to.

Parameters

Name In Type Required Description
application-id query string false The unique ID of an application where, if provided, the response will only contain records from the identified application
workflow-id query string false The unique ID of a workflow where, if provided, the response will only contain records from the identified workflow
step-id query string false The unique ID of a step where, if provided, the response will only contain records on the identified step
updated-min query integer(int64) false A timestamp measured in milliseconds since the Unix epoch where, if provided, the response will only contain records that have been modified since the given timestamp
page query integer(int32) false The zero-indexed page number (must not be less than 0, defaults to 0)
size query integer(int32) false The size of the page and maximum number of items to be returned (must not be less than 1, defaults to 20)
Authorization header string true A bearer authorization header containing a Risk Cloud API access token in the format Authorization: Bearer {TOKEN}.

Example responses

200 Response

{
"content": [
{
"id": "a1b2c3d4",
"recordName": "Assessment-7",
"name": "Medium Risk",
"status": "IN_PROGRESS",
"sequenceNumber": 7,
"dates": {
"created": "2019-08-24T14:15:22Z",
"dueDate": "2019-08-24T14:15:22Z",
"recordDueDate": "2019-08-24T14:15:22Z",
"daysUntilDue": 3,
"updated": "2019-08-24T14:15:22Z",
"completed": "2019-08-24T14:15:22Z",
"lastCompleted": "2019-08-24T14:15:22Z"
},
"assignee": {
"id": "a1b2c3d4",
"name": "Jane Doe",
"email": "jane.doe@example.com",
"object": "user"
},
"creator": {
"id": "a1b2c3d4",
"name": "Jane Doe",
"email": "jane.doe@example.com",
"object": "user"
},
"application": {
"id": "a1b2c3d4",
"name": "Cyber Risk Management Application",
"type": "CONTROLS_COMPLIANCE",
"object": "application"
},
"workflow": {
"id": "a1b2c3d4",
"name": "Risk Assessments",
"recordPrefix": "Assessment",
"object": "workflow"
},
"currentStep": {
"id": "a1b2c3d4",
"name": "Identify Risk",
"type": "ORIGIN",
"object": "step"
},
"originStep": {
"id": "a1b2c3d4",
"name": "Identify Risk",
"type": "ORIGIN",
"object": "step"
},
"fields": [
{
"id": "a1b2c3d4",
"name": "Risk Severity",
"label": "Enter the Risk Severity based on your assessment",
"global": false,
"type": "SELECT",
"valueType": "OPTION",
"values": [
{
"id": "a1b2c3d4",
"type": "OPTION",
"textValue": "Medium Risk",
"numericValue": 2,
"object": "value"
}
],
"object": "field"
}
],
"object": "application"
}
],
"links": {
"first": "/api/v2/resource?page=0&size=20",
"prev": "/api/v2/resource?page=2&size=20",
"self": "/api/v2/resource?page=3&size=20",
"next": "/api/v2/resource?page=4&size=20",
"last": "/api/v2/resource?page=6&size=20"
},
"page": {
"size": 20,
"totalElements": 50,
"totalPages": 3,
"number": 0
}
}

Responses

Status Meaning Description Schema
200 OK OK PageModelOutRecordApiOut

Response Schema

Status Code 200

Name Type Description
» content [RecordApiOut] A array of returned items
»» Record (Response) RecordApiOut A array of returned items
»»» id string The unique ID of this Risk Cloud resource
»»» recordName string The workflow prefix and sequence number of the record
»»» name string The text value of the primary field of the record, otherwise the workflow prefix and sequence number of the record
»»» status string The status of the record
»»» sequenceNumber integer(int64) The sequence number of the record
»»» dates RecordDatesApiOut Date information associated with the record
»»»» created string(date-time) The moment this Risk Cloud resource was created measured in milliseconds since the Unix epoch.
»»»» dueDate string(date-time) The due date of this record and step SLA measured in milliseconds since the Unix epoch
»»»» recordDueDate string(date-time) The due date of this record measured in milliseconds since the Unix epoch
»»»» daysUntilDue integer(int64) The number of days until this record is due
»»»» updated string(date-time) The moment this Risk Cloud resource was last updated measured in milliseconds since the Unix epoch.
»»»» completed string(date-time) The moment this record was completed if the record is currently in an end step measured in milliseconds since the Unix epoch
»»»» lastCompleted string(date-time) The moment this record was last completed regardless of if the record has transitioned from an end step measured in milliseconds since the Unix epoch
»»» assignee UserPropertyApiOut The creator of the record
»»»» id string The unique ID of this Risk Cloud resource
»»»» name string The name of the user
»»»» email string The email of the user
»»»» object string Identifies the type of object this data represents
»»» creator UserPropertyApiOut The creator of the record
»»» application ApplicationPropertyApiOut The parent application of the record
»»»» id string The unique ID of this Risk Cloud resource
»»»» name string The name of the application
»»»» type string The type of Risk Cloud application
»»»» object string Identifies the type of object this data represents
»»» workflow WorkflowPropertyApiOut The parent workflow of the step
»»»» id string The unique ID of this Risk Cloud resource
»»»» name string The name of the workflow
»»»» recordPrefix string The prefix to be used in the name of every record created from this workflow
»»»» object string Identifies the type of object this data represents
»»» currentStep StepPropertyApiOut The origin step of the record
»»»» id string The unique ID of this Risk Cloud resource
»»»» name string The name of the step
»»»» type string The type of the step
»»»» object string Identifies the type of object this data represents
»»» originStep StepPropertyApiOut The origin step of the record
»»» fields [FieldRecordApiOut] The fields and values of the record
»»»» Field (Record) FieldRecordApiOut The fields and values of the record
»»»»» id string The unique ID of this Risk Cloud resource
»»»»» name string The name of the field
»»»»» label string The label of the field as shown on the record
»»»»» global boolean Whether the field is global
»»»»» type string The type of the field
»»»»» valueType string The type of the field value
»»»»» values [ValuePropertyApiOut] The values of the record field
»»»»»» Value (Property) ValuePropertyApiOut The values of the record field
»»»»»»» id string The unique ID of this Risk Cloud resource
»»»»»»» type string The type of the value
»»»»»»» textValue string The text representation of the record value, with the format varying by value type:
- NUMBER: a string representation of the number, with currency if specified on the field (example: "42")
- CALCULATION: a string representation of the label if specified on the field, otherwise the number (example: "Highest Risk")
- ATTACHMENT: the name of the attachment file (example: "my-evidence.pdf")
- DATE: the date formatted according to the requesting user’s settings (example: "1/1/23, 12:00 PM")
- OPTION: the text value of the option (example: "Medium Risk")
- USER: the full name and email of the user (example: "First Last (first.last@example.com)")
- TEXT: the text value (example: "Data Theft")
»»»»»»» numericValue number(double) The numeric representation of the record value, with the format varying by value type:
- NUMBER: the numeric value of the number (example: 42.0)
- CALCULATION: the numeric value of the calculation (example: 42.0)
- ATTACHMENT: the version count of the attachment (example: 2.0)
- DATE: the date measured in milliseconds since the Unix epoch (example: 1672552800000.0)
- OPTION: the numeric value of the option (example: 2.0)
- USER: a null value (example: null)
- TEXT: a null value (example: null)
»»»»»»» object string Identifies the type of object this data represents
»»»»» object string Identifies the type of object this data represents
»»» object string Identifies the type of object this data represents
» links PageLinksOut A collection of page URL links for navigation and iteration
»» first string A URL path to the first page of requested data
»» prev string A URL path to the next page of requested data or null if currently on first page
»» self string A URL path to the current page of requested data
»» next string A URL link to the next page of requested data or null if currently on last page
»» last string A URL link to the last page of requested data
» page PageInfoOut A collection page metadata
»» size integer(int64) The size of the page and maximum number of items to be returned (must not be less than 1, defaults to 20)
»» totalElements integer(int64) The total number of items available
»» totalPages integer(int64) The total number of pages available based on the size
»» number integer(int64) The zero-indexed page number (must not be less than 0, defaults to 0)

Enumerated Values

Property Value
status INACTIVE
status NOT_ASSIGNED
status ASSIGNED
status IN_PROGRESS
status COMPLETE
type ACCESS_MANAGEMENT
type AML_KYC
type ASSET_MANAGEMENT
type AUDIT_MANAGEMENT
type BUSINESS_CONTINUITY_PLANNING
type CHANGE_MANAGEMENT
type COMPLAINT_MANAGEMENT
type COMPLIANCE_MANAGEMENT
type CONTRACT_MANAGEMENT
type CONTROLS_COMPLIANCE
type CONTROLS_MANAGEMENT
type CRISIS_MANAGEMENT
type CUSTOM
type CUSTOM_GRC_USE_CASE
type CYBER_RISK_MANAGEMENT
type DATA_PRIVACY_MANAGEMENT
type EMPLOYEE_COMPLIANCE
type ENTERPRISE_RISK_MANAGEMENT
type ESG
type INCIDENT_MANAGEMENT
type INTERNAL_AUDIT_MANAGEMENT
type IT_RISK_MANAGEMENT
type NONE
type OPERATIONAL_RESILIENCY
type OTHER
type POLICY_AND_PROCEDURE_MANAGEMENT
type POLICY_MANAGEMENT
type PRIVACY_MANAGEMENT
type QUANTIFY
type REGULATORY_COMPLIANCE
type REPOSITORY
type RISK_QUANTIFICATION
type SOX_TESTING
type STANDARDS_REGULATIONS
type SURVEY
type THIRD_PARTY_RISK_MANAGEMENT
type ORIGIN
type CHAIN
type END
type DATE
type USER
type EXTERNAL_USER
type TEXT
type TEXT_AREA
type NUMBER
type E_SIGNATURE
type CHECKBOX
type MULTI_SELECT
type RADIO
type SELECT
type ATTACHMENT
type CALCULATION
type TEXT_CONCATENATION
type DATE_CALCULATION
type OTHER
valueType NUMBER
valueType CALCULATION
valueType ATTACHMENT
valueType DATE
valueType OPTION
valueType USER
valueType TEXT
valueType OTHER
type NUMBER
type CALCULATION
type ATTACHMENT
type DATE
type OPTION
type USER
type TEXT
type OTHER

GETRetrieve a record

Code samples

curl --request GET \
--url https:///%7Benv%7D.logicgate.com/api/v2/records/string \
--header 'Accept: application/json' \
--header 'Authorization: Bearer {TOKEN}'
HttpResponse<String> response = Unirest.get("https:///%7Benv%7D.logicgate.com/api/v2/records/string")
.header("Accept", "application/json")
.header("Authorization", "Bearer {TOKEN}")
.asString();
import http.client

conn = http.client.HTTPSConnection("")

headers = {
'Accept': "application/json",
'Authorization': "Bearer {TOKEN}"
}

conn.request("GET", "%7Benv%7D.logicgate.com/api/v2/records/string", headers=headers)

res = conn.getresponse()
data = res.read()

print(data.decode("utf-8"))
var client = new RestClient("https:///%7Benv%7D.logicgate.com/api/v2/records/string");
var request = new RestRequest(Method.GET);
request.AddHeader("Accept", "application/json");
request.AddHeader("Authorization", "Bearer {TOKEN}");
IRestResponse response = client.Execute(request);
const data = null;

const xhr = new XMLHttpRequest();
xhr.withCredentials = true;

xhr.addEventListener("readystatechange", function () {
if (this.readyState === this.DONE) {
console.log(this.responseText);
}
});

xhr.open("GET", "https:///%7Benv%7D.logicgate.com/api/v2/records/string");
xhr.setRequestHeader("Accept", "application/json");
xhr.setRequestHeader("Authorization", "Bearer {TOKEN}");

xhr.send(data);

GET /api/v2/records/{id}

Beta: This endpoint is in an open beta state and is subject to modifications.

Permissions: Read or Write access

Retrieve a record specified by the ID in the URL path.

Parameters

Name In Type Required Description
id path string true The unique identifier of the record
Authorization header string true A bearer authorization header containing a Risk Cloud API access token in the format Authorization: Bearer {TOKEN}.

Example responses

200 Response

{
"id": "a1b2c3d4",
"recordName": "Assessment-7",
"name": "Medium Risk",
"status": "IN_PROGRESS",
"sequenceNumber": 7,
"dates": {
"created": "2019-08-24T14:15:22Z",
"dueDate": "2019-08-24T14:15:22Z",
"recordDueDate": "2019-08-24T14:15:22Z",
"daysUntilDue": 3,
"updated": "2019-08-24T14:15:22Z",
"completed": "2019-08-24T14:15:22Z",
"lastCompleted": "2019-08-24T14:15:22Z"
},
"assignee": {
"id": "a1b2c3d4",
"name": "Jane Doe",
"email": "jane.doe@example.com",
"object": "user"
},
"creator": {
"id": "a1b2c3d4",
"name": "Jane Doe",
"email": "jane.doe@example.com",
"object": "user"
},
"application": {
"id": "a1b2c3d4",
"name": "Cyber Risk Management Application",
"type": "CONTROLS_COMPLIANCE",
"object": "application"
},
"workflow": {
"id": "a1b2c3d4",
"name": "Risk Assessments",
"recordPrefix": "Assessment",
"object": "workflow"
},
"currentStep": {
"id": "a1b2c3d4",
"name": "Identify Risk",
"type": "ORIGIN",
"object": "step"
},
"originStep": {
"id": "a1b2c3d4",
"name": "Identify Risk",
"type": "ORIGIN",
"object": "step"
},
"fields": [
{
"id": "a1b2c3d4",
"name": "Risk Severity",
"label": "Enter the Risk Severity based on your assessment",
"global": false,
"type": "SELECT",
"valueType": "OPTION",
"values": [
{
"id": "a1b2c3d4",
"type": "OPTION",
"textValue": "Medium Risk",
"numericValue": 2,
"object": "value"
}
],
"object": "field"
}
],
"object": "application"
}

