Skip to content
Hyperproof API
/
/
Update Vendors

Vendors API (1.0)

Provides access to the vendors that are part of a Hyperproof organization.

Download OpenAPI description
vendors.openapi.json
vendors.openapi.yaml
Languages
Servers
Mock server
https://developer.hyperproof.app/_mock/hyperproof-api/vendors/vendors.openapi
Hyperproof US
https://api.hyperproof.app/v1/vendors
Hyperproof Gov
https://api.hyperproofgov.app/v1/vendors
Hyperproof EU
https://api.hyperproof.eu/v1/vendors

Get Vendors

Request

GET /[?status]

Description

Retrieves detailed information about all vendors within an organization, including their profiles, statuses, and associated metadata.

Security
oauth2
Query
statusstring

Filters vendors by the provided object status

curl -i -X GET \
  'https://developer.hyperproof.app/_mock/hyperproof-api/vendors/vendors.openapi/?status=string' \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>'

Responses

Success.

Bodyapplication/jsonArray [
idstring

The unique identifier for the vendor.

Example: "f96d2b0c-9894-49ca-b26a-afd53268e760"
orgIdstring

The unique identifier for the organization.

Example: "f5cd56b9-6725-4d1a-88ad-e7486240fbd3"
namestring

The name of the vendor.

Example: "Hyperproof"
categorystring

The category of the vendor.

Example: "Compliance"
ownerIdstring

The unique identifier for the owner of the vendor.

Example: "e99e616e-6211-22ff-b755-633587729bf9"
vendorStatusstring(VendorStatus)

The current state of the vendor.

Enum"notSet""preassessment""approved""active""inactive""expired""rejected"
tolerancestring(VendorTolerance)

The tolerance of the vendor.

Enum"notSet""veryHigh""high""moderate""low""veryLow"
assessedRiskLevelstring(VendorRiskLevel)

The risk level of the vendor.

Enum"notSet""veryHigh""high""moderate""low""veryLow"
assessedRiskLevelValuenumber(double)

The numeric value associated with the assessed risk level.

Example: 40
riskLevelstring(VendorRiskLevel)

The risk level of the vendor.

Enum"notSet""veryHigh""high""moderate""low""veryLow"
riskLevelIsOverriddenboolean

Flag indicating whether the calculated risk level has been overridden.

riskLevelOverrideReasoningstring

The reasoning provided for overriding the calculated risk level.

riskLevelOverriddenBystring

The unique identifier for the user who overrode the risk level.

Example: "e99e616e-6211-22ff-b755-633587729bf9"
riskLevelOverriddenOnstring

The date when the risk level was overridden (ISO 8601 format).

Example: "2024-09-04T12:00:00Z"
healthstring(Health)

Health status

Enum"critical""atRisk""healthy""notAvailable"
contractStartDatestring

The start date of the vendor contract (ISO 8601 format).

Example: "2024-09-04T12:00:00Z"
contractEndDatestring

The end date of the vendor contract (ISO 8601 format).

Example: "2025-09-04T12:00:00Z"
freshnessPolicystring(FreshnessPolicy)

The freshness policy of an object. Set to 'manual' with a 'freshAsOfDate' value otherwise 'freshness' will be set to 'unknown'.

Enum"none""manual"
freshForDurationstring

The duration after which vendor becomes stale.

Example: "PT720H"
freshnessstring(Freshness)

The freshness status of an object. Cannot be set if 'freshnessPolicy' is 'none' and 'freshAsOfDate' is null.

Enum"noFreshness""fresh""expired""unknown"
freshAsOfDatestring

The date when the vendor was last marked 'fresh'.

Example: "2025-01-12T18:26:10.00.5365Z"
freshAsOfNotestring

The note populated when the vendor was marked 'fresh'.

Example: "Initial freshness set"
customFieldsArray of objects(CustomFieldObjectValue)
Example: [{"fieldId":"ceb912ab-519b-11ee-a644-522476618ae8","fieldName":"Sponsor","fieldType":"text","textValue":"John Smith"}]
contactsArray of objects(ExternalContactCollection)
Example: [{"id":"d88d505d-5199-11ee-a644-522476618ae8","orgId":"ce83e3cd-5199-11ee-a644-522476618ae8","givenName":"John","surname":"Smith","email":"john.smith@example.com","status":"active","objectType":"vendor","objectId":"e99e616e-6211-22ff-b755-633587729bf9","createdBy":"82d7c228-8bcd-11e9-a94b-ab3de8494987","createdOn":"2023-09-12T18:26:10.005365Z","updatedBy":"82d7c228-8bcd-11e9-a94b-ab3de8494987","updatedOn":"2023-09-12T18:26:10.005365Z","permissions":[]}]
createdBystring

The unique identifier of the user who created the vendor.

Example: "82d7c228-8bcd-11e9-a94b-ab3de8494987"
createdOnstring(date-time)

The date the vendor was created (ISO-8601 format).

Example: "2023-09-12T18:26:10.005365Z"
updatedBystring

The unique identifier of the user who last updated the vendor.

Example: "82d7c228-8bcd-11e9-a94b-ab3de8494987"
updatedOnstring(date-time)

The date the vendor was last updated (ISO-8601 format).

Example: "2023-09-12T18:26:10.005365Z"
statusstring(ObjectStatus)

The status of the object

Enum"active""archived"
]
Response
application/json
[
  {
    "id": "f96d2b0c-9894-49ca-b26a-afd53268e760",
    "orgId": "f5cd56b9-6725-4d1a-88ad-e7486240fbd3",
    "name": "Hyperproof",
    "category": "Compliance",
    "ownerId": "e99e616e-6211-22ff-b755-633587729bf9",
    "vendorStatus": "approved",
    "tolerance": "high",
    "assessedRiskLevel": "moderate",
    "assessedRiskLevelValue": "",
    "riskLevel": "moderate",
    "riskLevelIsOverridden": false,
    "riskLevelOverrideReasoning": "",
    "riskLevelOverriddenBy": "e99e616e-6211-22ff-b755-633587729bf9",
    "riskLevelOverriddenOn": "2024-09-04T12:00:00.0000000+00:00",
    "contractStartDate": "2024-09-04T12:00:00.0000000+00:00",
    "contractEndDate": "2025-09-04T12:00:00.0000000+00:00",
    "freshnessPolicy": "manual",
    "freshForDuration": "PT720H",
    "freshness": "fresh",
    "freshAsOfDate": "2025-01-12T18:26:10.00.5365Z",
    "freshAsOfNote": "Initial freshness set",
    "customFields": [],
    "contacts": [],
    "createdBy": "82d7c228-8bcd-11e9-a94b-ab3de8494987",
    "createdOn": "2023-09-12T18:26:10.0053650+00:00",
    "updatedBy": "82d7c228-8bcd-11e9-a94b-ab3de8494987",
    "updatedOn": "2023-09-12T18:26:10.0053650+00:00",
    "status": "active"
  }
]

Add Vendor

Request

POST /

Description

Creates a new vendor within an organization, adding its details and initializing it for use in vendor management processes.

