Skip to content
Hyperproof API
/
/
Get Issue Proof Metadata

Issues API (1.0)

Provides access to the issues that are part of a Hyperproof organization.

Download OpenAPI description
issues.openapi.json
issues.openapi.yaml
Languages
Servers
Mock server
https://developer.hyperproof.app/_mock/hyperproof-api/issues/issues.openapi
Hyperproof US
https://api.hyperproof.app/v1/issues
Hyperproof Gov
https://api.hyperproofgov.app/v1/issues
Hyperproof EU
https://api.hyperproof.eu/v1/issues

Add Issue

Request

POST /

Description

Creates a new issue within an organization, capturing details such as title, description, severity, and associated objects.

Security
oauth2
Bodyapplication/json
summarystringrequired

The summary of the issue.

Example: "Incorrect policy implementation"
descriptionstring

The description of the issue.

Example: "The policy implementation does not match standard operating procedures"
assigneeIdstring(uuid)

The assignee identifier for the issue.

Example: "e99e616e-6211-22ff-b755-633587729bf9"
groupIdstring(uuid)

The unique identifier of the group to assign to the issue.

prioritystring(Priority)

The priority level.

Enum"highest""high""medium""low""lowest"
dueDatestring(date-time)

The due date for the issue (ISO-8601 format).

Example: "2024-12-24T00:00:01Z"
customFieldsArray of objects(CustomFieldObjectValuePatch)
Example: [{"fieldId":"ceb912ab-519b-11ee-a644-522476618ae8","textValue":"John Smith"}]
workItemStatusstring(WorkItemStatusIssue)

The work item status.

Enum"notStarted""inProgress""remediated""accepted"
sourceobject(ObjectReference)required
source.​objectTypestring(ObjectType)

The type of the object.

Enum"audit""connection""control""controlScope""domain""freshnessHistory""exportFile""label""organization""organizationUser"
source.​objectIdstring

The unique identifier of the referenced object.

source.​parentIdstring

The unique identifier of the parent of the referenced object.

impactstring(Priority)

The priority level.

Enum"highest""high""medium""low""lowest"
executiveSponsorstring

The executive sponsor for the issue.

Example: "d3636cb0-10bf-45e9-abaa-b0efba75965d"
businessOwnerstring

The business owner for the issue.

Example: "4b81e4aa-7577-4579-b05c-bcc76af8f2f1"
actionPlanstring

The action plan for the issue.

Example: "Update the implementation to modern standards"
discoveredOnstring(date-time)

The discovered date for the issue (ISO-8601 format).

Example: "2024-11-01T00:00:01Z"
closedOnstring(date-time)

The closed date for the issue (ISO-8601 format).

Example: "2024-11-02T00:00:01Z"
effortLevelstring(Priority)

The priority level.

Enum"highest""high""medium""low""lowest"
isPrivateboolean

Whether the issue is private.

curl -i -X POST \
  https://developer.hyperproof.app/_mock/hyperproof-api/issues/issues.openapi/ \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>' \
  -H 'Content-Type: application/json' \
  -d '{
    "summary": "Incorrect policy implementation",
    "description": "The policy implementation does not match standard operating procedures",
    "assigneeId": "e99e616e-6211-22ff-b755-633587729bf9",
    "workItemStatus": "notStarted",
    "priority": "high",
    "dueDate": "2024-12-24T00:00:01Z",
    "customFields": [
      {
        "fieldId": "ceb912ab-519b-11ee-a644-522476618ae8",
        "textValue": "John Smith"
      }
    ],
    "source": {
      "objectId": "f06fe159-e7c1-4b42-8715-5615ff50b29c",
      "objectType": "audit"
    },
    "impact": "medium",
    "executiveSponsor": "d3636cb0-10bf-45e9-abaa-b0efba75965d",
    "businessOwner": "4b81e4aa-7577-4579-b05c-bcc76af8f2f1",
    "actionPlan": "Update the implementation to modern standards",
    "discoveredOn": "2024-11-01T00:00:01Z",
    "closedOn": "2024-11-02T00:00:01Z",
    "effortLevel": "highest",
    "isPrivate": false
  }'

Responses

Success.

Bodyapplication/json
idstring(uuid)

The unique identifier for the issue.

Example: "f9106f7c-cedf-4003-9d4e-762128170083"
orgIdstring(uuid)

The unique identifier for the organization the issue belongs to.

Example: "ce83e3cd-5199-11ee-a644-522476618ae8"
summarystring

The summary of the issue.

Example: "Incorrect policy implementation"
indexinteger

The index of the issue used for generating unique references/identifiers of issues.

descriptionstring

The description of the issue.

Example: "The policy implementation does not match standard operating procedures"
assigneeIdstring(uuid)

The unique identifier of the assignee for the issue.

Example: "e99e616e-6211-22ff-b755-633587729bf9"
groupIdstring(uuid)

The unique identifier of the group assigned to the issue.

prioritystring(Priority)

The priority level.

Enum"highest""high""medium""low""lowest"
dueDatestring(date-time)

The due date for resolving the issue (ISO-8601 format).

Example: "2024-12-24T11:59:59+13:00"
linkedObjectsArray of objects(ObjectReference)

The list of linked objects for the issue.

Example: [{"objectId":"9183ab44-d551-45ef-81ba-268e0617216b","objectType":"program"},{"objectId":"4941bc77-6ff7-4977-9cad-0a00fcfb71e1","objectType":"label"}]
customFieldsArray of objects(CustomFieldObjectValue)
Example: [{"fieldId":"ceb912ab-519b-11ee-a644-522476618ae8","fieldName":"Sponsor","fieldType":"text","textValue":"John Smith"}]
statusstring(ObjectStatus)

The status of the object

Enum"active""archived"
createdBystring(uuid)

The unique identifier of the user who created the issue.

Example: "82d7c228-8bcd-11e9-a94b-ab3de8494987"
createdOnstring(date-time)

The date and time the issue was created (ISO-8601 format).

Example: "2023-09-12T18:26:10.005365Z"
updatedBystring(uuid)

The unique identifier of the user who last updated the issue.

Example: "82d7c228-8bcd-11e9-a94b-ab3de8494987"
updatedOnstring(date-time)

The date and time the issue was last updated (ISO-8601 format).

