Skip to main content
PATCH
/
audits
/
{auditId}
/
information-requests
/
{requestId}
/
comments
/
{commentId}
TypeScript
import { Vanta } from "vanta-auditor-api-sdk";

const vanta = new Vanta({
  bearerAuth: process.env["VANTA_BEARER_AUTH"] ?? "",
});

async function run() {
  const result = await vanta.audits.updateCommentForInformationRequest({
    auditId: "<id>",
    requestId: "<id>",
    commentId: "<id>",
    updateInformationRequestCommentInput: {
      text: "<value>",
      email: "Gerald_Gusikowski36@yahoo.com",
    },
  });

  console.log(result);
}

run();
{
  "id": "65fc81a3359c8508c9af880f",
  "text": "Some comment",
  "creationDate": "2024-03-07T21:25:56.000Z",
  "modificationDate": "2024-03-07T21:25:56.000Z",
  "deletionDate": "2024-03-07T21:25:56.000Z",
  "email": "vlad@vantaroo.com",
  "authorName": "Vlad Vantaroo"
}

Documentation Index

Fetch the complete documentation index at: https://vanta.mintlify.app/llms.txt

Use this file to discover all available pages before exploring further.

Authorizations

Authorization
string
header
required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Path Parameters

auditId
string
required
requestId
string
required
commentId
string
required

Body

application/json

Updates an existing comment on an information request. Only the original author of the comment can update it.

text
string
required

The text content of the comment. Must be at least 1 character. Can include questions, clarifications, or explanations related to the information request.

email
string
required

Email address of the comment author. Must match an existing Vanta user who belongs to the audit firm making the API request. This email uniquely identifies the author across systems.

Response

200 - application/json

Ok

A comment on an information request enables communication between auditors and customers regarding evidence requirements and submissions.

These threaded discussions help clarify requests, explain or resolve questions about evidence, and are always visible to both parties once created.

id
string
required

The unique identifier for the comment within Vanta's system. Format: ObjectId as a string (e.g., "6890e473dce1da5d8406f5e7").

text
string
required

The comment message content. Can include explanations, questions, or clarifications about the information request.

creationDate
string<date-time>
required

Timestamp when the comment was created. Format: ISO 8601 UTC timestamp.

modificationDate
string<date-time> | null
required

Timestamp when the comment was last edited. Null if the comment has never been modified. Format: ISO 8601 UTC timestamp.

deletionDate
string<date-time> | null
required

Timestamp when the comment was soft-deleted. Null if the comment has not been deleted. Soft deletes retain the comment for audit history while hiding it from normal operations. Format: ISO 8601 UTC timestamp.

email
string | null
required

Email address of the comment author. This email uniquely identifies users between Vanta and external audit systems.

authorName
string | null
required

Human-readable display name of the comment author. Null if the author's name is not available (e.g., user was deleted). This enables correct author attribution in integrations where users cannot be reliably matched across systems by email alone.