Responses

Status Meaning Description Schema
200 OK OK RecordApiOut

Response Schema

Status Code 200

Name Type Description
» id string The unique ID of this Risk Cloud resource
» recordName string The workflow prefix and sequence number of the record
» name string The text value of the primary field of the record, otherwise the workflow prefix and sequence number of the record
» status string The status of the record
» sequenceNumber integer(int64) The sequence number of the record
» dates RecordDatesApiOut Date information associated with the record
»» created string(date-time) The moment this Risk Cloud resource was created measured in milliseconds since the Unix epoch.
»» dueDate string(date-time) The due date of this record and step SLA measured in milliseconds since the Unix epoch
»» recordDueDate string(date-time) The due date of this record measured in milliseconds since the Unix epoch
»» daysUntilDue integer(int64) The number of days until this record is due
»» updated string(date-time) The moment this Risk Cloud resource was last updated measured in milliseconds since the Unix epoch.
»» completed string(date-time) The moment this record was completed if the record is currently in an end step measured in milliseconds since the Unix epoch
»» lastCompleted string(date-time) The moment this record was last completed regardless of if the record has transitioned from an end step measured in milliseconds since the Unix epoch
» assignee UserPropertyApiOut The creator of the record
»» id string The unique ID of this Risk Cloud resource
»» name string The name of the user
»» email string The email of the user
»» object string Identifies the type of object this data represents
» creator UserPropertyApiOut The creator of the record
» application ApplicationPropertyApiOut The parent application of the record
»» id string The unique ID of this Risk Cloud resource
»» name string The name of the application
»» type string The type of Risk Cloud application
»» object string Identifies the type of object this data represents
» workflow WorkflowPropertyApiOut The parent workflow of the step
»» id string The unique ID of this Risk Cloud resource
»» name string The name of the workflow
»» recordPrefix string The prefix to be used in the name of every record created from this workflow
»» object string Identifies the type of object this data represents
» currentStep StepPropertyApiOut The origin step of the record
»» id string The unique ID of this Risk Cloud resource
»» name string The name of the step
»» type string The type of the step
»» object string Identifies the type of object this data represents
» originStep StepPropertyApiOut The origin step of the record
» fields [FieldRecordApiOut] The fields and values of the record
»» Field (Record) FieldRecordApiOut The fields and values of the record
»»» id string The unique ID of this Risk Cloud resource
»»» name string The name of the field
»»» label string The label of the field as shown on the record
»»» global boolean Whether the field is global
»»» type string The type of the field
»»» valueType string The type of the field value
»»» values [ValuePropertyApiOut] The values of the record field
»»»» Value (Property) ValuePropertyApiOut The values of the record field
»»»»» id string The unique ID of this Risk Cloud resource
»»»»» type string The type of the value
»»»»» textValue string The text representation of the record value, with the format varying by value type:
- NUMBER: a string representation of the number, with currency if specified on the field (example: "42")
- CALCULATION: a string representation of the label if specified on the field, otherwise the number (example: "Highest Risk")
- ATTACHMENT: the name of the attachment file (example: "my-evidence.pdf")
- DATE: the date formatted according to the requesting user’s settings (example: "1/1/23, 12:00 PM")
- OPTION: the text value of the option (example: "Medium Risk")
- USER: the full name and email of the user (example: "First Last (first.last@example.com)")
- TEXT: the text value (example: "Data Theft")
»»»»» numericValue number(double) The numeric representation of the record value, with the format varying by value type:
- NUMBER: the numeric value of the number (example: 42.0)
- CALCULATION: the numeric value of the calculation (example: 42.0)
- ATTACHMENT: the version count of the attachment (example: 2.0)
- DATE: the date measured in milliseconds since the Unix epoch (example: 1672552800000.0)
- OPTION: the numeric value of the option (example: 2.0)
- USER: a null value (example: null)
- TEXT: a null value (example: null)
»»»»» object string Identifies the type of object this data represents
»»» object string Identifies the type of object this data represents
» object string Identifies the type of object this data represents

Enumerated Values

Property Value
status INACTIVE
status NOT_ASSIGNED
status ASSIGNED
status IN_PROGRESS
status COMPLETE
type ACCESS_MANAGEMENT
type AML_KYC
type ASSET_MANAGEMENT
type AUDIT_MANAGEMENT
type BUSINESS_CONTINUITY_PLANNING
type CHANGE_MANAGEMENT
type COMPLAINT_MANAGEMENT
type COMPLIANCE_MANAGEMENT
type CONTRACT_MANAGEMENT
type CONTROLS_COMPLIANCE
type CONTROLS_MANAGEMENT
type CRISIS_MANAGEMENT
type CUSTOM
type CUSTOM_GRC_USE_CASE
type CYBER_RISK_MANAGEMENT
type DATA_PRIVACY_MANAGEMENT
type EMPLOYEE_COMPLIANCE
type ENTERPRISE_RISK_MANAGEMENT
type ESG
type INCIDENT_MANAGEMENT
type INTERNAL_AUDIT_MANAGEMENT
type IT_RISK_MANAGEMENT
type NONE
type OPERATIONAL_RESILIENCY
type OTHER
type POLICY_AND_PROCEDURE_MANAGEMENT
type POLICY_MANAGEMENT
type PRIVACY_MANAGEMENT
type QUANTIFY
type REGULATORY_COMPLIANCE
type REPOSITORY
type RISK_QUANTIFICATION
type SOX_TESTING
type STANDARDS_REGULATIONS
type SURVEY
type THIRD_PARTY_RISK_MANAGEMENT
type ORIGIN
type CHAIN
type END
type DATE
type USER
type EXTERNAL_USER
type TEXT
type TEXT_AREA
type NUMBER
type E_SIGNATURE
type CHECKBOX
type MULTI_SELECT
type RADIO
type SELECT
type ATTACHMENT
type CALCULATION
type TEXT_CONCATENATION
type DATE_CALCULATION
type OTHER
valueType NUMBER
valueType CALCULATION
valueType ATTACHMENT
valueType DATE
valueType OPTION
valueType USER
valueType TEXT
valueType OTHER
type NUMBER
type CALCULATION
type ATTACHMENT
type DATE
type OPTION
type USER
type TEXT
type OTHER

GETRetrieve all linked records

Code samples

curl --request GET \
--url 'https:///%7Benv%7D.logicgate.com/api/v2/records/string/linked?workflow%252Did=a1b2c3d4' \
--header 'Accept: application/json' \
--header 'Authorization: Bearer {TOKEN}'
HttpResponse<String> response = Unirest.get("https:///%7Benv%7D.logicgate.com/api/v2/records/string/linked?workflow%252Did=a1b2c3d4")
.header("Accept", "application/json")
.header("Authorization", "Bearer {TOKEN}")
.asString();
import http.client

conn = http.client.HTTPSConnection("")

headers = {
'Accept': "application/json",
'Authorization': "Bearer {TOKEN}"
}

conn.request("GET", "%7Benv%7D.logicgate.com/api/v2/records/string/linked?workflow%252Did=a1b2c3d4", headers=headers)

res = conn.getresponse()
data = res.read()

print(data.decode("utf-8"))
var client = new RestClient("https:///%7Benv%7D.logicgate.com/api/v2/records/string/linked?workflow%252Did=a1b2c3d4");
var request = new RestRequest(Method.GET);
request.AddHeader("Accept", "application/json");
request.AddHeader("Authorization", "Bearer {TOKEN}");
IRestResponse response = client.Execute(request);
const data = null;

const xhr = new XMLHttpRequest();
xhr.withCredentials = true;

xhr.addEventListener("readystatechange", function () {
if (this.readyState === this.DONE) {
console.log(this.responseText);
}
});

xhr.open("GET", "https:///%7Benv%7D.logicgate.com/api/v2/records/string/linked?workflow%252Did=a1b2c3d4");
xhr.setRequestHeader("Accept", "application/json");
xhr.setRequestHeader("Authorization", "Bearer {TOKEN}");

xhr.send(data);

GET /api/v2/records/{id}/linked

Beta: This endpoint is in an open beta state and is subject to modifications.

Permissions: Read or Write access

Retrieve a page of all records that are linked to the record of the given record ID that the current user has Read or Write access to. The maximum depth of linked records to return with regards to the relationship between the records can be specified by the depth property, which defaults to 10.

This endpoint reflects the functionality of Relationship Reports in the Risk Cloud.

Parameters

Name In Type Required Description
id path string true The unique identifier of the record
workflow-id query string true The unique ID of a workflow where, if provided, the response will only contain linked records from the identified workflow
depth query integer(int32) false Specifies the maximum depth of linked records to return with regards to the relationship between the given record’s workflow and the workflow specified by workflow-id (must not be less than 0, defaults to 10)
updated-min query integer(int64) false A timestamp measured in milliseconds since the Unix epoch where, if provided, the response will only contain records that have been modified since the given timestamp
page query integer(int32) false The zero-indexed page number (must not be less than 0, defaults to 0)
size query integer(int32) false The size of the page and maximum number of items to be returned (must not be less than 1, defaults to 20)
Authorization header string true A bearer authorization header containing a Risk Cloud API access token in the format Authorization: Bearer {TOKEN}.

Example responses

200 Response

{
"content": [
{
"id": "a1b2c3d4",
"recordName": "Assessment-7",
"name": "Medium Risk",
"status": "IN_PROGRESS",
"sequenceNumber": 7,
"dates": {
"created": "2019-08-24T14:15:22Z",
"dueDate": "2019-08-24T14:15:22Z",
"recordDueDate": "2019-08-24T14:15:22Z",
"daysUntilDue": 3,
"updated": "2019-08-24T14:15:22Z",
"completed": "2019-08-24T14:15:22Z",
"lastCompleted": "2019-08-24T14:15:22Z"
},
"assignee": {
"id": "a1b2c3d4",
"name": "Jane Doe",
"email": "jane.doe@example.com",
"object": "user"
},
"creator": {
"id": "a1b2c3d4",
"name": "Jane Doe",
"email": "jane.doe@example.com",
"object": "user"
},
"application": {
"id": "a1b2c3d4",
"name": "Cyber Risk Management Application",
"type": "CONTROLS_COMPLIANCE",
"object": "application"
},
"workflow": {
"id": "a1b2c3d4",
"name": "Risk Assessments",
"recordPrefix": "Assessment",
"object": "workflow"
},
"currentStep": {
"id": "a1b2c3d4",
"name": "Identify Risk",
"type": "ORIGIN",
"object": "step"
},
"originStep": {
"id": "a1b2c3d4",
"name": "Identify Risk",
"type": "ORIGIN",
"object": "step"
},
"fields": [
{
"id": "a1b2c3d4",
"name": "Risk Severity",
"label": "Enter the Risk Severity based on your assessment",
"global": false,
"type": "SELECT",
"valueType": "OPTION",
"values": [
{
"id": "a1b2c3d4",
"type": "OPTION",
"textValue": "Medium Risk",
"numericValue": 2,
"object": "value"
}
],
"object": "field"
}
],
"object": "application"
}
],
"links": {
"first": "/api/v2/resource?page=0&size=20",
"prev": "/api/v2/resource?page=2&size=20",
"self": "/api/v2/resource?page=3&size=20",
"next": "/api/v2/resource?page=4&size=20",
"last": "/api/v2/resource?page=6&size=20"
},
"page": {
"size": 20,
"totalElements": 50,
"totalPages": 3,
"number": 0
}
}

Responses

Status Meaning Description Schema
200 OK OK PageModelOutRecordApiOut

Response Schema

Status Code 200

Name Type Description
» content [RecordApiOut] A array of returned items
»» Record (Response) RecordApiOut A array of returned items
»»» id string The unique ID of this Risk Cloud resource
»»» recordName string The workflow prefix and sequence number of the record
»»» name string The text value of the primary field of the record, otherwise the workflow prefix and sequence number of the record
»»» status string The status of the record
»»» sequenceNumber integer(int64) The sequence number of the record
»»» dates RecordDatesApiOut Date information associated with the record
»»»» created string(date-time) The moment this Risk Cloud resource was created measured in milliseconds since the Unix epoch.
»»»» dueDate string(date-time) The due date of this record and step SLA measured in milliseconds since the Unix epoch
»»»» recordDueDate string(date-time) The due date of this record measured in milliseconds since the Unix epoch
»»»» daysUntilDue integer(int64) The number of days until this record is due
»»»» updated string(date-time) The moment this Risk Cloud resource was last updated measured in milliseconds since the Unix epoch.
»»»» completed string(date-time) The moment this record was completed if the record is currently in an end step measured in milliseconds since the Unix epoch
»»»» lastCompleted string(date-time) The moment this record was last completed regardless of if the record has transitioned from an end step measured in milliseconds since the Unix epoch
»»» assignee UserPropertyApiOut The creator of the record
»»»» id string The unique ID of this Risk Cloud resource
»»»» name string The name of the user
»»»» email string The email of the user
»»»» object string Identifies the type of object this data represents
»»» creator UserPropertyApiOut The creator of the record
»»» application ApplicationPropertyApiOut The parent application of the record
»»»» id string The unique ID of this Risk Cloud resource
»»»» name string The name of the application
»»»» type string The type of Risk Cloud application
»»»» object string Identifies the type of object this data represents
»»» workflow WorkflowPropertyApiOut The parent workflow of the step
»»»» id string The unique ID of this Risk Cloud resource
»»»» name string The name of the workflow
»»»» recordPrefix string The prefix to be used in the name of every record created from this workflow
»»»» object string Identifies the type of object this data represents
»»» currentStep StepPropertyApiOut The origin step of the record
»»»» id string The unique ID of this Risk Cloud resource
»»»» name string The name of the step
»»»» type string The type of the step
»»»» object string Identifies the type of object this data represents
»»» originStep StepPropertyApiOut The origin step of the record
»»» fields [FieldRecordApiOut] The fields and values of the record
»»»» Field (Record) FieldRecordApiOut The fields and values of the record
»»»»» id string The unique ID of this Risk Cloud resource
»»»»» name string The name of the field
»»»»» label string The label of the field as shown on the record
»»»»» global boolean Whether the field is global
»»»»» type string The type of the field
»»»»» valueType string The type of the field value
»»»»» values [ValuePropertyApiOut] The values of the record field
»»»»»» Value (Property) ValuePropertyApiOut The values of the record field
»»»»»»» id string The unique ID of this Risk Cloud resource
»»»»»»» type string The type of the value
»»»»»»» textValue string The text representation of the record value, with the format varying by value type:
- NUMBER: a string representation of the number, with currency if specified on the field (example: "42")
- CALCULATION: a string representation of the label if specified on the field, otherwise the number (example: "Highest Risk")
- ATTACHMENT: the name of the attachment file (example: "my-evidence.pdf")
- DATE: the date formatted according to the requesting user’s settings (example: "1/1/23, 12:00 PM")
- OPTION: the text value of the option (example: "Medium Risk")
- USER: the full name and email of the user (example: "First Last (first.last@example.com)")
- TEXT: the text value (example: "Data Theft")
»»»»»»» numericValue number(double) The numeric representation of the record value, with the format varying by value type:
- NUMBER: the numeric value of the number (example: 42.0)
- CALCULATION: the numeric value of the calculation (example: 42.0)
- ATTACHMENT: the version count of the attachment (example: 2.0)
- DATE: the date measured in milliseconds since the Unix epoch (example: 1672552800000.0)
- OPTION: the numeric value of the option (example: 2.0)
- USER: a null value (example: null)
- TEXT: a null value (example: null)
»»»»»»» object string Identifies the type of object this data represents
»»»»» object string Identifies the type of object this data represents
»»» object string Identifies the type of object this data represents
» links PageLinksOut A collection of page URL links for navigation and iteration
»» first string A URL path to the first page of requested data
»» prev string A URL path to the next page of requested data or null if currently on first page
»» self string A URL path to the current page of requested data
»» next string A URL link to the next page of requested data or null if currently on last page
»» last string A URL link to the last page of requested data
» page PageInfoOut A collection page metadata
»» size integer(int64) The size of the page and maximum number of items to be returned (must not be less than 1, defaults to 20)
»» totalElements integer(int64) The total number of items available
»» totalPages integer(int64) The total number of pages available based on the size
»» number integer(int64) The zero-indexed page number (must not be less than 0, defaults to 0)

