Skip to content
/
Get supplier's remediatio...

papi (2)

Panorays Public API

Download OpenAPI description
swagger.json
swagger.yaml
Overview
Support
support@panorays.com
Languages
Servers
Mock server
https://panorays-papi-v2-documentation.redocly.app/_mock/swagger
https://api.panoraysapp.com

Supplier

Use these routes to access and update your suppliers.

Operations

Segment

Operations

Posture

Operations

Portfolio

Operations

Asset

Operations

Finding

Operations

RemediationTasks

Operations

Get remediation task by id

Request

THis endpoint is used to get a specific remediation task of a supplier by id.

Security
bearer
Path
supplierIdstringrequired
taskIdstringrequired
Query
fieldsstring
Enum"company_id""supplier_id""type""issue_id""created_by""start_date""end_date""due_date""status""description"
enrichstring
Enum"created_by""pocs""criterion_id""finding_id""company_id""question_id""inquiry_id"
curl -i -X GET \
  'https://panorays-papi-v2-documentation.redocly.app/_mock/swagger/v2/suppliers/{supplierId}/remediation/{taskId}?fields=company_id&enrich=created_by' \
  -H 'Authorization: Bearer <YOUR_JWT_HERE>'

Responses

Supplier remediation task

Bodyapplication/json
status_reasonobject(StatusReason)
accountobject(AccountInfo)
companyobject(CompanyInfo)
questionobject(QuestionInfo)
criterionobject(CriterionInfo)
findingsArray of objects(FindingInfo)
idstringrequired
company_idstringrequired
supplier_idstringrequired
typestringrequired
issue_idstringrequired
created_bystringrequired
start_datestringrequired
end_datestringrequired
due_datestringrequired
statusstringrequired
descriptionstringrequired
prioritystringrequired
pocsArray of stringsrequired
titlestringrequired
created_atstringrequired
updated_atstringrequired
inquiry_idstringrequired
question_idstringrequired
criterion_idstring
Response
application/json
{
  "status_reason": {
    "reason": "string",
    "file_id": "string",
    "file_name": "string",
    "added_by": "string",
    "created_at": "string",
    "updated_at": "string"
  },
  "account": {
    "full_name": "string",
    "account_id": "string",
    "email": "string"
  },
  "company": {
    "id": "string",
    "name": "string"
  },
  "question": {
    "type": "FreeText",
    "text": "string",
    "category": "string",
    "question_id": "string",
    "template_id": "string",
    "template_name": "string"
  },
  "criterion": {
    "severity": "INFO",
    "criterion_id": "string",
    "name": "string",
    "company_id": "string",
    "segment_id": "string",
    "rating": 0,
    "reduced_points": 0,
    "total_points": 0,
    "assets_tested": 0,
    "subcategories": [ … ],
    "weight": 0,
    "weight_with_findings": 0,
    "findings_count": 0,
    "points_gain": 0,
    "points_diff": 0,
    "created_at": "string",
    "updated_at": "string"
  },
  "findings": [
    { … }
  ],
  "id": "string",
  "company_id": "string",
  "supplier_id": "string",
  "type": "string",
  "issue_id": "string",
  "created_by": "string",
  "start_date": "string",
  "end_date": "string",
  "due_date": "string",
  "status": "string",
  "description": "string",
  "priority": "string",
  "pocs": [
    "string"
  ],
  "title": "string",
  "created_at": "string",
  "updated_at": "string",
  "inquiry_id": "string",
  "question_id": "string",
  "criterion_id": "string"
}

Get supplier's remediation tasks

Request

The endpoint will retrieve all the remediation tasks of a specific supplier

Path
supplierIdstringrequired

Id of the supplier

Query
limitnumber[ 1 .. 50 ]

Number of records to return in the response

Default 50
sortByArray of strings

Name of the field to sort by

sortDirectionstring

The direction of the field sort specified by sort_by

Enum"ASC""asc""1""DESC""desc""-1"
next_tokenstring

Token received from a previous request to obtain the next chunk of data

segmentIdstring

SegmentId to filter tasks

fieldsArray of strings

Suppliers will only contain specified fields (all if none)

Items Enum"company_id""supplier_id""type""issue_id""created_by""start_date""end_date""due_date""status""description"
enrichArray of strings

Fields to enrich in the response. Supported values: criterion_id, question_id

Default ["question_id"]
Items Enum"criterion_id""question_id"
typestring
Enum"CRITERION_REMEDIATION""QUESTION_REMEDIATION""INTERNAL_GENERAL""EXTERNAL_GENERAL""REVIEW_SUPPLIER"
gtestring
ltestring
gtstring
ltstring
curl -i -X GET \
  'https://panorays-papi-v2-documentation.redocly.app/_mock/swagger/v2/suppliers/{supplierId}/remediation?limit=50&sortBy=string&sortDirection=ASC&next_token=string&segmentId=string&fields=company_id&enrich=question_id&type=CRITERION_REMEDIATION&gte=string&lte=string&gt=string&lt=string'

Responses

All found remediation tasks.