Security
oauth2
Bodyapplication/json
namestringrequired

The name of the vendor.

Example: "Test Vendor from API"
categorystring

The category of the vendor.

Example: "API"
ownerIdstringrequired

The unique identifier for the user who will be the owner of the vendor.

Example: "e99e616e-6211-22ff-b755-633587729bf9"
groupIdstring

The unique identifier of the group to assign to the vendor.

vendorStatusstring(VendorStatus)required

The current state of the vendor.

Enum"notSet""preassessment""approved""active""inactive""expired""rejected"
tolerancestring(VendorTolerance)

The tolerance of the vendor.

Enum"notSet""veryHigh""high""moderate""low""veryLow"
contractStartDatestring(date-time)

The start date of the vendor's contract.

Example: "2024-09-04T12:00:00Z"
contractEndDatestring(date-time)

The end date of the vendor's contract.

Example: "2025-09-04T12:00:00Z"
contactsArray of objects(ExternalContactRequest)

List of external contacts to associate with the vendor.

Example: [{"givenName":"Jane","surname":"Doe","email":"jane.doe@example.com"}]
customFieldsArray of objects(CustomFieldObjectValuePatch)
Example: [{"fieldId":"ceb912ab-519b-11ee-a644-522476618ae8","textValue":"Antonio Moreno"}]
curl -i -X POST \
  https://developer.hyperproof.app/_mock/hyperproof-api/vendors/vendors.openapi/ \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>' \
  -H 'Content-Type: application/json' \
  -d '{
    "name": "Test Vendor from API",
    "category": "API",
    "ownerId": "e99e616e-6211-22ff-b755-633587729bf9",
    "vendorStatus": "approved",
    "tolerance": "high",
    "riskLevel": "moderate",
    "riskLevelIsOverridden": false,
    "riskLevelOverriddenBy": "",
    "contractStartDate": "2024-09-04T12:00:00.0000000+00:00",
    "contractEndDate": "2025-09-04T12:00:00.0000000+00:00",
    "contacts": [
      {
        "givenName": "Jane",
        "surname": "Doe",
        "email": "jane.doe@example.com"
      }
    ],
    "customFields": [
      {
        "fieldId": "ceb912ab-519b-11ee-a644-522476618ae8",
        "textValue": "Antonio Moreno"
      }
    ]
  }'

Responses

Success.

Bodyapplication/json
idstring

The unique identifier for the vendor.

Example: "f96d2b0c-9894-49ca-b26a-afd53268e760"
orgIdstring

The unique identifier for the organization.

Example: "f5cd56b9-6725-4d1a-88ad-e7486240fbd3"
namestring

The name of the vendor.

Example: "Hyperproof"
categorystring

The category of the vendor.

Example: "Compliance"
ownerIdstring

The unique identifier for the owner of the vendor.

Example: "e99e616e-6211-22ff-b755-633587729bf9"
vendorStatusstring(VendorStatus)

The current state of the vendor.

Enum"notSet""preassessment""approved""active""inactive""expired""rejected"
tolerancestring(VendorTolerance)

The tolerance of the vendor.

Enum"notSet""veryHigh""high""moderate""low""veryLow"
assessedRiskLevelstring(VendorRiskLevel)

The risk level of the vendor.

Enum"notSet""veryHigh""high""moderate""low""veryLow"
assessedRiskLevelValuenumber(double)

The numeric value associated with the assessed risk level.

Example: 40
riskLevelstring(VendorRiskLevel)

The risk level of the vendor.

Enum"notSet""veryHigh""high""moderate""low""veryLow"
riskLevelIsOverriddenboolean

Flag indicating whether the calculated risk level has been overridden.

riskLevelOverrideReasoningstring

The reasoning provided for overriding the calculated risk level.

riskLevelOverriddenBystring

The unique identifier for the user who overrode the risk level.

Example: "e99e616e-6211-22ff-b755-633587729bf9"
riskLevelOverriddenOnstring

The date when the risk level was overridden (ISO 8601 format).

Example: "2024-09-04T12:00:00Z"
healthstring(Health)

Health status

Enum"critical""atRisk""healthy""notAvailable"
contractStartDatestring

The start date of the vendor contract (ISO 8601 format).

Example: "2024-09-04T12:00:00Z"
contractEndDatestring

The end date of the vendor contract (ISO 8601 format).

Example: "2025-09-04T12:00:00Z"
freshnessPolicystring(FreshnessPolicy)

The freshness policy of an object. Set to 'manual' with a 'freshAsOfDate' value otherwise 'freshness' will be set to 'unknown'.

Enum"none""manual"
freshForDurationstring

The duration after which vendor becomes stale.

Example: "PT720H"
freshnessstring(Freshness)

The freshness status of an object. Cannot be set if 'freshnessPolicy' is 'none' and 'freshAsOfDate' is null.

Enum"noFreshness""fresh""expired""unknown"
freshAsOfDatestring

The date when the vendor was last marked 'fresh'.

Example: "2025-01-12T18:26:10.00.5365Z"
freshAsOfNotestring

The note populated when the vendor was marked 'fresh'.

Example: "Initial freshness set"
customFieldsArray of objects(CustomFieldObjectValue)
Example: [{"fieldId":"ceb912ab-519b-11ee-a644-522476618ae8","fieldName":"Sponsor","fieldType":"text","textValue":"John Smith"}]
contactsArray of objects(ExternalContactCollection)
Example: [{"id":"d88d505d-5199-11ee-a644-522476618ae8","orgId":"ce83e3cd-5199-11ee-a644-522476618ae8","givenName":"John","surname":"Smith","email":"john.smith@example.com","status":"active","objectType":"vendor","objectId":"e99e616e-6211-22ff-b755-633587729bf9","createdBy":"82d7c228-8bcd-11e9-a94b-ab3de8494987","createdOn":"2023-09-12T18:26:10.005365Z","updatedBy":"82d7c228-8bcd-11e9-a94b-ab3de8494987","updatedOn":"2023-09-12T18:26:10.005365Z","permissions":[]}]
createdBystring

The unique identifier of the user who created the vendor.