Enumerated Values

Property Value
status INACTIVE
status NOT_ASSIGNED
status ASSIGNED
status IN_PROGRESS
status COMPLETE
type ACCESS_MANAGEMENT
type AML_KYC
type ASSET_MANAGEMENT
type AUDIT_MANAGEMENT
type BUSINESS_CONTINUITY_PLANNING
type CHANGE_MANAGEMENT
type COMPLAINT_MANAGEMENT
type COMPLIANCE_MANAGEMENT
type CONTRACT_MANAGEMENT
type CONTROLS_COMPLIANCE
type CONTROLS_MANAGEMENT
type CRISIS_MANAGEMENT
type CUSTOM
type CUSTOM_GRC_USE_CASE
type CYBER_RISK_MANAGEMENT
type DATA_PRIVACY_MANAGEMENT
type EMPLOYEE_COMPLIANCE
type ENTERPRISE_RISK_MANAGEMENT
type ESG
type INCIDENT_MANAGEMENT
type INTERNAL_AUDIT_MANAGEMENT
type IT_RISK_MANAGEMENT
type NONE
type OPERATIONAL_RESILIENCY
type OTHER
type POLICY_AND_PROCEDURE_MANAGEMENT
type POLICY_MANAGEMENT
type PRIVACY_MANAGEMENT
type QUANTIFY
type REGULATORY_COMPLIANCE
type REPOSITORY
type RISK_QUANTIFICATION
type SOX_TESTING
type STANDARDS_REGULATIONS
type SURVEY
type THIRD_PARTY_RISK_MANAGEMENT
type ORIGIN
type CHAIN
type END
type DATE
type USER
type EXTERNAL_USER
type TEXT
type TEXT_AREA
type NUMBER
type E_SIGNATURE
type CHECKBOX
type MULTI_SELECT
type RADIO
type SELECT
type ATTACHMENT
type CALCULATION
type TEXT_CONCATENATION
type DATE_CALCULATION
type OTHER
valueType NUMBER
valueType CALCULATION
valueType ATTACHMENT
valueType DATE
valueType OPTION
valueType USER
valueType TEXT
valueType OTHER
type NUMBER
type CALCULATION
type ATTACHMENT
type DATE
type OPTION
type USER
type TEXT
type OTHER

Step

A Step lives in a Workflow and is configured with a set of Sections, Subsections and Fields to create a form

GETRetrieve steps

Code samples

curl --request GET \
--url https:///%7Benv%7D.logicgate.com/api/v2/steps \
--header 'Accept: application/json' \
--header 'Authorization: Bearer {TOKEN}'
HttpResponse<String> response = Unirest.get("https:///%7Benv%7D.logicgate.com/api/v2/steps")
.header("Accept", "application/json")
.header("Authorization", "Bearer {TOKEN}")
.asString();
import http.client

conn = http.client.HTTPSConnection("")

headers = {
'Accept': "application/json",
'Authorization': "Bearer {TOKEN}"
}

conn.request("GET", "%7Benv%7D.logicgate.com/api/v2/steps", headers=headers)

res = conn.getresponse()
data = res.read()

print(data.decode("utf-8"))
var client = new RestClient("https:///%7Benv%7D.logicgate.com/api/v2/steps");
var request = new RestRequest(Method.GET);
request.AddHeader("Accept", "application/json");
request.AddHeader("Authorization", "Bearer {TOKEN}");
IRestResponse response = client.Execute(request);
const data = null;

const xhr = new XMLHttpRequest();
xhr.withCredentials = true;

xhr.addEventListener("readystatechange", function () {
if (this.readyState === this.DONE) {
console.log(this.responseText);
}
});

xhr.open("GET", "https:///%7Benv%7D.logicgate.com/api/v2/steps");
xhr.setRequestHeader("Accept", "application/json");
xhr.setRequestHeader("Authorization", "Bearer {TOKEN}");

xhr.send(data);

GET /api/v2/steps

Beta: This endpoint is in an open beta state and is subject to modifications.

Permissions: Build Access

Retrieve a page of all steps that the current user has Build Access to parent application to.

Parameters

Name In Type Required Description
workflow-id query string false The unique ID of a workflow where, if provided, the response will only contain steps from the identified workflow
page query integer(int32) false The zero-indexed page number (must not be less than 0, defaults to 0)
size query integer(int32) false The size of the page and maximum number of items to be returned (must not be less than 1, defaults to 20)
Authorization header string true A bearer authorization header containing a Risk Cloud API access token in the format Authorization: Bearer {TOKEN}.

Example responses

200 Response

{
"content": [
{
"id": "a1b2c3d4",
"name": "Identify Risk",
"xpos": 20,
"ypos": 20,
"type": "ORIGIN",
"enableComments": false,
"assignableUserType": "APP_USERS",
"externalUserMfaRequired": false,
"workflow": {
"id": "a1b2c3d4",
"name": "Risk Assessments",
"recordPrefix": "Assessment",
"object": "workflow"
},
"object": "step"
}
],
"links": {
"first": "/api/v2/resource?page=0&size=20",
"prev": "/api/v2/resource?page=2&size=20",
"self": "/api/v2/resource?page=3&size=20",
"next": "/api/v2/resource?page=4&size=20",
"last": "/api/v2/resource?page=6&size=20"
},
"page": {
"size": 20,
"totalElements": 50,
"totalPages": 3,
"number": 0
}
}

Responses

Status Meaning Description Schema
200 OK OK PageModelOutStepApiOut

Response Schema

Status Code 200

Name Type Description
» content [StepApiOut] A array of returned items
»» Step (Response) StepApiOut none
»»» id string The unique ID of this Risk Cloud resource
»»» name string The name of the step
»»» xpos integer(int32) The x-coordinate of the step in the application builder
»»» ypos integer(int32) The y-coordinate of the step in the application builder
»»» type string The type of the step
»»» enableComments boolean Whether comments are displayed on a step
»»» assignableUserType string Indicates which users are allowed to be assigned this step on a record
»»» externalUserMfaRequired boolean Whether MFA is required for external users to access this step.
»»» workflow WorkflowPropertyApiOut The parent workflow of the step
»»»» id string The unique ID of this Risk Cloud resource
»»»» name string The name of the workflow
»»»» recordPrefix string The prefix to be used in the name of every record created from this workflow
»»»» object string Identifies the type of object this data represents
»»» object string Identifies the type of object this data represents
» links PageLinksOut A collection of page URL links for navigation and iteration
»» first string A URL path to the first page of requested data
»» prev string A URL path to the next page of requested data or null if currently on first page
»» self string A URL path to the current page of requested data
»» next string A URL link to the next page of requested data or null if currently on last page
»» last string A URL link to the last page of requested data
» page PageInfoOut A collection page metadata
»» size integer(int64) The size of the page and maximum number of items to be returned (must not be less than 1, defaults to 20)
»» totalElements integer(int64) The total number of items available
»» totalPages integer(int64) The total number of pages available based on the size
»» number integer(int64) The zero-indexed page number (must not be less than 0, defaults to 0)

Enumerated Values

Property Value
type ORIGIN
type CHAIN
type END
assignableUserType APP_AND_EXTERNAL_USERS
assignableUserType APP_USERS
assignableUserType EXTERNAL_USERS

POSTCreate a step

Code samples

curl --request POST \
--url https:///%7Benv%7D.logicgate.com/api/v2/steps \
--header 'Accept: application/json' \
--header 'Authorization: Bearer {TOKEN}' \
--header 'Content-Type: application/json' \
--data '{"name":"Identify Risk","workflowId":"a1b2c3d4","xpos":20,"ypos":20,"enableComments":false,"assignableUserType":"APP_USERS","externalUserMfaRequired":false}'
HttpResponse<String> response = Unirest.post("https:///%7Benv%7D.logicgate.com/api/v2/steps")
.header("Content-Type", "application/json")
.header("Accept", "application/json")
.header("Authorization", "Bearer {TOKEN}")
.body("{\"name\":\"Identify Risk\",\"workflowId\":\"a1b2c3d4\",\"xpos\":20,\"ypos\":20,\"enableComments\":false,\"assignableUserType\":\"APP_USERS\",\"externalUserMfaRequired\":false}")
.asString();
import http.client

conn = http.client.HTTPSConnection("")

payload = "{\"name\":\"Identify Risk\",\"workflowId\":\"a1b2c3d4\",\"xpos\":20,\"ypos\":20,\"enableComments\":false,\"assignableUserType\":\"APP_USERS\",\"externalUserMfaRequired\":false}"

headers = {
'Content-Type': "application/json",
'Accept': "application/json",
'Authorization': "Bearer {TOKEN}"
}

conn.request("POST", "%7Benv%7D.logicgate.com/api/v2/steps", payload, headers)

res = conn.getresponse()
data = res.read()

print(data.decode("utf-8"))
var client = new RestClient("https:///%7Benv%7D.logicgate.com/api/v2/steps");
var request = new RestRequest(Method.POST);
request.AddHeader("Content-Type", "application/json");
request.AddHeader("Accept", "application/json");
request.AddHeader("Authorization", "Bearer {TOKEN}");
request.AddParameter("application/json", "{\"name\":\"Identify Risk\",\"workflowId\":\"a1b2c3d4\",\"xpos\":20,\"ypos\":20,\"enableComments\":false,\"assignableUserType\":\"APP_USERS\",\"externalUserMfaRequired\":false}", ParameterType.RequestBody);
IRestResponse response = client.Execute(request);
const data = JSON.stringify({
"name": "Identify Risk",
"workflowId": "a1b2c3d4",
"xpos": 20,
"ypos": 20,
"enableComments": false,
"assignableUserType": "APP_USERS",
"externalUserMfaRequired": false
});

const xhr = new XMLHttpRequest();
xhr.withCredentials = true;

xhr.addEventListener("readystatechange", function () {
if (this.readyState === this.DONE) {
console.log(this.responseText);
}
});

xhr.open("POST", "https:///%7Benv%7D.logicgate.com/api/v2/steps");
xhr.setRequestHeader("Content-Type", "application/json");
xhr.setRequestHeader("Accept", "application/json");
xhr.setRequestHeader("Authorization", "Bearer {TOKEN}");

xhr.send(data);

POST /api/v2/steps

Beta: This endpoint is in an open beta state and is subject to modifications.

Permissions: Build Access to parent application

Create a step from a JSON request body.

Body parameter

{
"name": "Identify Risk",
"workflowId": "a1b2c3d4",
"xpos": 20,
"ypos": 20,
"enableComments": false,
"assignableUserType": "APP_USERS",
"externalUserMfaRequired": false
}

Parameters

Name In Type Required Description
Authorization header string true A bearer authorization header containing a Risk Cloud API access token in the format Authorization: Bearer {TOKEN}.
body body StepApiCreateIn true none
» name body string true The name of the step
» workflowId body string true The unique ID of the parent workflow of the step
» xpos body integer(int32) false The x-coordinate of the step in the application builder (must not be less than 0, defaults to 0)
» ypos body integer(int32) false The y-coordinate of the step in the application builder (must not be less than 0, defaults to 0)
» enableComments body boolean false Whether comments are displayed on a step (defaults to false)
» assignableUserType body string false Indicates which users are allowed to be assigned this step on a record (defaults to APP_USERS)
» externalUserMfaRequired body boolean false Whether MFA is required for external users to access this step. (defaults to false)

Enumerated Values

Parameter Value
» assignableUserType APP_AND_EXTERNAL_USERS
» assignableUserType APP_USERS
» assignableUserType EXTERNAL_USERS

Example responses

200 Response

{
"id": "a1b2c3d4",
"name": "Identify Risk",
"xpos": 20,
"ypos": 20,
"type": "ORIGIN",
"enableComments": false,
"assignableUserType": "APP_USERS",
"externalUserMfaRequired": false,
"workflow": {
"id": "a1b2c3d4",
"name": "Risk Assessments",
"recordPrefix": "Assessment",
"object": "workflow"
},
"object": "step"
}

Responses

Status Meaning Description Schema
200 OK OK StepApiOut

Response Schema

Status Code 200

Name Type Description
» id string The unique ID of this Risk Cloud resource
» name string The name of the step
» xpos integer(int32) The x-coordinate of the step in the application builder
» ypos integer(int32) The y-coordinate of the step in the application builder
» type string The type of the step
» enableComments boolean Whether comments are displayed on a step
» assignableUserType string Indicates which users are allowed to be assigned this step on a record
» externalUserMfaRequired boolean Whether MFA is required for external users to access this step.
» workflow WorkflowPropertyApiOut The parent workflow of the step
»» id string The unique ID of this Risk Cloud resource
»» name string The name of the workflow
»» recordPrefix string The prefix to be used in the name of every record created from this workflow
»» object string Identifies the type of object this data represents
» object string Identifies the type of object this data represents

Enumerated Values

Property Value
type ORIGIN
type CHAIN
type END
assignableUserType APP_AND_EXTERNAL_USERS
assignableUserType APP_USERS
assignableUserType EXTERNAL_USERS

GETRetrieve a step

Code samples

curl --request GET \
--url https:///%7Benv%7D.logicgate.com/api/v2/steps/string \
--header 'Accept: application/json' \
--header 'Authorization: Bearer {TOKEN}'
HttpResponse<String> response = Unirest.get("https:///%7Benv%7D.logicgate.com/api/v2/steps/string")
.header("Accept", "application/json")
.header("Authorization", "Bearer {TOKEN}")
.asString();
import http.client

conn = http.client.HTTPSConnection("")

headers = {
'Accept': "application/json",
'Authorization': "Bearer {TOKEN}"
}

conn.request("GET", "%7Benv%7D.logicgate.com/api/v2/steps/string", headers=headers)

res = conn.getresponse()
data = res.read()

print(data.decode("utf-8"))
var client = new RestClient("https:///%7Benv%7D.logicgate.com/api/v2/steps/string");
var request = new RestRequest(Method.GET);
request.AddHeader("Accept", "application/json");
request.AddHeader("Authorization", "Bearer {TOKEN}");
IRestResponse response = client.Execute(request);
const data = null;

const xhr = new XMLHttpRequest();
xhr.withCredentials = true;

xhr.addEventListener("readystatechange", function () {
if (this.readyState === this.DONE) {
console.log(this.responseText);
}
});

xhr.open("GET", "https:///%7Benv%7D.logicgate.com/api/v2/steps/string");
xhr.setRequestHeader("Accept", "application/json");
xhr.setRequestHeader("Authorization", "Bearer {TOKEN}");

xhr.send(data);

GET /api/v2/steps/{id}

Beta: This endpoint is in an open beta state and is subject to modifications.

Permissions: Build Access to parent application

Retrieve a step specified by the ID in the URL path.

Parameters

Name In Type Required Description
id path string true The unique ID of the step
Authorization header string true A bearer authorization header containing a Risk Cloud API access token in the format Authorization: Bearer {TOKEN}.

Example responses

200 Response

{
"id": "a1b2c3d4",
"name": "Identify Risk",
"xpos": 20,
"ypos": 20,
"type": "ORIGIN",
"enableComments": false,
"assignableUserType": "APP_USERS",
"externalUserMfaRequired": false,
"workflow": {
"id": "a1b2c3d4",
"name": "Risk Assessments",
"recordPrefix": "Assessment",
"object": "workflow"
},
"object": "step"
}

Responses

Status Meaning Description Schema
200 OK OK StepApiOut

Response Schema

Status Code 200

Name Type Description
» id string The unique ID of this Risk Cloud resource
» name string The name of the step
» xpos integer(int32) The x-coordinate of the step in the application builder
» ypos integer(int32) The y-coordinate of the step in the application builder
» type string The type of the step
» enableComments boolean Whether comments are displayed on a step
» assignableUserType string Indicates which users are allowed to be assigned this step on a record
» externalUserMfaRequired boolean Whether MFA is required for external users to access this step.
» workflow WorkflowPropertyApiOut The parent workflow of the step
»» id string The unique ID of this Risk Cloud resource
»» name string The name of the workflow
»» recordPrefix string The prefix to be used in the name of every record created from this workflow
»» object string Identifies the type of object this data represents
» object string Identifies the type of object this data represents

Enumerated Values

Property Value
type ORIGIN
type CHAIN
type END
assignableUserType APP_AND_EXTERNAL_USERS
assignableUserType APP_USERS
assignableUserType EXTERNAL_USERS

DELETEDelete a step

Code samples

curl --request DELETE \
--url https:///%7Benv%7D.logicgate.com/api/v2/steps/string \
--header 'Authorization: Bearer {TOKEN}'
HttpResponse<String> response = Unirest.delete("https:///%7Benv%7D.logicgate.com/api/v2/steps/string")
.header("Authorization", "Bearer {TOKEN}")
.asString();
import http.client

conn = http.client.HTTPSConnection("")

headers = { 'Authorization': "Bearer {TOKEN}" }

conn.request("DELETE", "%7Benv%7D.logicgate.com/api/v2/steps/string", headers=headers)

res = conn.getresponse()
data = res.read()

print(data.decode("utf-8"))
var client = new RestClient("https:///%7Benv%7D.logicgate.com/api/v2/steps/string");
var request = new RestRequest(Method.DELETE);
request.AddHeader("Authorization", "Bearer {TOKEN}");
IRestResponse response = client.Execute(request);
const data = null;

const xhr = new XMLHttpRequest();
xhr.withCredentials = true;

xhr.addEventListener("readystatechange", function () {
if (this.readyState === this.DONE) {
console.log(this.responseText);
}
});

xhr.open("DELETE", "https:///%7Benv%7D.logicgate.com/api/v2/steps/string");
xhr.setRequestHeader("Authorization", "Bearer {TOKEN}");

xhr.send(data);

DELETE /api/v2/steps/{id}

Beta: This endpoint is in an open beta state and is subject to modifications.