Bodyapplication/jsonArray [
statusstringrequired
Enum"TO_DO""IN_PROGRESS""DECLINE""CLAIM_AS_DONE""ACCEPT_RISK""DONE"
status_reasonobject(StatusReason)
accountobject(AccountInfo)
companyobject(CompanyInfo)
questionobject(QuestionInfo)
criterionobject(CriterionInfo)
idstringrequired
company_idstringrequired
supplier_idstringrequired
typestringrequired
issue_idstringrequired
created_bystringrequired
start_datestringrequired
end_datestringrequired
due_datestringrequired
descriptionstringrequired
prioritystringrequired
pocsArray of stringsrequired
titlestringrequired
created_atstringrequired
updated_atstringrequired
inquiry_idstringrequired
question_idstringrequired
criterion_idstring
]
Response
application/json
[
  {
    "status": "TO_DO",
    "status_reason": { … },
    "account": { … },
    "company": { … },
    "question": { … },
    "criterion": { … },
    "id": "string",
    "company_id": "string",
    "supplier_id": "string",
    "type": "string",
    "issue_id": "string",
    "created_by": "string",
    "start_date": "string",
    "end_date": "string",
    "due_date": "string",
    "description": "string",
    "priority": "string",
    "pocs": [ … ],
    "title": "string",
    "created_at": "string",
    "updated_at": "string",
    "inquiry_id": "string",
    "question_id": "string",
    "criterion_id": "string"
  }
]

Get suppliers remediation tasks

Request

The endpoint retrieves all the remediation task of all suppliers

Query
limitnumber[ 1 .. 50 ]

Number of records to return in the response

Default 50
sortByArray of strings

Name of the field to sort by

sortDirectionstring

The direction of the field sort specified by sort_by

Enum"ASC""asc""1""DESC""desc""-1"
next_tokenstring

Token received from a previous request to obtain the next chunk of data

fieldsArray of strings

Suppliers will only contain specified fields (all if none)

Items Enum"company_id""supplier_id""type""issue_id""created_by""start_date""end_date""due_date""status""description"
enrichArray of strings

Fields to enrich in the response. Supported values: criterion_id, question_id

Default ["question_id"]
Items Enum"criterion_id""question_id"
typestring
Enum"CRITERION_REMEDIATION""QUESTION_REMEDIATION""INTERNAL_GENERAL""EXTERNAL_GENERAL""REVIEW_SUPPLIER"
curl -i -X GET \
  'https://panorays-papi-v2-documentation.redocly.app/_mock/swagger/v2/suppliers/remediation?limit=50&sortBy=string&sortDirection=ASC&next_token=string&fields=company_id&enrich=question_id&type=CRITERION_REMEDIATION'

Responses

All found remediation tasks.

Bodyapplication/jsonArray [
statusstringrequired
Enum"TO_DO""IN_PROGRESS""DECLINE""CLAIM_AS_DONE""ACCEPT_RISK""DONE"
status_reasonobject(StatusReason)
accountobject(AccountInfo)
companyobject(CompanyInfo)
questionobject(QuestionInfo)
criterionobject(CriterionInfo)
idstringrequired
company_idstringrequired
supplier_idstringrequired
typestringrequired
issue_idstringrequired
created_bystringrequired
start_datestringrequired
end_datestringrequired
due_datestringrequired
descriptionstringrequired
prioritystringrequired
pocsArray of stringsrequired
titlestringrequired
created_atstringrequired
updated_atstringrequired
inquiry_idstringrequired
question_idstringrequired
criterion_idstring
]
Response
application/json
[
  {
    "status": "TO_DO",
    "status_reason": { … },
    "account": { … },
    "company": { … },
    "question": { … },
    "criterion": { … },
    "id": "string",
    "company_id": "string",
    "supplier_id": "string",
    "type": "string",
    "issue_id": "string",
    "created_by": "string",
    "start_date": "string",
    "end_date": "string",
    "due_date": "string",
    "description": "string",
    "priority": "string",
    "pocs": [ … ],
    "title": "string",
    "created_at": "string",
    "updated_at": "string",
    "inquiry_id": "string",
    "question_id": "string",
    "criterion_id": "string"
  }
]

BusinessInformation

Operations

File

Operations

Questionnaire

Operations

RiskInsights

Operations

BusinessSnapshot

Operations

Relationship

Operations

Licenses

Operations

Templates

Operations

Activity Center

Operations

Tags

Tag actions (Create, Delete, Get, Update) apply to company tags only. Tags can’t be updated via the supplier endpoint, as they may link to multiple suppliers. When a company tag is updated/deleted, all associated suppliers are automatically updated — no separate supplier update is needed.

Operations

Factors

Operations

CyberNewsArticles

Operations

DarkWebMentions

Operations

ReEvaluation

Operations

Webhooks Intro

The hook api provides a simple way of registering to events that happen with your suppliers

Getting Started

The following steps will walk you through the process of registering and reacting to webhooks.

  1. Register an API token

If you don’t already have an API token, you can generate one through Panorays platform or contact Panorays Support at support@panorays.com.

  1. Register your app

Before you can start receiving events, register your application with Panorays using the Handshake API call.

  1. Subscribe to relevant events

You will only receive event calls for events you subscribe to using the Subscribe API call.
Note: You can unsubscribe at any time using the Unsubscribe API call.

  1. Start receiving events

You're done! From now on, you will receive notifications for every event you subscribed to.

To learn how to secure your app and ensure you handle events only from Panorays, read about Verifying requests.

Verify Requests

Panorays signs every request with a secret that's unique to your service account, using this secret you can verify that the incoming request arrived from Panorays servers.

Handshake

Operations

Subscription

Operations