CISO Assistant API — Governance (0.7.0)

Download OpenAPI specification:

CISO Assistant - API Documentation for automating all your GRC needs

applied-controls

applied_controls_list

Override the list method to inject optimized data into the serializer context.

Authorizations:

knoxApiToken

query Parameters

assets	Array of strings <uuid> [ items <uuid > ]
category	Array of strings or null Items Enum: "--" "physical" "policy" "procedure" "process" "technical" `--` - -- `policy` - Policy `process` - Process `technical` - Technical `physical` - Physical `procedure` - Procedure
compliance_assessments	Array of strings
control_impact	Array of integers or null (Impact) Items Enum: "--" 1 2 3 4 5 `--` - -- `1` - Very Low `2` - Low `3` - Medium `4` - High `5` - Very High
csf_function	Array of strings or null Items Enum: "--" "detect" "govern" "identify" "protect" "recover" "respond" `--` - -- `govern` - Govern `identify` - Identify `protect` - Protect `detect` - Detect `respond` - Respond `recover` - Recover
effort	Array of strings or null Items Enum: "--" "L" "M" "S" "XL" "XS" Relative effort of the measure (using T-Shirt sizing) `--` - -- `XS` - Extra Small `S` - Small `M` - Medium `L` - Large `XL` - Extra Large
eta	string <date>
eta__gt	string <date>
eta__gte	string <date>
eta__lt	string <date>
eta__lte	string <date>
eta__month	number
eta__year	number
evidences	Array of strings <uuid> [ items <uuid > ]
filtering_labels	Array of strings <uuid> [ items <uuid > ]
findings	Array of strings <uuid> [ items <uuid > ]
findings_assessments	Array of strings
folder	Array of strings <uuid> [ items <uuid > ]
genericcollection	Array of strings <uuid> [ items <uuid > ]
id	Array of strings <uuid> [ items <uuid > ] Multiple values may be separated by commas.
is_assigned	boolean
limit	integer Number of results to return per page.
name	string
objectives	Array of strings <uuid> [ items <uuid > ]
offset	integer The initial index from which to return the results.
ordering	string Which field to use when ordering the results.
owner	Array of strings <uuid> [ items <uuid > ]
priority	Array of integers or null Items Enum: "--" 1 2 3 4 `--` - -- `1` - P1 `2` - P2 `3` - P3 `4` - P4
processings	Array of strings <uuid> [ items <uuid > ]
progress_field	integer
ref_id	string
reference_control	Array of strings <uuid> [ items <uuid > ]
requirement_assessments	Array of strings <uuid> [ items <uuid > ]
risk_assessments	Array of strings
risk_scenarios	Array of strings <uuid> [ items <uuid > ]
risk_scenarios_e	Array of strings <uuid> [ items <uuid > ]
search	string A search term.
security_exceptions	Array of strings <uuid> [ items <uuid > ]
stakeholders	Array of strings <uuid> [ items <uuid > ]
status	Array of strings Items Enum: "--" "active" "deprecated" "in_progress" "on_hold" "to_do" `to_do` - To do `in_progress` - In progress `on_hold` - On hold `active` - Active `deprecated` - Deprecated `--` - Undefined
to_review	boolean
todo	boolean

Responses

Response samples

200

Content type

application/json

{"count": 123,
"next": "http://api.example.org/accounts/?offset=400&limit=100",
"previous": "http://api.example.org/accounts/?offset=200&limit=100",
"results": [{"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"findings": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"requirement_assessments": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"stakeholders": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"task_templates": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"cost": null,
"path": "string",
"folder": "string",
"reference_control": "string",
"priority": "string",
"category": "string",
"csf_function": "string",
"evidences": ["string"
],
"objectives": ["string"
],
"effort": "string",
"control_impact": "string",
"annual_cost": "string",
"currency": "string",
"annual_cost_display": "string",
"filtering_labels": ["string"
],
"assets": ["string"
],
"ranking_score": 0,
"owner": ["string"
],
"security_exceptions": ["string"
],
"state": "string",
"findings_count": 0,
"is_assigned": true,
"created_at": "2019-08-24T14:15:22Z",
"updated_at": "2019-08-24T14:15:22Z",
"name": "string",
"description": "string",
"ref_id": "string",
"status": "to_do",
"start_date": "2019-08-24",
"eta": "2019-08-24",
"expiry_date": "2019-08-24",
"link": "string",
"progress_field": 100,
"is_published": true,
"observation": "string"
}
]
}

applied_controls_create

API endpoint that allows applied controls to be viewed or edited.

Authorizations:

knoxApiToken

Request Body schema:
application/json
required

findings	Array of strings <uuid> [ items <uuid > ]
requirement_assessments	Array of strings <uuid> [ items <uuid > ]
stakeholders	Array of strings <uuid> [ items <uuid > ]
task_templates	Array of strings <uuid> [ items <uuid > ]
cost	any or null
integration_config	string or null <uuid>
remote_object_id	string or null
create_remote_object	boolean Default: false
name required	string <= 200 characters
description	string or null
	(PriorityEnum (integer or null)) or (NullEnum (number or null)) [ 0 .. 9223372036854776000 ]
ref_id	string or null (Reference id) <= 100 characters
	(Category3aaEnum (string or null)) or (BlankEnum (any or null)) or (NullEnum (any or null))
	(CsfFunctionEnum (string or null)) or (BlankEnum (any or null)) or (NullEnum (any or null))
	Status817Enum (string) or BlankEnum (any)
start_date	string or null <date> Start date (useful for timeline)
eta	string or null <date> Estimated Time of Arrival
expiry_date	string or null <date> Date after which the applied control is no longer valid
link	string or null <= 2048 characters External url for action follow-up (eg. Jira ticket)
	(EffortEnum (string or null)) or (BlankEnum (any or null)) or (NullEnum (any or null)) Relative effort of the measure (using T-Shirt sizing) `XS` - Extra Small `S` - Small `M` - Medium `L` - Large `XL` - Extra Large
	(ControlImpactEnum (integer or null)) or (NullEnum (number or null)) (Impact) [ -9223372036854776000 .. 9223372036854776000 ]
progress_field	integer [ 0 .. 100 ]
is_published	boolean (Published)
observation	string or null
folder	string <uuid>
reference_control	string or null <uuid>
filtering_labels	Array of strings <uuid> (Labels) [ items <uuid > ]
evidences	Array of strings <uuid> [ items <uuid > ]
assets	Array of strings <uuid> [ items <uuid > ]
owner	Array of strings <uuid> [ items <uuid > ]
security_exceptions	Array of strings <uuid> [ items <uuid > ]
objectives	Array of strings <uuid> [ items <uuid > ]

Responses

Request samples

Payload

Content type

application/json

{"findings": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"requirement_assessments": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"stakeholders": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"task_templates": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"cost": null,
"integration_config": "5e649ba1-4285-43a3-bf51-91ac3b9d6a28",
"remote_object_id": "string",
"create_remote_object": false,
"name": "string",
"description": "string",
"priority": 1,
"ref_id": "string",
"category": "policy",
"csf_function": "govern",
"status": "to_do",
"start_date": "2019-08-24",
"eta": "2019-08-24",
"expiry_date": "2019-08-24",
"link": "string",
"effort": "XS",
"control_impact": 1,
"progress_field": 100,
"is_published": true,
"observation": "string",
"folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
"reference_control": "ea0f6407-4261-4b29-a0d5-a2d08832472a",
"filtering_labels": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"evidences": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"assets": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"owner": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"security_exceptions": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"objectives": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}

Response samples

201

Content type

application/json

{"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"findings": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"requirement_assessments": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"stakeholders": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"task_templates": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"cost": null,
"created_at": "2019-08-24T14:15:22Z",
"updated_at": "2019-08-24T14:15:22Z",
"name": "string",
"description": "string",
"priority": 1,
"ref_id": "string",
"category": "policy",
"csf_function": "govern",
"status": "to_do",
"start_date": "2019-08-24",
"eta": "2019-08-24",
"expiry_date": "2019-08-24",
"link": "string",
"effort": "XS",
"control_impact": 1,
"progress_field": 100,
"is_published": true,
"observation": "string",
"folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
"reference_control": "ea0f6407-4261-4b29-a0d5-a2d08832472a",
"filtering_labels": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"evidences": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"assets": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"owner": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"security_exceptions": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"objectives": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}

applied_controls_retrieve

Return a single object with unauthorized related fields masked.

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this Applied control.

Responses

Response samples

200

Content type

application/json

{"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"findings": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"requirement_assessments": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"stakeholders": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"task_templates": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"cost": null,
"path": "string",
"folder": "string",
"reference_control": "string",
"priority": "string",
"category": "string",
"csf_function": "string",
"evidences": ["string"
],
"objectives": ["string"
],
"effort": "string",
"control_impact": "string",
"annual_cost": "string",
"currency": "string",
"annual_cost_display": "string",
"filtering_labels": ["string"
],
"assets": ["string"
],
"ranking_score": 0,
"owner": ["string"
],
"security_exceptions": ["string"
],
"state": "string",
"findings_count": 0,
"is_assigned": true,
"created_at": "2019-08-24T14:15:22Z",
"updated_at": "2019-08-24T14:15:22Z",
"name": "string",
"description": "string",
"ref_id": "string",
"status": "to_do",
"start_date": "2019-08-24",
"eta": "2019-08-24",
"expiry_date": "2019-08-24",
"link": "string",
"progress_field": 100,
"is_published": true,
"observation": "string"
}

applied_controls_update

API endpoint that allows applied controls to be viewed or edited.

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this Applied control.

