account-id and a vendor-list-id. Reads require viewer; writes require member or above.
Base path prefix: /vendor-assessments.
Get assessments
GET /vendor-assessments?account-id={uuid}&vendor-list-id={listId}
Returns all saved assessments for the list. Add
vendor-id, vendor-profile-id, or assessment-id to narrow the result.Create or update an assessment
POST | PUT /vendor-assessments?account-id={uuid}&vendor-list-id={listId}
Upserts an assessment. Identify the vendor via query or body (
vendor_id, vendor_profile_id, or vendor_name).compliance_approval_status values: not-started, in-progress, on-hold, approved, conditional approval, rejected. For conditional approvals, include conditional_approval_condition.
Delete an assessment
DELETE /vendor-assessments?account-id={uuid}&assessment-id={id}
Deletes an assessment.
assessment-id is preferred; vendor-id / vendor-profile-id are also supported.Evidence documents
GET /vendor-assessments/documents
Lists documents attached to an assessment.
GET /vendor-assessments/documents/upload-url
Returns a presigned upload URL (member+). Upload the file directly, then it’s attached to the assessment.
GET /vendor-assessments/documents/download-url
Returns a presigned download URL for a document.
DELETE /vendor-assessments/documents?document-id={id}
Removes a document.
Audit log
GET /vendor-assessments/audit-log?assessment-id={id}&page={n}&limit={n}
Returns the approval audit for an assessment.
event (event_id, created_at, submitted_by, changes), giving you a clean, event-level history. A flattened logs list is also returned for compatibility.