Example: "82d7c228-8bcd-11e9-a94b-ab3de8494987"
createdOnstring(date-time)

The date the vendor was created (ISO-8601 format).

Example: "2023-09-12T18:26:10.005365Z"
updatedBystring

The unique identifier of the user who last updated the vendor.

Example: "82d7c228-8bcd-11e9-a94b-ab3de8494987"
updatedOnstring(date-time)

The date the vendor was last updated (ISO-8601 format).

Example: "2023-09-12T18:26:10.005365Z"
statusstring(ObjectStatus)

The status of the object

Enum"active""archived"
Response
application/json
{
  "id": "f96d2b0c-9894-49ca-b26a-afd53268e760",
  "orgId": "f5cd56b9-6725-4d1a-88ad-e7486240fbd3",
  "name": "Hyperproof",
  "category": "Compliance",
  "ownerId": "e99e616e-6211-22ff-b755-633587729bf9",
  "vendorStatus": "approved",
  "tolerance": "high",
  "assessedRiskLevel": "moderate",
  "assessedRiskLevelValue": "",
  "riskLevel": "moderate",
  "riskLevelIsOverridden": false,
  "riskLevelOverrideReasoning": "",
  "riskLevelOverriddenBy": "e99e616e-6211-22ff-b755-633587729bf9",
  "riskLevelOverriddenOn": "2024-09-04T12:00:00.0000000+00:00",
  "contractStartDate": "2024-09-04T12:00:00.0000000+00:00",
  "contractEndDate": "2025-09-04T12:00:00.0000000+00:00",
  "freshnessPolicy": "manual",
  "freshForDuration": "PT720H",
  "freshness": "fresh",
  "freshAsOfDate": "2025-01-12T18:26:10.00.5365Z",
  "freshAsOfNote": "Initial freshness set",
  "customFields": [
    {}
  ],
  "contacts": [
    {}
  ],
  "createdBy": "82d7c228-8bcd-11e9-a94b-ab3de8494987",
  "createdOn": "2023-09-12T18:26:10.0053650+00:00",
  "updatedBy": "82d7c228-8bcd-11e9-a94b-ab3de8494987",
  "updatedOn": "2023-09-12T18:26:10.0053650+00:00",
  "status": "active"
}

Update Vendors

Request

PATCH /

Description

Updates all existing vendors within an organization, modifying their attributes such as names, descriptions, statuses, or risk information.

Security
oauth2
Bodyapplication/json
vendorIdsArray of stringsrequired

List of unique identifiers of the vendors to update.

Example: ["23b806db-bad2-4f7a-b8d1-ac1177909992","23b402db-bad2-4f7a-b8d1-ac1177909992"]
patchobject(VendorPatch)required
Example: {"name":"Test Vendor from API Update","category":"API Category 2","ownerId":"e99e616e-6211-22ff-b755-633587729bf9","vendorStatus":"approved","tolerance":"high","riskLevel":"moderate","riskLevelIsOverridden":true,"riskLevelOverrideReasoning":"Business decision to accept higher risk","contractStartDate":"2024-09-04T12:00:00Z","contractEndDate":"2025-09-04T12:00:00Z","freshnessPolicy":"manual","freshForDuration":"PT720H","freshness":"fresh","freshAsOfDate":"2025-01-12T18:26:10.00.5365Z","freshAsOfNote":"Updating expired vendor freshness","status":"active","customFields":[{"fieldId":"ceb912ab-519b-11ee-a644-522476618ae8","textValue":"Antonio Moreno"}]}
patch.​namestring

The name of the vendor.

Example: "Test Vendor from API Update"
patch.​categorystring

The category of the vendor. If set, clearCategory must not be set. If set to an empty string, the category will be cleared.

Example: "API Category 2"
patch.​clearCategoryboolean

Clears the category if 'true'. If set, category must not be set.

patch.​ownerIdstring

The unique identifier for the user who will be the owner of the vendor.

Example: "e99e616e-6211-22ff-b755-633587729bf9"
patch.​groupIdstring

The unique identifier of the group to assign to the vendor. If set, clearGroupId must not be set.

patch.​clearGroupIdboolean

Clears the group unique identifier if true. If set, groupId must not be set.

patch.​vendorStatusstring(VendorStatus)

The current state of the vendor.

Enum"notSet""preassessment""approved""active""inactive""expired""rejected"
patch.​tolerancestring(VendorTolerance)

The tolerance of the vendor.

Enum"notSet""veryHigh""high""moderate""low""veryLow"
patch.​riskLevelstring(VendorRiskLevel)

The risk level of the vendor.

Enum"notSet""veryHigh""high""moderate""low""veryLow"
patch.​riskLevelIsOverriddenboolean

Flag indicating whether the calculated risk level has been overridden.

Example: true
patch.​riskLevelOverrideReasoningstring

The reasoning provided for overriding the calculated risk level.

Example: "Business decision to accept higher risk"
patch.​contractStartDatestring(date-time)

The start date of the vendor's contract. If set, clearContractStartDate must not be set.

Example: "2024-09-04T12:00:00Z"
patch.​contractEndDatestring(date-time)

The end date of the vendor's contract. If set, clearContractEndDate must not be set.

Example: "2025-09-04T12:00:00Z"
patch.​clearContractStartDateboolean

Clears the contract start date if 'true'. If set, contractStartDate must not be set.

patch.​clearContractEndDateboolean

Clears the contract end date if 'true'. If set, contractEndDate must not be set.

patch.​freshnessPolicystring(FreshnessPolicy)

The freshness policy of an object. Set to 'manual' with a 'freshAsOfDate' value otherwise 'freshness' will be set to 'unknown'.

Enum"none""manual"
patch.​freshForDurationstring

Sets the duration after which the vendor becomes stale. Supply as a string in standard ISO-8601 duration format ex: P1Y3M2D or PT720H.