Request Body schema:
application/json
required

findings	Array of strings <uuid> [ items <uuid > ]
requirement_assessments	Array of strings <uuid> [ items <uuid > ]
stakeholders	Array of strings <uuid> [ items <uuid > ]
task_templates	Array of strings <uuid> [ items <uuid > ]
cost	any or null
integration_config	string or null <uuid>
remote_object_id	string or null
create_remote_object	boolean Default: false
name required	string <= 200 characters
description	string or null
	(PriorityEnum (integer or null)) or (NullEnum (number or null)) [ 0 .. 9223372036854776000 ]
ref_id	string or null (Reference id) <= 100 characters
	(Category3aaEnum (string or null)) or (BlankEnum (any or null)) or (NullEnum (any or null))
	(CsfFunctionEnum (string or null)) or (BlankEnum (any or null)) or (NullEnum (any or null))
	Status817Enum (string) or BlankEnum (any)
start_date	string or null <date> Start date (useful for timeline)
eta	string or null <date> Estimated Time of Arrival
expiry_date	string or null <date> Date after which the applied control is no longer valid
link	string or null <= 2048 characters External url for action follow-up (eg. Jira ticket)
	(EffortEnum (string or null)) or (BlankEnum (any or null)) or (NullEnum (any or null)) Relative effort of the measure (using T-Shirt sizing) `XS` - Extra Small `S` - Small `M` - Medium `L` - Large `XL` - Extra Large
	(ControlImpactEnum (integer or null)) or (NullEnum (number or null)) (Impact) [ -9223372036854776000 .. 9223372036854776000 ]
progress_field	integer [ 0 .. 100 ]
is_published	boolean (Published)
observation	string or null
folder	string <uuid>
reference_control	string or null <uuid>
filtering_labels	Array of strings <uuid> (Labels) [ items <uuid > ]
evidences	Array of strings <uuid> [ items <uuid > ]
assets	Array of strings <uuid> [ items <uuid > ]
owner	Array of strings <uuid> [ items <uuid > ]
security_exceptions	Array of strings <uuid> [ items <uuid > ]
objectives	Array of strings <uuid> [ items <uuid > ]

Responses

Request samples

Payload

Content type

application/json

{"findings": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"requirement_assessments": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"stakeholders": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"task_templates": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"cost": null,
"integration_config": "5e649ba1-4285-43a3-bf51-91ac3b9d6a28",
"remote_object_id": "string",
"create_remote_object": false,
"name": "string",
"description": "string",
"priority": 1,
"ref_id": "string",
"category": "policy",
"csf_function": "govern",
"status": "to_do",
"start_date": "2019-08-24",
"eta": "2019-08-24",
"expiry_date": "2019-08-24",
"link": "string",
"effort": "XS",
"control_impact": 1,
"progress_field": 100,
"is_published": true,
"observation": "string",
"folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
"reference_control": "ea0f6407-4261-4b29-a0d5-a2d08832472a",
"filtering_labels": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"evidences": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"assets": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"owner": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"security_exceptions": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"objectives": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}

Response samples

200

Content type

application/json

{"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"findings": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"requirement_assessments": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"stakeholders": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"task_templates": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"cost": null,
"created_at": "2019-08-24T14:15:22Z",
"updated_at": "2019-08-24T14:15:22Z",
"name": "string",
"description": "string",
"priority": 1,
"ref_id": "string",
"category": "policy",
"csf_function": "govern",
"status": "to_do",
"start_date": "2019-08-24",
"eta": "2019-08-24",
"expiry_date": "2019-08-24",
"link": "string",
"effort": "XS",
"control_impact": 1,
"progress_field": 100,
"is_published": true,
"observation": "string",
"folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
"reference_control": "ea0f6407-4261-4b29-a0d5-a2d08832472a",
"filtering_labels": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"evidences": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"assets": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"owner": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"security_exceptions": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"objectives": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}

applied_controls_partial_update

API endpoint that allows applied controls to be viewed or edited.

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this Applied control.

Request Body schema:
application/json

findings	Array of strings <uuid> [ items <uuid > ]
requirement_assessments	Array of strings <uuid> [ items <uuid > ]
stakeholders	Array of strings <uuid> [ items <uuid > ]
task_templates	Array of strings <uuid> [ items <uuid > ]
cost	any or null
integration_config	string or null <uuid>
remote_object_id	string or null
create_remote_object	boolean Default: false
name	string <= 200 characters
description	string or null
	(PriorityEnum (integer or null)) or (NullEnum (number or null)) [ 0 .. 9223372036854776000 ]
ref_id	string or null (Reference id) <= 100 characters
	(Category3aaEnum (string or null)) or (BlankEnum (any or null)) or (NullEnum (any or null))
	(CsfFunctionEnum (string or null)) or (BlankEnum (any or null)) or (NullEnum (any or null))
	Status817Enum (string) or BlankEnum (any)
start_date	string or null <date> Start date (useful for timeline)
eta	string or null <date> Estimated Time of Arrival
expiry_date	string or null <date> Date after which the applied control is no longer valid
link	string or null <= 2048 characters External url for action follow-up (eg. Jira ticket)
	(EffortEnum (string or null)) or (BlankEnum (any or null)) or (NullEnum (any or null)) Relative effort of the measure (using T-Shirt sizing) `XS` - Extra Small `S` - Small `M` - Medium `L` - Large `XL` - Extra Large
	(ControlImpactEnum (integer or null)) or (NullEnum (number or null)) (Impact) [ -9223372036854776000 .. 9223372036854776000 ]
progress_field	integer [ 0 .. 100 ]
is_published	boolean (Published)
observation	string or null
folder	string <uuid>
reference_control	string or null <uuid>
filtering_labels	Array of strings <uuid> (Labels) [ items <uuid > ]
evidences	Array of strings <uuid> [ items <uuid > ]
assets	Array of strings <uuid> [ items <uuid > ]
owner	Array of strings <uuid> [ items <uuid > ]
security_exceptions	Array of strings <uuid> [ items <uuid > ]
objectives	Array of strings <uuid> [ items <uuid > ]

Responses

Request samples

Payload

Content type

application/json

{"findings": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"requirement_assessments": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"stakeholders": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"task_templates": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"cost": null,
"integration_config": "5e649ba1-4285-43a3-bf51-91ac3b9d6a28",
"remote_object_id": "string",
"create_remote_object": false,
"name": "string",
"description": "string",
"priority": 1,
"ref_id": "string",
"category": "policy",
"csf_function": "govern",
"status": "to_do",
"start_date": "2019-08-24",
"eta": "2019-08-24",
"expiry_date": "2019-08-24",
"link": "string",
"effort": "XS",
"control_impact": 1,
"progress_field": 100,
"is_published": true,
"observation": "string",
"folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
"reference_control": "ea0f6407-4261-4b29-a0d5-a2d08832472a",
"filtering_labels": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"evidences": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"assets": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"owner": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"security_exceptions": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"objectives": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}

Response samples

200

Content type

application/json

{"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"findings": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"requirement_assessments": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"stakeholders": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"task_templates": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"cost": null,
"created_at": "2019-08-24T14:15:22Z",
"updated_at": "2019-08-24T14:15:22Z",
"name": "string",
"description": "string",
"priority": 1,
"ref_id": "string",
"category": "policy",
"csf_function": "govern",
"status": "to_do",
"start_date": "2019-08-24",
"eta": "2019-08-24",
"expiry_date": "2019-08-24",
"link": "string",
"effort": "XS",
"control_impact": 1,
"progress_field": 100,
"is_published": true,
"observation": "string",
"folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
"reference_control": "ea0f6407-4261-4b29-a0d5-a2d08832472a",
"filtering_labels": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"evidences": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"assets": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"owner": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"security_exceptions": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"objectives": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}

applied_controls_destroy

API endpoint that allows applied controls to be viewed or edited.

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this Applied control.

Responses

applied_controls_cascade_info_retrieve

Cascade preview:

deleted: objects actually deleted by cascade
affected: objects not deleted but whose relationships will be removed (through rows, SET_NULL, local links)

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this Applied control.

Responses

applied_controls_duplicate_create

API endpoint that allows applied controls to be viewed or edited.

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this Applied control.

Responses

applied_controls_object_retrieve

API endpoint that allows applied controls to be viewed or edited.

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this Applied control.

Responses

applied_controls_sync_to_reference_control_create

API endpoint that allows applied controls to be viewed or edited.

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this Applied control.

Responses

applied_controls_autocomplete_retrieve

Minimal endpoint for autocomplete selects.

Authorizations:

knoxApiToken

Responses

applied_controls_batch_action_create

Perform a batch action on multiple objects. Uses the IAM-filtered queryset and serializers to respect permissions and validation, mirroring the standard partial_update / destroy flows.

Payload: { "action": "delete"|"change_field"|"change_m2m"|"change_folder", "ids": [...], "field": "", "value": ... }

Authorizations:

knoxApiToken

Responses

applied_controls_category_retrieve

API endpoint that allows applied controls to be viewed or edited.

Authorizations:

knoxApiToken

Responses

applied_controls_control_impact_retrieve

API endpoint that allows applied controls to be viewed or edited.

Authorizations:

knoxApiToken

Responses

applied_controls_csf_function_retrieve

API endpoint that allows applied controls to be viewed or edited.

Authorizations:

knoxApiToken

Responses

applied_controls_effort_retrieve

API endpoint that allows applied controls to be viewed or edited.

Authorizations:

knoxApiToken

Responses

applied_controls_export_csv_retrieve

API endpoint that allows applied controls to be viewed or edited.

Authorizations:

knoxApiToken

Responses

applied_controls_export_xlsx_retrieve

API endpoint that allows applied controls to be viewed or edited.

Authorizations:

knoxApiToken

Responses

applied_controls_get_controls_info_retrieve

API endpoint that allows applied controls to be viewed or edited.

Authorizations:

knoxApiToken

Responses

applied_controls_get_gantt_data_retrieve

API endpoint that allows applied controls to be viewed or edited.

Authorizations:

knoxApiToken

Responses

applied_controls_get_timeline_info_retrieve

API endpoint that allows applied controls to be viewed or edited.

Authorizations:

knoxApiToken

Responses

applied_controls_ids_retrieve

API endpoint that allows applied controls to be viewed or edited.

Authorizations:

knoxApiToken

Responses

applied_controls_impact_effort_retrieve

API endpoint that allows applied controls to be viewed or edited.

Authorizations:

knoxApiToken

Responses

applied_controls_impact_graph_retrieve

API endpoint that allows applied controls to be viewed or edited.

Authorizations:

knoxApiToken

Responses

applied_controls_owner_retrieve

API endpoint that allows applied controls to be viewed or edited.

Authorizations:

knoxApiToken

Responses

applied_controls_per_status_retrieve

API endpoint that allows applied controls to be viewed or edited.

Authorizations:

knoxApiToken

Responses

applied_controls_priority_retrieve

API endpoint that allows applied controls to be viewed or edited.

Authorizations:

knoxApiToken

Responses

applied_controls_priority_chart_data_retrieve

API endpoint that allows applied controls to be viewed or edited.

Authorizations:

knoxApiToken

Responses

applied_controls_status_retrieve

API endpoint that allows applied controls to be viewed or edited.

Authorizations:

knoxApiToken

Responses

applied_controls_sunburst_data_retrieve

API endpoint that allows applied controls to be viewed or edited.