Permissions: Build Access to parent application

Delete a step specified by the ID in the URL path.

Parameters

Name In Type Required Description
id path string true The unique ID of the step
Authorization header string true A bearer authorization header containing a Risk Cloud API access token in the format Authorization: Bearer {TOKEN}.

Responses

Status Meaning Description Schema
204 No Content No Content None

PATCHUpdate a step

Code samples

curl --request PATCH \
--url https:///%7Benv%7D.logicgate.com/api/v2/steps/string \
--header 'Accept: application/json' \
--header 'Authorization: Bearer {TOKEN}' \
--header 'Content-Type: application/json' \
--data '{"name":"Identify Risk","xpos":20,"ypos":20,"type":"ORIGIN","enableComments":false,"assignableUserType":"APP_USERS","externalUserMfaRequired":false}'
HttpResponse<String> response = Unirest.patch("https:///%7Benv%7D.logicgate.com/api/v2/steps/string")
.header("Content-Type", "application/json")
.header("Accept", "application/json")
.header("Authorization", "Bearer {TOKEN}")
.body("{\"name\":\"Identify Risk\",\"xpos\":20,\"ypos\":20,\"type\":\"ORIGIN\",\"enableComments\":false,\"assignableUserType\":\"APP_USERS\",\"externalUserMfaRequired\":false}")
.asString();
import http.client

conn = http.client.HTTPSConnection("")

payload = "{\"name\":\"Identify Risk\",\"xpos\":20,\"ypos\":20,\"type\":\"ORIGIN\",\"enableComments\":false,\"assignableUserType\":\"APP_USERS\",\"externalUserMfaRequired\":false}"

headers = {
'Content-Type': "application/json",
'Accept': "application/json",
'Authorization': "Bearer {TOKEN}"
}

conn.request("PATCH", "%7Benv%7D.logicgate.com/api/v2/steps/string", payload, headers)

res = conn.getresponse()
data = res.read()

print(data.decode("utf-8"))
var client = new RestClient("https:///%7Benv%7D.logicgate.com/api/v2/steps/string");
var request = new RestRequest(Method.PATCH);
request.AddHeader("Content-Type", "application/json");
request.AddHeader("Accept", "application/json");
request.AddHeader("Authorization", "Bearer {TOKEN}");
request.AddParameter("application/json", "{\"name\":\"Identify Risk\",\"xpos\":20,\"ypos\":20,\"type\":\"ORIGIN\",\"enableComments\":false,\"assignableUserType\":\"APP_USERS\",\"externalUserMfaRequired\":false}", ParameterType.RequestBody);
IRestResponse response = client.Execute(request);
const data = JSON.stringify({
"name": "Identify Risk",
"xpos": 20,
"ypos": 20,
"type": "ORIGIN",
"enableComments": false,
"assignableUserType": "APP_USERS",
"externalUserMfaRequired": false
});

const xhr = new XMLHttpRequest();
xhr.withCredentials = true;

xhr.addEventListener("readystatechange", function () {
if (this.readyState === this.DONE) {
console.log(this.responseText);
}
});

xhr.open("PATCH", "https:///%7Benv%7D.logicgate.com/api/v2/steps/string");
xhr.setRequestHeader("Content-Type", "application/json");
xhr.setRequestHeader("Accept", "application/json");
xhr.setRequestHeader("Authorization", "Bearer {TOKEN}");

xhr.send(data);

PATCH /api/v2/steps/{id}

Beta: This endpoint is in an open beta state and is subject to modifications.

Permissions: Build Access to parent application

Update a step specified by the ID in the URL path from a JSON request body. Only present properties with non-empty values are updated.

Body parameter

{
"name": "Identify Risk",
"xpos": 20,
"ypos": 20,
"type": "ORIGIN",
"enableComments": false,
"assignableUserType": "APP_USERS",
"externalUserMfaRequired": false
}

Parameters

Name In Type Required Description
id path string true The unique ID of the step
Authorization header string true A bearer authorization header containing a Risk Cloud API access token in the format Authorization: Bearer {TOKEN}.
body body StepApiUpdateIn true none
» name body string false The name of the step
» xpos body integer(int32) false The x-coordinate of the step in the application builder (must not be less than 0)
» ypos body integer(int32) false The y-coordinate of the step in the application builder (must not be less than 0)
» type body string false The type of the step (for END steps, this property cannot be updated since there would be no outgoing default next paths)
» enableComments body boolean false Whether comments are displayed on a step
» assignableUserType body string false Indicates which users are allowed to be assigned this step on a record
» externalUserMfaRequired body boolean false Whether MFA is required for external users to access this step.

Enumerated Values

Parameter Value
» type ORIGIN
» type CHAIN
» type END
» assignableUserType APP_AND_EXTERNAL_USERS
» assignableUserType APP_USERS
» assignableUserType EXTERNAL_USERS

Example responses

200 Response

{
"id": "a1b2c3d4",
"name": "Identify Risk",
"xpos": 20,
"ypos": 20,
"type": "ORIGIN",
"enableComments": false,
"assignableUserType": "APP_USERS",
"externalUserMfaRequired": false,
"workflow": {
"id": "a1b2c3d4",
"name": "Risk Assessments",
"recordPrefix": "Assessment",
"object": "workflow"
},
"object": "step"
}

Responses

Status Meaning Description Schema
200 OK OK StepApiOut

Response Schema

Status Code 200

Name Type Description
» id string The unique ID of this Risk Cloud resource
» name string The name of the step
» xpos integer(int32) The x-coordinate of the step in the application builder
» ypos integer(int32) The y-coordinate of the step in the application builder
» type string The type of the step
» enableComments boolean Whether comments are displayed on a step
» assignableUserType string Indicates which users are allowed to be assigned this step on a record
» externalUserMfaRequired boolean Whether MFA is required for external users to access this step.
» workflow WorkflowPropertyApiOut The parent workflow of the step
»» id string The unique ID of this Risk Cloud resource
»» name string The name of the workflow
»» recordPrefix string The prefix to be used in the name of every record created from this workflow
»» object string Identifies the type of object this data represents
» object string Identifies the type of object this data represents

Enumerated Values

Property Value
type ORIGIN
type CHAIN
type END
assignableUserType APP_AND_EXTERNAL_USERS
assignableUserType APP_USERS
assignableUserType EXTERNAL_USERS

Workflow

A Workflow is a combination of Steps, Paths, Fields, and routing logic that combine to form a system in an Application

GETRetrieve workflows

Code samples

curl --request GET \
--url https:///%7Benv%7D.logicgate.com/api/v2/workflows \
--header 'Accept: application/json' \
--header 'Authorization: Bearer {TOKEN}'
HttpResponse<String> response = Unirest.get("https:///%7Benv%7D.logicgate.com/api/v2/workflows")
.header("Accept", "application/json")
.header("Authorization", "Bearer {TOKEN}")
.asString();
import http.client

conn = http.client.HTTPSConnection("")

headers = {
'Accept': "application/json",
'Authorization': "Bearer {TOKEN}"
}

conn.request("GET", "%7Benv%7D.logicgate.com/api/v2/workflows", headers=headers)

res = conn.getresponse()
data = res.read()

print(data.decode("utf-8"))
var client = new RestClient("https:///%7Benv%7D.logicgate.com/api/v2/workflows");
var request = new RestRequest(Method.GET);
request.AddHeader("Accept", "application/json");
request.AddHeader("Authorization", "Bearer {TOKEN}");
IRestResponse response = client.Execute(request);
const data = null;

const xhr = new XMLHttpRequest();
xhr.withCredentials = true;

xhr.addEventListener("readystatechange", function () {
if (this.readyState === this.DONE) {
console.log(this.responseText);
}
});

xhr.open("GET", "https:///%7Benv%7D.logicgate.com/api/v2/workflows");
xhr.setRequestHeader("Accept", "application/json");
xhr.setRequestHeader("Authorization", "Bearer {TOKEN}");

xhr.send(data);

GET /api/v2/workflows

Beta: This endpoint is in an open beta state and is subject to modifications.

Permissions: Build Access

Retrieve a page of all workflows that the current user has Build Access to parent application to.

Parameters

Name In Type Required Description
application-id query string false The unique ID of a parent application where, if provided, the response will only contain workflows from the identified application
include-jira-workflows query boolean false Whether Jira workflows are to be included in the response in addition to regular workflows (defaults to true)
page query integer(int32) false The zero-indexed page number (must not be less than 0, defaults to 0)
size query integer(int32) false The size of the page and maximum number of items to be returned (must not be less than 1, defaults to 20)
Authorization header string true A bearer authorization header containing a Risk Cloud API access token in the format Authorization: Bearer {TOKEN}.

Example responses

200 Response

{
"content": [
{
"id": "a1b2c3d4",
"name": "Risk Assessments",
"recordPrefix": "Assessment",
"applicationId": "a1b2c3d4",
"xpos": 20,
"ypos": 20,
"type": "WORKFLOW",
"object": "workflow"
}
],
"links": {
"first": "/api/v2/resource?page=0&size=20",
"prev": "/api/v2/resource?page=2&size=20",
"self": "/api/v2/resource?page=3&size=20",
"next": "/api/v2/resource?page=4&size=20",
"last": "/api/v2/resource?page=6&size=20"
},
"page": {
"size": 20,
"totalElements": 50,
"totalPages": 3,
"number": 0
}
}

Responses

Status Meaning Description Schema
200 OK OK PageModelOutWorkflowApiOut

Response Schema

Status Code 200

Name Type Description
» content [WorkflowApiOut] A array of returned items
»» Workflow (Response) WorkflowApiOut none
»»» id string The unique ID of this Risk Cloud resource
»»» name string The name of the workflow
»»» recordPrefix string The prefix to be used in the name of every record created from this workflow
»»» applicationId string The unique ID of the parent application of the workflow
»»» xpos integer(int32) The x-coordinate of the workflow in the application builder
»»» ypos integer(int32) The y-coordinate of the workflow in the application builder
»»» type string The type of workflow
»»» object string Identifies the type of object this data represents
» links PageLinksOut A collection of page URL links for navigation and iteration
»» first string A URL path to the first page of requested data
»» prev string A URL path to the next page of requested data or null if currently on first page
»» self string A URL path to the current page of requested data
»» next string A URL link to the next page of requested data or null if currently on last page
»» last string A URL link to the last page of requested data
» page PageInfoOut A collection page metadata
»» size integer(int64) The size of the page and maximum number of items to be returned (must not be less than 1, defaults to 20)
»» totalElements integer(int64) The total number of items available
»» totalPages integer(int64) The total number of pages available based on the size
»» number integer(int64) The zero-indexed page number (must not be less than 0, defaults to 0)

Enumerated Values

Property Value
type WORKFLOW
type JIRA_WORKFLOW
type ANALYSIS_WORKFLOW

POSTCreate a workflow

Code samples

curl --request POST \
--url https:///%7Benv%7D.logicgate.com/api/v2/workflows \
--header 'Accept: application/json' \
--header 'Authorization: Bearer {TOKEN}' \
--header 'Content-Type: application/json' \
--data '{"name":"Risk Assessments","recordPrefix":"Assessment","applicationId":"a1b2c3d4","xpos":20,"ypos":20}'
HttpResponse<String> response = Unirest.post("https:///%7Benv%7D.logicgate.com/api/v2/workflows")
.header("Content-Type", "application/json")
.header("Accept", "application/json")
.header("Authorization", "Bearer {TOKEN}")
.body("{\"name\":\"Risk Assessments\",\"recordPrefix\":\"Assessment\",\"applicationId\":\"a1b2c3d4\",\"xpos\":20,\"ypos\":20}")
.asString();
import http.client

conn = http.client.HTTPSConnection("")

payload = "{\"name\":\"Risk Assessments\",\"recordPrefix\":\"Assessment\",\"applicationId\":\"a1b2c3d4\",\"xpos\":20,\"ypos\":20}"

headers = {
'Content-Type': "application/json",
'Accept': "application/json",
'Authorization': "Bearer {TOKEN}"
}

conn.request("POST", "%7Benv%7D.logicgate.com/api/v2/workflows", payload, headers)

res = conn.getresponse()
data = res.read()

print(data.decode("utf-8"))
var client = new RestClient("https:///%7Benv%7D.logicgate.com/api/v2/workflows");
var request = new RestRequest(Method.POST);
request.AddHeader("Content-Type", "application/json");
request.AddHeader("Accept", "application/json");
request.AddHeader("Authorization", "Bearer {TOKEN}");
request.AddParameter("application/json", "{\"name\":\"Risk Assessments\",\"recordPrefix\":\"Assessment\",\"applicationId\":\"a1b2c3d4\",\"xpos\":20,\"ypos\":20}", ParameterType.RequestBody);
IRestResponse response = client.Execute(request);
const data = JSON.stringify({
"name": "Risk Assessments",
"recordPrefix": "Assessment",
"applicationId": "a1b2c3d4",
"xpos": 20,
"ypos": 20
});

const xhr = new XMLHttpRequest();
xhr.withCredentials = true;

xhr.addEventListener("readystatechange", function () {
if (this.readyState === this.DONE) {
console.log(this.responseText);
}
});

xhr.open("POST", "https:///%7Benv%7D.logicgate.com/api/v2/workflows");
xhr.setRequestHeader("Content-Type", "application/json");
xhr.setRequestHeader("Accept", "application/json");
xhr.setRequestHeader("Authorization", "Bearer {TOKEN}");

xhr.send(data);

POST /api/v2/workflows

Beta: This endpoint is in an open beta state and is subject to modifications.

Permissions: Build Access to parent application

Create a workflow from a JSON request body. The workflow will contain a Default Origin step and a Default End step.