Example: "2023-09-12T18:26:10.005365Z"
permissionsArray of strings

The list of permissions for the issue.

Example: []
workItemStatusstring(WorkItemStatusIssue)

The work item status.

Enum"notStarted""inProgress""remediated""accepted"
sourceIdstring

The identifier of the source of the issue.

Example: "f06fe159-e7c1-4b42-8715-5615ff50b29c"
sourceTypestring(ObjectType)

The type of the object.

Enum"audit""connection""control""controlScope""domain""freshnessHistory""exportFile""label""organization""organizationUser"
sourceNamestring

The name of the source of the issue.

Example: "SOC2"
sourceStatusstring(ObjectStatus)

The status of the object

Enum"active""archived"
impactstring(Priority)

The priority level.

Enum"highest""high""medium""low""lowest"
executiveSponsorstring

The executive sponsor for the issue.

Example: "d3636cb0-10bf-45e9-abaa-b0efba75965d"
businessOwnerstring

The business owner of the issue.

Example: "4b81e4aa-7577-4579-b05c-bcc76af8f2f1"
actionPlanstring

The action plan for resolving the issue.

Example: "Update the implementation to modern standards"
discoveredOnstring(date-time)

The date the issue was discovered (ISO-8601 format).

Example: "2024-11-01T00:00:01Z"
closedOnstring(date-time)

The date and time the issue was closed (ISO-8601 format).

effortLevelstring(Priority)

The priority level.

Enum"highest""high""medium""low""lowest"
isPrivateboolean

Whether the issue is private.

Response
application/json
{
  "id": "f9106f7c-cedf-4003-9d4e-762128170083",
  "orgId": "ce83e3cd-5199-11ee-a644-522476618ae8",
  "summary": "Incorrect policy implementation",
  "key": "I-23",
  "description": "The policy implementation does not match standard operating procedures",
  "assigneeId": "e99e616e-6211-22ff-b755-633587729bf9",
  "workItemStatus": "notStarted",
  "priority": "high",
  "dueDate": "2024-12-24T11:59:59+13:00",
  "linkedObjects": [
    {},
    {}
  ],
  "customFields": [
    {}
  ],
  "status": "active",
  "createdBy": "82d7c228-8bcd-11e9-a94b-ab3de8494987",
  "createdOn": "2023-09-12T18:26:10.005365Z",
  "updatedBy": "82d7c228-8bcd-11e9-a94b-ab3de8494987",
  "updatedOn": "2023-09-12T18:26:10.005365Z",
  "permissions": [],
  "sourceId": "f06fe159-e7c1-4b42-8715-5615ff50b29c",
  "sourceType": "audit",
  "sourceName": "SOC2",
  "sourceStatus": "active",
  "impact": "medium",
  "executiveSponsor": "d3636cb0-10bf-45e9-abaa-b0efba75965d",
  "businessOwner": "4b81e4aa-7577-4579-b05c-bcc76af8f2f1",
  "actionPlan": "Update the implementation to modern standards",
  "discoveredOn": "2024-11-01T00:00:01Z",
  "effortLevel": "highest",
  "isPrivate": false
}

Get Issues Filtered

Request

PUT /

Description

Retrieves a collection of issues that match the specified filter criteria, such as status, priority, or assigned user.

Security
oauth2
Bodyapplication/json
sourceObjectsArray of objects(ObjectReference)
Example: [{"objectId":"ceb912ab-519b-11ee-a644-522476618ae8","objectType":"control"}]
issueIdsArray of strings

The list of issue identifiers to filter by.

Example: ["ba50096d-bbfa-47af-94a7-092b0984cf35"]
assigneeIdsArray of strings

The list of assignee identifiers to filter issues by.

Example: ["ad21d858-c271-4c6d-8780-fecf6b16e534"]
workItemStatusstring(WorkItemStatusIssue)

The work item status.

Enum"notStarted""inProgress""remediated""accepted"
createdAfterstring(date-time)

The date after which issues were created for filtering (ISO-8601 format).

Example: "2020-12-10T20:00:00Z"
createdBeforestring(date-time)

The date before which issues were created for filtering (ISO-8601 format).

Example: "2020-12-11T20:00:00Z"
modifiedAfterstring(date-time)

The date after which issues were modified for filtering (ISO-8601 format).

Example: "2020-12-17T20:00:00Z"
modifiedBeforestring(date-time)

The date before which issues were modified for filtering (ISO-8601 format).

Example: "2020-12-18T20:00:00Z"
statusstring(ObjectStatus)

The status of the object

Enum"active""archived"
curl -i -X PUT \
  https://developer.hyperproof.app/_mock/hyperproof-api/issues/issues.openapi/filter \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>' \
  -H 'Content-Type: application/json' \
  -d '{
    "sourceObjects": [
      {
        "objectId": "ceb912ab-519b-11ee-a644-522476618ae8",
        "objectType": "control"
      }
    ],
    "issueIds": [
      "ba50096d-bbfa-47af-94a7-092b0984cf35"
    ],
    "assigneeIds": [
      "ad21d858-c271-4c6d-8780-fecf6b16e534"
    ],
    "workItemStatus": "inProgress",
    "createdAfter": "2020-12-10T20:00:00Z",
    "createdBefore": "2020-12-11T20:00:00Z",
    "modifiedAfter": "2020-12-17T20:00:00Z",
    "modifiedBefore": "2020-12-18T20:00:00Z",
    "status": "active"
  }'

Responses

Success.

Bodyapplication/jsonArray [
idstring(uuid)

The unique identifier for the issue.

Example: "f9106f7c-cedf-4003-9d4e-762128170083"
orgIdstring(uuid)

The unique identifier for the organization the issue belongs to.

Example: "ce83e3cd-5199-11ee-a644-522476618ae8"
summarystring

The summary of the issue.

Example: "Incorrect policy implementation"
indexinteger

The index of the issue used for generating unique references/identifiers of issues.

descriptionstring

The description of the issue.

Example: "The policy implementation does not match standard operating procedures"
assigneeIdstring(uuid)

The unique identifier of the assignee for the issue.

Example: "e99e616e-6211-22ff-b755-633587729bf9"
groupIdstring(uuid)

The unique identifier of the group assigned to the issue.

prioritystring(Priority)

The priority level.