Authorizations:

knoxApiToken

Responses

applied_controls_to_review_retrieve

API endpoint that allows applied controls to be viewed or edited.

Authorizations:

knoxApiToken

Responses

applied_controls_todo_retrieve

API endpoint that allows applied controls to be viewed or edited.

Authorizations:

knoxApiToken

Responses

applied_controls_updatables_retrieve

API endpoint that allows applied controls to be viewed or edited.

Authorizations:

knoxApiToken

Responses

managed-documents

managed_documents_list

Override the list method to inject optimized data into the serializer context.

Authorizations:

knoxApiToken

query Parameters

document_type	Array of strings Items Enum: "charter" "other" "policy" "procedure" "record" `policy` - Policy `procedure` - Procedure `charter` - Charter `record` - Record `other` - Other
folder	Array of strings <uuid> [ items <uuid > ]
id	Array of strings <uuid> [ items <uuid > ] Multiple values may be separated by commas.
limit	integer Number of results to return per page.
locale	string
offset	integer The initial index from which to return the results.
ordering	string Which field to use when ordering the results.
policy	Array of strings <uuid> [ items <uuid > ]
search	string A search term.

Responses

Response samples

200

Content type

application/json

{"count": 123,
"next": "http://api.example.org/accounts/?offset=400&limit=100",
"previous": "http://api.example.org/accounts/?offset=200&limit=100",
"results": [{"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"folder": "string",
"policy": "string",
"current_revision": "string",
"revision_count": "string",
"latest_draft": "string",
"display_name": "string",
"created_at": "2019-08-24T14:15:22Z",
"updated_at": "2019-08-24T14:15:22Z",
"is_published": true,
"locale": "string",
"default_locale": true,
"document_type": "policy",
"name": "string",
"description": "string",
"template_used": "string"
}
]
}

managed_documents_create

API endpoint that allows managed documents to be viewed or edited.

Authorizations:

knoxApiToken

Request Body schema:
application/json

is_published	boolean (Published)
locale	string <= 100 characters
default_locale	boolean
document_type	string (DocumentTypeEnum) Enum: "policy" "procedure" "charter" "record" "other" `policy` - Policy `procedure` - Procedure `charter` - Charter `record` - Record `other` - Other
name	string <= 200 characters
description	string
template_used	string or null <= 200 characters
folder	string <uuid>
policy	string or null <uuid>
current_revision	string or null <uuid>

Responses

Request samples

Payload

Content type

application/json

{"is_published": true,
"locale": "string",
"default_locale": true,
"document_type": "policy",
"name": "string",
"description": "string",
"template_used": "string",
"folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
"policy": "b98582cd-72b0-4e39-98a9-ede64030e4c6",
"current_revision": "f3d3ea08-8009-4ed2-8693-4e9fda830441"
}

Response samples

201

Content type

application/json

{"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"created_at": "2019-08-24T14:15:22Z",
"updated_at": "2019-08-24T14:15:22Z",
"is_published": true,
"locale": "string",
"default_locale": true,
"document_type": "policy",
"name": "string",
"description": "string",
"template_used": "string",
"folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
"policy": "b98582cd-72b0-4e39-98a9-ede64030e4c6",
"current_revision": "f3d3ea08-8009-4ed2-8693-4e9fda830441"
}

managed_documents_retrieve

Return a single object with unauthorized related fields masked.

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this Managed document.

Responses

Response samples

200

Content type

application/json

{"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"folder": "string",
"policy": "string",
"current_revision": "string",
"revision_count": "string",
"latest_draft": "string",
"display_name": "string",
"created_at": "2019-08-24T14:15:22Z",
"updated_at": "2019-08-24T14:15:22Z",
"is_published": true,
"locale": "string",
"default_locale": true,
"document_type": "policy",
"name": "string",
"description": "string",
"template_used": "string"
}

managed_documents_update

API endpoint that allows managed documents to be viewed or edited.

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this Managed document.

Request Body schema:
application/json

is_published	boolean (Published)
locale	string <= 100 characters
default_locale	boolean
document_type	string (DocumentTypeEnum) Enum: "policy" "procedure" "charter" "record" "other" `policy` - Policy `procedure` - Procedure `charter` - Charter `record` - Record `other` - Other
name	string <= 200 characters
description	string
template_used	string or null <= 200 characters
folder	string <uuid>
policy	string or null <uuid>
current_revision	string or null <uuid>

Responses

Request samples

Payload

Content type

application/json

{"is_published": true,
"locale": "string",
"default_locale": true,
"document_type": "policy",
"name": "string",
"description": "string",
"template_used": "string",
"folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
"policy": "b98582cd-72b0-4e39-98a9-ede64030e4c6",
"current_revision": "f3d3ea08-8009-4ed2-8693-4e9fda830441"
}

Response samples

200

Content type

application/json

{"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"created_at": "2019-08-24T14:15:22Z",
"updated_at": "2019-08-24T14:15:22Z",
"is_published": true,
"locale": "string",
"default_locale": true,
"document_type": "policy",
"name": "string",
"description": "string",
"template_used": "string",
"folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
"policy": "b98582cd-72b0-4e39-98a9-ede64030e4c6",
"current_revision": "f3d3ea08-8009-4ed2-8693-4e9fda830441"
}

managed_documents_partial_update

API endpoint that allows managed documents to be viewed or edited.

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this Managed document.

Request Body schema:
application/json

is_published	boolean (Published)
locale	string <= 100 characters
default_locale	boolean
document_type	string (DocumentTypeEnum) Enum: "policy" "procedure" "charter" "record" "other" `policy` - Policy `procedure` - Procedure `charter` - Charter `record` - Record `other` - Other
name	string <= 200 characters
description	string
template_used	string or null <= 200 characters
folder	string <uuid>
policy	string or null <uuid>
current_revision	string or null <uuid>

Responses

Request samples

Payload

Content type

application/json

{"is_published": true,
"locale": "string",
"default_locale": true,
"document_type": "policy",
"name": "string",
"description": "string",
"template_used": "string",
"folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
"policy": "b98582cd-72b0-4e39-98a9-ede64030e4c6",
"current_revision": "f3d3ea08-8009-4ed2-8693-4e9fda830441"
}

Response samples

200

Content type

application/json

{"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"created_at": "2019-08-24T14:15:22Z",
"updated_at": "2019-08-24T14:15:22Z",
"is_published": true,
"locale": "string",
"default_locale": true,
"document_type": "policy",
"name": "string",
"description": "string",
"template_used": "string",
"folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
"policy": "b98582cd-72b0-4e39-98a9-ede64030e4c6",
"current_revision": "f3d3ea08-8009-4ed2-8693-4e9fda830441"
}

managed_documents_destroy

API endpoint that allows managed documents to be viewed or edited.

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this Managed document.

Responses

managed_documents_cascade_info_retrieve

Cascade preview:

deleted: objects actually deleted by cascade
affected: objects not deleted but whose relationships will be removed (through rows, SET_NULL, local links)

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this Managed document.

Responses

managed_documents_create_new_draft_create

Create a new draft revision cloned from the current revision.

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this Managed document.

Responses

managed_documents_object_retrieve

API endpoint that allows managed documents to be viewed or edited.

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this Managed document.

Responses

managed_documents_upload_image_create

Upload an image file and attach it to this document.

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this Managed document.

Responses

managed_documents_batch_action_create

Perform a batch action on multiple objects. Uses the IAM-filtered queryset and serializers to respect permissions and validation, mirroring the standard partial_update / destroy flows.

Payload: { "action": "delete"|"change_field"|"change_m2m"|"change_folder", "ids": [...], "field": "", "value": ... }

Authorizations:

knoxApiToken

Responses

managed_documents_templates_retrieve

List available document templates. Accepts optional ?lang= query parameter.

Authorizations:

knoxApiToken

Responses

organisation-issues

organisation_issues_list

Override the list method to inject optimized data into the serializer context.

Authorizations:

knoxApiToken

query Parameters

category	Array of strings Items Enum: "--" "companyCulture" "economic" "environmental" "financialCapacity" "humanResources" "internalProcesses" "legal" "organisationStructure" "political" "social" "technology" `--` - Undefined `political` - Political `economic` - Economic `social` - Social `technology` - Technology `legal` - Legal `environmental` - Environmental `organisationStructure` - Organisation Structure `humanResources` - Human resources `internalProcesses` - Internal processes `financialCapacity` - Financial capacity `companyCulture` - Company culture / communication
folder	Array of strings <uuid> [ items <uuid > ]
id	Array of strings <uuid> [ items <uuid > ] Multiple values may be separated by commas.
limit	integer Number of results to return per page.
offset	integer The initial index from which to return the results.
ordering	string Which field to use when ordering the results.
origin	Array of strings Items Enum: "--" "external" "internal" `--` - Undefined `internal` - Internal `external` - External
search	string A search term.
status	Array of strings Items Enum: "active" "draft" "inactive" `draft` - Draft `active` - Active `inactive` - Inactive

Responses

Response samples

200

Content type

application/json

{"count": 123,
"next": "http://api.example.org/accounts/?offset=400&limit=100",
"previous": "http://api.example.org/accounts/?offset=200&limit=100",
"results": [{"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"folder": "string",
"assets": ["string"
],
"category": "string",
"origin": "string",
"created_at": "2019-08-24T14:15:22Z",
"updated_at": "2019-08-24T14:15:22Z",
"is_published": true,
"name": "string",
"description": "string",
"ref_id": "string",
"observation": "string",
"start_date": "2019-08-24",
"expiration_date": "2019-08-24",
"status": "draft"
}
]
}

organisation_issues_create

Authorizations:

knoxApiToken

Request Body schema:
application/json
required

objectives	Array of strings <uuid> [ items <uuid > ]
is_published	boolean (Published)
name required	string <= 200 characters
description	string or null
ref_id	string (Reference ID) <= 100 characters
	OrganisationIssueWriteCategoryEnum (string) or BlankEnum (any)
	OriginEnum (string) or BlankEnum (any)
observation	string or null
start_date	string or null <date>
expiration_date	string or null <date>
status	string (StatusC7dEnum) Enum: "draft" "active" "inactive" `draft` - Draft `active` - Active `inactive` - Inactive
folder	string <uuid>
assets	Array of strings <uuid> (Asset) [ items <uuid > ]

Responses

Request samples

Payload

Content type

application/json

{"objectives": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"is_published": true,
"name": "string",
"description": "string",
"ref_id": "string",
"category": "--",
"origin": "--",
"observation": "string",
"start_date": "2019-08-24",
"expiration_date": "2019-08-24",
"status": "draft",
"folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
"assets": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}

Response samples

201

Content type

application/json

{"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"objectives": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"created_at": "2019-08-24T14:15:22Z",
"updated_at": "2019-08-24T14:15:22Z",
"is_published": true,
"name": "string",
"description": "string",
"ref_id": "string",
"category": "--",
"origin": "--",
"observation": "string",
"start_date": "2019-08-24",
"expiration_date": "2019-08-24",
"status": "draft",
"folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
"assets": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}

organisation_issues_retrieve

Return a single object with unauthorized related fields masked.

