Skip to main content
POST
/
audits
/
{auditId}
/
evidence
/
{auditEvidenceId}
/
comments
TypeScript
import { Vanta } from "vanta-auditor-api-sdk";

const vanta = new Vanta({
  bearerAuth: process.env["VANTA_BEARER_AUTH"] ?? "",
});

async function run() {
  const result = await vanta.audits.createCommentForEvidence({
    auditId: "<id>",
    auditEvidenceId: "<id>",
    addCommentInput: {
      text: "<value>",
      email: "Carmen.Bogan@yahoo.com",
      creationDate: new Date("2024-05-28T11:04:29.369Z"),
    },
  });

  console.log(result);
}

run();
{
  "id": "65fc81a3359c8508c9af880f",
  "auditEvidenceId": "65fc81a3359c8508c9af880f",
  "text": "Some comment",
  "creationDate": "2024-03-07T21:25:56.000Z",
  "modificationDate": "2024-03-07T21:25:56.000Z",
  "deletionDate": "2024-03-07T21:25:56.000Z",
  "email": "vlad@vantaroo.com",
  "authorName": "Vlad Vantaroo"
}

Documentation Index

Fetch the complete documentation index at: https://developer.vanta.com/llms.txt

Use this file to discover all available pages before exploring further.

Authorizations

Authorization
string
header
required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Path Parameters

auditId
string
required
auditEvidenceId
string
required

Body

application/json
text
string
required

Text value of the comment

email
string
required

Email of author. Must match an existing Vanta user and the user must exist under the Audit Firm who is making the API request

creationDate
string<date-time>
required

When the comment was created in the external system

Response

200 - application/json

Ok

id
string
required

The unique identifier for the comment

auditEvidenceId
string
required

The unique identifier for the audit evidence related to the comment.

text
string
required

The comment message

creationDate
string<date-time>
required

When the comment was created

modificationDate
string<date-time> | null
required

When the comment was updated

deletionDate
string<date-time> | null
required

When the comment was deleted

email
string | null
required

The email of the comment author. This acts as a unique identifier to map users between Vanta and external systems.

authorName
string | null
required

Human-readable display name of the comment author. Null if the author's name is not available (e.g., user was deleted). This enables correct author attribution in integrations where users cannot be reliably matched across systems by email alone.