Enum"highest""high""medium""low""lowest"
dueDatestring(date-time)

The due date for resolving the issue (ISO-8601 format).

Example: "2024-12-24T11:59:59+13:00"
linkedObjectsArray of objects(ObjectReference)

The list of linked objects for the issue.

Example: [{"objectId":"9183ab44-d551-45ef-81ba-268e0617216b","objectType":"program"},{"objectId":"4941bc77-6ff7-4977-9cad-0a00fcfb71e1","objectType":"label"}]
customFieldsArray of objects(CustomFieldObjectValue)
Example: [{"fieldId":"ceb912ab-519b-11ee-a644-522476618ae8","fieldName":"Sponsor","fieldType":"text","textValue":"John Smith"}]
statusstring(ObjectStatus)

The status of the object

Enum"active""archived"
createdBystring(uuid)

The unique identifier of the user who created the issue.

Example: "82d7c228-8bcd-11e9-a94b-ab3de8494987"
createdOnstring(date-time)

The date and time the issue was created (ISO-8601 format).

Example: "2023-09-12T18:26:10.005365Z"
updatedBystring(uuid)

The unique identifier of the user who last updated the issue.

Example: "82d7c228-8bcd-11e9-a94b-ab3de8494987"
updatedOnstring(date-time)

The date and time the issue was last updated (ISO-8601 format).

Example: "2023-09-12T18:26:10.005365Z"
permissionsArray of strings

The list of permissions for the issue.

Example: []
workItemStatusstring(WorkItemStatusIssue)

The work item status.

Enum"notStarted""inProgress""remediated""accepted"
sourceIdstring

The identifier of the source of the issue.

Example: "f06fe159-e7c1-4b42-8715-5615ff50b29c"
sourceTypestring(ObjectType)

The type of the object.

Enum"audit""connection""control""controlScope""domain""freshnessHistory""exportFile""label""organization""organizationUser"
sourceNamestring

The name of the source of the issue.

Example: "SOC2"
sourceStatusstring(ObjectStatus)

The status of the object

Enum"active""archived"
impactstring(Priority)

The priority level.

Enum"highest""high""medium""low""lowest"
executiveSponsorstring

The executive sponsor for the issue.

Example: "d3636cb0-10bf-45e9-abaa-b0efba75965d"
businessOwnerstring

The business owner of the issue.

Example: "4b81e4aa-7577-4579-b05c-bcc76af8f2f1"
actionPlanstring

The action plan for resolving the issue.

Example: "Update the implementation to modern standards"
discoveredOnstring(date-time)

The date the issue was discovered (ISO-8601 format).

Example: "2024-11-01T00:00:01Z"
closedOnstring(date-time)

The date and time the issue was closed (ISO-8601 format).

effortLevelstring(Priority)

The priority level.

Enum"highest""high""medium""low""lowest"
isPrivateboolean

Whether the issue is private.

]
Response
application/json
[
  {
    "id": "f9106f7c-cedf-4003-9d4e-762128170083",
    "orgId": "ce83e3cd-5199-11ee-a644-522476618ae8",
    "summary": "Incorrect policy implementation",
    "key": "I-23",
    "description": "The policy implementation does not match standard operating procedures",
    "assigneeId": "e99e616e-6211-22ff-b755-633587729bf9",
    "workItemStatus": "notStarted",
    "priority": "high",
    "dueDate": "2024-12-24T11:59:59+13:00",
    "linkedObjects": [],
    "customFields": [],
    "status": "active",
    "createdBy": "82d7c228-8bcd-11e9-a94b-ab3de8494987",
    "createdOn": "2023-09-12T18:26:10.005365Z",
    "updatedBy": "82d7c228-8bcd-11e9-a94b-ab3de8494987",
    "updatedOn": "2023-09-12T18:26:10.005365Z",
    "permissions": [],
    "sourceId": "f06fe159-e7c1-4b42-8715-5615ff50b29c",
    "sourceType": "audit",
    "sourceName": "SOC2",
    "sourceStatus": "active",
    "impact": "medium",
    "executiveSponsor": "d3636cb0-10bf-45e9-abaa-b0efba75965d",
    "businessOwner": "4b81e4aa-7577-4579-b05c-bcc76af8f2f1",
    "actionPlan": "Update the implementation to modern standards",
    "discoveredOn": "2024-11-01T00:00:01Z",
    "effortLevel": "highest",
    "isPrivate": false
  }
]

Get Issue

Request

GET /{issueId}

Description

Retrieves details of a specific issue by its unique ID, including its title, description, status, and associated metadata.

Security
oauth2
Path
issueIdstringrequired

Unique ID of the issue to retrieve.

curl -i -X GET \
  'https://developer.hyperproof.app/_mock/hyperproof-api/issues/issues.openapi/{issueId}' \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>'

Responses

Success.

Bodyapplication/json
idstring(uuid)

The unique identifier for the issue.

Example: "f9106f7c-cedf-4003-9d4e-762128170083"
orgIdstring(uuid)

The unique identifier for the organization the issue belongs to.

Example: "ce83e3cd-5199-11ee-a644-522476618ae8"
summarystring

The summary of the issue.

Example: "Incorrect policy implementation"
indexinteger

The index of the issue used for generating unique references/identifiers of issues.

descriptionstring

The description of the issue.

Example: "The policy implementation does not match standard operating procedures"
assigneeIdstring(uuid)

The unique identifier of the assignee for the issue.

Example: "e99e616e-6211-22ff-b755-633587729bf9"
groupIdstring(uuid)

The unique identifier of the group assigned to the issue.

prioritystring(Priority)

The priority level.

Enum"highest""high""medium""low""lowest"
dueDatestring(date-time)

The due date for resolving the issue (ISO-8601 format).

Example: "2024-12-24T11:59:59+13:00"
linkedObjectsArray of objects(ObjectReference)

The list of linked objects for the issue.

Example: [{"objectId":"9183ab44-d551-45ef-81ba-268e0617216b","objectType":"program"},{"objectId":"4941bc77-6ff7-4977-9cad-0a00fcfb71e1","objectType":"label"}]
customFieldsArray of objects(CustomFieldObjectValue)
Example: [{"fieldId":"ceb912ab-519b-11ee-a644-522476618ae8","fieldName":"Sponsor","fieldType":"text","textValue":"John Smith"}]
statusstring(ObjectStatus)

The status of the object

Enum"active""archived"
createdBystring(uuid)

The unique identifier of the user who created the issue.