Body parameter

{
"name": "Risk Assessments",
"recordPrefix": "Assessment",
"applicationId": "a1b2c3d4",
"xpos": 20,
"ypos": 20
}

Parameters

Name In Type Required Description
Authorization header string true A bearer authorization header containing a Risk Cloud API access token in the format Authorization: Bearer {TOKEN}.
body body WorkflowApiCreateIn true none
» name body string true The name of the workflow
» recordPrefix body string true The prefix to be used in the name of every record created from this workflow
» applicationId body string true The unique ID of the parent application of the workflow
» xpos body integer(int32) false The x-coordinate of the workflow in the application builder (must not be less than 0, defaults to 0)
» ypos body integer(int32) false The y-coordinate of the workflow in the application builder (must not be less than 0, defaults to 0)

Example responses

200 Response

{
"id": "a1b2c3d4",
"name": "Risk Assessments",
"recordPrefix": "Assessment",
"applicationId": "a1b2c3d4",
"xpos": 20,
"ypos": 20,
"type": "WORKFLOW",
"object": "workflow"
}

Responses

Status Meaning Description Schema
200 OK OK WorkflowApiOut

Response Schema

Status Code 200

Name Type Description
» id string The unique ID of this Risk Cloud resource
» name string The name of the workflow
» recordPrefix string The prefix to be used in the name of every record created from this workflow
» applicationId string The unique ID of the parent application of the workflow
» xpos integer(int32) The x-coordinate of the workflow in the application builder
» ypos integer(int32) The y-coordinate of the workflow in the application builder
» type string The type of workflow
» object string Identifies the type of object this data represents

Enumerated Values

Property Value
type WORKFLOW
type JIRA_WORKFLOW
type ANALYSIS_WORKFLOW

GETRetrieve a workflow

Code samples

curl --request GET \
--url https:///%7Benv%7D.logicgate.com/api/v2/workflows/string \
--header 'Accept: application/json' \
--header 'Authorization: Bearer {TOKEN}'
HttpResponse<String> response = Unirest.get("https:///%7Benv%7D.logicgate.com/api/v2/workflows/string")
.header("Accept", "application/json")
.header("Authorization", "Bearer {TOKEN}")
.asString();
import http.client

conn = http.client.HTTPSConnection("")

headers = {
'Accept': "application/json",
'Authorization': "Bearer {TOKEN}"
}

conn.request("GET", "%7Benv%7D.logicgate.com/api/v2/workflows/string", headers=headers)

res = conn.getresponse()
data = res.read()

print(data.decode("utf-8"))
var client = new RestClient("https:///%7Benv%7D.logicgate.com/api/v2/workflows/string");
var request = new RestRequest(Method.GET);
request.AddHeader("Accept", "application/json");
request.AddHeader("Authorization", "Bearer {TOKEN}");
IRestResponse response = client.Execute(request);
const data = null;

const xhr = new XMLHttpRequest();
xhr.withCredentials = true;

xhr.addEventListener("readystatechange", function () {
if (this.readyState === this.DONE) {
console.log(this.responseText);
}
});

xhr.open("GET", "https:///%7Benv%7D.logicgate.com/api/v2/workflows/string");
xhr.setRequestHeader("Accept", "application/json");
xhr.setRequestHeader("Authorization", "Bearer {TOKEN}");

xhr.send(data);

GET /api/v2/workflows/{id}

Beta: This endpoint is in an open beta state and is subject to modifications.

Permissions: Build Access to parent application

Retrieve a workflow specified by the ID in the URL path.

Parameters

Name In Type Required Description
id path string true The unique ID of the workflow
Authorization header string true A bearer authorization header containing a Risk Cloud API access token in the format Authorization: Bearer {TOKEN}.

Example responses

200 Response

{
"id": "a1b2c3d4",
"name": "Risk Assessments",
"recordPrefix": "Assessment",
"applicationId": "a1b2c3d4",
"xpos": 20,
"ypos": 20,
"type": "WORKFLOW",
"object": "workflow"
}

Responses

Status Meaning Description Schema
200 OK OK WorkflowApiOut

Response Schema

Status Code 200

Name Type Description
» id string The unique ID of this Risk Cloud resource
» name string The name of the workflow
» recordPrefix string The prefix to be used in the name of every record created from this workflow
» applicationId string The unique ID of the parent application of the workflow
» xpos integer(int32) The x-coordinate of the workflow in the application builder
» ypos integer(int32) The y-coordinate of the workflow in the application builder
» type string The type of workflow
» object string Identifies the type of object this data represents

Enumerated Values

Property Value
type WORKFLOW
type JIRA_WORKFLOW
type ANALYSIS_WORKFLOW

DELETEDelete a workflow

Code samples

curl --request DELETE \
--url https:///%7Benv%7D.logicgate.com/api/v2/workflows/string \
--header 'Authorization: Bearer {TOKEN}'
HttpResponse<String> response = Unirest.delete("https:///%7Benv%7D.logicgate.com/api/v2/workflows/string")
.header("Authorization", "Bearer {TOKEN}")
.asString();
import http.client

conn = http.client.HTTPSConnection("")

headers = { 'Authorization': "Bearer {TOKEN}" }

conn.request("DELETE", "%7Benv%7D.logicgate.com/api/v2/workflows/string", headers=headers)

res = conn.getresponse()
data = res.read()

print(data.decode("utf-8"))
var client = new RestClient("https:///%7Benv%7D.logicgate.com/api/v2/workflows/string");
var request = new RestRequest(Method.DELETE);
request.AddHeader("Authorization", "Bearer {TOKEN}");
IRestResponse response = client.Execute(request);
const data = null;

const xhr = new XMLHttpRequest();
xhr.withCredentials = true;

xhr.addEventListener("readystatechange", function () {
if (this.readyState === this.DONE) {
console.log(this.responseText);
}
});

xhr.open("DELETE", "https:///%7Benv%7D.logicgate.com/api/v2/workflows/string");
xhr.setRequestHeader("Authorization", "Bearer {TOKEN}");

xhr.send(data);

DELETE /api/v2/workflows/{id}

Permissions: Build Access to parent application

Delete a workflow specified by the ID in the URL path.

Parameters

Name In Type Required Description
id path string true The unique ID of the workflow
Authorization header string true A bearer authorization header containing a Risk Cloud API access token in the format Authorization: Bearer {TOKEN}.

Responses

Status Meaning Description Schema
204 No Content No Content None

PATCHUpdate a workflow

Code samples

curl --request PATCH \
--url https:///%7Benv%7D.logicgate.com/api/v2/workflows/string \
--header 'Accept: application/json' \
--header 'Authorization: Bearer {TOKEN}' \
--header 'Content-Type: application/json' \
--data '{"name":"Risk Assessments","recordPrefix":"Assessment","xpos":20,"ypos":20}'
HttpResponse<String> response = Unirest.patch("https:///%7Benv%7D.logicgate.com/api/v2/workflows/string")
.header("Content-Type", "application/json")
.header("Accept", "application/json")
.header("Authorization", "Bearer {TOKEN}")
.body("{\"name\":\"Risk Assessments\",\"recordPrefix\":\"Assessment\",\"xpos\":20,\"ypos\":20}")
.asString();
import http.client

conn = http.client.HTTPSConnection("")

payload = "{\"name\":\"Risk Assessments\",\"recordPrefix\":\"Assessment\",\"xpos\":20,\"ypos\":20}"

headers = {
'Content-Type': "application/json",
'Accept': "application/json",
'Authorization': "Bearer {TOKEN}"
}

conn.request("PATCH", "%7Benv%7D.logicgate.com/api/v2/workflows/string", payload, headers)

res = conn.getresponse()
data = res.read()

print(data.decode("utf-8"))
var client = new RestClient("https:///%7Benv%7D.logicgate.com/api/v2/workflows/string");
var request = new RestRequest(Method.PATCH);
request.AddHeader("Content-Type", "application/json");
request.AddHeader("Accept", "application/json");
request.AddHeader("Authorization", "Bearer {TOKEN}");
request.AddParameter("application/json", "{\"name\":\"Risk Assessments\",\"recordPrefix\":\"Assessment\",\"xpos\":20,\"ypos\":20}", ParameterType.RequestBody);
IRestResponse response = client.Execute(request);
const data = JSON.stringify({
"name": "Risk Assessments",
"recordPrefix": "Assessment",
"xpos": 20,
"ypos": 20
});

const xhr = new XMLHttpRequest();
xhr.withCredentials = true;

xhr.addEventListener("readystatechange", function () {
if (this.readyState === this.DONE) {
console.log(this.responseText);
}
});

xhr.open("PATCH", "https:///%7Benv%7D.logicgate.com/api/v2/workflows/string");
xhr.setRequestHeader("Content-Type", "application/json");
xhr.setRequestHeader("Accept", "application/json");
xhr.setRequestHeader("Authorization", "Bearer {TOKEN}");

xhr.send(data);

PATCH /api/v2/workflows/{id}

Permissions: Build Access to parent application

Update a workflow specified by the ID in the URL path from a JSON request body. Only present properties with non-empty values are updated.

Body parameter

{
"name": "Risk Assessments",
"recordPrefix": "Assessment",
"xpos": 20,
"ypos": 20
}

Parameters

Name In Type Required Description
id path string true The unique ID of the workflow
Authorization header string true A bearer authorization header containing a Risk Cloud API access token in the format Authorization: Bearer {TOKEN}.
body body WorkflowApiUpdateIn true none
» name body string false The name of the workflow
» recordPrefix body string false The prefix to be used in the name of every record created from this workflow
» xpos body integer(int32) false The x-coordinate of the workflow in the application builder (must not be less than 0)
» ypos body integer(int32) false The y-coordinate of the workflow in the application builder (must not be less than 0)

Example responses

200 Response

{
"id": "a1b2c3d4",
"name": "Risk Assessments",
"recordPrefix": "Assessment",
"applicationId": "a1b2c3d4",
"xpos": 20,
"ypos": 20,
"type": "WORKFLOW",
"object": "workflow"
}

Responses

Status Meaning Description Schema
200 OK OK WorkflowApiOut

Response Schema

Status Code 200

Name Type Description
» id string The unique ID of this Risk Cloud resource
» name string The name of the workflow
» recordPrefix string The prefix to be used in the name of every record created from this workflow
» applicationId string The unique ID of the parent application of the workflow
» xpos integer(int32) The x-coordinate of the workflow in the application builder
» ypos integer(int32) The y-coordinate of the workflow in the application builder
» type string The type of workflow
» object string Identifies the type of object this data represents

Enumerated Values

Property Value
type WORKFLOW
type JIRA_WORKFLOW
type ANALYSIS_WORKFLOW

Workflow Map

A Workflow Map represents a relationship between two Workflows

GETRetrieve workflow maps

Code samples

curl --request GET \
--url https:///%7Benv%7D.logicgate.com/api/v2/workflow-maps \
--header 'Accept: application/json' \
--header 'Authorization: Bearer {TOKEN}'
HttpResponse<String> response = Unirest.get("https:///%7Benv%7D.logicgate.com/api/v2/workflow-maps")
.header("Accept", "application/json")
.header("Authorization", "Bearer {TOKEN}")
.asString();
import http.client

conn = http.client.HTTPSConnection("")

headers = {
'Accept': "application/json",
'Authorization': "Bearer {TOKEN}"
}

conn.request("GET", "%7Benv%7D.logicgate.com/api/v2/workflow-maps", headers=headers)

res = conn.getresponse()
data = res.read()

print(data.decode("utf-8"))
var client = new RestClient("https:///%7Benv%7D.logicgate.com/api/v2/workflow-maps");
var request = new RestRequest(Method.GET);
request.AddHeader("Accept", "application/json");
request.AddHeader("Authorization", "Bearer {TOKEN}");
IRestResponse response = client.Execute(request);
const data = null;

const xhr = new XMLHttpRequest();
xhr.withCredentials = true;

xhr.addEventListener("readystatechange", function () {
if (this.readyState === this.DONE) {
console.log(this.responseText);
}
});

xhr.open("GET", "https:///%7Benv%7D.logicgate.com/api/v2/workflow-maps");
xhr.setRequestHeader("Accept", "application/json");
xhr.setRequestHeader("Authorization", "Bearer {TOKEN}");

xhr.send(data);

GET /api/v2/workflow-maps

Beta: This endpoint is in an open beta state and is subject to modifications.

Permissions: Build Access

Retrieve a page of all workflow maps that the current user has Build Access to a parent application to.

Parameters

Name In Type Required Description
workflow-id query string false The unique ID of a workflow where, if provided, the response will only contain workflow maps from the identified workflow
page query integer(int32) false The zero-indexed page number (must not be less than 0, defaults to 0)
size query integer(int32) false The size of the page and maximum number of items to be returned (must not be less than 1, defaults to 20)
Authorization header string true A bearer authorization header containing a Risk Cloud API access token in the format Authorization: Bearer {TOKEN}.

Example responses

200 Response

{
"content": [
{
"id": "a1b2c3d4",
"from": "a1b2c3d4",
"to": "a1b2c3d4",
"relationship": "ONE_TO_MANY",
"object": "workflow-map"
}
],
"links": {
"first": "/api/v2/resource?page=0&size=20",
"prev": "/api/v2/resource?page=2&size=20",
"self": "/api/v2/resource?page=3&size=20",
"next": "/api/v2/resource?page=4&size=20",
"last": "/api/v2/resource?page=6&size=20"
},
"page": {
"size": 20,
"totalElements": 50,
"totalPages": 3,
"number": 0
}
}

Responses

Status Meaning Description Schema
200 OK OK PageModelOutWorkflowMapApiOut

Response Schema

Status Code 200

Name Type Description
» content [WorkflowMapApiOut] A array of returned items
»» Workflow Map (Response) WorkflowMapApiOut none
»»» id string The unique ID of this Risk Cloud resource
»»» from string The unique ID of the source workflow of the workflow map relationship
»»» to string The unique ID of the destination workflow of the workflow map relationship
»»» relationship string The type of the relationship between workflows
»»» object string Identifies the type of object this data represents
» links PageLinksOut A collection of page URL links for navigation and iteration
»» first string A URL path to the first page of requested data
»» prev string A URL path to the next page of requested data or null if currently on first page
»» self string A URL path to the current page of requested data
»» next string A URL link to the next page of requested data or null if currently on last page
»» last string A URL link to the last page of requested data
» page PageInfoOut A collection page metadata
»» size integer(int64) The size of the page and maximum number of items to be returned (must not be less than 1, defaults to 20)
»» totalElements integer(int64) The total number of items available
»» totalPages integer(int64) The total number of pages available based on the size
»» number integer(int64) The zero-indexed page number (must not be less than 0, defaults to 0)

Enumerated Values

Property Value
relationship OneToOne
relationship OneToMany
relationship ManyToOne
relationship ManyToMany

POSTCreate a workflow map

Code samples

curl --request POST \
--url https:///%7Benv%7D.logicgate.com/api/v2/workflow-maps \
--header 'Accept: application/json' \
--header 'Authorization: Bearer {TOKEN}' \
--header 'Content-Type: application/json' \
--data '{"from":"a1b2c3d4","to":"a1b2c3d4","relationship":"ONE_TO_MANY"}'
HttpResponse<String> response = Unirest.post("https:///%7Benv%7D.logicgate.com/api/v2/workflow-maps")
.header("Content-Type", "application/json")
.header("Accept", "application/json")
.header("Authorization", "Bearer {TOKEN}")
.body("{\"from\":\"a1b2c3d4\",\"to\":\"a1b2c3d4\",\"relationship\":\"ONE_TO_MANY\"}")
.asString();
import http.client

conn = http.client.HTTPSConnection("")

payload = "{\"from\":\"a1b2c3d4\",\"to\":\"a1b2c3d4\",\"relationship\":\"ONE_TO_MANY\"}"

headers = {
'Content-Type': "application/json",
'Accept': "application/json",
'Authorization': "Bearer {TOKEN}"
}

conn.request("POST", "%7Benv%7D.logicgate.com/api/v2/workflow-maps", payload, headers)

res = conn.getresponse()
data = res.read()

print(data.decode("utf-8"))
var client = new RestClient("https:///%7Benv%7D.logicgate.com/api/v2/workflow-maps");
var request = new RestRequest(Method.POST);
request.AddHeader("Content-Type", "application/json");
request.AddHeader("Accept", "application/json");
request.AddHeader("Authorization", "Bearer {TOKEN}");
request.AddParameter("application/json", "{\"from\":\"a1b2c3d4\",\"to\":\"a1b2c3d4\",\"relationship\":\"ONE_TO_MANY\"}", ParameterType.RequestBody);
IRestResponse response = client.Execute(request);
const data = JSON.stringify({
"from": "a1b2c3d4",
"to": "a1b2c3d4",
"relationship": "ONE_TO_MANY"
});

const xhr = new XMLHttpRequest();
xhr.withCredentials = true;

xhr.addEventListener("readystatechange", function () {
if (this.readyState === this.DONE) {
console.log(this.responseText);
}
});

xhr.open("POST", "https:///%7Benv%7D.logicgate.com/api/v2/workflow-maps");
xhr.setRequestHeader("Content-Type", "application/json");
xhr.setRequestHeader("Accept", "application/json");
xhr.setRequestHeader("Authorization", "Bearer {TOKEN}");

xhr.send(data);

POST /api/v2/workflow-maps

Beta: This endpoint is in an open beta state and is subject to modifications.

