Skip to main content
POST
/
vendors
/
{vendorId}
/
set-status
Set vendor status
curl --request POST \
  --url https://api.vanta.com/v1/vendors/{vendorId}/set-status \
  --header 'Authorization: Bearer <token>' \
  --header 'Content-Type: multipart/form-data' \
  --form 'status=<string>'
{
  "id": "a2f7e1b9d0c3f4e5a6c7b8d8",
  "name": "Vanta",
  "websiteUrl": "https://www.vanta.com/",
  "accountManagerName": "John Doe",
  "accountManagerEmail": "john@doe.com",
  "servicesProvided": "SaaS",
  "additionalNotes": "Automate compliance and streamline security reviews with the leading trust management platform.",
  "authDetails": {
    "method": "O_AUTH",
    "passwordMFA": true,
    "passwordRequiresNumber": true,
    "passwordRequiresSymbol": true,
    "passwordMinimumLength": 16
  },
  "securityOwnerUserId": "6626afa6490ec920099773e7",
  "businessOwnerUserId": "6626afb14c912f0a50e85619",
  "contractStartDate": "2024-02-01T00:00:00.000Z",
  "contractRenewalDate": "2025-02-01T00:00:00.000Z",
  "contractTerminationDate": null,
  "lastSecurityReviewCompletionDate": "2024-01-01T00:00:00.000Z",
  "nextSecurityReviewDueDate": "2025-01-01T00:00:00.000Z",
  "isVisibleToAuditors": true,
  "isRiskAutoScored": true,
  "category": {
    "displayName": "cloudMonitoring"
  },
  "riskAttributeIds": [
    "6626b0298acc44f8674390da",
    "6626b02ea4cd9ba80d773c20"
  ],
  "status": "MANAGED",
  "inherentRiskLevel": "HIGH",
  "residualRiskLevel": "MEDIUM",
  "vendorHeadquarters": "USA",
  "contractAmount": {
    "amount": 1000000,
    "currency": "USD"
  },
  "customFields": null,
  "latestDecision": {
    "status": "APPROVED",
    "lastUpdatedAt": "2024-01-01T00:00:00.000Z"
  },
  "linkedTaskTrackerTaskProcurementRequest": {
    "service": "jira",
    "url": "https://random-company.atlassian.net/browse/PROJ-123"
  }
}

Documentation Index

Fetch the complete documentation index at: https://vanta.mintlify.app/llms.txt

Use this file to discover all available pages before exploring further.

Authorizations

Authorization
string
header
required

Bearer authentication header of the form Bearer <token>, where <token> is your auth token.

Path Parameters

vendorId
string
required

Body

multipart/form-data
status
string
required

Status of the vendor

Response

200 - application/json

Ok

id
string
required

The vendor's unique ID.

name
string
required

The vendor's display name.

websiteUrl
string | null
required

The vendor's website URL.

accountManagerName
string | null
required

The vendor's external account manager name.

accountManagerEmail
string | null
required

The vendor's external account manager email.

servicesProvided
string | null
required

Services provided by the vendor.

additionalNotes
string | null
required

Any additional notes about the vendor

securityOwnerUserId
string | null
required

The vendor's security owner's Vanta user ID.

businessOwnerUserId
string | null
required

The vendor's business owner's Vanta user ID.

contractStartDate
string<date-time> | null
required

The date the contract with the vendor began.

contractRenewalDate
string<date-time> | null
required

The date the contract with the vendor is up for renewal.

contractTerminationDate
string<date-time> | null
required

The date the contract with the vendor was terminated.

nextSecurityReviewDueDate
string<date-time> | null
required

The next due date for a security review.

lastSecurityReviewCompletionDate
string<date-time> | null
required

The most recent date a security review was completed.

isVisibleToAuditors
boolean | null
required

Whether or not auditors can view this vendor.

isRiskAutoScored
boolean | null
required

Whether or not the vendor's risk is automatically scored.

riskAttributeIds
string[]
required

The list of risk attribute IDs the vendor has been assigned to.

category
object
required

The vendor's category.

authDetails
object
required

The vendor's authentication details.

status
enum<string>
required

The vendor's current status.