Example: "82d7c228-8bcd-11e9-a94b-ab3de8494987"
createdOnstring(date-time)

The date and time the issue was created (ISO-8601 format).

Example: "2023-09-12T18:26:10.005365Z"
updatedBystring(uuid)

The unique identifier of the user who last updated the issue.

Example: "82d7c228-8bcd-11e9-a94b-ab3de8494987"
updatedOnstring(date-time)

The date and time the issue was last updated (ISO-8601 format).

Example: "2023-09-12T18:26:10.005365Z"
permissionsArray of strings

The list of permissions for the issue.

Example: []
workItemStatusstring(WorkItemStatusIssue)

The work item status.

Enum"notStarted""inProgress""remediated""accepted"
sourceIdstring

The identifier of the source of the issue.

Example: "f06fe159-e7c1-4b42-8715-5615ff50b29c"
sourceTypestring(ObjectType)

The type of the object.

Enum"audit""connection""control""controlScope""domain""freshnessHistory""exportFile""label""organization""organizationUser"
sourceNamestring

The name of the source of the issue.

Example: "SOC2"
sourceStatusstring(ObjectStatus)

The status of the object

Enum"active""archived"
impactstring(Priority)

The priority level.

Enum"highest""high""medium""low""lowest"
executiveSponsorstring

The executive sponsor for the issue.

Example: "d3636cb0-10bf-45e9-abaa-b0efba75965d"
businessOwnerstring

The business owner of the issue.

Example: "4b81e4aa-7577-4579-b05c-bcc76af8f2f1"
actionPlanstring

The action plan for resolving the issue.

Example: "Update the implementation to modern standards"
discoveredOnstring(date-time)

The date the issue was discovered (ISO-8601 format).

Example: "2024-11-01T00:00:01Z"
closedOnstring(date-time)

The date and time the issue was closed (ISO-8601 format).

effortLevelstring(Priority)

The priority level.

Enum"highest""high""medium""low""lowest"
isPrivateboolean

Whether the issue is private.

Response
application/json
{
  "id": "f9106f7c-cedf-4003-9d4e-762128170083",
  "orgId": "ce83e3cd-5199-11ee-a644-522476618ae8",
  "summary": "Incorrect policy implementation",
  "key": "I-23",
  "description": "The policy implementation does not match standard operating procedures",
  "assigneeId": "e99e616e-6211-22ff-b755-633587729bf9",
  "workItemStatus": "notStarted",
  "priority": "high",
  "dueDate": "2024-12-24T11:59:59+13:00",
  "linkedObjects": [
    {},
    {}
  ],
  "customFields": [
    {}
  ],
  "status": "active",
  "createdBy": "82d7c228-8bcd-11e9-a94b-ab3de8494987",
  "createdOn": "2023-09-12T18:26:10.005365Z",
  "updatedBy": "82d7c228-8bcd-11e9-a94b-ab3de8494987",
  "updatedOn": "2023-09-12T18:26:10.005365Z",
  "permissions": [],
  "sourceId": "f06fe159-e7c1-4b42-8715-5615ff50b29c",
  "sourceType": "audit",
  "sourceName": "SOC2",
  "sourceStatus": "active",
  "impact": "medium",
  "executiveSponsor": "d3636cb0-10bf-45e9-abaa-b0efba75965d",
  "businessOwner": "4b81e4aa-7577-4579-b05c-bcc76af8f2f1",
  "actionPlan": "Update the implementation to modern standards",
  "discoveredOn": "2024-11-01T00:00:01Z",
  "effortLevel": "highest",
  "isPrivate": false
}

Update Issue

Request

PATCH /{issueId}

Description

Updates an existing issue with new values, allowing changes to fields such as title, description, status, or assigned user.

Security
oauth2
Path
issueIdstringrequired

Unique ID of the issue to update.

Bodyapplication/json
summarystring

The summary of the issue.

Example: "Incorrect policy implementation"
descriptionstring

The description of the issue.

Example: "The policy implementation does not match standard operating procedures"
assigneeIdstring(uuid)

The unique identifier of the user assigned to the issue.

Example: "e99e616e-6211-22ff-b755-633587729bf9"
groupIdstring

The unique identifier of the group assigned to the issue. If set, clearGroupId must not be set.

clearGroupIdboolean

Clears the group unique identifier if true. If set, groupId must not be set.

prioritystring(Priority)

The priority level.

Enum"highest""high""medium""low""lowest"
dueDatestring(date-time)

The due date for the issue (ISO-8601 format).

Example: "2024-12-24T00:00:01Z"
clearDueDateboolean

Whether to clear the due date for the issue.

customFieldsArray of objects(CustomFieldObjectValuePatch)
Example: [{"fieldId":"ceb912ab-519b-11ee-a644-522476618ae8","textValue":"John Smith"}]
workItemStatusstring(WorkItemStatusIssue)

The work item status.

Enum"notStarted""inProgress""remediated""accepted"
sourceobject(ObjectReference)
impactstring(Priority)

The priority level.

Enum"highest""high""medium""low""lowest"
executiveSponsorstring

The executive sponsor for the issue.

Example: "d3636cb0-10bf-45e9-abaa-b0efba75965d"
businessOwnerstring

The business owner for the issue.

Example: "4b81e4aa-7577-4579-b05c-bcc76af8f2f1"
actionPlanstring

The action plan for the issue.

Example: "Update the implementation to modern standards"
discoveredOnstring(date-time)

The date the issue was discovered (ISO-8601 format).

Example: "2024-11-01T00:00:01Z"
closedOnstring(date-time)

The date the issue was closed (ISO-8601 format).

Example: "2024-11-02T00:00:01Z"
effortLevelstring(Priority)

The priority level.