Example: "PT720H"
patch.​freshnessstring(Freshness)

The freshness status of an object. Cannot be set if 'freshnessPolicy' is 'none' and 'freshAsOfDate' is null.

Enum"noFreshness""fresh""expired""unknown"
patch.​freshAsOfDatestring

The date when the vendor is being marked 'fresh'.

Example: "2025-01-12T18:26:10.00.5365Z"
patch.​freshAsOfNotestring

The note to populate when the vendor is marked 'fresh'.

Example: "Updating expired vendor freshness"
patch.​resetFreshnessNotestring

The note to populate when freshness is reset.

patch.​statusstring(ObjectStatus)

The status of the object

Enum"active""archived"
patch.​customFieldsArray of objects(CustomFieldObjectValuePatch)
Example: [{"fieldId":"ceb912ab-519b-11ee-a644-522476618ae8","textValue":"Antonio Moreno"}]
curl -i -X PATCH \
  https://developer.hyperproof.app/_mock/hyperproof-api/vendors/vendors.openapi/ \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>' \
  -H 'Content-Type: application/json' \
  -d '{
    "vendorIds": [
      "string"
    ],
    "patch": {
      "name": "Test Vendor from API Update",
      "category": "API Category 2",
      "ownerId": "e99e616e-6211-22ff-b755-633587729bf9",
      "vendorStatus": "approved",
      "tolerance": "high",
      "riskLevel": "moderate",
      "riskLevelIsOverridden": false,
      "riskLevelOverriddenBy": "",
      "contractStartDate": "2024-09-04T12:00:00.0000000+00:00",
      "contractEndDate": "2025-09-04T12:00:00.0000000+00:00",
      "freshnessPolicy": "manual",
      "freshForDuration": "PT720H",
      "freshness": "fresh",
      "freshAsOfDate": "2025-01-12T18:26:10.00.5365Z",
      "freshAsOfNote": "Updating expired vendor freshness",
      "status": "active",
      "customFields": [
        {
          "fieldId": "ceb912ab-519b-11ee-a644-522476618ae8",
          "textValue": "Antonio Moreno"
        }
      ]
    }
  }'

Responses

Success.

Bodyapplication/json
idstring

The unique identifier for the vendor.

Example: "f96d2b0c-9894-49ca-b26a-afd53268e760"
orgIdstring

The unique identifier for the organization.

Example: "f5cd56b9-6725-4d1a-88ad-e7486240fbd3"
namestring

The name of the vendor.

Example: "Hyperproof"
categorystring

The category of the vendor.

Example: "Compliance"
ownerIdstring

The unique identifier for the owner of the vendor.

Example: "e99e616e-6211-22ff-b755-633587729bf9"
vendorStatusstring(VendorStatus)

The current state of the vendor.

Enum"notSet""preassessment""approved""active""inactive""expired""rejected"
tolerancestring(VendorTolerance)

The tolerance of the vendor.

Enum"notSet""veryHigh""high""moderate""low""veryLow"
assessedRiskLevelstring(VendorRiskLevel)

The risk level of the vendor.

Enum"notSet""veryHigh""high""moderate""low""veryLow"
assessedRiskLevelValuenumber(double)

The numeric value associated with the assessed risk level.

Example: 40
riskLevelstring(VendorRiskLevel)

The risk level of the vendor.

Enum"notSet""veryHigh""high""moderate""low""veryLow"
riskLevelIsOverriddenboolean

Flag indicating whether the calculated risk level has been overridden.

riskLevelOverrideReasoningstring

The reasoning provided for overriding the calculated risk level.

riskLevelOverriddenBystring

The unique identifier for the user who overrode the risk level.

Example: "e99e616e-6211-22ff-b755-633587729bf9"
riskLevelOverriddenOnstring

The date when the risk level was overridden (ISO 8601 format).

Example: "2024-09-04T12:00:00Z"
healthstring(Health)

Health status

Enum"critical""atRisk""healthy""notAvailable"
contractStartDatestring

The start date of the vendor contract (ISO 8601 format).

Example: "2024-09-04T12:00:00Z"
contractEndDatestring

The end date of the vendor contract (ISO 8601 format).

Example: "2025-09-04T12:00:00Z"
freshnessPolicystring(FreshnessPolicy)

The freshness policy of an object. Set to 'manual' with a 'freshAsOfDate' value otherwise 'freshness' will be set to 'unknown'.

Enum"none""manual"
freshForDurationstring

The duration after which vendor becomes stale.

Example: "PT720H"
freshnessstring(Freshness)

The freshness status of an object. Cannot be set if 'freshnessPolicy' is 'none' and 'freshAsOfDate' is null.

Enum"noFreshness""fresh""expired""unknown"
freshAsOfDatestring

The date when the vendor was last marked 'fresh'.

Example: "2025-01-12T18:26:10.00.5365Z"
freshAsOfNotestring

The note populated when the vendor was marked 'fresh'.

Example: "Initial freshness set"
customFieldsArray of objects(CustomFieldObjectValue)
Example: [{"fieldId":"ceb912ab-519b-11ee-a644-522476618ae8","fieldName":"Sponsor","fieldType":"text","textValue":"John Smith"}]
contactsArray of objects(ExternalContactCollection)
Example: [{"id":"d88d505d-5199-11ee-a644-522476618ae8","orgId":"ce83e3cd-5199-11ee-a644-522476618ae8","givenName":"John","surname":"Smith","email":"john.smith@example.com","status":"active","objectType":"vendor","objectId":"e99e616e-6211-22ff-b755-633587729bf9","createdBy":"82d7c228-8bcd-11e9-a94b-ab3de8494987","createdOn":"2023-09-12T18:26:10.005365Z","updatedBy":"82d7c228-8bcd-11e9-a94b-ab3de8494987","updatedOn":"2023-09-12T18:26:10.005365Z","permissions":[]}]
createdBystring

The unique identifier of the user who created the vendor.

Example: "82d7c228-8bcd-11e9-a94b-ab3de8494987"
createdOnstring(date-time)

The date the vendor was created (ISO-8601 format).

Example: "2023-09-12T18:26:10.005365Z"
updatedBystring

The unique identifier of the user who last updated the vendor.

Example: "82d7c228-8bcd-11e9-a94b-ab3de8494987"
updatedOnstring(date-time)

The date the vendor was last updated (ISO-8601 format).