Permissions: Build Access to parent applications

Create a workflow map from a JSON request body.

Body parameter

{
"from": "a1b2c3d4",
"to": "a1b2c3d4",
"relationship": "ONE_TO_MANY"
}

Parameters

Name In Type Required Description
Authorization header string true A bearer authorization header containing a Risk Cloud API access token in the format Authorization: Bearer {TOKEN}.
body body WorkflowMapApiCreateIn true none
» from body string true The unique ID of the source workflow of the workflow map relationship
» to body string true The unique ID of the destination workflow of the workflow map relationship
» relationship body string true The type of the relationship between workflows

Enumerated Values

Parameter Value
» relationship OneToOne
» relationship OneToMany
» relationship ManyToOne
» relationship ManyToMany

Example responses

200 Response

{
"id": "a1b2c3d4",
"from": "a1b2c3d4",
"to": "a1b2c3d4",
"relationship": "ONE_TO_MANY",
"object": "workflow-map"
}

Responses

Status Meaning Description Schema
200 OK OK WorkflowMapApiOut

Response Schema

Status Code 200

Name Type Description
» id string The unique ID of this Risk Cloud resource
» from string The unique ID of the source workflow of the workflow map relationship
» to string The unique ID of the destination workflow of the workflow map relationship
» relationship string The type of the relationship between workflows
» object string Identifies the type of object this data represents

Enumerated Values

Property Value
relationship OneToOne
relationship OneToMany
relationship ManyToOne
relationship ManyToMany

GETRetrieve a workflow map

Code samples

curl --request GET \
--url https:///%7Benv%7D.logicgate.com/api/v2/workflow-maps/string \
--header 'Accept: application/json' \
--header 'Authorization: Bearer {TOKEN}'
HttpResponse<String> response = Unirest.get("https:///%7Benv%7D.logicgate.com/api/v2/workflow-maps/string")
.header("Accept", "application/json")
.header("Authorization", "Bearer {TOKEN}")
.asString();
import http.client

conn = http.client.HTTPSConnection("")

headers = {
'Accept': "application/json",
'Authorization': "Bearer {TOKEN}"
}

conn.request("GET", "%7Benv%7D.logicgate.com/api/v2/workflow-maps/string", headers=headers)

res = conn.getresponse()
data = res.read()

print(data.decode("utf-8"))
var client = new RestClient("https:///%7Benv%7D.logicgate.com/api/v2/workflow-maps/string");
var request = new RestRequest(Method.GET);
request.AddHeader("Accept", "application/json");
request.AddHeader("Authorization", "Bearer {TOKEN}");
IRestResponse response = client.Execute(request);
const data = null;

const xhr = new XMLHttpRequest();
xhr.withCredentials = true;

xhr.addEventListener("readystatechange", function () {
if (this.readyState === this.DONE) {
console.log(this.responseText);
}
});

xhr.open("GET", "https:///%7Benv%7D.logicgate.com/api/v2/workflow-maps/string");
xhr.setRequestHeader("Accept", "application/json");
xhr.setRequestHeader("Authorization", "Bearer {TOKEN}");

xhr.send(data);

GET /api/v2/workflow-maps/{id}

Beta: This endpoint is in an open beta state and is subject to modifications.

Permissions: Build Access to a parent application

Retrieve a workflow map specified by the ID in the URL path.

Parameters

Name In Type Required Description
id path string true The unique ID of the workflow map
Authorization header string true A bearer authorization header containing a Risk Cloud API access token in the format Authorization: Bearer {TOKEN}.

Example responses

200 Response

{
"id": "a1b2c3d4",
"from": "a1b2c3d4",
"to": "a1b2c3d4",
"relationship": "ONE_TO_MANY",
"object": "workflow-map"
}

Responses

Status Meaning Description Schema
200 OK OK WorkflowMapApiOut

Response Schema

Status Code 200

Name Type Description
» id string The unique ID of this Risk Cloud resource
» from string The unique ID of the source workflow of the workflow map relationship
» to string The unique ID of the destination workflow of the workflow map relationship
» relationship string The type of the relationship between workflows
» object string Identifies the type of object this data represents

Enumerated Values

Property Value
relationship OneToOne
relationship OneToMany
relationship ManyToOne
relationship ManyToMany

DELETEDelete a workflow map

Code samples

curl --request DELETE \
--url https:///%7Benv%7D.logicgate.com/api/v2/workflow-maps/string \
--header 'Authorization: Bearer {TOKEN}'
HttpResponse<String> response = Unirest.delete("https:///%7Benv%7D.logicgate.com/api/v2/workflow-maps/string")
.header("Authorization", "Bearer {TOKEN}")
.asString();
import http.client

conn = http.client.HTTPSConnection("")

headers = { 'Authorization': "Bearer {TOKEN}" }

conn.request("DELETE", "%7Benv%7D.logicgate.com/api/v2/workflow-maps/string", headers=headers)

res = conn.getresponse()
data = res.read()

print(data.decode("utf-8"))
var client = new RestClient("https:///%7Benv%7D.logicgate.com/api/v2/workflow-maps/string");
var request = new RestRequest(Method.DELETE);
request.AddHeader("Authorization", "Bearer {TOKEN}");
IRestResponse response = client.Execute(request);
const data = null;

const xhr = new XMLHttpRequest();
xhr.withCredentials = true;

xhr.addEventListener("readystatechange", function () {
if (this.readyState === this.DONE) {
console.log(this.responseText);
}
});

xhr.open("DELETE", "https:///%7Benv%7D.logicgate.com/api/v2/workflow-maps/string");
xhr.setRequestHeader("Authorization", "Bearer {TOKEN}");

xhr.send(data);

DELETE /api/v2/workflow-maps/{id}

Beta: This endpoint is in an open beta state and is subject to modifications.

Permissions: Build Access to a parent application

Delete a workflow map specified by the ID in the URL path.

Parameters

Name In Type Required Description
id path string true The unique ID of the workflow map
Authorization header string true A bearer authorization header containing a Risk Cloud API access token in the format Authorization: Bearer {TOKEN}.

Responses

Status Meaning Description Schema
204 No Content No Content None

PATCHUpdate a workflow map

Code samples

curl --request PATCH \
--url https:///%7Benv%7D.logicgate.com/api/v2/workflow-maps/string \
--header 'Accept: application/json' \
--header 'Authorization: Bearer {TOKEN}' \
--header 'Content-Type: application/json' \
--data '{"relationship":"ONE_TO_MANY"}'
HttpResponse<String> response = Unirest.patch("https:///%7Benv%7D.logicgate.com/api/v2/workflow-maps/string")
.header("Content-Type", "application/json")
.header("Accept", "application/json")
.header("Authorization", "Bearer {TOKEN}")
.body("{\"relationship\":\"ONE_TO_MANY\"}")
.asString();
import http.client

conn = http.client.HTTPSConnection("")

payload = "{\"relationship\":\"ONE_TO_MANY\"}"

headers = {
'Content-Type': "application/json",
'Accept': "application/json",
'Authorization': "Bearer {TOKEN}"
}

conn.request("PATCH", "%7Benv%7D.logicgate.com/api/v2/workflow-maps/string", payload, headers)

res = conn.getresponse()
data = res.read()

print(data.decode("utf-8"))
var client = new RestClient("https:///%7Benv%7D.logicgate.com/api/v2/workflow-maps/string");
var request = new RestRequest(Method.PATCH);
request.AddHeader("Content-Type", "application/json");
request.AddHeader("Accept", "application/json");
request.AddHeader("Authorization", "Bearer {TOKEN}");
request.AddParameter("application/json", "{\"relationship\":\"ONE_TO_MANY\"}", ParameterType.RequestBody);
IRestResponse response = client.Execute(request);
const data = JSON.stringify({
"relationship": "ONE_TO_MANY"
});

const xhr = new XMLHttpRequest();
xhr.withCredentials = true;

xhr.addEventListener("readystatechange", function () {
if (this.readyState === this.DONE) {
console.log(this.responseText);
}
});

xhr.open("PATCH", "https:///%7Benv%7D.logicgate.com/api/v2/workflow-maps/string");
xhr.setRequestHeader("Content-Type", "application/json");
xhr.setRequestHeader("Accept", "application/json");
xhr.setRequestHeader("Authorization", "Bearer {TOKEN}");

xhr.send(data);

PATCH /api/v2/workflow-maps/{id}

Beta: This endpoint is in an open beta state and is subject to modifications.

Permissions: Build Access to a parent application

Update a workflow map specified by the ID in the URL path from a JSON request body. Only present properties with non-empty values are updated.

Body parameter

{
"relationship": "ONE_TO_MANY"
}

Parameters

Name In Type Required Description
id path string true The unique ID of the workflow map
Authorization header string true A bearer authorization header containing a Risk Cloud API access token in the format Authorization: Bearer {TOKEN}.
body body WorkflowMapApiUpdateIn true none
» relationship body string true The type of the relationship between workflows

Enumerated Values

Parameter Value
» relationship OneToOne
» relationship OneToMany
» relationship ManyToOne
» relationship ManyToMany

Example responses

200 Response

{
"id": "a1b2c3d4",
"from": "a1b2c3d4",
"to": "a1b2c3d4",
"relationship": "ONE_TO_MANY",
"object": "workflow-map"
}

Responses

Status Meaning Description Schema
200 OK OK WorkflowMapApiOut

Response Schema

Status Code 200

Name Type Description
» id string The unique ID of this Risk Cloud resource
» from string The unique ID of the source workflow of the workflow map relationship
» to string The unique ID of the destination workflow of the workflow map relationship
» relationship string The type of the relationship between workflows
» object string Identifies the type of object this data represents

Enumerated Values

Property Value
relationship OneToOne
relationship OneToMany
relationship ManyToOne
relationship ManyToMany

Schemas

WorkflowApiCreateIn

{
"name": "Risk Assessments",
"recordPrefix": "Assessment",
"applicationId": "a1b2c3d4",
"xpos": 20,
"ypos": 20
}

Properties

Name Type Required Restrictions Description
name string true none The name of the workflow
recordPrefix string true none The prefix to be used in the name of every record created from this workflow
applicationId string true none The unique ID of the parent application of the workflow
xpos integer(int32) false none The x-coordinate of the workflow in the application builder (must not be less than 0, defaults to 0)
ypos integer(int32) false none The y-coordinate of the workflow in the application builder (must not be less than 0, defaults to 0)

WorkflowApiOut

{
"id": "a1b2c3d4",
"name": "Risk Assessments",
"recordPrefix": "Assessment",
"applicationId": "a1b2c3d4",
"xpos": 20,
"ypos": 20,
"type": "WORKFLOW",
"object": "workflow"
}

Properties

Name Type Required Restrictions Description
id string false none The unique ID of this Risk Cloud resource
name string false none The name of the workflow
recordPrefix string false none The prefix to be used in the name of every record created from this workflow
applicationId string false none The unique ID of the parent application of the workflow
xpos integer(int32) false none The x-coordinate of the workflow in the application builder
ypos integer(int32) false none The y-coordinate of the workflow in the application builder
type string false none The type of workflow
object string false none Identifies the type of object this data represents

Enumerated Values

Property Value
type WORKFLOW
type JIRA_WORKFLOW
type ANALYSIS_WORKFLOW

WorkflowMapApiCreateIn

{
"from": "a1b2c3d4",
"to": "a1b2c3d4",
"relationship": "ONE_TO_MANY"
}

Properties

Name Type Required Restrictions Description
from string true none The unique ID of the source workflow of the workflow map relationship
to string true none The unique ID of the destination workflow of the workflow map relationship
relationship string true none The type of the relationship between workflows

Enumerated Values

Property Value
relationship OneToOne
relationship OneToMany
relationship ManyToOne
relationship ManyToMany

WorkflowMapApiOut

{
"id": "a1b2c3d4",
"from": "a1b2c3d4",
"to": "a1b2c3d4",
"relationship": "ONE_TO_MANY",
"object": "workflow-map"
}

Properties

Name Type Required Restrictions Description
id string false none The unique ID of this Risk Cloud resource
from string false none The unique ID of the source workflow of the workflow map relationship
to string false none The unique ID of the destination workflow of the workflow map relationship
relationship string false none The type of the relationship between workflows
object string false none Identifies the type of object this data represents

Enumerated Values

Property Value
relationship OneToOne
relationship OneToMany
relationship ManyToOne
relationship ManyToMany

StepApiCreateIn

{
"name": "Identify Risk",
"workflowId": "a1b2c3d4",
"xpos": 20,
"ypos": 20,
"enableComments": false,
"assignableUserType": "APP_USERS",
"externalUserMfaRequired": false
}

Properties

Name Type Required Restrictions Description
name string true none The name of the step
workflowId string true none The unique ID of the parent workflow of the step
xpos integer(int32) false none The x-coordinate of the step in the application builder (must not be less than 0, defaults to 0)
ypos integer(int32) false none The y-coordinate of the step in the application builder (must not be less than 0, defaults to 0)
enableComments boolean false none Whether comments are displayed on a step (defaults to false)
assignableUserType string false none Indicates which users are allowed to be assigned this step on a record (defaults to APP_USERS)
externalUserMfaRequired boolean false none Whether MFA is required for external users to access this step. (defaults to false)

Enumerated Values

Property Value
assignableUserType APP_AND_EXTERNAL_USERS
assignableUserType APP_USERS
assignableUserType EXTERNAL_USERS

StepApiOut

{
"id": "a1b2c3d4",
"name": "Identify Risk",
"xpos": 20,
"ypos": 20,
"type": "ORIGIN",
"enableComments": false,
"assignableUserType": "APP_USERS",
"externalUserMfaRequired": false,
"workflow": {
"id": "a1b2c3d4",
"name": "Risk Assessments",
"recordPrefix": "Assessment",
"object": "workflow"
},
"object": "step"
}

Properties

Name Type Required Restrictions Description
id string false none The unique ID of this Risk Cloud resource
name string false none The name of the step
xpos integer(int32) false none The x-coordinate of the step in the application builder
ypos integer(int32) false none The y-coordinate of the step in the application builder
type string false none The type of the step
enableComments boolean false none Whether comments are displayed on a step
assignableUserType string false none Indicates which users are allowed to be assigned this step on a record
externalUserMfaRequired boolean false none Whether MFA is required for external users to access this step.
workflow WorkflowPropertyApiOut false none The parent workflow of the step
object string false none Identifies the type of object this data represents