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this Issue.

Responses

Response samples

200

Content type

application/json

{"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"folder": "string",
"assets": ["string"
],
"category": "string",
"origin": "string",
"created_at": "2019-08-24T14:15:22Z",
"updated_at": "2019-08-24T14:15:22Z",
"is_published": true,
"name": "string",
"description": "string",
"ref_id": "string",
"observation": "string",
"start_date": "2019-08-24",
"expiration_date": "2019-08-24",
"status": "draft"
}

organisation_issues_update

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this Issue.

Request Body schema:
application/json
required

objectives	Array of strings <uuid> [ items <uuid > ]
is_published	boolean (Published)
name required	string <= 200 characters
description	string or null
ref_id	string (Reference ID) <= 100 characters
	OrganisationIssueWriteCategoryEnum (string) or BlankEnum (any)
	OriginEnum (string) or BlankEnum (any)
observation	string or null
start_date	string or null <date>
expiration_date	string or null <date>
status	string (StatusC7dEnum) Enum: "draft" "active" "inactive" `draft` - Draft `active` - Active `inactive` - Inactive
folder	string <uuid>
assets	Array of strings <uuid> (Asset) [ items <uuid > ]

Responses

Request samples

Payload

Content type

application/json

{"objectives": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"is_published": true,
"name": "string",
"description": "string",
"ref_id": "string",
"category": "--",
"origin": "--",
"observation": "string",
"start_date": "2019-08-24",
"expiration_date": "2019-08-24",
"status": "draft",
"folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
"assets": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}

Response samples

200

Content type

application/json

{"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"objectives": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"created_at": "2019-08-24T14:15:22Z",
"updated_at": "2019-08-24T14:15:22Z",
"is_published": true,
"name": "string",
"description": "string",
"ref_id": "string",
"category": "--",
"origin": "--",
"observation": "string",
"start_date": "2019-08-24",
"expiration_date": "2019-08-24",
"status": "draft",
"folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
"assets": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}

organisation_issues_partial_update

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this Issue.

Request Body schema:
application/json

objectives	Array of strings <uuid> [ items <uuid > ]
is_published	boolean (Published)
name	string <= 200 characters
description	string or null
ref_id	string (Reference ID) <= 100 characters
	OrganisationIssueWriteCategoryEnum (string) or BlankEnum (any)
	OriginEnum (string) or BlankEnum (any)
observation	string or null
start_date	string or null <date>
expiration_date	string or null <date>
status	string (StatusC7dEnum) Enum: "draft" "active" "inactive" `draft` - Draft `active` - Active `inactive` - Inactive
folder	string <uuid>
assets	Array of strings <uuid> (Asset) [ items <uuid > ]

Responses

Request samples

Payload

Content type

application/json

{"objectives": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"is_published": true,
"name": "string",
"description": "string",
"ref_id": "string",
"category": "--",
"origin": "--",
"observation": "string",
"start_date": "2019-08-24",
"expiration_date": "2019-08-24",
"status": "draft",
"folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
"assets": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}

Response samples

200

Content type

application/json

{"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"objectives": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"created_at": "2019-08-24T14:15:22Z",
"updated_at": "2019-08-24T14:15:22Z",
"is_published": true,
"name": "string",
"description": "string",
"ref_id": "string",
"category": "--",
"origin": "--",
"observation": "string",
"start_date": "2019-08-24",
"expiration_date": "2019-08-24",
"status": "draft",
"folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
"assets": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}

organisation_issues_destroy

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this Issue.

Responses

organisation_issues_cascade_info_retrieve

Cascade preview:

deleted: objects actually deleted by cascade
affected: objects not deleted but whose relationships will be removed (through rows, SET_NULL, local links)

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this Issue.

Responses

organisation_issues_object_retrieve

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this Issue.

Responses

organisation_issues_batch_action_create

Perform a batch action on multiple objects. Uses the IAM-filtered queryset and serializers to respect permissions and validation, mirroring the standard partial_update / destroy flows.

Payload: { "action": "delete"|"change_field"|"change_m2m"|"change_folder", "ids": [...], "field": "", "value": ... }

Authorizations:

knoxApiToken

Responses

organisation_issues_category_retrieve

Authorizations:

knoxApiToken

Responses

organisation_issues_origin_retrieve

Authorizations:

knoxApiToken

Responses

organisation_issues_status_retrieve

Authorizations:

knoxApiToken

Responses

organisation-objectives

organisation_objectives_list

Override the list method to inject optimized data into the serializer context.

Authorizations:

knoxApiToken

query Parameters

assigned_to	Array of strings <uuid> [ items <uuid > ]
folder	Array of strings <uuid> [ items <uuid > ]
health	Array of strings Items Enum: "--" "at_risk" "off_track" "on_track" `--` - Undefined `on_track` - On track `at_risk` - At risk `off_track` - Off track
id	Array of strings <uuid> [ items <uuid > ] Multiple values may be separated by commas.
is_active	boolean
issues	Array of strings <uuid> [ items <uuid > ]
limit	integer Number of results to return per page.
offset	integer The initial index from which to return the results.
ordering	string Which field to use when ordering the results.
search	string A search term.
status	Array of strings Items Enum: "achieved" "degraded" "deprecated" "draft" "in_progress" `draft` - Draft `in_progress` - In progress `achieved` - Achieved `degraded` - Degraded `deprecated` - Deprecated

Responses

Response samples

200

Content type

application/json

{"count": 123,
"next": "http://api.example.org/accounts/?offset=400&limit=100",
"previous": "http://api.example.org/accounts/?offset=200&limit=100",
"results": [{"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"folder": "string",
"assets": ["string"
],
"issues": ["string"
],
"tasks": ["string"
],
"metrics": ["string"
],
"status": "string",
"health": "string",
"assigned_to": ["string"
],
"created_at": "2019-08-24T14:15:22Z",
"updated_at": "2019-08-24T14:15:22Z",
"is_published": true,
"name": "string",
"description": "string",
"observation": "string",
"ref_id": "string",
"is_active": true,
"start_date": "2019-08-24",
"eta": "2019-08-24",
"due_date": "2019-08-24",
"closing_date": "2019-08-24"
}
]
}

organisation_objectives_create

Authorizations:

knoxApiToken

Request Body schema:
application/json
required

applied_controls	Array of strings <uuid> [ items <uuid > ]
is_published	boolean (Published)
name required	string <= 200 characters
description	string or null
observation	string or null
ref_id	string (Reference ID) <= 100 characters
status	string (OrganisationObjectiveWriteStatusEnum) Enum: "draft" "in_progress" "achieved" "degraded" "deprecated" `draft` - Draft `in_progress` - In progress `achieved` - Achieved `degraded` - Degraded `deprecated` - Deprecated
health	string (HealthEnum) Enum: "--" "on_track" "at_risk" "off_track" `--` - Undefined `on_track` - On track `at_risk` - At risk `off_track` - Off track
is_active	boolean
start_date	string or null <date>
eta	string or null <date>
due_date	string or null <date>
closing_date	string or null <date>
folder	string <uuid>
issues	Array of strings <uuid> [ items <uuid > ]
assets	Array of strings <uuid> (Asset) [ items <uuid > ]
tasks	Array of strings <uuid> (Issue) [ items <uuid > ]
assigned_to	Array of strings <uuid> [ items <uuid > ]
metrics	Array of strings <uuid> (Tracking metrics) [ items <uuid > ]

Responses

Request samples

Payload

Content type

application/json

{"applied_controls": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"is_published": true,
"name": "string",
"description": "string",
"observation": "string",
"ref_id": "string",
"status": "draft",
"health": "--",
"is_active": true,
"start_date": "2019-08-24",
"eta": "2019-08-24",
"due_date": "2019-08-24",
"closing_date": "2019-08-24",
"folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
"issues": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"assets": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"tasks": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"assigned_to": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"metrics": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}

Response samples

201

Content type

application/json

{"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"applied_controls": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"created_at": "2019-08-24T14:15:22Z",
"updated_at": "2019-08-24T14:15:22Z",
"is_published": true,
"name": "string",
"description": "string",
"observation": "string",
"ref_id": "string",
"status": "draft",
"health": "--",
"is_active": true,
"start_date": "2019-08-24",
"eta": "2019-08-24",
"due_date": "2019-08-24",
"closing_date": "2019-08-24",
"folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
"issues": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"assets": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"tasks": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"assigned_to": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"metrics": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}

organisation_objectives_retrieve

Return a single object with unauthorized related fields masked.

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this Objective.

Responses

Response samples

200

Content type

application/json

{"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"folder": "string",
"assets": ["string"
],
"issues": ["string"
],
"tasks": ["string"
],
"metrics": ["string"
],
"status": "string",
"health": "string",
"assigned_to": ["string"
],
"created_at": "2019-08-24T14:15:22Z",
"updated_at": "2019-08-24T14:15:22Z",
"is_published": true,
"name": "string",
"description": "string",
"observation": "string",
"ref_id": "string",
"is_active": true,
"start_date": "2019-08-24",
"eta": "2019-08-24",
"due_date": "2019-08-24",
"closing_date": "2019-08-24"
}

organisation_objectives_update

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this Objective.