Enum"highest""high""medium""low""lowest"
isPrivateboolean

Whether the issue is private.

curl -i -X PATCH \
  'https://developer.hyperproof.app/_mock/hyperproof-api/issues/issues.openapi/{issueId}' \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>' \
  -H 'Content-Type: application/json' \
  -d '{
    "summary": "Incorrect policy implementation",
    "description": "The policy implementation does not match standard operating procedures",
    "assigneeId": "e99e616e-6211-22ff-b755-633587729bf9",
    "workItemStatus": "notStarted",
    "priority": "high",
    "dueDate": "2024-12-24T00:00:01Z",
    "customFields": [
      {
        "fieldId": "ceb912ab-519b-11ee-a644-522476618ae8",
        "textValue": "John Smith"
      }
    ],
    "clearDueDate": false,
    "source": {
      "objectId": "f06fe159-e7c1-4b42-8715-5615ff50b29c",
      "objectType": "audit"
    },
    "impact": "medium",
    "executiveSponsor": "d3636cb0-10bf-45e9-abaa-b0efba75965d",
    "businessOwner": "4b81e4aa-7577-4579-b05c-bcc76af8f2f1",
    "actionPlan": "Update the implementation to modern standards",
    "discoveredOn": "2024-11-01T00:00:01Z",
    "closedOn": "2024-11-02T00:00:01Z",
    "effortLevel": "highest",
    "isPrivate": false
  }'

Responses

Success.

Bodyapplication/json
idstring(uuid)

The unique identifier for the issue.

Example: "f9106f7c-cedf-4003-9d4e-762128170083"
orgIdstring(uuid)

The unique identifier for the organization the issue belongs to.

Example: "ce83e3cd-5199-11ee-a644-522476618ae8"
summarystring

The summary of the issue.

Example: "Incorrect policy implementation"
indexinteger

The index of the issue used for generating unique references/identifiers of issues.

descriptionstring

The description of the issue.

Example: "The policy implementation does not match standard operating procedures"
assigneeIdstring(uuid)

The unique identifier of the assignee for the issue.

Example: "e99e616e-6211-22ff-b755-633587729bf9"
groupIdstring(uuid)

The unique identifier of the group assigned to the issue.

prioritystring(Priority)

The priority level.

Enum"highest""high""medium""low""lowest"
dueDatestring(date-time)

The due date for resolving the issue (ISO-8601 format).

Example: "2024-12-24T11:59:59+13:00"
linkedObjectsArray of objects(ObjectReference)

The list of linked objects for the issue.

Example: [{"objectId":"9183ab44-d551-45ef-81ba-268e0617216b","objectType":"program"},{"objectId":"4941bc77-6ff7-4977-9cad-0a00fcfb71e1","objectType":"label"}]
customFieldsArray of objects(CustomFieldObjectValue)
Example: [{"fieldId":"ceb912ab-519b-11ee-a644-522476618ae8","fieldName":"Sponsor","fieldType":"text","textValue":"John Smith"}]
statusstring(ObjectStatus)

The status of the object

Enum"active""archived"
createdBystring(uuid)

The unique identifier of the user who created the issue.

Example: "82d7c228-8bcd-11e9-a94b-ab3de8494987"
createdOnstring(date-time)

The date and time the issue was created (ISO-8601 format).

Example: "2023-09-12T18:26:10.005365Z"
updatedBystring(uuid)

The unique identifier of the user who last updated the issue.

Example: "82d7c228-8bcd-11e9-a94b-ab3de8494987"
updatedOnstring(date-time)

The date and time the issue was last updated (ISO-8601 format).

Example: "2023-09-12T18:26:10.005365Z"
permissionsArray of strings

The list of permissions for the issue.

Example: []
workItemStatusstring(WorkItemStatusIssue)

The work item status.

Enum"notStarted""inProgress""remediated""accepted"
sourceIdstring

The identifier of the source of the issue.

Example: "f06fe159-e7c1-4b42-8715-5615ff50b29c"
sourceTypestring(ObjectType)

The type of the object.

Enum"audit""connection""control""controlScope""domain""freshnessHistory""exportFile""label""organization""organizationUser"
sourceNamestring

The name of the source of the issue.

Example: "SOC2"
sourceStatusstring(ObjectStatus)

The status of the object

Enum"active""archived"
impactstring(Priority)

The priority level.

Enum"highest""high""medium""low""lowest"
executiveSponsorstring

The executive sponsor for the issue.

Example: "d3636cb0-10bf-45e9-abaa-b0efba75965d"
businessOwnerstring

The business owner of the issue.

Example: "4b81e4aa-7577-4579-b05c-bcc76af8f2f1"
actionPlanstring

The action plan for resolving the issue.

Example: "Update the implementation to modern standards"
discoveredOnstring(date-time)

The date the issue was discovered (ISO-8601 format).

Example: "2024-11-01T00:00:01Z"
closedOnstring(date-time)

The date and time the issue was closed (ISO-8601 format).

effortLevelstring(Priority)

The priority level.

Enum"highest""high""medium""low""lowest"
isPrivateboolean

Whether the issue is private.

Response
application/json
{
  "id": "f9106f7c-cedf-4003-9d4e-762128170083",
  "orgId": "ce83e3cd-5199-11ee-a644-522476618ae8",
  "summary": "Incorrect policy implementation",
  "key": "I-23",
  "description": "The policy implementation does not match standard operating procedures",
  "assigneeId": "e99e616e-6211-22ff-b755-633587729bf9",
  "workItemStatus": "notStarted",
  "priority": "high",
  "dueDate": "2024-12-24T11:59:59+13:00",
  "linkedObjects": [
    {},
    {}
  ],
  "customFields": [
    {}
  ],
  "status": "active",
  "createdBy": "82d7c228-8bcd-11e9-a94b-ab3de8494987",
  "createdOn": "2023-09-12T18:26:10.005365Z",
  "updatedBy": "82d7c228-8bcd-11e9-a94b-ab3de8494987",
  "updatedOn": "2023-09-12T18:26:10.005365Z",
  "permissions": [],
  "sourceId": "f06fe159-e7c1-4b42-8715-5615ff50b29c",
  "sourceType": "audit",
  "sourceName": "SOC2",
  "sourceStatus": "active",
  "impact": "medium",
  "executiveSponsor": "d3636cb0-10bf-45e9-abaa-b0efba75965d",
  "businessOwner": "4b81e4aa-7577-4579-b05c-bcc76af8f2f1",
  "actionPlan": "Update the implementation to modern standards",
  "discoveredOn": "2024-11-01T00:00:01Z",
  "effortLevel": "highest",
  "isPrivate": false
}

Add Issue Proof

Request

POST /{issueId}/proof

Description

Adds proof to a specified issue, uploading evidence files or links and associating them with the issue for verification and auditing purposes.