Enumerated Values

Property Value
type ORIGIN
type CHAIN
type END
assignableUserType APP_AND_EXTERNAL_USERS
assignableUserType APP_USERS
assignableUserType EXTERNAL_USERS

WorkflowPropertyApiOut

{
"id": "a1b2c3d4",
"name": "Risk Assessments",
"recordPrefix": "Assessment",
"object": "workflow"
}

Properties

Name Type Required Restrictions Description
id string false none The unique ID of this Risk Cloud resource
name string false none The name of the workflow
recordPrefix string false none The prefix to be used in the name of every record created from this workflow
object string false none Identifies the type of object this data represents

ApplicationApiCreateIn

{
"name": "Cyber Risk Management Application",
"color": "#00a3de",
"icon": "CUBES",
"type": "CONTROLS_COMPLIANCE"
}

Properties

Name Type Required Restrictions Description
name string true none The name of the application
color string false none The hex representation of the icon color of the application (defaults to #00a3de)
icon string false none The icon type of the application (defaults to CUBES)
type string false none The type of Risk Cloud application (defaults to NONE)

Enumerated Values

Property Value
icon BOOKMARK
icon BOLT
icon BULLHORN
icon CERTIFICATE
icon CHECK_SQUARE_O
icon CLOUD
icon COMMENTS
icon CUBES
icon DOLLAR
icon EXCLAMATION_TRIANGLE
icon TEXT_O
icon FOLDER
icon GIFT
icon GLOBE
icon HEARTBEAT
icon LEAF
icon LEGAL
icon LIFE_RING
icon MEDKIT
icon MONEY
icon PERCENT
icon ROCKET
icon SIGNAL
icon UNIVERSITY
icon USER_CIRCLE
type ACCESS_MANAGEMENT
type AML_KYC
type ASSET_MANAGEMENT
type AUDIT_MANAGEMENT
type BUSINESS_CONTINUITY_PLANNING
type CHANGE_MANAGEMENT
type COMPLAINT_MANAGEMENT
type COMPLIANCE_MANAGEMENT
type CONTRACT_MANAGEMENT
type CONTROLS_COMPLIANCE
type CONTROLS_MANAGEMENT
type CRISIS_MANAGEMENT
type CUSTOM
type CUSTOM_GRC_USE_CASE
type CYBER_RISK_MANAGEMENT
type DATA_PRIVACY_MANAGEMENT
type EMPLOYEE_COMPLIANCE
type ENTERPRISE_RISK_MANAGEMENT
type ESG
type INCIDENT_MANAGEMENT
type INTERNAL_AUDIT_MANAGEMENT
type IT_RISK_MANAGEMENT
type NONE
type OPERATIONAL_RESILIENCY
type OTHER
type POLICY_AND_PROCEDURE_MANAGEMENT
type POLICY_MANAGEMENT
type PRIVACY_MANAGEMENT
type QUANTIFY
type REGULATORY_COMPLIANCE
type REPOSITORY
type RISK_QUANTIFICATION
type SOX_TESTING
type STANDARDS_REGULATIONS
type SURVEY
type THIRD_PARTY_RISK_MANAGEMENT

ApplicationApiOut

{
"id": "a1b2c3d4",
"name": "Cyber Risk Management Application",
"color": "#00a3de",
"icon": "CUBES",
"type": "CONTROLS_COMPLIANCE",
"live": false,
"restrictBuildAccess": false,
"object": "application"
}

Properties

Name Type Required Restrictions Description
id string false none The unique ID of this Risk Cloud resource
name string false none The name of the application
color string false none The hex representation of the icon color of the application
icon string false none The icon type of the application
type string false none The type of Risk Cloud application
live boolean false none Whether the application is live
restrictBuildAccess boolean false none Whether users with the Build entitlement must be explicitly granted permission to edit this application
object string false none Identifies the type of object this data represents

Enumerated Values

Property Value
icon BOOKMARK
icon BOLT
icon BULLHORN
icon CERTIFICATE
icon CHECK_SQUARE_O
icon CLOUD
icon COMMENTS
icon CUBES
icon DOLLAR
icon EXCLAMATION_TRIANGLE
icon TEXT_O
icon FOLDER
icon GIFT
icon GLOBE
icon HEARTBEAT
icon LEAF
icon LEGAL
icon LIFE_RING
icon MEDKIT
icon MONEY
icon PERCENT
icon ROCKET
icon SIGNAL
icon UNIVERSITY
icon USER_CIRCLE
type ACCESS_MANAGEMENT
type AML_KYC
type ASSET_MANAGEMENT
type AUDIT_MANAGEMENT
type BUSINESS_CONTINUITY_PLANNING
type CHANGE_MANAGEMENT
type COMPLAINT_MANAGEMENT
type COMPLIANCE_MANAGEMENT
type CONTRACT_MANAGEMENT
type CONTROLS_COMPLIANCE
type CONTROLS_MANAGEMENT
type CRISIS_MANAGEMENT
type CUSTOM
type CUSTOM_GRC_USE_CASE
type CYBER_RISK_MANAGEMENT
type DATA_PRIVACY_MANAGEMENT
type EMPLOYEE_COMPLIANCE
type ENTERPRISE_RISK_MANAGEMENT
type ESG
type INCIDENT_MANAGEMENT
type INTERNAL_AUDIT_MANAGEMENT
type IT_RISK_MANAGEMENT
type NONE
type OPERATIONAL_RESILIENCY
type OTHER
type POLICY_AND_PROCEDURE_MANAGEMENT
type POLICY_MANAGEMENT
type PRIVACY_MANAGEMENT
type QUANTIFY
type REGULATORY_COMPLIANCE
type REPOSITORY
type RISK_QUANTIFICATION
type SOX_TESTING
type STANDARDS_REGULATIONS
type SURVEY
type THIRD_PARTY_RISK_MANAGEMENT

LegacyApiTokenOut

{
"access_token": "string",
"token_type": "string",
"expires_in": 0,
"scope": "string"
}

Properties

Name Type Required Restrictions Description
access_token string false none An API access token to be used within the bearer authorization header of subsequent Risk Cloud API requests
token_type string false none The token type, expected to be “bearer” for the Risk Cloud API
expires_in integer(int64) false none The remaining time in seconds until the token expires
scope string false none The privilege scope of the token, expected to be “read write” for the Risk Cloud API

WorkflowApiUpdateIn

{
"name": "Risk Assessments",
"recordPrefix": "Assessment",
"xpos": 20,
"ypos": 20
}

Properties

Name Type Required Restrictions Description
name string false none The name of the workflow
recordPrefix string false none The prefix to be used in the name of every record created from this workflow
xpos integer(int32) false none The x-coordinate of the workflow in the application builder (must not be less than 0)
ypos integer(int32) false none The y-coordinate of the workflow in the application builder (must not be less than 0)

WorkflowMapApiUpdateIn

{
"relationship": "ONE_TO_MANY"
}

Properties

Name Type Required Restrictions Description
relationship string true none The type of the relationship between workflows

Enumerated Values

Property Value
relationship OneToOne
relationship OneToMany
relationship ManyToOne
relationship ManyToMany

StepApiUpdateIn

{
"name": "Identify Risk",
"xpos": 20,
"ypos": 20,
"type": "ORIGIN",
"enableComments": false,
"assignableUserType": "APP_USERS",
"externalUserMfaRequired": false
}

Properties

Name Type Required Restrictions Description
name string false none The name of the step
xpos integer(int32) false none The x-coordinate of the step in the application builder (must not be less than 0)
ypos integer(int32) false none The y-coordinate of the step in the application builder (must not be less than 0)
type string false none The type of the step (for END steps, this property cannot be updated since there would be no outgoing default next paths)
enableComments boolean false none Whether comments are displayed on a step
assignableUserType string false none Indicates which users are allowed to be assigned this step on a record
externalUserMfaRequired boolean false none Whether MFA is required for external users to access this step.

Enumerated Values

Property Value
type ORIGIN
type CHAIN
type END
assignableUserType APP_AND_EXTERNAL_USERS
assignableUserType APP_USERS
assignableUserType EXTERNAL_USERS

ApplicationApiUpdateIn

{
"name": "Cyber Risk Management Application",
"color": "#00a3de",
"icon": "CUBES",
"type": "CONTROLS_COMPLIANCE",
"live": false,
"restrictBuildAccess": false
}

Properties

Name Type Required Restrictions Description
name string false none The name of the application
color string false none The hex representation of the icon color of the application
icon string false none The icon type of the application
type string false none The type of Risk Cloud application
live boolean false none Whether the application is live
restrictBuildAccess boolean false none Whether users with the Build entitlement must be explicitly granted permission to edit this application

Enumerated Values

Property Value
icon BOOKMARK
icon BOLT
icon BULLHORN
icon CERTIFICATE
icon CHECK_SQUARE_O
icon CLOUD
icon COMMENTS
icon CUBES
icon DOLLAR
icon EXCLAMATION_TRIANGLE
icon TEXT_O
icon FOLDER
icon GIFT
icon GLOBE
icon HEARTBEAT
icon LEAF
icon LEGAL
icon LIFE_RING
icon MEDKIT
icon MONEY
icon PERCENT
icon ROCKET
icon SIGNAL
icon UNIVERSITY
icon USER_CIRCLE
type ACCESS_MANAGEMENT
type AML_KYC
type ASSET_MANAGEMENT
type AUDIT_MANAGEMENT
type BUSINESS_CONTINUITY_PLANNING
type CHANGE_MANAGEMENT
type COMPLAINT_MANAGEMENT
type COMPLIANCE_MANAGEMENT
type CONTRACT_MANAGEMENT
type CONTROLS_COMPLIANCE
type CONTROLS_MANAGEMENT
type CRISIS_MANAGEMENT
type CUSTOM
type CUSTOM_GRC_USE_CASE
type CYBER_RISK_MANAGEMENT
type DATA_PRIVACY_MANAGEMENT
type EMPLOYEE_COMPLIANCE
type ENTERPRISE_RISK_MANAGEMENT
type ESG
type INCIDENT_MANAGEMENT
type INTERNAL_AUDIT_MANAGEMENT
type IT_RISK_MANAGEMENT
type NONE
type OPERATIONAL_RESILIENCY
type OTHER
type POLICY_AND_PROCEDURE_MANAGEMENT
type POLICY_MANAGEMENT
type PRIVACY_MANAGEMENT
type QUANTIFY
type REGULATORY_COMPLIANCE
type REPOSITORY
type RISK_QUANTIFICATION
type SOX_TESTING
type STANDARDS_REGULATIONS
type SURVEY
type THIRD_PARTY_RISK_MANAGEMENT

PageInfoOut

{
"size": 20,
"totalElements": 50,
"totalPages": 3,
"number": 0
}

Properties

Name Type Required Restrictions Description
size integer(int64) false none The size of the page and maximum number of items to be returned (must not be less than 1, defaults to 20)
totalElements integer(int64) false none The total number of items available
totalPages integer(int64) false none The total number of pages available based on the size
number integer(int64) false none The zero-indexed page number (must not be less than 0, defaults to 0)

PageLinksOut

{
"first": "/api/v2/resource?page=0&size=20",
"prev": "/api/v2/resource?page=2&size=20",
"self": "/api/v2/resource?page=3&size=20",
"next": "/api/v2/resource?page=4&size=20",
"last": "/api/v2/resource?page=6&size=20"
}

Properties

Name Type Required Restrictions Description
first string false none A URL path to the first page of requested data
prev string false none A URL path to the next page of requested data or null if currently on first page
self string false none A URL path to the current page of requested data
next string false none A URL link to the next page of requested data or null if currently on last page
last string false none A URL link to the last page of requested data

PageModelOutWorkflowApiOut

{
"content": [
{
"id": "a1b2c3d4",
"name": "Risk Assessments",
"recordPrefix": "Assessment",
"applicationId": "a1b2c3d4",
"xpos": 20,
"ypos": 20,
"type": "WORKFLOW",
"object": "workflow"
}
],
"links": {
"first": "/api/v2/resource?page=0&size=20",
"prev": "/api/v2/resource?page=2&size=20",
"self": "/api/v2/resource?page=3&size=20",
"next": "/api/v2/resource?page=4&size=20",
"last": "/api/v2/resource?page=6&size=20"
},
"page": {
"size": 20,
"totalElements": 50,
"totalPages": 3,
"number": 0
}
}

Properties

Name Type Required Restrictions Description
content [WorkflowApiOut] false none A array of returned items
links PageLinksOut false none A collection of page URL links for navigation and iteration
page PageInfoOut false none A collection page metadata

PageModelOutWorkflowMapApiOut

{
"content": [
{
"id": "a1b2c3d4",
"from": "a1b2c3d4",
"to": "a1b2c3d4",
"relationship": "ONE_TO_MANY",
"object": "workflow-map"
}
],
"links": {
"first": "/api/v2/resource?page=0&size=20",
"prev": "/api/v2/resource?page=2&size=20",
"self": "/api/v2/resource?page=3&size=20",
"next": "/api/v2/resource?page=4&size=20",
"last": "/api/v2/resource?page=6&size=20"
},
"page": {
"size": 20,
"totalElements": 50,
"totalPages": 3,
"number": 0
}
}

Properties

Name Type Required Restrictions Description
content [WorkflowMapApiOut] false none A array of returned items
links PageLinksOut false none A collection of page URL links for navigation and iteration
page PageInfoOut false none A collection page metadata

PageModelOutStepApiOut

{
"content": [
{
"id": "a1b2c3d4",
"name": "Identify Risk",
"xpos": 20,
"ypos": 20,
"type": "ORIGIN",
"enableComments": false,
"assignableUserType": "APP_USERS",
"externalUserMfaRequired": false,
"workflow": {
"id": "a1b2c3d4",
"name": "Risk Assessments",
"recordPrefix": "Assessment",
"object": "workflow"
},
"object": "step"
}
],
"links": {
"first": "/api/v2/resource?page=0&size=20",
"prev": "/api/v2/resource?page=2&size=20",
"self": "/api/v2/resource?page=3&size=20",
"next": "/api/v2/resource?page=4&size=20",
"last": "/api/v2/resource?page=6&size=20"
},
"page": {
"size": 20,
"totalElements": 50,
"totalPages": 3,
"number": 0
}
}

Properties

Name Type Required Restrictions Description
content [StepApiOut] false none A array of returned items
links PageLinksOut false none A collection of page URL links for navigation and iteration
page PageInfoOut false none A collection page metadata

ApplicationPropertyApiOut

{
"id": "a1b2c3d4",
"name": "Cyber Risk Management Application",
"type": "CONTROLS_COMPLIANCE",
"object": "application"
}

Properties

Name Type Required Restrictions Description
id string false none The unique ID of this Risk Cloud resource
name string false none The name of the application
type string false none The type of Risk Cloud application
object string false none Identifies the type of object this data represents