Request Body schema:
application/json
required

applied_controls	Array of strings <uuid> [ items <uuid > ]
is_published	boolean (Published)
name required	string <= 200 characters
description	string or null
observation	string or null
ref_id	string (Reference ID) <= 100 characters
status	string (OrganisationObjectiveWriteStatusEnum) Enum: "draft" "in_progress" "achieved" "degraded" "deprecated" `draft` - Draft `in_progress` - In progress `achieved` - Achieved `degraded` - Degraded `deprecated` - Deprecated
health	string (HealthEnum) Enum: "--" "on_track" "at_risk" "off_track" `--` - Undefined `on_track` - On track `at_risk` - At risk `off_track` - Off track
is_active	boolean
start_date	string or null <date>
eta	string or null <date>
due_date	string or null <date>
closing_date	string or null <date>
folder	string <uuid>
issues	Array of strings <uuid> [ items <uuid > ]
assets	Array of strings <uuid> (Asset) [ items <uuid > ]
tasks	Array of strings <uuid> (Issue) [ items <uuid > ]
assigned_to	Array of strings <uuid> [ items <uuid > ]
metrics	Array of strings <uuid> (Tracking metrics) [ items <uuid > ]

Responses

Request samples

Payload

Content type

application/json

{"applied_controls": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"is_published": true,
"name": "string",
"description": "string",
"observation": "string",
"ref_id": "string",
"status": "draft",
"health": "--",
"is_active": true,
"start_date": "2019-08-24",
"eta": "2019-08-24",
"due_date": "2019-08-24",
"closing_date": "2019-08-24",
"folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
"issues": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"assets": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"tasks": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"assigned_to": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"metrics": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}

Response samples

200

Content type

application/json

{"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"applied_controls": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"created_at": "2019-08-24T14:15:22Z",
"updated_at": "2019-08-24T14:15:22Z",
"is_published": true,
"name": "string",
"description": "string",
"observation": "string",
"ref_id": "string",
"status": "draft",
"health": "--",
"is_active": true,
"start_date": "2019-08-24",
"eta": "2019-08-24",
"due_date": "2019-08-24",
"closing_date": "2019-08-24",
"folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
"issues": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"assets": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"tasks": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"assigned_to": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"metrics": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}

organisation_objectives_partial_update

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this Objective.

Request Body schema:
application/json

applied_controls	Array of strings <uuid> [ items <uuid > ]
is_published	boolean (Published)
name	string <= 200 characters
description	string or null
observation	string or null
ref_id	string (Reference ID) <= 100 characters
status	string (OrganisationObjectiveWriteStatusEnum) Enum: "draft" "in_progress" "achieved" "degraded" "deprecated" `draft` - Draft `in_progress` - In progress `achieved` - Achieved `degraded` - Degraded `deprecated` - Deprecated
health	string (HealthEnum) Enum: "--" "on_track" "at_risk" "off_track" `--` - Undefined `on_track` - On track `at_risk` - At risk `off_track` - Off track
is_active	boolean
start_date	string or null <date>
eta	string or null <date>
due_date	string or null <date>
closing_date	string or null <date>
folder	string <uuid>
issues	Array of strings <uuid> [ items <uuid > ]
assets	Array of strings <uuid> (Asset) [ items <uuid > ]
tasks	Array of strings <uuid> (Issue) [ items <uuid > ]
assigned_to	Array of strings <uuid> [ items <uuid > ]
metrics	Array of strings <uuid> (Tracking metrics) [ items <uuid > ]

Responses

Request samples

Payload

Content type

application/json

{"applied_controls": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"is_published": true,
"name": "string",
"description": "string",
"observation": "string",
"ref_id": "string",
"status": "draft",
"health": "--",
"is_active": true,
"start_date": "2019-08-24",
"eta": "2019-08-24",
"due_date": "2019-08-24",
"closing_date": "2019-08-24",
"folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
"issues": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"assets": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"tasks": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"assigned_to": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"metrics": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}

Response samples

200

Content type

application/json

{"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"applied_controls": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"created_at": "2019-08-24T14:15:22Z",
"updated_at": "2019-08-24T14:15:22Z",
"is_published": true,
"name": "string",
"description": "string",
"observation": "string",
"ref_id": "string",
"status": "draft",
"health": "--",
"is_active": true,
"start_date": "2019-08-24",
"eta": "2019-08-24",
"due_date": "2019-08-24",
"closing_date": "2019-08-24",
"folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
"issues": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"assets": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"tasks": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"assigned_to": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"metrics": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}

organisation_objectives_destroy

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this Objective.

Responses

organisation_objectives_cascade_info_retrieve

Cascade preview:

deleted: objects actually deleted by cascade
affected: objects not deleted but whose relationships will be removed (through rows, SET_NULL, local links)

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this Objective.

Responses

organisation_objectives_duplicate_create

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this Objective.

Responses

organisation_objectives_object_retrieve

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this Objective.

Responses

organisation_objectives_batch_action_create

Perform a batch action on multiple objects. Uses the IAM-filtered queryset and serializers to respect permissions and validation, mirroring the standard partial_update / destroy flows.

Payload: { "action": "delete"|"change_field"|"change_m2m"|"change_folder", "ids": [...], "field": "", "value": ... }

Authorizations:

knoxApiToken

Responses

organisation_objectives_health_retrieve

Authorizations:

knoxApiToken

Responses

organisation_objectives_is_active_retrieve

Authorizations:

knoxApiToken

Responses

organisation_objectives_status_retrieve

Authorizations:

knoxApiToken

Responses

policies

policies_list

Override the list method to inject optimized data into the serializer context.

Authorizations:

knoxApiToken

query Parameters

assets	Array of strings <uuid> [ items <uuid > ]
category	Array of strings or null Items Enum: "--" "physical" "policy" "procedure" "process" "technical" `--` - -- `policy` - Policy `process` - Process `technical` - Technical `physical` - Physical `procedure` - Procedure
compliance_assessments	Array of strings
control_impact	Array of integers or null (Impact) Items Enum: "--" 1 2 3 4 5 `--` - -- `1` - Very Low `2` - Low `3` - Medium `4` - High `5` - Very High
csf_function	Array of strings or null Items Enum: "--" "detect" "govern" "identify" "protect" "recover" "respond" `--` - -- `govern` - Govern `identify` - Identify `protect` - Protect `detect` - Detect `respond` - Respond `recover` - Recover
effort	Array of strings or null Items Enum: "--" "L" "M" "S" "XL" "XS" Relative effort of the measure (using T-Shirt sizing) `--` - -- `XS` - Extra Small `S` - Small `M` - Medium `L` - Large `XL` - Extra Large
eta	string <date>
eta__gt	string <date>
eta__gte	string <date>
eta__lt	string <date>
eta__lte	string <date>
eta__month	number
eta__year	number
evidences	Array of strings <uuid> [ items <uuid > ]
filtering_labels	Array of strings <uuid> [ items <uuid > ]
findings	Array of strings <uuid> [ items <uuid > ]
findings_assessments	Array of strings
folder	Array of strings <uuid> [ items <uuid > ]
genericcollection	Array of strings <uuid> [ items <uuid > ]
id	Array of strings <uuid> [ items <uuid > ] Multiple values may be separated by commas.
is_assigned	boolean
limit	integer Number of results to return per page.
name	string
objectives	Array of strings <uuid> [ items <uuid > ]
offset	integer The initial index from which to return the results.
ordering	string Which field to use when ordering the results.
owner	Array of strings <uuid> [ items <uuid > ]
priority	Array of integers or null Items Enum: "--" 1 2 3 4 `--` - -- `1` - P1 `2` - P2 `3` - P3 `4` - P4
processings	Array of strings <uuid> [ items <uuid > ]
progress_field	integer
ref_id	string
reference_control	Array of strings <uuid> [ items <uuid > ]
requirement_assessments	Array of strings <uuid> [ items <uuid > ]
risk_assessments	Array of strings
risk_scenarios	Array of strings <uuid> [ items <uuid > ]
risk_scenarios_e	Array of strings <uuid> [ items <uuid > ]
search	string A search term.
security_exceptions	Array of strings <uuid> [ items <uuid > ]
stakeholders	Array of strings <uuid> [ items <uuid > ]
status	Array of strings Items Enum: "--" "active" "deprecated" "in_progress" "on_hold" "to_do" `to_do` - To do `in_progress` - In progress `on_hold` - On hold `active` - Active `deprecated` - Deprecated `--` - Undefined
to_review	boolean
todo	boolean

Responses

Response samples

200

Content type

application/json

{"count": 123,
"next": "http://api.example.org/accounts/?offset=400&limit=100",
"previous": "http://api.example.org/accounts/?offset=200&limit=100",
"results": [{"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"findings": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"requirement_assessments": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"stakeholders": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"task_templates": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"cost": null,
"path": "string",
"folder": "string",
"reference_control": "string",
"priority": "string",
"category": "string",
"csf_function": "string",
"evidences": ["string"
],
"objectives": ["string"
],
"effort": "string",
"control_impact": "string",
"annual_cost": "string",
"currency": "string",
"annual_cost_display": "string",
"filtering_labels": ["string"
],
"assets": ["string"
],
"ranking_score": 0,
"owner": ["string"
],
"security_exceptions": ["string"
],
"state": "string",
"findings_count": 0,
"is_assigned": true,
"validation_flows": ["string"
],
"created_at": "2019-08-24T14:15:22Z",
"updated_at": "2019-08-24T14:15:22Z",
"name": "string",
"description": "string",
"ref_id": "string",
"status": "to_do",
"start_date": "2019-08-24",
"eta": "2019-08-24",
"expiry_date": "2019-08-24",
"link": "string",
"progress_field": 100,
"is_published": true,
"observation": "string"
}
]
}

policies_create

API endpoint that allows applied controls to be viewed or edited.