Security
oauth2
Path
issueIdstringrequired

Unique ID of the issue.

Bodymultipart/form-data
proofstring(binary)required
hp-proof-owned-bystring
hp-proof-sourcestring
hp-proof-source-idstring
hp-proof-source-file-idstring
hp-proof-source-modified-onstring(date-time)
hp-proof-live-sync-enabledboolean
curl -i -X POST \
  'https://developer.hyperproof.app/_mock/hyperproof-api/issues/issues.openapi/{issueId}/proof' \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>' \
  -H 'Content-Type: multipart/form-data' \
  -F proof=string \
  -F hp-proof-owned-by=string \
  -F hp-proof-source=string \
  -F hp-proof-source-id=string \
  -F hp-proof-source-file-id=string \
  -F hp-proof-source-modified-on=2019-08-24T14:15:22Z \
  -F hp-proof-live-sync-enabled=true

Responses

Success.

Bodyapplication/json
idstring

Unique identifier for the proof item

Example: "4eb909de-51af-11ee-a644-522476618ae8"
orgIdstring

Unique identifier for the organization

Example: "ce83e3cd-5199-11ee-a644-522476618ae8"
filenamestring

Name of the uploaded file

Example: "example.txt"
nameOverridestring

Name of proof Hyperproof given by Hyperproof user

contentTypestring

MIME type of the file (e.g.,text/plain)

Example: "text/plain"
fileExtensionstring

File extension (e.g.,txt)

Example: "txt"
sizenumber

File size in bytes

Example: 627
versioninteger

Version of the proof item

sourcestring

Source of the file (e.g.,localComputer)

Example: "localComputer"
sourceVersioninteger

The version of the proof maintained by the source system

ownedBystring

Unique identifier of the user who owns the proof item

Example: "82d7c228-8bcd-11e9-a94b-ab3de8494987"
isPrivateboolean

Whether the proof item is private

uploadedOnstring

The date the proof was uploaded (ISO-8601 format)

Example: "2023-09-12T20:59:47.694353Z"
statusstring

Status of the proof item

Enum"active""archived""deleted""pending""canceled"
Example: "active"
createdBystring

Unique identifier of the user who created the proof item

Example: "82d7c228-8bcd-11e9-a94b-ab3de8494987"
createdOnstring

The date the proof was created (ISO-8601 format)

Example: "2023-09-12T20:59:47.694353Z"
updatedBystring

Unique identifier of the user who last updated the proof item

Example: "82d7c228-8bcd-11e9-a94b-ab3de8494987"
updatedOnstring

The date the proof was updated (ISO-8601 format)

Example: "2023-09-12T20:59:47.694353Z"
Response
application/json
{
  "id": "4eb909de-51af-11ee-a644-522476618ae8",
  "orgId": "ce83e3cd-5199-11ee-a644-522476618ae8",
  "filename": "example.txt",
  "contentType": "text/plain",
  "fileExtension": "txt",
  "size": 627,
  "version": 0,
  "source": "localComputer",
  "ownedBy": "82d7c228-8bcd-11e9-a94b-ab3de8494987",
  "uploadedOn": "2023-09-12T20:59:47.694353Z",
  "isPrivate": false,
  "status": "active",
  "createdBy": "82d7c228-8bcd-11e9-a94b-ab3de8494987",
  "updatedBy": "82d7c228-8bcd-11e9-a94b-ab3de8494987",
  "createdOn": "2023-09-12T20:59:47.694353Z",
  "updatedOn": "2023-09-12T20:59:47.694353Z"
}

Get Issue Proof Metadata

Request

GET /{issueId}/proof

Description

Retrieves all proof items linked to a specified issue, including file details, upload metadata, and source information.

Security
oauth2
Path
issueIdstringrequired

Unique ID of the issue.

curl -i -X GET \
  'https://developer.hyperproof.app/_mock/hyperproof-api/issues/issues.openapi/{issueId}/proof' \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>'

Responses

Success.

Bodyapplication/jsonArray [
idstring

Unique identifier for the proof item

Example: "4eb909de-51af-11ee-a644-522476618ae8"
orgIdstring

Unique identifier for the organization

Example: "ce83e3cd-5199-11ee-a644-522476618ae8"
filenamestring

Name of the uploaded file

Example: "example.txt"
nameOverridestring

Name of proof Hyperproof given by Hyperproof user

contentTypestring

MIME type of the file (e.g.,text/plain)

Example: "text/plain"
fileExtensionstring

File extension (e.g.,txt)

Example: "txt"
sizenumber

File size in bytes

Example: 627
versioninteger

Version of the proof item

sourcestring

Source of the file (e.g.,localComputer)

Example: "localComputer"
sourceVersioninteger

The version of the proof maintained by the source system

ownedBystring

Unique identifier of the user who owns the proof item

Example: "82d7c228-8bcd-11e9-a94b-ab3de8494987"
isPrivateboolean

Whether the proof item is private

uploadedOnstring

The date the proof was uploaded (ISO-8601 format)

Example: "2023-09-12T20:59:47.694353Z"
statusstring

Status of the proof item

Enum"active""archived""deleted""pending""canceled"
Example: "active"
createdBystring

Unique identifier of the user who created the proof item

Example: "82d7c228-8bcd-11e9-a94b-ab3de8494987"
createdOnstring

The date the proof was created (ISO-8601 format)

Example: "2023-09-12T20:59:47.694353Z"
updatedBystring

Unique identifier of the user who last updated the proof item

Example: "82d7c228-8bcd-11e9-a94b-ab3de8494987"
updatedOnstring

The date the proof was updated (ISO-8601 format)

Example: "2023-09-12T20:59:47.694353Z"
]
Response
application/json
[
  {
    "id": "4eb909de-51af-11ee-a644-522476618ae8",
    "orgId": "ce83e3cd-5199-11ee-a644-522476618ae8",
    "filename": "example.txt",
    "contentType": "text/plain",
    "fileExtension": "txt",
    "size": 627,
    "version": 0,
    "source": "localComputer",
    "ownedBy": "82d7c228-8bcd-11e9-a94b-ab3de8494987",
    "uploadedOn": "2023-09-12T20:59:47.694353Z",
    "isPrivate": false,
    "status": "active",
    "createdBy": "82d7c228-8bcd-11e9-a94b-ab3de8494987",
    "updatedBy": "82d7c228-8bcd-11e9-a94b-ab3de8494987",
    "createdOn": "2023-09-12T20:59:47.694353Z",
    "updatedOn": "2023-09-12T20:59:47.694353Z"
  }
]

Get Issue Comments

Request

GET /{issueId}/comments

Description

Retrieves all comments from an issue’s Activity Feed, including details such as author, timestamp, and message content.