Enumerated Values

Property Value
type ACCESS_MANAGEMENT
type AML_KYC
type ASSET_MANAGEMENT
type AUDIT_MANAGEMENT
type BUSINESS_CONTINUITY_PLANNING
type CHANGE_MANAGEMENT
type COMPLAINT_MANAGEMENT
type COMPLIANCE_MANAGEMENT
type CONTRACT_MANAGEMENT
type CONTROLS_COMPLIANCE
type CONTROLS_MANAGEMENT
type CRISIS_MANAGEMENT
type CUSTOM
type CUSTOM_GRC_USE_CASE
type CYBER_RISK_MANAGEMENT
type DATA_PRIVACY_MANAGEMENT
type EMPLOYEE_COMPLIANCE
type ENTERPRISE_RISK_MANAGEMENT
type ESG
type INCIDENT_MANAGEMENT
type INTERNAL_AUDIT_MANAGEMENT
type IT_RISK_MANAGEMENT
type NONE
type OPERATIONAL_RESILIENCY
type OTHER
type POLICY_AND_PROCEDURE_MANAGEMENT
type POLICY_MANAGEMENT
type PRIVACY_MANAGEMENT
type QUANTIFY
type REGULATORY_COMPLIANCE
type REPOSITORY
type RISK_QUANTIFICATION
type SOX_TESTING
type STANDARDS_REGULATIONS
type SURVEY
type THIRD_PARTY_RISK_MANAGEMENT

FieldRecordApiOut

{
"id": "a1b2c3d4",
"name": "Risk Severity",
"label": "Enter the Risk Severity based on your assessment",
"global": false,
"type": "SELECT",
"valueType": "OPTION",
"values": [
{
"id": "a1b2c3d4",
"type": "OPTION",
"textValue": "Medium Risk",
"numericValue": 2,
"object": "value"
}
],
"object": "field"
}

Properties

Name Type Required Restrictions Description
id string false none The unique ID of this Risk Cloud resource
name string false none The name of the field
label string false none The label of the field as shown on the record
global boolean false none Whether the field is global
type string false none The type of the field
valueType string false none The type of the field value
values [ValuePropertyApiOut] false none The values of the record field
object string false none Identifies the type of object this data represents

Enumerated Values

Property Value
type DATE
type USER
type EXTERNAL_USER
type TEXT
type TEXT_AREA
type NUMBER
type E_SIGNATURE
type CHECKBOX
type MULTI_SELECT
type RADIO
type SELECT
type ATTACHMENT
type CALCULATION
type TEXT_CONCATENATION
type DATE_CALCULATION
type OTHER
valueType NUMBER
valueType CALCULATION
valueType ATTACHMENT
valueType DATE
valueType OPTION
valueType USER
valueType TEXT
valueType OTHER

PageModelOutRecordApiOut

{
"content": [
{
"id": "a1b2c3d4",
"recordName": "Assessment-7",
"name": "Medium Risk",
"status": "IN_PROGRESS",
"sequenceNumber": 7,
"dates": {
"created": "2019-08-24T14:15:22Z",
"dueDate": "2019-08-24T14:15:22Z",
"recordDueDate": "2019-08-24T14:15:22Z",
"daysUntilDue": 3,
"updated": "2019-08-24T14:15:22Z",
"completed": "2019-08-24T14:15:22Z",
"lastCompleted": "2019-08-24T14:15:22Z"
},
"assignee": {
"id": "a1b2c3d4",
"name": "Jane Doe",
"email": "jane.doe@example.com",
"object": "user"
},
"creator": {
"id": "a1b2c3d4",
"name": "Jane Doe",
"email": "jane.doe@example.com",
"object": "user"
},
"application": {
"id": "a1b2c3d4",
"name": "Cyber Risk Management Application",
"type": "CONTROLS_COMPLIANCE",
"object": "application"
},
"workflow": {
"id": "a1b2c3d4",
"name": "Risk Assessments",
"recordPrefix": "Assessment",
"object": "workflow"
},
"currentStep": {
"id": "a1b2c3d4",
"name": "Identify Risk",
"type": "ORIGIN",
"object": "step"
},
"originStep": {
"id": "a1b2c3d4",
"name": "Identify Risk",
"type": "ORIGIN",
"object": "step"
},
"fields": [
{
"id": "a1b2c3d4",
"name": "Risk Severity",
"label": "Enter the Risk Severity based on your assessment",
"global": false,
"type": "SELECT",
"valueType": "OPTION",
"values": [
{
"id": "a1b2c3d4",
"type": "OPTION",
"textValue": "Medium Risk",
"numericValue": 2,
"object": "value"
}
],
"object": "field"
}
],
"object": "application"
}
],
"links": {
"first": "/api/v2/resource?page=0&size=20",
"prev": "/api/v2/resource?page=2&size=20",
"self": "/api/v2/resource?page=3&size=20",
"next": "/api/v2/resource?page=4&size=20",
"last": "/api/v2/resource?page=6&size=20"
},
"page": {
"size": 20,
"totalElements": 50,
"totalPages": 3,
"number": 0
}
}

Properties

Name Type Required Restrictions Description
content [RecordApiOut] false none A array of returned items
links PageLinksOut false none A collection of page URL links for navigation and iteration
page PageInfoOut false none A collection page metadata

RecordApiOut

{
"id": "a1b2c3d4",
"recordName": "Assessment-7",
"name": "Medium Risk",
"status": "IN_PROGRESS",
"sequenceNumber": 7,
"dates": {
"created": "2019-08-24T14:15:22Z",
"dueDate": "2019-08-24T14:15:22Z",
"recordDueDate": "2019-08-24T14:15:22Z",
"daysUntilDue": 3,
"updated": "2019-08-24T14:15:22Z",
"completed": "2019-08-24T14:15:22Z",
"lastCompleted": "2019-08-24T14:15:22Z"
},
"assignee": {
"id": "a1b2c3d4",
"name": "Jane Doe",
"email": "jane.doe@example.com",
"object": "user"
},
"creator": {
"id": "a1b2c3d4",
"name": "Jane Doe",
"email": "jane.doe@example.com",
"object": "user"
},
"application": {
"id": "a1b2c3d4",
"name": "Cyber Risk Management Application",
"type": "CONTROLS_COMPLIANCE",
"object": "application"
},
"workflow": {
"id": "a1b2c3d4",
"name": "Risk Assessments",
"recordPrefix": "Assessment",
"object": "workflow"
},
"currentStep": {
"id": "a1b2c3d4",
"name": "Identify Risk",
"type": "ORIGIN",
"object": "step"
},
"originStep": {
"id": "a1b2c3d4",
"name": "Identify Risk",
"type": "ORIGIN",
"object": "step"
},
"fields": [
{
"id": "a1b2c3d4",
"name": "Risk Severity",
"label": "Enter the Risk Severity based on your assessment",
"global": false,
"type": "SELECT",
"valueType": "OPTION",
"values": [
{
"id": "a1b2c3d4",
"type": "OPTION",
"textValue": "Medium Risk",
"numericValue": 2,
"object": "value"
}
],
"object": "field"
}
],
"object": "application"
}

Properties

Name Type Required Restrictions Description
id string false none The unique ID of this Risk Cloud resource
recordName string false none The workflow prefix and sequence number of the record
name string false none The text value of the primary field of the record, otherwise the workflow prefix and sequence number of the record
status string false none The status of the record
sequenceNumber integer(int64) false none The sequence number of the record
dates RecordDatesApiOut false none Date information associated with the record
assignee UserPropertyApiOut false none The creator of the record
creator UserPropertyApiOut false none The creator of the record
application ApplicationPropertyApiOut false none The parent application of the record
workflow WorkflowPropertyApiOut false none The parent workflow of the step
currentStep StepPropertyApiOut false none The origin step of the record
originStep StepPropertyApiOut false none The origin step of the record
fields [FieldRecordApiOut] false none The fields and values of the record
object string false none Identifies the type of object this data represents

Enumerated Values

Property Value
status INACTIVE
status NOT_ASSIGNED
status ASSIGNED
status IN_PROGRESS
status COMPLETE

RecordDatesApiOut

{
"created": "2019-08-24T14:15:22Z",
"dueDate": "2019-08-24T14:15:22Z",
"recordDueDate": "2019-08-24T14:15:22Z",
"daysUntilDue": 3,
"updated": "2019-08-24T14:15:22Z",
"completed": "2019-08-24T14:15:22Z",
"lastCompleted": "2019-08-24T14:15:22Z"
}

Properties

Name Type Required Restrictions Description
created string(date-time) false none The moment this Risk Cloud resource was created measured in milliseconds since the Unix epoch.
dueDate string(date-time) false none The due date of this record and step SLA measured in milliseconds since the Unix epoch
recordDueDate string(date-time) false none The due date of this record measured in milliseconds since the Unix epoch
daysUntilDue integer(int64) false none The number of days until this record is due
updated string(date-time) false none The moment this Risk Cloud resource was last updated measured in milliseconds since the Unix epoch.
completed string(date-time) false none The moment this record was completed if the record is currently in an end step measured in milliseconds since the Unix epoch
lastCompleted string(date-time) false none The moment this record was last completed regardless of if the record has transitioned from an end step measured in milliseconds since the Unix epoch

StepPropertyApiOut

{
"id": "a1b2c3d4",
"name": "Identify Risk",
"type": "ORIGIN",
"object": "step"
}

Properties

Name Type Required Restrictions Description
id string false none The unique ID of this Risk Cloud resource
name string false none The name of the step
type string false none The type of the step
object string false none Identifies the type of object this data represents

Enumerated Values

Property Value
type ORIGIN
type CHAIN
type END

UserPropertyApiOut

{
"id": "a1b2c3d4",
"name": "Jane Doe",
"email": "jane.doe@example.com",
"object": "user"
}

Properties

Name Type Required Restrictions Description
id string false none The unique ID of this Risk Cloud resource
name string false none The name of the user
email string false none The email of the user
object string false none Identifies the type of object this data represents

ValuePropertyApiOut

{
"id": "a1b2c3d4",
"type": "OPTION",
"textValue": "Medium Risk",
"numericValue": 2,
"object": "value"
}

Properties

Name Type Required Restrictions Description
id string false none The unique ID of this Risk Cloud resource
type string false none The type of the value
textValue string false none The text representation of the record value, with the format varying by value type:
- NUMBER: a string representation of the number, with currency if specified on the field (example: "42")
- CALCULATION: a string representation of the label if specified on the field, otherwise the number (example: "Highest Risk")
- ATTACHMENT: the name of the attachment file (example: "my-evidence.pdf")
- DATE: the date formatted according to the requesting user’s settings (example: "1/1/23, 12:00 PM")
- OPTION: the text value of the option (example: "Medium Risk")
- USER: the full name and email of the user (example: "First Last (first.last@example.com)")
- TEXT: the text value (example: "Data Theft")
numericValue number(double) false none The numeric representation of the record value, with the format varying by value type:
- NUMBER: the numeric value of the number (example: 42.0)
- CALCULATION: the numeric value of the calculation (example: 42.0)
- ATTACHMENT: the version count of the attachment (example: 2.0)
- DATE: the date measured in milliseconds since the Unix epoch (example: 1672552800000.0)
- OPTION: the numeric value of the option (example: 2.0)
- USER: a null value (example: null)
- TEXT: a null value (example: null)
object string false none Identifies the type of object this data represents

Enumerated Values

Property Value
type NUMBER
type CALCULATION
type ATTACHMENT
type DATE
type OPTION
type USER
type TEXT
type OTHER

FieldApiOut

{
"id": "a1b2c3d4",
"name": "Risk Severity",
"application": {
"id": "a1b2c3d4",
"name": "Cyber Risk Management Application",
"type": "CONTROLS_COMPLIANCE",
"object": "application"
},
"workflow": {
"id": "a1b2c3d4",
"name": "Risk Assessments",
"recordPrefix": "Assessment",
"object": "workflow"
},
"label": "Enter the Risk Severity based on your assessment",
"global": false,
"tooltip": "Select the Risk Severity",
"helpText": "Determine the Risk Severity from your assessment",
"type": "SELECT",
"valueType": "OPTION",
"optionValues": [
{
"id": "a1b2c3d4",
"type": "OPTION",
"textValue": "Medium Risk",
"numericValue": 2,
"object": "value"
}
],
"defaultValues": [
{
"id": "a1b2c3d4",
"type": "OPTION",
"textValue": "Medium Risk",
"numericValue": 2,
"object": "value"
}
],
"object": "field"
}

Properties

Name Type Required Restrictions Description
id string false none The unique ID of this Risk Cloud resource
name string false none The name of the field
application ApplicationPropertyApiOut false none The parent application of the record
workflow WorkflowPropertyApiOut false none The parent workflow of the step
label string false none The label of the field as shown on the record
global boolean false none Whether the field is global
tooltip string false none The tooltip information of the field
helpText string false none The help text of the field to supply necessary context for filling out the field
type string false none The type of the field
valueType string false none The type of the field value
optionValues [ValuePropertyApiOut] false none The option values of the field for Select, Multi-Select, Radio, Checkbox, and E-Signature field types
defaultValues [ValuePropertyApiOut] false none The default values of the field
object string false none Identifies the type of object this data represents

Enumerated Values

Property Value
type DATE
type USER
type EXTERNAL_USER
type TEXT
type TEXT_AREA
type NUMBER
type E_SIGNATURE
type CHECKBOX
type MULTI_SELECT
type RADIO
type SELECT
type ATTACHMENT
type CALCULATION
type TEXT_CONCATENATION
type DATE_CALCULATION
type OTHER
valueType NUMBER
valueType CALCULATION
valueType ATTACHMENT
valueType DATE
valueType OPTION
valueType USER
valueType TEXT
valueType OTHER

PageModelOutFieldApiOut

{
"content": [
{
"id": "a1b2c3d4",
"name": "Risk Severity",
"application": {
"id": "a1b2c3d4",
"name": "Cyber Risk Management Application",
"type": "CONTROLS_COMPLIANCE",
"object": "application"
},
"workflow": {
"id": "a1b2c3d4",
"name": "Risk Assessments",
"recordPrefix": "Assessment",
"object": "workflow"
},
"label": "Enter the Risk Severity based on your assessment",
"global": false,
"tooltip": "Select the Risk Severity",
"helpText": "Determine the Risk Severity from your assessment",
"type": "SELECT",
"valueType": "OPTION",
"optionValues": [
{
"id": "a1b2c3d4",
"type": "OPTION",
"textValue": "Medium Risk",
"numericValue": 2,
"object": "value"
}
],
"defaultValues": [
{
"id": "a1b2c3d4",
"type": "OPTION",
"textValue": "Medium Risk",
"numericValue": 2,
"object": "value"
}
],
"object": "field"
}
],
"links": {
"first": "/api/v2/resource?page=0&size=20",
"prev": "/api/v2/resource?page=2&size=20",
"self": "/api/v2/resource?page=3&size=20",
"next": "/api/v2/resource?page=4&size=20",
"last": "/api/v2/resource?page=6&size=20"
},
"page": {
"size": 20,
"totalElements": 50,
"totalPages": 3,
"number": 0
}
}

Properties

Name Type Required Restrictions Description
content [FieldApiOut] false none A array of returned items
links PageLinksOut false none A collection of page URL links for navigation and iteration
page PageInfoOut false none A collection page metadata

PageModelOutApplicationApiOut

{
"content": [
{
"id": "a1b2c3d4",
"name": "Cyber Risk Management Application",
"color": "#00a3de",
"icon": "CUBES",
"type": "CONTROLS_COMPLIANCE",
"live": false,
"restrictBuildAccess": false,
"object": "application"
}
],
"links": {
"first": "/api/v2/resource?page=0&size=20",
"prev": "/api/v2/resource?page=2&size=20",
"self": "/api/v2/resource?page=3&size=20",
"next": "/api/v2/resource?page=4&size=20",
"last": "/api/v2/resource?page=6&size=20"
},
"page": {
"size": 20,
"totalElements": 50,
"totalPages": 3,
"number": 0
}
}

Properties

Name Type Required Restrictions Description
content [ApplicationApiOut] false none A array of returned items
links PageLinksOut false none A collection of page URL links for navigation and iteration
page PageInfoOut false none A collection page metadata