Authorizations:

knoxApiToken

Request Body schema:
application/json
required

findings	Array of strings <uuid> [ items <uuid > ]
requirement_assessments	Array of strings <uuid> [ items <uuid > ]
stakeholders	Array of strings <uuid> [ items <uuid > ]
task_templates	Array of strings <uuid> [ items <uuid > ]
cost	any or null
integration_config	string or null <uuid>
remote_object_id	string or null
create_remote_object	boolean Default: false
name required	string <= 200 characters
description	string or null
	(PriorityEnum (integer or null)) or (NullEnum (number or null)) [ 0 .. 9223372036854776000 ]
ref_id	string or null (Reference id) <= 100 characters
	(Category3aaEnum (string or null)) or (BlankEnum (any or null)) or (NullEnum (any or null))
	(CsfFunctionEnum (string or null)) or (BlankEnum (any or null)) or (NullEnum (any or null))
	Status817Enum (string) or BlankEnum (any)
start_date	string or null <date> Start date (useful for timeline)
eta	string or null <date> Estimated Time of Arrival
expiry_date	string or null <date> Date after which the applied control is no longer valid
link	string or null <= 2048 characters External url for action follow-up (eg. Jira ticket)
	(EffortEnum (string or null)) or (BlankEnum (any or null)) or (NullEnum (any or null)) Relative effort of the measure (using T-Shirt sizing) `XS` - Extra Small `S` - Small `M` - Medium `L` - Large `XL` - Extra Large
	(ControlImpactEnum (integer or null)) or (NullEnum (number or null)) (Impact) [ -9223372036854776000 .. 9223372036854776000 ]
progress_field	integer [ 0 .. 100 ]
is_published	boolean (Published)
observation	string or null
folder	string <uuid>
reference_control	string or null <uuid>
filtering_labels	Array of strings <uuid> (Labels) [ items <uuid > ]
evidences	Array of strings <uuid> [ items <uuid > ]
assets	Array of strings <uuid> [ items <uuid > ]
owner	Array of strings <uuid> [ items <uuid > ]
security_exceptions	Array of strings <uuid> [ items <uuid > ]
objectives	Array of strings <uuid> [ items <uuid > ]

Responses

Request samples

Payload

Content type

application/json

{"findings": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"requirement_assessments": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"stakeholders": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"task_templates": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"cost": null,
"integration_config": "5e649ba1-4285-43a3-bf51-91ac3b9d6a28",
"remote_object_id": "string",
"create_remote_object": false,
"name": "string",
"description": "string",
"priority": 1,
"ref_id": "string",
"category": "policy",
"csf_function": "govern",
"status": "to_do",
"start_date": "2019-08-24",
"eta": "2019-08-24",
"expiry_date": "2019-08-24",
"link": "string",
"effort": "XS",
"control_impact": 1,
"progress_field": 100,
"is_published": true,
"observation": "string",
"folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
"reference_control": "ea0f6407-4261-4b29-a0d5-a2d08832472a",
"filtering_labels": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"evidences": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"assets": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"owner": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"security_exceptions": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"objectives": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}

Response samples

201

Content type

application/json

{"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"findings": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"requirement_assessments": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"stakeholders": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"task_templates": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"cost": null,
"created_at": "2019-08-24T14:15:22Z",
"updated_at": "2019-08-24T14:15:22Z",
"name": "string",
"description": "string",
"priority": 1,
"ref_id": "string",
"category": "policy",
"csf_function": "govern",
"status": "to_do",
"start_date": "2019-08-24",
"eta": "2019-08-24",
"expiry_date": "2019-08-24",
"link": "string",
"effort": "XS",
"control_impact": 1,
"progress_field": 100,
"is_published": true,
"observation": "string",
"folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
"reference_control": "ea0f6407-4261-4b29-a0d5-a2d08832472a",
"filtering_labels": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"evidences": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"assets": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"owner": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"security_exceptions": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"objectives": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}

policies_retrieve

Return a single object with unauthorized related fields masked.

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this Policy.

Responses

Response samples

200

Content type

application/json

{"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"findings": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"requirement_assessments": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"stakeholders": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"task_templates": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"cost": null,
"path": "string",
"folder": "string",
"reference_control": "string",
"priority": "string",
"category": "string",
"csf_function": "string",
"evidences": ["string"
],
"objectives": ["string"
],
"effort": "string",
"control_impact": "string",
"annual_cost": "string",
"currency": "string",
"annual_cost_display": "string",
"filtering_labels": ["string"
],
"assets": ["string"
],
"ranking_score": 0,
"owner": ["string"
],
"security_exceptions": ["string"
],
"state": "string",
"findings_count": 0,
"is_assigned": true,
"validation_flows": ["string"
],
"created_at": "2019-08-24T14:15:22Z",
"updated_at": "2019-08-24T14:15:22Z",
"name": "string",
"description": "string",
"ref_id": "string",
"status": "to_do",
"start_date": "2019-08-24",
"eta": "2019-08-24",
"expiry_date": "2019-08-24",
"link": "string",
"progress_field": 100,
"is_published": true,
"observation": "string"
}

policies_update

API endpoint that allows applied controls to be viewed or edited.

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this Policy.

Request Body schema:
application/json
required

findings	Array of strings <uuid> [ items <uuid > ]
requirement_assessments	Array of strings <uuid> [ items <uuid > ]
stakeholders	Array of strings <uuid> [ items <uuid > ]
task_templates	Array of strings <uuid> [ items <uuid > ]
cost	any or null
integration_config	string or null <uuid>
remote_object_id	string or null
create_remote_object	boolean Default: false
name required	string <= 200 characters
description	string or null
	(PriorityEnum (integer or null)) or (NullEnum (number or null)) [ 0 .. 9223372036854776000 ]
ref_id	string or null (Reference id) <= 100 characters
	(Category3aaEnum (string or null)) or (BlankEnum (any or null)) or (NullEnum (any or null))
	(CsfFunctionEnum (string or null)) or (BlankEnum (any or null)) or (NullEnum (any or null))
	Status817Enum (string) or BlankEnum (any)
start_date	string or null <date> Start date (useful for timeline)
eta	string or null <date> Estimated Time of Arrival
expiry_date	string or null <date> Date after which the applied control is no longer valid
link	string or null <= 2048 characters External url for action follow-up (eg. Jira ticket)
	(EffortEnum (string or null)) or (BlankEnum (any or null)) or (NullEnum (any or null)) Relative effort of the measure (using T-Shirt sizing) `XS` - Extra Small `S` - Small `M` - Medium `L` - Large `XL` - Extra Large
	(ControlImpactEnum (integer or null)) or (NullEnum (number or null)) (Impact) [ -9223372036854776000 .. 9223372036854776000 ]
progress_field	integer [ 0 .. 100 ]
is_published	boolean (Published)
observation	string or null
folder	string <uuid>
reference_control	string or null <uuid>
filtering_labels	Array of strings <uuid> (Labels) [ items <uuid > ]
evidences	Array of strings <uuid> [ items <uuid > ]
assets	Array of strings <uuid> [ items <uuid > ]
owner	Array of strings <uuid> [ items <uuid > ]
security_exceptions	Array of strings <uuid> [ items <uuid > ]
objectives	Array of strings <uuid> [ items <uuid > ]

Responses

Request samples

Payload

Content type

application/json

{"findings": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"requirement_assessments": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"stakeholders": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"task_templates": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"cost": null,
"integration_config": "5e649ba1-4285-43a3-bf51-91ac3b9d6a28",
"remote_object_id": "string",
"create_remote_object": false,
"name": "string",
"description": "string",
"priority": 1,
"ref_id": "string",
"category": "policy",
"csf_function": "govern",
"status": "to_do",
"start_date": "2019-08-24",
"eta": "2019-08-24",
"expiry_date": "2019-08-24",
"link": "string",
"effort": "XS",
"control_impact": 1,
"progress_field": 100,
"is_published": true,
"observation": "string",
"folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
"reference_control": "ea0f6407-4261-4b29-a0d5-a2d08832472a",
"filtering_labels": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"evidences": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"assets": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"owner": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"security_exceptions": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"objectives": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}

Response samples

200

Content type

application/json

{"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"findings": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"requirement_assessments": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"stakeholders": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"task_templates": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"cost": null,
"created_at": "2019-08-24T14:15:22Z",
"updated_at": "2019-08-24T14:15:22Z",
"name": "string",
"description": "string",
"priority": 1,
"ref_id": "string",
"category": "policy",
"csf_function": "govern",
"status": "to_do",
"start_date": "2019-08-24",
"eta": "2019-08-24",
"expiry_date": "2019-08-24",
"link": "string",
"effort": "XS",
"control_impact": 1,
"progress_field": 100,
"is_published": true,
"observation": "string",
"folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
"reference_control": "ea0f6407-4261-4b29-a0d5-a2d08832472a",
"filtering_labels": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"evidences": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"assets": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"owner": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"security_exceptions": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"objectives": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}

policies_partial_update

API endpoint that allows applied controls to be viewed or edited.

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this Policy.

Request Body schema:
application/json

findings	Array of strings <uuid> [ items <uuid > ]
requirement_assessments	Array of strings <uuid> [ items <uuid > ]
stakeholders	Array of strings <uuid> [ items <uuid > ]
task_templates	Array of strings <uuid> [ items <uuid > ]
cost	any or null
integration_config	string or null <uuid>
remote_object_id	string or null
create_remote_object	boolean Default: false
name	string <= 200 characters
description	string or null
	(PriorityEnum (integer or null)) or (NullEnum (number or null)) [ 0 .. 9223372036854776000 ]
ref_id	string or null (Reference id) <= 100 characters
	(Category3aaEnum (string or null)) or (BlankEnum (any or null)) or (NullEnum (any or null))
	(CsfFunctionEnum (string or null)) or (BlankEnum (any or null)) or (NullEnum (any or null))
	Status817Enum (string) or BlankEnum (any)
start_date	string or null <date> Start date (useful for timeline)
eta	string or null <date> Estimated Time of Arrival
expiry_date	string or null <date> Date after which the applied control is no longer valid
link	string or null <= 2048 characters External url for action follow-up (eg. Jira ticket)
	(EffortEnum (string or null)) or (BlankEnum (any or null)) or (NullEnum (any or null)) Relative effort of the measure (using T-Shirt sizing) `XS` - Extra Small `S` - Small `M` - Medium `L` - Large `XL` - Extra Large
	(ControlImpactEnum (integer or null)) or (NullEnum (number or null)) (Impact) [ -9223372036854776000 .. 9223372036854776000 ]
progress_field	integer [ 0 .. 100 ]
is_published	boolean (Published)
observation	string or null
folder	string <uuid>
reference_control	string or null <uuid>
filtering_labels	Array of strings <uuid> (Labels) [ items <uuid > ]
evidences	Array of strings <uuid> [ items <uuid > ]
assets	Array of strings <uuid> [ items <uuid > ]
owner	Array of strings <uuid> [ items <uuid > ]
security_exceptions	Array of strings <uuid> [ items <uuid > ]
objectives	Array of strings <uuid> [ items <uuid > ]

Responses

Request samples

Payload

Content type

application/json

{"findings": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"requirement_assessments": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"stakeholders": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"task_templates": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"cost": null,
"integration_config": "5e649ba1-4285-43a3-bf51-91ac3b9d6a28",
"remote_object_id": "string",
"create_remote_object": false,
"name": "string",
"description": "string",
"priority": 1,
"ref_id": "string",
"category": "policy",
"csf_function": "govern",
"status": "to_do",
"start_date": "2019-08-24",
"eta": "2019-08-24",
"expiry_date": "2019-08-24",
"link": "string",
"effort": "XS",
"control_impact": 1,
"progress_field": 100,
"is_published": true,
"observation": "string",
"folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
"reference_control": "ea0f6407-4261-4b29-a0d5-a2d08832472a",
"filtering_labels": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"evidences": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"assets": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"owner": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"security_exceptions": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"objectives": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}

Response samples

200

Content type

application/json

{"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"findings": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"requirement_assessments": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"stakeholders": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"task_templates": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"cost": null,
"created_at": "2019-08-24T14:15:22Z",
"updated_at": "2019-08-24T14:15:22Z",
"name": "string",
"description": "string",
"priority": 1,
"ref_id": "string",
"category": "policy",
"csf_function": "govern",
"status": "to_do",
"start_date": "2019-08-24",
"eta": "2019-08-24",
"expiry_date": "2019-08-24",
"link": "string",
"effort": "XS",
"control_impact": 1,
"progress_field": 100,
"is_published": true,
"observation": "string",
"folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
"reference_control": "ea0f6407-4261-4b29-a0d5-a2d08832472a",
"filtering_labels": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"evidences": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"assets": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"owner": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"security_exceptions": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"objectives": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}

policies_destroy

API endpoint that allows applied controls to be viewed or edited.