Security
oauth2
Path
issueIdstringrequired

Unique ID of the issue.

curl -i -X GET \
  'https://developer.hyperproof.app/_mock/hyperproof-api/issues/issues.openapi/{issueId}/comments' \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>'

Responses

Success.

Bodyapplication/jsonArray [
idstring(uuid)

The unique identifier for the comment.

Example: "ad21d858-c271-4c6d-8780-fecf6b16e534"
orgIdstring(uuid)

The unique identifier for the organization the comment belongs to.

Example: "ad21d858-c271-4c6d-8780-fecf6b16e534"
commentTextFormattedstring

The formatted text of the comment.

Example: "This is a comment mentioning a user {{user:53c8880a-7e14-4493-a392-0f10bf11cfce}}"
objectIdstring(uuid)

The unique identifier of the object the comment is attached to.

Example: "ad21d858-c271-4c6d-8780-fecf6b16e534"
objectTypestring(ObjectType)

The type of the object.

Enum"audit""connection""control""controlScope""domain""freshnessHistory""exportFile""label""organization""organizationUser"
statusstring(ObjectStatus)

The status of the object

Enum"active""archived"
createdBystring(uuid)

The unique identifier of the user who created the comment.

Example: "554fbf38-f579-4cc8-819f-6377bd9defcb"
updatedBystring(uuid)

The unique identifier of the user who last updated the comment.

Example: "53c8880a-7e14-4493-a392-0f10bf11cfce"
createdOnstring(date-time)

The date and time the comment was created (ISO-8601 format).

Example: "2024-06-23T19:37:23+0000"
updatedOnstring(date-time)

The date and time the comment was last updated (ISO-8601 format).

Example: "2024-06-27T22:28:30+0000"
sourceUpdatedOnstring(date-time)

The date and time the comment was updated in teh source system (ISO-8601 format).

deletedOnstring(date-time)

The date and time the comment was deleted (ISO-8601 format).

isInternalboolean

Whether the comment is internal-only and not visible to external auditors.

]
Response
application/json
[
  {
    "id": "ad21d858-c271-4c6d-8780-fecf6b16e534",
    "orgId": "ad21d858-c271-4c6d-8780-fecf6b16e534",
    "commentTextFormatted": "This is a comment mentioning a user {{user:53c8880a-7e14-4493-a392-0f10bf11cfce}}",
    "objectId": "ad21d858-c271-4c6d-8780-fecf6b16e534",
    "objectType": "task",
    "status": "active",
    "createdBy": "554fbf38-f579-4cc8-819f-6377bd9defcb",
    "updatedBy": "53c8880a-7e14-4493-a392-0f10bf11cfce",
    "createdOn": "2024-06-23T19:37:23+0000",
    "updatedOn": "2024-06-27T22:28:30+0000"
  }
]

Add Issue Comment

Request

POST /{issueId}/comments

Description

Adds a new comment to a specified issue via the issue's Activity Feed, recording the comment’s content, author, and timestamp.

Security
oauth2
Path
issueIdstringrequired

Unique ID of the issue.

Bodyapplication/json
commentTextFormattedstringrequired

The formatted text for the comment.

Example: "The audit is completed."
isInternalCommentboolean

Whether the comment is internal-only. Internal comments are not visible to external auditors.

Example: true
objectTypestring(ObjectType)

The type of the object.

Enum"audit""connection""control""controlScope""domain""freshnessHistory""exportFile""label""organization""organizationUser"
objectIdstring

The object identifier the comment is attached to.

Example: "82d7c228-8bcd-11e9-a94b-ab3de849498z"
sourceCommentIdstring

The identifier of the comment in the external system from which it was synced.

sourceUpdatedOnstring

The date and time of the source for the comment (ISO-8601 format).

curl -i -X POST \
  'https://developer.hyperproof.app/_mock/hyperproof-api/issues/issues.openapi/{issueId}/comments' \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>' \
  -H 'Content-Type: application/json' \
  -d '{
    "commentTextFormatted": "The audit is completed.",
    "isInternalComment": true,
    "objectId": "82d7c228-8bcd-11e9-a94b-ab3de849498z",
    "objectType": "risk"
  }'

Responses

Success.

Bodyapplication/json
idstring(uuid)

The unique identifier of the activity

Example: "a3f89b48-9ae1-4852-a229-c4aea92230b0"
orgIdstring(uuid)

The unique identifier for the organization the activity belongs to.

Example: "ce83e3cd-5199-11ee-a644-522476618ae8"
typestring

The type of the activity.

Enum"event""comment"
Example: "comment"
messagestring

The description of this event.

Example: "This is a comment"
objectIdstring(uuid)

The unique identifier of the object related to the activity.

Example: "16d22ded-88ac-4f5c-bc99-8064d9fc44d7"
objectTypestring(ObjectType)

The type of the object.

Enum"audit""connection""control""controlScope""domain""freshnessHistory""exportFile""label""organization""organizationUser"
statusstring

The current status of the activity.

Enum"active""deleted""pending""canceled"
Example: "active"
createdBystring(uuid)

The unique identifier of the user who created the activity.

Example: "82d7c228-8bcd-11e9-a94b-ab3de8494987"
createdOnstring(date-time)

The date and time the activity was created (ISO-8601 format).

Example: "2023-09-12T18:26:10.005365Z"
updatedBystring(uuid)

The unique identifier of the user who last updated the activity.

Example: "82d7c228-8bcd-11e9-a94b-ab3de8494987"
updatedOnstring(date-time)

The date and time the activity was last updated (ISO-8601 format).