Available options:
MANAGED,
ARCHIVED,
IN_PROCUREMENT
inherentRiskLevel
enum<string>
required

The vendor's risk level.

Available options:
CRITICAL,
HIGH,
LOW,
MEDIUM,
UNSCORED
residualRiskLevel
enum<string>
required

The vendor's residual risk level.

Available options:
CRITICAL,
HIGH,
LOW,
MEDIUM,
UNSCORED
vendorHeadquarters
enum<string>
required

The vendor's headquarters.

Available options:
EUE,
AND,
ARE,
AFG,
ATG,
AIA,
ALB,
ARM,
AGO,
ATA,
ARG,
ASM,
AUT,
AUS,
ABW,
ALA,
AZE,
BIH,
BRB,
BGD,
BEL,
BFA,
BGR,
BHR,
BDI,
BEN,
BLM,
BMU,
BRN,
BOL,
BES,
BRA,
BHS,
BTN,
BVT,
BWA,
BLR,
BLZ,
CAN,
CCK,
COD,
CAF,
COG,
CHE,
CIV,
COK,
CHL,
CMR,
CHN,
COL,
CRI,
CUB,
CPV,
CUW,
CXR,
CYP,
CZE,
DEU,
DJI,
DNK,
DMA,
DOM,
DZA,
ECU,
EST,
EGY,
ESH,
ERI,
ESP,
ETH,
FIN,
FJI,
FLK,
FSM,
FRO,
FRA,
GAB,
ENG,
SCT,
GBR,
WAL,
NIR,
GRD,
GEO,
GUF,
GGY,
GHA,
GIB,
GRL,
GMB,
GIN,
GLP,
GNQ,
GRC,
SGS,
GTM,
GUM,
GNB,
GUY,
HKG,
HMD,
HND,
HRV,
HTI,
HUN,
IDN,
IRL,
ISR,
IMN,
IND,
IOT,
IRQ,
IRN,
ISL,
ITA,
JEY,
JAM,
JOR,
JPN,
KEN,
KGZ,
KHM,
KIR,
COM,
KNA,
PRK,
KOR,
KWT,
CYM,
KAZ,
LAO,
LBN,
LCA,
LIE,
LKA,
LBR,
LSO,
LTU,
LUX,
LVA,
LBY,
MAR,
MCO,
MDA,
MNE,
MAF,
MDG,
MHL,
MKD,
MLI,
MMR,
MNG,
MAC,
MNP,
MTQ,
MRT,
MSR,
MLT,
MUS,
MDV,
MWI,
MEX,
MYS,
MOZ,
NAM,
NCL,
NER,
NFK,
NGA,
NIC,
NLD,
NOR,
NPL,
NRU,
NIU,
NZL,
OMN,
PAN,
PER,
PYF,
PNG,
PHL,
PAK,
POL,
SPM,
PCN,
PRI,
PSE,
PRT,
PLW,
PRY,
QAT,
REU,
ROU,
SRB,
RUS,
RWA,
SAU,
SLB,
SYC,
SDN,
SWE,
SGP,
SHN,
SVN,
SJM,
SVK,
SLE,
SMR,
SEN,
SOM,
SUR,
SSD,
STP,
SLV,
SXM,
SYR,
SWZ,
TCA,
TCD,
ATF,
TGO,
THA,
TJK,
TKL,
TLS,
TKM,
TUN,
TON,
TUR,
TTO,
TUV,
TWN,
TZA,
UKR,
UGA,
UMI,
USA,
URY,
UZB,
VAT,
VCT,
VEN,
VGB,
VIR,
VNM,
VUT,
WLF,
WSM,
YEM,
MYT,
ZAF,
ZMB,
ZWE
contractAmount
object
required

The contract amount for the vendor.

customFields
object[] | null
required

The vendor's custom fields.

latestDecision
object
required

The vendor's latest decision status. Null means no decision has been made.

linkedTaskTrackerTaskProcurementRequest
object
required

The task tracker procurement request associated with this vendor (if linked).