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this Policy.

Responses

policies_cascade_info_retrieve

Cascade preview:

deleted: objects actually deleted by cascade
affected: objects not deleted but whose relationships will be removed (through rows, SET_NULL, local links)

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this Policy.

Responses

policies_duplicate_create

API endpoint that allows applied controls to be viewed or edited.

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this Policy.

Responses

policies_object_retrieve

API endpoint that allows applied controls to be viewed or edited.

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this Policy.

Responses

policies_sync_to_reference_control_create

API endpoint that allows applied controls to be viewed or edited.

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this Policy.

Responses

policies_autocomplete_retrieve

Minimal endpoint for autocomplete selects.

Authorizations:

knoxApiToken

Responses

policies_batch_action_create

Perform a batch action on multiple objects. Uses the IAM-filtered queryset and serializers to respect permissions and validation, mirroring the standard partial_update / destroy flows.

Payload: { "action": "delete"|"change_field"|"change_m2m"|"change_folder", "ids": [...], "field": "", "value": ... }

Authorizations:

knoxApiToken

Responses

policies_category_retrieve

API endpoint that allows applied controls to be viewed or edited.

Authorizations:

knoxApiToken

Responses

policies_control_impact_retrieve

API endpoint that allows applied controls to be viewed or edited.

Authorizations:

knoxApiToken

Responses

policies_csf_function_retrieve

API endpoint that allows applied controls to be viewed or edited.

Authorizations:

knoxApiToken

Responses

policies_effort_retrieve

API endpoint that allows applied controls to be viewed or edited.

Authorizations:

knoxApiToken

Responses

policies_export_csv_retrieve

API endpoint that allows applied controls to be viewed or edited.

Authorizations:

knoxApiToken

Responses

policies_export_xlsx_retrieve

API endpoint that allows applied controls to be viewed or edited.

Authorizations:

knoxApiToken

Responses

policies_get_controls_info_retrieve

API endpoint that allows applied controls to be viewed or edited.

Authorizations:

knoxApiToken

Responses

policies_get_gantt_data_retrieve

API endpoint that allows applied controls to be viewed or edited.

Authorizations:

knoxApiToken

Responses

policies_get_timeline_info_retrieve

API endpoint that allows applied controls to be viewed or edited.

Authorizations:

knoxApiToken

Responses

policies_ids_retrieve

API endpoint that allows applied controls to be viewed or edited.

Authorizations:

knoxApiToken

Responses

policies_impact_effort_retrieve

API endpoint that allows applied controls to be viewed or edited.

Authorizations:

knoxApiToken

Responses

policies_impact_graph_retrieve

API endpoint that allows applied controls to be viewed or edited.

Authorizations:

knoxApiToken

Responses

policies_owner_retrieve

API endpoint that allows applied controls to be viewed or edited.

Authorizations:

knoxApiToken

Responses

policies_per_status_retrieve

API endpoint that allows applied controls to be viewed or edited.

Authorizations:

knoxApiToken

Responses

policies_priority_retrieve

API endpoint that allows applied controls to be viewed or edited.

Authorizations:

knoxApiToken

Responses

policies_priority_chart_data_retrieve

API endpoint that allows applied controls to be viewed or edited.

Authorizations:

knoxApiToken

Responses

policies_status_retrieve

API endpoint that allows applied controls to be viewed or edited.

Authorizations:

knoxApiToken

Responses

policies_sunburst_data_retrieve

API endpoint that allows applied controls to be viewed or edited.

Authorizations:

knoxApiToken

Responses

policies_to_review_retrieve

API endpoint that allows applied controls to be viewed or edited.

Authorizations:

knoxApiToken

Responses

policies_todo_retrieve

API endpoint that allows applied controls to be viewed or edited.

Authorizations:

knoxApiToken

Responses

policies_updatables_retrieve

API endpoint that allows applied controls to be viewed or edited.

Authorizations:

knoxApiToken

Responses

validation-flows

validation_flows_list

Override the list method to inject optimized data into the serializer context.

Authorizations:

knoxApiToken

query Parameters

approver	Array of strings <uuid> [ items <uuid > ]
compliance_assessments	Array of strings <uuid> [ items <uuid > ]
crq_studies	Array of strings <uuid> [ items <uuid > ]
ebios_studies	Array of strings <uuid> [ items <uuid > ]
entity_assessments	Array of strings <uuid> [ items <uuid > ]
evidences	Array of strings <uuid> [ items <uuid > ]
filtering_labels	Array of strings <uuid> [ items <uuid > ]
findings_assessments	Array of strings <uuid> [ items <uuid > ]
folder	Array of strings <uuid> [ items <uuid > ]
id	Array of strings <uuid> [ items <uuid > ] Multiple values may be separated by commas.
limit	integer Number of results to return per page.
linked_models	string Linked models
offset	integer The initial index from which to return the results.
ordering	string Which field to use when ordering the results.
policies	Array of strings <uuid> [ items <uuid > ]
requester	Array of strings <uuid> [ items <uuid > ]
risk_assessments	Array of strings <uuid> [ items <uuid > ]
search	string A search term.
security_exceptions	Array of strings <uuid> [ items <uuid > ]
status	Array of strings Items Enum: "accepted" "change_requested" "dropped" "expired" "rejected" "revoked" "submitted" `submitted` - Submitted `accepted` - Accepted `rejected` - Rejected `revoked` - Revoked `expired` - Expired `dropped` - Dropped `change_requested` - Change requested

Responses

Response samples

200

Content type

application/json

{"count": 123,
"next": "http://api.example.org/accounts/?offset=400&limit=100",
"previous": "http://api.example.org/accounts/?offset=200&limit=100",
"results": [{"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"str": "string",
"path": "string",
"folder": "string",
"compliance_assessments": ["string"
],
"risk_assessments": ["string"
],
"business_impact_analysis": ["string"
],
"crq_studies": ["string"
],
"ebios_studies": ["string"
],
"entity_assessments": ["string"
],
"findings_assessments": ["string"
],
"evidences": ["string"
],
"security_exceptions": ["string"
],
"policies": ["string"
],
"processings": ["string"
],
"accreditations": ["string"
],
"contracts": ["string"
],
"filtering_labels": ["string"
],
"requester": "string",
"approver": "string",
"linked_models": "string",
"events": [{"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"event_type": "string",
"event_actor": "string",
"event_notes": "string",
"created_at": "2019-08-24T14:15:22Z"
}
],
"created_at": "2019-08-24T14:15:22Z",
"updated_at": "2019-08-24T14:15:22Z",
"is_published": true,
"request_notes": "string",
"ref_id": "string",
"status": "submitted",
"validation_deadline": "2019-08-24"
}
]
}

validation_flows_create

API endpoint that allows validation flows to be viewed or edited.

Authorizations:

knoxApiToken

Request Body schema:
application/json

ref_id	string or null
event_notes	string or null
is_published	boolean (Published)
request_notes	string or null
status	string (StatusE65Enum) Enum: "submitted" "accepted" "rejected" "revoked" "expired" "dropped" "change_requested" `submitted` - Submitted `accepted` - Accepted `rejected` - Rejected `revoked` - Revoked `expired` - Expired `dropped` - Dropped `change_requested` - Change requested
validation_deadline	string or null <date>
folder	string <uuid>
approver	string or null <uuid>
filtering_labels	Array of strings <uuid> (Labels) [ items <uuid > ]
compliance_assessments	Array of strings <uuid> [ items <uuid > ]
risk_assessments	Array of strings <uuid> [ items <uuid > ]
business_impact_analysis	Array of strings <uuid> [ items <uuid > ]
crq_studies	Array of strings <uuid> [ items <uuid > ]
ebios_studies	Array of strings <uuid> [ items <uuid > ]
entity_assessments	Array of strings <uuid> [ items <uuid > ]
findings_assessments	Array of strings <uuid> [ items <uuid > ]
evidences	Array of strings <uuid> [ items <uuid > ]
security_exceptions	Array of strings <uuid> [ items <uuid > ]
policies	Array of strings <uuid> [ items <uuid > ]
processings	Array of strings <uuid> [ items <uuid > ]
accreditations	Array of strings <uuid> [ items <uuid > ]
contracts	Array of strings <uuid> [ items <uuid > ]

Responses

Request samples

Payload

Content type

application/json

{"ref_id": "string",
"event_notes": "string",
"is_published": true,
"request_notes": "string",
"status": "submitted",
"validation_deadline": "2019-08-24",
"folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
"approver": "a0a63d7a-7a62-4e15-9ab9-49317f76d38f",
"filtering_labels": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"compliance_assessments": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"risk_assessments": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"business_impact_analysis": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"crq_studies": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"ebios_studies": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"entity_assessments": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"findings_assessments": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"evidences": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"security_exceptions": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"policies": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"processings": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"accreditations": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"contracts": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}

Response samples

201

Content type

application/json

{"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"ref_id": "string",
"created_at": "2019-08-24T14:15:22Z",
"updated_at": "2019-08-24T14:15:22Z",
"is_published": true,
"request_notes": "string",
"status": "submitted",
"validation_deadline": "2019-08-24",
"folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
"requester": "40d7bd42-e7f3-4703-9bbc-af100da19919",
"approver": "a0a63d7a-7a62-4e15-9ab9-49317f76d38f",
"filtering_labels": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"compliance_assessments": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"risk_assessments": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"business_impact_analysis": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"crq_studies": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"ebios_studies": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"entity_assessments": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"findings_assessments": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"evidences": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"security_exceptions": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"policies": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"processings": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"accreditations": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"contracts": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}

validation_flows_retrieve

Return a single object with unauthorized related fields masked.