Example: "2023-09-12T18:26:10.005365Z"
statusstring(ObjectStatus)

The status of the object

Enum"active""archived"
Response
application/json
{
  "id": "f96d2b0c-9894-49ca-b26a-afd53268e760",
  "orgId": "f5cd56b9-6725-4d1a-88ad-e7486240fbd3",
  "name": "Hyperproof",
  "category": "Compliance",
  "ownerId": "e99e616e-6211-22ff-b755-633587729bf9",
  "vendorStatus": "approved",
  "tolerance": "high",
  "assessedRiskLevel": "moderate",
  "assessedRiskLevelValue": "",
  "riskLevel": "moderate",
  "riskLevelIsOverridden": false,
  "riskLevelOverrideReasoning": "",
  "riskLevelOverriddenBy": "e99e616e-6211-22ff-b755-633587729bf9",
  "riskLevelOverriddenOn": "2024-09-04T12:00:00.0000000+00:00",
  "contractStartDate": "2024-09-04T12:00:00.0000000+00:00",
  "contractEndDate": "2025-09-04T12:00:00.0000000+00:00",
  "freshnessPolicy": "manual",
  "freshForDuration": "PT720H",
  "freshness": "fresh",
  "freshAsOfDate": "2025-01-12T18:26:10.00.5365Z",
  "freshAsOfNote": "Initial freshness set",
  "customFields": [
    {}
  ],
  "contacts": [
    {}
  ],
  "createdBy": "82d7c228-8bcd-11e9-a94b-ab3de8494987",
  "createdOn": "2023-09-12T18:26:10.0053650+00:00",
  "updatedBy": "82d7c228-8bcd-11e9-a94b-ab3de8494987",
  "updatedOn": "2023-09-12T18:26:10.0053650+00:00",
  "status": "active"
}

Get Vendors Filtered

Request

PUT /filter

Description

Retrieves a list of vendors that match the specified filter criteria, such as status, category, or risk level.

Security
oauth2
Bodyapplication/json
vendorIdsArray of stringsrequired

List of unique identifiers for vendors to return.

Example: ["23b806db-bad2-4f7a-b8d1-ac1177909992","23b402db-bad2-4f7a-b8d1-ac1177909992"]
curl -i -X PUT \
  https://developer.hyperproof.app/_mock/hyperproof-api/vendors/vendors.openapi/filter \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>' \
  -H 'Content-Type: application/json' \
  -d '{
    "vendorIds": [
      "string"
    ]
  }'

Responses

Success.

Bodyapplication/jsonArray [
idstring

The unique identifier for the vendor.

Example: "f96d2b0c-9894-49ca-b26a-afd53268e760"
orgIdstring

The unique identifier for the organization.

Example: "f5cd56b9-6725-4d1a-88ad-e7486240fbd3"
namestring

The name of the vendor.

Example: "Hyperproof"
categorystring

The category of the vendor.

Example: "Compliance"
ownerIdstring

The unique identifier for the owner of the vendor.

Example: "e99e616e-6211-22ff-b755-633587729bf9"
vendorStatusstring(VendorStatus)

The current state of the vendor.

Enum"notSet""preassessment""approved""active""inactive""expired""rejected"
tolerancestring(VendorTolerance)

The tolerance of the vendor.

Enum"notSet""veryHigh""high""moderate""low""veryLow"
assessedRiskLevelstring(VendorRiskLevel)

The risk level of the vendor.

Enum"notSet""veryHigh""high""moderate""low""veryLow"
assessedRiskLevelValuenumber(double)

The numeric value associated with the assessed risk level.

Example: 40
riskLevelstring(VendorRiskLevel)

The risk level of the vendor.

Enum"notSet""veryHigh""high""moderate""low""veryLow"
riskLevelIsOverriddenboolean

Flag indicating whether the calculated risk level has been overridden.

riskLevelOverrideReasoningstring

The reasoning provided for overriding the calculated risk level.

riskLevelOverriddenBystring

The unique identifier for the user who overrode the risk level.

Example: "e99e616e-6211-22ff-b755-633587729bf9"
riskLevelOverriddenOnstring

The date when the risk level was overridden (ISO 8601 format).

Example: "2024-09-04T12:00:00Z"
healthstring(Health)

Health status

Enum"critical""atRisk""healthy""notAvailable"
contractStartDatestring

The start date of the vendor contract (ISO 8601 format).

Example: "2024-09-04T12:00:00Z"
contractEndDatestring

The end date of the vendor contract (ISO 8601 format).

Example: "2025-09-04T12:00:00Z"
freshnessPolicystring(FreshnessPolicy)

The freshness policy of an object. Set to 'manual' with a 'freshAsOfDate' value otherwise 'freshness' will be set to 'unknown'.

Enum"none""manual"
freshForDurationstring

The duration after which vendor becomes stale.

Example: "PT720H"
freshnessstring(Freshness)

The freshness status of an object. Cannot be set if 'freshnessPolicy' is 'none' and 'freshAsOfDate' is null.

Enum"noFreshness""fresh""expired""unknown"
freshAsOfDatestring

The date when the vendor was last marked 'fresh'.

Example: "2025-01-12T18:26:10.00.5365Z"
freshAsOfNotestring

The note populated when the vendor was marked 'fresh'.

Example: "Initial freshness set"
customFieldsArray of objects(CustomFieldObjectValue)
Example: [{"fieldId":"ceb912ab-519b-11ee-a644-522476618ae8","fieldName":"Sponsor","fieldType":"text","textValue":"John Smith"}]
contactsArray of objects(ExternalContactCollection)
Example: [{"id":"d88d505d-5199-11ee-a644-522476618ae8","orgId":"ce83e3cd-5199-11ee-a644-522476618ae8","givenName":"John","surname":"Smith","email":"john.smith@example.com","status":"active","objectType":"vendor","objectId":"e99e616e-6211-22ff-b755-633587729bf9","createdBy":"82d7c228-8bcd-11e9-a94b-ab3de8494987","createdOn":"2023-09-12T18:26:10.005365Z","updatedBy":"82d7c228-8bcd-11e9-a94b-ab3de8494987","updatedOn":"2023-09-12T18:26:10.005365Z","permissions":[]}]
createdBystring

The unique identifier of the user who created the vendor.

Example: "82d7c228-8bcd-11e9-a94b-ab3de8494987"
createdOnstring(date-time)

The date the vendor was created (ISO-8601 format).