Example: "2023-09-12T18:26:10.005365Z"
Response
application/json
{
  "id": "a3f89b48-9ae1-4852-a229-c4aea92230b0",
  "orgId": "ce83e3cd-5199-11ee-a644-522476618ae8",
  "type": "comment",
  "message": "This is a comment",
  "objectId": "16d22ded-88ac-4f5c-bc99-8064d9fc44d7",
  "objectType": "audit",
  "status": "active",
  "createdBy": "82d7c228-8bcd-11e9-a94b-ab3de8494987",
  "createdOn": "2023-09-12T18:26:10.005365Z",
  "updatedBy": "82d7c228-8bcd-11e9-a94b-ab3de8494987",
  "updatedOn": "2023-09-12T18:26:10.005365Z"
}

Update Issue Comment

Request

PATCH /{issueId}/comments/{commentId}

Description

Updates the content of an existing comment linked to an issue, modifying its text or related metadata.

Security
oauth2
Path
issueIdstringrequired

Unique ID of the issue.

commentIdstringrequired

Unique ID of the comment

Bodyapplication/json
commentTextFormattedstring

The formatted text of the comment.

Example: "The audit is completed."
isInternalCommentboolean

The flag indicating if the comment is internal-only and not visible to external auditors.

Example: true
curl -i -X PATCH \
  'https://developer.hyperproof.app/_mock/hyperproof-api/issues/issues.openapi/{issueId}/comments/{commentId}' \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>' \
  -H 'Content-Type: application/json' \
  -d '{
    "commentTextFormatted": "The audit is completed.",
    "isInternalComment": true,
    "objectId": "82d7c228-8bcd-11e9-a94b-ab3de849498z"
  }'

Responses

Success.

Bodyapplication/json
idstring(uuid)

The unique identifier of the activity

Example: "a3f89b48-9ae1-4852-a229-c4aea92230b0"
orgIdstring(uuid)

The unique identifier for the organization the activity belongs to.

Example: "ce83e3cd-5199-11ee-a644-522476618ae8"
typestring

The type of the activity.

Enum"event""comment"
Example: "comment"
messagestring

The description of this event.

Example: "This is a comment"
objectIdstring(uuid)

The unique identifier of the object related to the activity.

Example: "16d22ded-88ac-4f5c-bc99-8064d9fc44d7"
objectTypestring(ObjectType)

The type of the object.

Enum"audit""connection""control""controlScope""domain""freshnessHistory""exportFile""label""organization""organizationUser"
statusstring

The current status of the activity.

Enum"active""deleted""pending""canceled"
Example: "active"
createdBystring(uuid)

The unique identifier of the user who created the activity.

Example: "82d7c228-8bcd-11e9-a94b-ab3de8494987"
createdOnstring(date-time)

The date and time the activity was created (ISO-8601 format).

Example: "2023-09-12T18:26:10.005365Z"
updatedBystring(uuid)

The unique identifier of the user who last updated the activity.

Example: "82d7c228-8bcd-11e9-a94b-ab3de8494987"
updatedOnstring(date-time)

The date and time the activity was last updated (ISO-8601 format).

Example: "2023-09-12T18:26:10.005365Z"
Response
application/json
{
  "id": "a3f89b48-9ae1-4852-a229-c4aea92230b0",
  "orgId": "ce83e3cd-5199-11ee-a644-522476618ae8",
  "type": "comment",
  "message": "This is a comment",
  "objectId": "16d22ded-88ac-4f5c-bc99-8064d9fc44d7",
  "objectType": "audit",
  "status": "active",
  "createdBy": "82d7c228-8bcd-11e9-a94b-ab3de8494987",
  "createdOn": "2023-09-12T18:26:10.005365Z",
  "updatedBy": "82d7c228-8bcd-11e9-a94b-ab3de8494987",
  "updatedOn": "2023-09-12T18:26:10.005365Z"
}

Delete Issue Comment

Request

DEL /{issueId}/comments/{commentId}

Description

Deletes a specified comment from an issue, removing its content and associated metadata from the issue’s Activity Feed.

Security
oauth2
Path
issueIdstringrequired

Unique ID of the issue.

commentIdstringrequired

Unique ID of the comment

curl -i -X DELETE \
  'https://developer.hyperproof.app/_mock/hyperproof-api/issues/issues.openapi/{issueId}/comments/{commentId}' \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>'

Responses

Success.

Bodyapplication/json
idstring(uuid)

The unique identifier of the activity

Example: "a3f89b48-9ae1-4852-a229-c4aea92230b0"
orgIdstring(uuid)

The unique identifier for the organization the activity belongs to.

Example: "ce83e3cd-5199-11ee-a644-522476618ae8"
typestring

The type of the activity.

Enum"event""comment"
Example: "comment"
messagestring

The description of this event.

Example: "This is a comment"
objectIdstring(uuid)

The unique identifier of the object related to the activity.

Example: "16d22ded-88ac-4f5c-bc99-8064d9fc44d7"
objectTypestring(ObjectType)

The type of the object.

Enum"audit""connection""control""controlScope""domain""freshnessHistory""exportFile""label""organization""organizationUser"
statusstring

The current status of the activity.

Enum"active""deleted""pending""canceled"
Example: "active"
createdBystring(uuid)

The unique identifier of the user who created the activity.

Example: "82d7c228-8bcd-11e9-a94b-ab3de8494987"
createdOnstring(date-time)

The date and time the activity was created (ISO-8601 format).

Example: "2023-09-12T18:26:10.005365Z"
updatedBystring(uuid)

The unique identifier of the user who last updated the activity.

Example: "82d7c228-8bcd-11e9-a94b-ab3de8494987"
updatedOnstring(date-time)

The date and time the activity was last updated (ISO-8601 format).

Example: "2023-09-12T18:26:10.005365Z"
Response
application/json
{
  "id": "a3f89b48-9ae1-4852-a229-c4aea92230b0",
  "orgId": "ce83e3cd-5199-11ee-a644-522476618ae8",
  "type": "comment",
  "message": "This is a comment",
  "objectId": "16d22ded-88ac-4f5c-bc99-8064d9fc44d7",
  "objectType": "audit",
  "status": "active",
  "createdBy": "82d7c228-8bcd-11e9-a94b-ab3de8494987",
  "createdOn": "2023-09-12T18:26:10.005365Z",
  "updatedBy": "82d7c228-8bcd-11e9-a94b-ab3de8494987",
  "updatedOn": "2023-09-12T18:26:10.005365Z"
}
® 2026 Hyperproof All Rights Reserved.