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this Validation flow.

Responses

Response samples

200

Content type

application/json

{"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"str": "string",
"path": "string",
"folder": "string",
"compliance_assessments": ["string"
],
"risk_assessments": ["string"
],
"business_impact_analysis": ["string"
],
"crq_studies": ["string"
],
"ebios_studies": ["string"
],
"entity_assessments": ["string"
],
"findings_assessments": ["string"
],
"evidences": ["string"
],
"security_exceptions": ["string"
],
"policies": ["string"
],
"processings": ["string"
],
"accreditations": ["string"
],
"contracts": ["string"
],
"filtering_labels": ["string"
],
"requester": "string",
"approver": "string",
"linked_models": "string",
"events": [{"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"event_type": "string",
"event_actor": "string",
"event_notes": "string",
"created_at": "2019-08-24T14:15:22Z"
}
],
"created_at": "2019-08-24T14:15:22Z",
"updated_at": "2019-08-24T14:15:22Z",
"is_published": true,
"request_notes": "string",
"ref_id": "string",
"status": "submitted",
"validation_deadline": "2019-08-24"
}

validation_flows_update

API endpoint that allows validation flows to be viewed or edited.

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this Validation flow.

Request Body schema:
application/json

ref_id	string or null
event_notes	string or null
is_published	boolean (Published)
request_notes	string or null
status	string (StatusE65Enum) Enum: "submitted" "accepted" "rejected" "revoked" "expired" "dropped" "change_requested" `submitted` - Submitted `accepted` - Accepted `rejected` - Rejected `revoked` - Revoked `expired` - Expired `dropped` - Dropped `change_requested` - Change requested
validation_deadline	string or null <date>
folder	string <uuid>
approver	string or null <uuid>
filtering_labels	Array of strings <uuid> (Labels) [ items <uuid > ]
compliance_assessments	Array of strings <uuid> [ items <uuid > ]
risk_assessments	Array of strings <uuid> [ items <uuid > ]
business_impact_analysis	Array of strings <uuid> [ items <uuid > ]
crq_studies	Array of strings <uuid> [ items <uuid > ]
ebios_studies	Array of strings <uuid> [ items <uuid > ]
entity_assessments	Array of strings <uuid> [ items <uuid > ]
findings_assessments	Array of strings <uuid> [ items <uuid > ]
evidences	Array of strings <uuid> [ items <uuid > ]
security_exceptions	Array of strings <uuid> [ items <uuid > ]
policies	Array of strings <uuid> [ items <uuid > ]
processings	Array of strings <uuid> [ items <uuid > ]
accreditations	Array of strings <uuid> [ items <uuid > ]
contracts	Array of strings <uuid> [ items <uuid > ]

Responses

Request samples

Payload

Content type

application/json

{"ref_id": "string",
"event_notes": "string",
"is_published": true,
"request_notes": "string",
"status": "submitted",
"validation_deadline": "2019-08-24",
"folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
"approver": "a0a63d7a-7a62-4e15-9ab9-49317f76d38f",
"filtering_labels": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"compliance_assessments": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"risk_assessments": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"business_impact_analysis": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"crq_studies": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"ebios_studies": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"entity_assessments": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"findings_assessments": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"evidences": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"security_exceptions": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"policies": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"processings": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"accreditations": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"contracts": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}

Response samples

200

Content type

application/json

{"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"ref_id": "string",
"created_at": "2019-08-24T14:15:22Z",
"updated_at": "2019-08-24T14:15:22Z",
"is_published": true,
"request_notes": "string",
"status": "submitted",
"validation_deadline": "2019-08-24",
"folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
"requester": "40d7bd42-e7f3-4703-9bbc-af100da19919",
"approver": "a0a63d7a-7a62-4e15-9ab9-49317f76d38f",
"filtering_labels": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"compliance_assessments": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"risk_assessments": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"business_impact_analysis": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"crq_studies": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"ebios_studies": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"entity_assessments": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"findings_assessments": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"evidences": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"security_exceptions": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"policies": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"processings": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"accreditations": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"contracts": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}

validation_flows_partial_update

API endpoint that allows validation flows to be viewed or edited.

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this Validation flow.

Request Body schema:
application/json

ref_id	string or null
event_notes	string or null
is_published	boolean (Published)
request_notes	string or null
status	string (StatusE65Enum) Enum: "submitted" "accepted" "rejected" "revoked" "expired" "dropped" "change_requested" `submitted` - Submitted `accepted` - Accepted `rejected` - Rejected `revoked` - Revoked `expired` - Expired `dropped` - Dropped `change_requested` - Change requested
validation_deadline	string or null <date>
folder	string <uuid>
approver	string or null <uuid>
filtering_labels	Array of strings <uuid> (Labels) [ items <uuid > ]
compliance_assessments	Array of strings <uuid> [ items <uuid > ]
risk_assessments	Array of strings <uuid> [ items <uuid > ]
business_impact_analysis	Array of strings <uuid> [ items <uuid > ]
crq_studies	Array of strings <uuid> [ items <uuid > ]
ebios_studies	Array of strings <uuid> [ items <uuid > ]
entity_assessments	Array of strings <uuid> [ items <uuid > ]
findings_assessments	Array of strings <uuid> [ items <uuid > ]
evidences	Array of strings <uuid> [ items <uuid > ]
security_exceptions	Array of strings <uuid> [ items <uuid > ]
policies	Array of strings <uuid> [ items <uuid > ]
processings	Array of strings <uuid> [ items <uuid > ]
accreditations	Array of strings <uuid> [ items <uuid > ]
contracts	Array of strings <uuid> [ items <uuid > ]

Responses

Request samples

Payload

Content type

application/json

{"ref_id": "string",
"event_notes": "string",
"is_published": true,
"request_notes": "string",
"status": "submitted",
"validation_deadline": "2019-08-24",
"folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
"approver": "a0a63d7a-7a62-4e15-9ab9-49317f76d38f",
"filtering_labels": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"compliance_assessments": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"risk_assessments": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"business_impact_analysis": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"crq_studies": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"ebios_studies": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"entity_assessments": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"findings_assessments": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"evidences": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"security_exceptions": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"policies": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"processings": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"accreditations": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"contracts": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}

Response samples

200

Content type

application/json

{"id": "497f6eca-6276-4993-bfeb-53cbbbba6f08",
"ref_id": "string",
"created_at": "2019-08-24T14:15:22Z",
"updated_at": "2019-08-24T14:15:22Z",
"is_published": true,
"request_notes": "string",
"status": "submitted",
"validation_deadline": "2019-08-24",
"folder": "ca579eb8-24ac-44d0-a8b9-a42c500083f5",
"requester": "40d7bd42-e7f3-4703-9bbc-af100da19919",
"approver": "a0a63d7a-7a62-4e15-9ab9-49317f76d38f",
"filtering_labels": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"compliance_assessments": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"risk_assessments": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"business_impact_analysis": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"crq_studies": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"ebios_studies": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"entity_assessments": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"findings_assessments": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"evidences": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"security_exceptions": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"policies": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"processings": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"accreditations": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
],
"contracts": ["497f6eca-6276-4993-bfeb-53cbbbba6f08"
]
}

validation_flows_destroy

API endpoint that allows validation flows to be viewed or edited.

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this Validation flow.

Responses

validation_flows_cascade_info_retrieve

Cascade preview:

deleted: objects actually deleted by cascade
affected: objects not deleted but whose relationships will be removed (through rows, SET_NULL, local links)

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this Validation flow.

Responses

validation_flows_object_retrieve

API endpoint that allows validation flows to be viewed or edited.

Authorizations:

knoxApiToken

path Parameters

id

required

string <uuid>

A UUID string identifying this Validation flow.

Responses

validation_flows_batch_action_create

Perform a batch action on multiple objects. Uses the IAM-filtered queryset and serializers to respect permissions and validation, mirroring the standard partial_update / destroy flows.

Payload: { "action": "delete"|"change_field"|"change_m2m"|"change_folder", "ids": [...], "field": "", "value": ... }

CISO Assistant API — Governance (0.7.0)

applied-controls

applied_controls_list

Authorizations:

query Parameters

Responses

Response samples

applied_controls_create

Authorizations:

Request Body schema: application/jsonapplication/x-www-form-urlencodedmultipart/form-dataapplication/jsonrequired

Responses

Request samples

Response samples

applied_controls_retrieve

Authorizations:

path Parameters

Responses

Response samples

applied_controls_update

Authorizations:

path Parameters

Request Body schema: application/jsonapplication/x-www-form-urlencodedmultipart/form-dataapplication/jsonrequired

Responses

Request samples

Response samples

applied_controls_partial_update

Authorizations:

path Parameters

Request Body schema: application/jsonapplication/x-www-form-urlencodedmultipart/form-dataapplication/json

Responses

Request samples

Response samples

applied_controls_destroy

Authorizations:

path Parameters

Responses

applied_controls_cascade_info_retrieve

Authorizations:

path Parameters

Responses

applied_controls_duplicate_create

Authorizations:

path Parameters

Responses

applied_controls_object_retrieve

Authorizations:

path Parameters

Responses

applied_controls_sync_to_reference_control_create

Authorizations:

path Parameters

Responses

applied_controls_autocomplete_retrieve

Authorizations:

Responses

applied_controls_batch_action_create

Authorizations:

Responses

applied_controls_category_retrieve

Authorizations:

Responses

applied_controls_control_impact_retrieve

Authorizations:

Responses

applied_controls_csf_function_retrieve

Authorizations:

Responses

applied_controls_effort_retrieve

Authorizations:

Responses

applied_controls_export_csv_retrieve

Authorizations:

Responses

applied_controls_export_xlsx_retrieve

Authorizations:

Responses

applied_controls_get_controls_info_retrieve

Authorizations:

Responses

applied_controls_get_gantt_data_retrieve

Request Body schema:
application/json
required

Request Body schema:
application/json
required

Request Body schema:
application/json

Request Body schema:
application/json

Request Body schema:
application/json

Request Body schema:
application/json