Example: "2023-09-12T18:26:10.005365Z"
updatedBystring

The unique identifier of the user who last updated the vendor.

Example: "82d7c228-8bcd-11e9-a94b-ab3de8494987"
updatedOnstring(date-time)

The date the vendor was last updated (ISO-8601 format).

Example: "2023-09-12T18:26:10.005365Z"
statusstring(ObjectStatus)

The status of the object

Enum"active""archived"
]
Response
application/json
[
  {
    "id": "f96d2b0c-9894-49ca-b26a-afd53268e760",
    "orgId": "f5cd56b9-6725-4d1a-88ad-e7486240fbd3",
    "name": "Hyperproof",
    "category": "Compliance",
    "ownerId": "e99e616e-6211-22ff-b755-633587729bf9",
    "vendorStatus": "approved",
    "tolerance": "high",
    "assessedRiskLevel": "moderate",
    "assessedRiskLevelValue": "",
    "riskLevel": "moderate",
    "riskLevelIsOverridden": false,
    "riskLevelOverrideReasoning": "",
    "riskLevelOverriddenBy": "e99e616e-6211-22ff-b755-633587729bf9",
    "riskLevelOverriddenOn": "2024-09-04T12:00:00.0000000+00:00",
    "contractStartDate": "2024-09-04T12:00:00.0000000+00:00",
    "contractEndDate": "2025-09-04T12:00:00.0000000+00:00",
    "freshnessPolicy": "manual",
    "freshForDuration": "PT720H",
    "freshness": "fresh",
    "freshAsOfDate": "2025-01-12T18:26:10.00.5365Z",
    "freshAsOfNote": "Initial freshness set",
    "customFields": [],
    "contacts": [],
    "createdBy": "82d7c228-8bcd-11e9-a94b-ab3de8494987",
    "createdOn": "2023-09-12T18:26:10.0053650+00:00",
    "updatedBy": "82d7c228-8bcd-11e9-a94b-ab3de8494987",
    "updatedOn": "2023-09-12T18:26:10.0053650+00:00",
    "status": "active"
  }
]

Get Vendor

Request

GET /{vendorId}

Description

Retrieves detailed information about a specific vendor by its ID, including its profile, status, and associated metadata.

Security
oauth2
Path
vendorIdstringrequired

Unique ID of the vendor.

curl -i -X GET \
  'https://developer.hyperproof.app/_mock/hyperproof-api/vendors/vendors.openapi/{vendorId}' \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>'

Responses

Success.

Bodyapplication/json
idstring

The unique identifier for the vendor.

Example: "f96d2b0c-9894-49ca-b26a-afd53268e760"
orgIdstring

The unique identifier for the organization.

Example: "f5cd56b9-6725-4d1a-88ad-e7486240fbd3"
namestring

The name of the vendor.

Example: "Hyperproof"
categorystring

The category of the vendor.

Example: "Compliance"
ownerIdstring

The unique identifier for the owner of the vendor.

Example: "e99e616e-6211-22ff-b755-633587729bf9"
vendorStatusstring(VendorStatus)

The current state of the vendor.

Enum"notSet""preassessment""approved""active""inactive""expired""rejected"
tolerancestring(VendorTolerance)

The tolerance of the vendor.

Enum"notSet""veryHigh""high""moderate""low""veryLow"
assessedRiskLevelstring(VendorRiskLevel)

The risk level of the vendor.

Enum"notSet""veryHigh""high""moderate""low""veryLow"
assessedRiskLevelValuenumber(double)

The numeric value associated with the assessed risk level.

Example: 40
riskLevelstring(VendorRiskLevel)

The risk level of the vendor.

Enum"notSet""veryHigh""high""moderate""low""veryLow"
riskLevelIsOverriddenboolean

Flag indicating whether the calculated risk level has been overridden.

riskLevelOverrideReasoningstring

The reasoning provided for overriding the calculated risk level.

riskLevelOverriddenBystring

The unique identifier for the user who overrode the risk level.

Example: "e99e616e-6211-22ff-b755-633587729bf9"
riskLevelOverriddenOnstring

The date when the risk level was overridden (ISO 8601 format).

Example: "2024-09-04T12:00:00Z"
healthstring(Health)

Health status

Enum"critical""atRisk""healthy""notAvailable"
contractStartDatestring

The start date of the vendor contract (ISO 8601 format).

Example: "2024-09-04T12:00:00Z"
contractEndDatestring

The end date of the vendor contract (ISO 8601 format).

Example: "2025-09-04T12:00:00Z"
freshnessPolicystring(FreshnessPolicy)

The freshness policy of an object. Set to 'manual' with a 'freshAsOfDate' value otherwise 'freshness' will be set to 'unknown'.

Enum"none""manual"
freshForDurationstring

The duration after which vendor becomes stale.

Example: "PT720H"
freshnessstring(Freshness)

The freshness status of an object. Cannot be set if 'freshnessPolicy' is 'none' and 'freshAsOfDate' is null.

Enum"noFreshness""fresh""expired""unknown"
freshAsOfDatestring

The date when the vendor was last marked 'fresh'.

Example: "2025-01-12T18:26:10.00.5365Z"
freshAsOfNotestring

The note populated when the vendor was marked 'fresh'.

Example: "Initial freshness set"
customFieldsArray of objects(CustomFieldObjectValue)
Example: [{"fieldId":"ceb912ab-519b-11ee-a644-522476618ae8","fieldName":"Sponsor","fieldType":"text","textValue":"John Smith"}]
contactsArray of objects(ExternalContactCollection)
Example: [{"id":"d88d505d-5199-11ee-a644-522476618ae8","orgId":"ce83e3cd-5199-11ee-a644-522476618ae8","givenName":"John","surname":"Smith","email":"john.smith@example.com","status":"active","objectType":"vendor","objectId":"e99e616e-6211-22ff-b755-633587729bf9","createdBy":"82d7c228-8bcd-11e9-a94b-ab3de8494987","createdOn":"2023-09-12T18:26:10.005365Z","updatedBy":"82d7c228-8bcd-11e9-a94b-ab3de8494987","updatedOn":"2023-09-12T18:26:10.005365Z","permissions":[]}]
createdBystring

The unique identifier of the user who created the vendor.

Example: "82d7c228-8bcd-11e9-a94b-ab3de8494987"
createdOnstring(date-time)

The date the vendor was created (ISO-8601 format).

Example: "2023-09-12T18:26:10.005365Z"
updatedBystring

The unique identifier of the user who last updated the vendor.

Example: "82d7c228-8bcd-11e9-a94b-ab3de8494987"
updatedOnstring(date-time)

The date the vendor was last updated (ISO-8601 format).

Example: "2023-09-12T18:26:10.005365Z"
statusstring(ObjectStatus)

The status of the object

Enum"active""archived"
Response
application/json
{
  "id": "f96d2b0c-9894-49ca-b26a-afd53268e760",
  "orgId": "f5cd56b9-6725-4d1a-88ad-e7486240fbd3",
  "name": "Hyperproof",
  "category": "Compliance",
  "ownerId": "e99e616e-6211-22ff-b755-633587729bf9",
  "vendorStatus": "approved",
  "tolerance": "high",
  "assessedRiskLevel": "moderate",
  "assessedRiskLevelValue": "",
  "riskLevel": "moderate",
  "riskLevelIsOverridden": false,
  "riskLevelOverrideReasoning": "",
  "riskLevelOverriddenBy": "e99e616e-6211-22ff-b755-633587729bf9",
  "riskLevelOverriddenOn": "2024-09-04T12:00:00.0000000+00:00",
  "contractStartDate": "2024-09-04T12:00:00.0000000+00:00",
  "contractEndDate": "2025-09-04T12:00:00.0000000+00:00",
  "freshnessPolicy": "manual",
  "freshForDuration": "PT720H",
  "freshness": "fresh",
  "freshAsOfDate": "2025-01-12T18:26:10.00.5365Z",
  "freshAsOfNote": "Initial freshness set",
  "customFields": [
    {}
  ],
  "contacts": [
    {}
  ],
  "createdBy": "82d7c228-8bcd-11e9-a94b-ab3de8494987",
  "createdOn": "2023-09-12T18:26:10.0053650+00:00",
  "updatedBy": "82d7c228-8bcd-11e9-a94b-ab3de8494987",
  "updatedOn": "2023-09-12T18:26:10.0053650+00:00",
  "status": "active"
}

Update Vendor

Request

PATCH /{vendorId}

Description

Updates an existing vendor with new values, modifying its attributes such as name, description, status, or risk information.

Security
oauth2
Path
vendorIdstringrequired

Unique ID of the vendor to update.

Bodyapplication/json
namestring

The name of the vendor.

Example: "Test Vendor from API Update"
categorystring

The category of the vendor. If set, clearCategory must not be set. If set to an empty string, the category will be cleared.

Example: "API Category 2"
clearCategoryboolean

Clears the category if 'true'. If set, category must not be set.

ownerIdstring

The unique identifier for the user who will be the owner of the vendor.

Example: "e99e616e-6211-22ff-b755-633587729bf9"
groupIdstring

The unique identifier of the group to assign to the vendor. If set, clearGroupId must not be set.

clearGroupIdboolean

Clears the group unique identifier if true. If set, groupId must not be set.

vendorStatusstring(VendorStatus)

The current state of the vendor.

Enum"notSet""preassessment""approved""active""inactive""expired""rejected"
tolerancestring(VendorTolerance)

The tolerance of the vendor.

Enum"notSet""veryHigh""high""moderate""low""veryLow"
riskLevelstring(VendorRiskLevel)

The risk level of the vendor.

Enum"notSet""veryHigh""high""moderate""low""veryLow"
riskLevelIsOverriddenboolean

Flag indicating whether the calculated risk level has been overridden.

Example: true
riskLevelOverrideReasoningstring

The reasoning provided for overriding the calculated risk level.

Example: "Business decision to accept higher risk"
contractStartDatestring(date-time)

The start date of the vendor's contract. If set, clearContractStartDate must not be set.

Example: "2024-09-04T12:00:00Z"
contractEndDatestring(date-time)

The end date of the vendor's contract. If set, clearContractEndDate must not be set.

Example: "2025-09-04T12:00:00Z"
clearContractStartDateboolean

Clears the contract start date if 'true'. If set, contractStartDate must not be set.

clearContractEndDateboolean

Clears the contract end date if 'true'. If set, contractEndDate must not be set.

freshnessPolicystring(FreshnessPolicy)

The freshness policy of an object. Set to 'manual' with a 'freshAsOfDate' value otherwise 'freshness' will be set to 'unknown'.

Enum"none""manual"
freshForDurationstring

Sets the duration after which the vendor becomes stale. Supply as a string in standard ISO-8601 duration format ex: P1Y3M2D or PT720H.

Example: "PT720H"
freshnessstring(Freshness)

The freshness status of an object. Cannot be set if 'freshnessPolicy' is 'none' and 'freshAsOfDate' is null.

Enum"noFreshness""fresh""expired""unknown"
freshAsOfDatestring

The date when the vendor is being marked 'fresh'.

Example: "2025-01-12T18:26:10.00.5365Z"
freshAsOfNotestring

The note to populate when the vendor is marked 'fresh'.

Example: "Updating expired vendor freshness"
resetFreshnessNotestring

The note to populate when freshness is reset.

statusstring(ObjectStatus)

The status of the object

Enum"active""archived"
customFieldsArray of objects(CustomFieldObjectValuePatch)
Example: [{"fieldId":"ceb912ab-519b-11ee-a644-522476618ae8","textValue":"Antonio Moreno"}]
curl -i -X PATCH \
  'https://developer.hyperproof.app/_mock/hyperproof-api/vendors/vendors.openapi/{vendorId}' \
  -H 'Authorization: Bearer <YOUR_TOKEN_HERE>' \
  -H 'Content-Type: application/json' \
  -d '{
    "name": "Test Vendor from API Update",
    "category": "API Category 2",
    "ownerId": "e99e616e-6211-22ff-b755-633587729bf9",
    "vendorStatus": "approved",
    "tolerance": "high",
    "riskLevel": "moderate",
    "riskLevelIsOverridden": false,
    "riskLevelOverriddenBy": "",
    "contractStartDate": "2024-09-04T12:00:00.0000000+00:00",
    "contractEndDate": "2025-09-04T12:00:00.0000000+00:00",
    "freshnessPolicy": "manual",
    "freshForDuration": "PT720H",
    "freshness": "fresh",
    "freshAsOfDate": "2025-01-12T18:26:10.00.5365Z",
    "freshAsOfNote": "Updating expired vendor freshness",
    "status": "active",
    "customFields": [
      {
        "fieldId": "ceb912ab-519b-11ee-a644-522476618ae8",
        "textValue": "Antonio Moreno"
      }
    ]
  }'

Responses

Success.

Bodyapplication/json
idstring

The unique identifier for the vendor.

Example: "f96d2b0c-9894-49ca-b26a-afd53268e760"
orgIdstring

The unique identifier for the organization.

Example: "f5cd56b9-6725-4d1a-88ad-e7486240fbd3"
namestring

The name of the vendor.

Example: "Hyperproof"
categorystring

The category of the vendor.

Example: "Compliance"
ownerIdstring

The unique identifier for the owner of the vendor.

Example: "e99e616e-6211-22ff-b755-633587729bf9"
vendorStatusstring(VendorStatus)

The current state of the vendor.

Enum"notSet""preassessment""approved""active""inactive""expired""rejected"
tolerancestring(VendorTolerance)

The tolerance of the vendor.

Enum"notSet""veryHigh""high""moderate""low""veryLow"
assessedRiskLevelstring(VendorRiskLevel)

The risk level of the vendor.

Enum"notSet""veryHigh""high""moderate""low""veryLow"
assessedRiskLevelValuenumber(double)

The numeric value associated with the assessed risk level.

Example: 40
riskLevelstring(VendorRiskLevel)

The risk level of the vendor.

Enum"notSet""veryHigh""high""moderate""low""veryLow"
riskLevelIsOverriddenboolean

Flag indicating whether the calculated risk level has been overridden.

riskLevelOverrideReasoningstring

The reasoning provided for overriding the calculated risk level.

riskLevelOverriddenBystring

The unique identifier for the user who overrode the risk level.

Example: "e99e616e-6211-22ff-b755-633587729bf9"
riskLevelOverriddenOnstring

The date when the risk level was overridden (ISO 8601 format).

Example: "2024-09-04T12:00:00Z"
healthstring(Health)

Health status

Enum"critical""atRisk""healthy""notAvailable"
contractStartDatestring

The start date of the vendor contract (ISO 8601 format).

Example: "2024-09-04T12:00:00Z"
contractEndDatestring

The end date of the vendor contract (ISO 8601 format).

Example: "2025-09-04T12:00:00Z"
freshnessPolicystring(FreshnessPolicy)

The freshness policy of an object. Set to 'manual' with a 'freshAsOfDate' value otherwise 'freshness' will be set to 'unknown'.

Enum"none""manual"
freshForDurationstring

The duration after which vendor becomes stale.

Example: "PT720H"
freshnessstring(Freshness)

The freshness status of an object. Cannot be set if 'freshnessPolicy' is 'none' and 'freshAsOfDate' is null.

Enum"noFreshness""fresh""expired""unknown"
freshAsOfDatestring

The date when the vendor was last marked 'fresh'.

Example: "2025-01-12T18:26:10.00.5365Z"
freshAsOfNotestring

The note populated when the vendor was marked 'fresh'.

Example: "Initial freshness set"
customFieldsArray of objects(CustomFieldObjectValue)
Example: [{"fieldId":"ceb912ab-519b-11ee-a644-522476618ae8","fieldName":"Sponsor","fieldType":"text","textValue":"John Smith"}]
contactsArray of objects(ExternalContactCollection)
Example: [{"id":"d88d505d-5199-11ee-a644-522476618ae8","orgId":"ce83e3cd-5199-11ee-a644-522476618ae8","givenName":"John","surname":"Smith","email":"john.smith@example.com","status":"active","objectType":"vendor","objectId":"e99e616e-6211-22ff-b755-633587729bf9","createdBy":"82d7c228-8bcd-11e9-a94b-ab3de8494987","createdOn":"2023-09-12T18:26:10.005365Z","updatedBy":"82d7c228-8bcd-11e9-a94b-ab3de8494987","updatedOn":"2023-09-12T18:26:10.005365Z","permissions":[]}]
createdBystring

The unique identifier of the user who created the vendor.

Example: "82d7c228-8bcd-11e9-a94b-ab3de8494987"
createdOnstring(date-time)

The date the vendor was created (ISO-8601 format).

Example: "2023-09-12T18:26:10.005365Z"
updatedBystring

The unique identifier of the user who last updated the vendor.

Example: "82d7c228-8bcd-11e9-a94b-ab3de8494987"
updatedOnstring(date-time)

The date the vendor was last updated (ISO-8601 format).

Example: "2023-09-12T18:26:10.005365Z"
statusstring(ObjectStatus)

The status of the object

Enum"active""archived"
Response
application/json
{
  "id": "f96d2b0c-9894-49ca-b26a-afd53268e760",
  "orgId": "f5cd56b9-6725-4d1a-88ad-e7486240fbd3",
  "name": "Hyperproof",
  "category": "Compliance",
  "ownerId": "e99e616e-6211-22ff-b755-633587729bf9",
  "vendorStatus": "approved",
  "tolerance": "high",
  "assessedRiskLevel": "moderate",
  "assessedRiskLevelValue": "",
  "riskLevel": "moderate",
  "riskLevelIsOverridden": false,
  "riskLevelOverrideReasoning": "",
  "riskLevelOverriddenBy": "e99e616e-6211-22ff-b755-633587729bf9",
  "riskLevelOverriddenOn": "2024-09-04T12:00:00.0000000+00:00",
  "contractStartDate": "2024-09-04T12:00:00.0000000+00:00",
  "contractEndDate": "2025-09-04T12:00:00.0000000+00:00",
  "freshnessPolicy": "manual",
  "freshForDuration": "PT720H",
  "freshness": "fresh",
  "freshAsOfDate": "2025-01-12T18:26:10.00.5365Z",
  "freshAsOfNote": "Initial freshness set",
  "customFields": [
    {}
  ],
  "contacts": [
    {}
  ],
  "createdBy": "82d7c228-8bcd-11e9-a94b-ab3de8494987",
  "createdOn": "2023-09-12T18:26:10.0053650+00:00",
  "updatedBy": "82d7c228-8bcd-11e9-a94b-ab3de8494987",
  "updatedOn": "2023-09-12T18:26:10.0053650+00:00",
  "status": "active"
}
® 2026 Hyperproof All Rights Reserved.