diff --git a/apps/mcp-server/.speakeasy/gen.lock b/apps/mcp-server/.speakeasy/gen.lock index afa0dd88a1..b8bc8dd288 100644 --- a/apps/mcp-server/.speakeasy/gen.lock +++ b/apps/mcp-server/.speakeasy/gen.lock @@ -1,25 +1,25 @@ lockVersion: 2.0.0 id: f7130d09-dac4-4515-9162-6095782b6bb6 management: - docChecksum: 4c47d7e665ea65c252e5e554a7bbf713 + docChecksum: 9b3f35eeaeb08f05b06fea2f6154a875 docVersion: "1.0" - speakeasyVersion: 1.785.0 - generationVersion: 2.912.1 - releaseVersion: 0.2.1 - configChecksum: 34a8c62fecbf1b9b312551b4d5c97a36 + speakeasyVersion: 1.790.2 + generationVersion: 2.918.3 + releaseVersion: 0.2.2 + configChecksum: 1095fa29de62e9a2928c0d8534c33233 repoURL: https://github.com/trycompai/comp.git repoSubDirectory: apps/mcp-server installationURL: https://github.com/trycompai/comp published: true persistentEdits: - generation_id: 18bc4b7a-b3dc-4e53-bbda-7372319cdc2b - pristine_commit_hash: 0fec57803fafa06b5bc6c3a9f6dc0ddc614ed512 - pristine_tree_hash: 9f41ee1a8f18243b69b0fcae9714836043fd17c1 + generation_id: d7920931-a226-48a6-92fa-b83bd7b8a238 + pristine_commit_hash: fb0cf3327881a785350e6f98b3d172e7eb84b479 + pristine_tree_hash: 1f040b8b98a5d0e175e6fd279c09f35d85efea67 features: mcp-typescript: additionalDependencies: 0.1.0 constsAndDefaults: 0.1.2 - core: 1.3.4 + core: 1.3.6 defaultEnabledRetries: 0.1.0 enumUnions: 0.1.0 globalSecurity: 0.1.3 @@ -51,12 +51,12 @@ trackedFiles: pristine_git_object: 4f9e60a9462fc4def738d60c3aaadf8232ef185f manifest.json: id: ca642a226869 - last_write_checksum: sha1:ce78b444f55d40b93a3f537840b0c22a615920c9 - pristine_git_object: 58b681ade53bf3ab681d9e8dcda86d6774f50dce + last_write_checksum: sha1:632161db068db159f28849b586913f833701af8a + pristine_git_object: 175c3d2daaf268f31c9e3fce6f83ce8be88f8c61 package.json: id: 7030d0b2f71b - last_write_checksum: sha1:bab98b7fc6bd63e08be3e9aec4e6920d1968e9b2 - pristine_git_object: e0a74fef0792900a9d6f0886a29fd210a8124b22 + last_write_checksum: sha1:ef3d175a93c88be00fa6023dbf1532831fa3df13 + pristine_git_object: 241bfb6192a7bbc6b09e93c997660de0040d375b src/core.ts: id: f431fdbcd144 last_write_checksum: sha1:3c1fe2275a0f345cf54298150f100299284b3f0e @@ -449,6 +449,10 @@ trackedFiles: id: 2b3174732c4d last_write_checksum: sha1:dea7a9c318a8e878d076182b79310eafeb4a4813 pristine_git_object: b1aea98dc4a680c9dc219e2abecdd819bf09c65f + src/funcs/frameworksFrameworksControllerUpdateCustomV1.ts: + id: 8a2bf58b689c + last_write_checksum: sha1:601a14cd09ebfc76d5a0eb6452543ae515fd053a + pristine_git_object: 2eaba9b2355c6db62da093d9957d72af095df29e src/funcs/integrationsChecksControllerListConnectionChecksV1.ts: id: 6b04898f6309 last_write_checksum: sha1:d7b967e19e0a2349480e404cfc042e2aa29c7be3 @@ -593,6 +597,22 @@ trackedFiles: id: 57e090c05d19 last_write_checksum: sha1:bfa64823fa8e259ff732e883851c5ee87bc7602c pristine_git_object: abaf4b855d549016821ffd7720cc5e8727084a96 + src/funcs/integrationsTwoFactorSourceControllerGetAvailableTwoFactorSourcesV1.ts: + id: 5e7a84d847e0 + last_write_checksum: sha1:519563345822df2b1991abfbe20619a449ef53f2 + pristine_git_object: 3895200a7eb09fd6a580380a3259283a1c65dcd9 + src/funcs/integrationsTwoFactorSourceControllerGetTwoFactorSourceV1.ts: + id: 5240151fd3e6 + last_write_checksum: sha1:02d92b17aca74b9fcb5a03c29793519820b2c170 + pristine_git_object: 1650995b783419d3dff3c18ccc3fdcc19e6cec51 + src/funcs/integrationsTwoFactorSourceControllerGetTwoFactorStatusesV1.ts: + id: f8fe1b3dc450 + last_write_checksum: sha1:750835c66f4b7949fc6120d7deca05c5626143d5 + pristine_git_object: 889f35d87ff89b26999032612b1e9cb66a1c21e5 + src/funcs/integrationsTwoFactorSourceControllerSetTwoFactorSourceV1.ts: + id: 344e6438fe57 + last_write_checksum: sha1:d49303b5f71eb21d56e45c2efa3123927aa62a54 + pristine_git_object: 50bf124d2ae1c3700dc5130d6ce075cfee5f79fc src/funcs/integrationsVariablesControllerFetchVariableOptionsV1.ts: id: e0c4497a6d06 last_write_checksum: sha1:6ac3e85fd7a0fcda239b79a47e24d56434d9dfe7 @@ -641,6 +661,10 @@ trackedFiles: id: 730f2b56f8f2 last_write_checksum: sha1:6dda80d0d448f49929c2c3d99abc884c3b98995c pristine_git_object: 1adc970464d079ee6b5c19a78f8d8b91c0f082f7 + src/funcs/ismsISMSControllerGetVersionsV1.ts: + id: bd301b5821fe + last_write_checksum: sha1:12196802be85c5bdc906f6fbd2c947e1a7c409b3 + pristine_git_object: 67d7ec8143baf94a1f2a65e0221b11be7d13d072 src/funcs/ismsISMSControllerRemoveControlV1.ts: id: 24b891e82464 last_write_checksum: sha1:2ce0224cd42019ceb541f1199bd173434351f7a7 @@ -893,6 +917,10 @@ trackedFiles: id: b898a379be3d last_write_checksum: sha1:20b74bfd29e5a9ab701621c12c92ca1ef6422bd1 pristine_git_object: 5381eba73161a4081802956cf4503a6e9990a12d + src/funcs/peoplePeopleControllerGetMemberAccessV1.ts: + id: eb00551abae6 + last_write_checksum: sha1:09ea5ad43b0a0f69eb111725c3f9f7de10f0285f + pristine_git_object: e8992748a5d9788be7292523893a934c098d3c8f src/funcs/peoplePeopleControllerGetMentionableMembersV1.ts: id: 51cb8c6d0fa6 last_write_checksum: sha1:35d8b2010ce4d2313ec7882e0cee61d670cf261d @@ -1485,6 +1513,10 @@ trackedFiles: id: d251bcd3afd8 last_write_checksum: sha1:290b2ac6ccb1a7f8aebabf8fe9e9854170e59b0c pristine_git_object: e25fa490e9fdfcc7914ddc0684c4d5173628b339 + src/funcs/trustAccessTrustAccessControllerGetPublicSecurityQuestionnaireV1.ts: + id: 7fe646e79ecf + last_write_checksum: sha1:c56419c137140bc655fac571453f2d2b8a06bfd0 + pristine_git_object: 9363b073f20904a243c3554f9becf6ea618345f8 src/funcs/trustAccessTrustAccessControllerGetPublicVendorsV1.ts: id: 4b370abf688d last_write_checksum: sha1:e591783026536fbd2901a3a0071dc9290fa41445 @@ -1621,6 +1653,10 @@ trackedFiles: id: 06bad29049c5 last_write_checksum: sha1:aac55c18b948b37263f0fd9d86bc0b5951fb9d66 pristine_git_object: 2736799c3f64c6a169832b7f0bfa45fb83c1abae + src/funcs/trustPortalTrustPortalControllerUpdateSecurityQuestionnaireV1.ts: + id: b783956b4836 + last_write_checksum: sha1:2ce07de01dd6528832fe643143e2f979bbcc6b5b + pristine_git_object: aeca1ef9ff9a1c61f4346e0fb02388244ee5ee27 src/funcs/trustPortalTrustPortalControllerUpdateVendorTrustSettingsV1.ts: id: "684217439454" last_write_checksum: sha1:e953a11151c6c29c5873c795ce04e061356a5c83 @@ -1683,16 +1719,16 @@ trackedFiles: pristine_git_object: 9c36bf01332084f735909a71036c3544cc4c7e3a src/landing-page.ts: id: ef64a6ee46d7 - last_write_checksum: sha1:e61dd75dcf9f6e0d604a47161bdf596b47522f38 - pristine_git_object: 7fa965187f41c918a122a56e735a2b6ba7629d75 + last_write_checksum: sha1:a61d09d627d7b1aa6f25a8c13d274403acd99f34 + pristine_git_object: b759398a35d6ef1510359b8f41d732c3349c5b23 src/lib/base64.ts: id: "598522066688" last_write_checksum: sha1:e9f04a037018040361043104960982f7c22db52d pristine_git_object: d4bd8b341290e7a828a171d840bd0b0fff7c7cd7 src/lib/config.ts: id: 320761608fb3 - last_write_checksum: sha1:f7b05781d1875a3110bbd27f14554e8cdb404875 - pristine_git_object: 87f1298a7aeb8d1ae8163009a316aa7aa8e68890 + last_write_checksum: sha1:4a40df3d798d07b275e7552e6d8f0504b8c0a01f + pristine_git_object: 062b0ac8bf0f9c80bbdfc29a8d8a1cdebe596b7e src/lib/encodings.ts: id: 3bd8ead98afd last_write_checksum: sha1:3ff4ad6809b749125820fd39c01427b84d3fe0d6 @@ -1707,8 +1743,8 @@ trackedFiles: pristine_git_object: 6ca6b37d35a12448da176ee2517cc036db12c81c src/lib/http.ts: id: 63a80782d37e - last_write_checksum: sha1:797cbf16d3c7c4d62d3ba0eedb08617524938457 - pristine_git_object: 13cf1fd7894a89f727b8d2db2ad24313a94f68c7 + last_write_checksum: sha1:a56435907625a816051aa2131d60909c59f1da27 + pristine_git_object: 6b7a6cf3e281cae246708b1aca4a27730e08fe61 src/lib/logger.ts: id: 7ee7741a02bf last_write_checksum: sha1:0ec9d3a2a34c362746b767e4f9a746c055d57a7b @@ -1735,8 +1771,8 @@ trackedFiles: pristine_git_object: cb3edd8f07544c48cd47c4ef137dcb50678f02e8 src/lib/security.ts: id: 0502afa7922e - last_write_checksum: sha1:e5596d630b73cdc76c664e9570c2ad355fd40171 - pristine_git_object: 453602ecea50231f1f29d74558aa1947825715e4 + last_write_checksum: sha1:9200ead5a3c23ca042684c09d095f8a962956542 + pristine_git_object: 22e038c9270337a3de92b19db3cc74e5d193757b src/lib/url.ts: id: b0057e24ed76 last_write_checksum: sha1:9550819577dc1e514e61496167aefcc137238aaf @@ -1779,8 +1815,8 @@ trackedFiles: pristine_git_object: 35c8713b6f8c7f17e2545423d3e74401ff77d04b src/mcp-server/mcp-server.ts: id: aabbc4ab07c1 - last_write_checksum: sha1:3d88512aefa309f4dcb20d48648428b6438377ac - pristine_git_object: 376f67f80fc063843f27300dc056339ea0feb14f + last_write_checksum: sha1:599d8a0be6249c50917792a5df8e2a16f518060e + pristine_git_object: 47c95984c93b1a363baf1e1eb87d31f4d9ed349e src/mcp-server/prompts.ts: id: 26f3d73cbf31 last_write_checksum: sha1:cadb036e04534a6d9d765809eebb266d188c499b @@ -1795,8 +1831,8 @@ trackedFiles: pristine_git_object: c25696d4c4f70e081fa5d87ad6891874c509a577 src/mcp-server/server.ts: id: 2784dd48e82a - last_write_checksum: sha1:95a63b784c643a6ba1fe7141d9b5efe00d214f3b - pristine_git_object: e1e5786a84a8395919d7970226296ebd370c956c + last_write_checksum: sha1:0ac9f3dcb5c8146c570f3fce808d1845c8945835 + pristine_git_object: a3610a1c6cd064c9b1451d2aa346ffa79ad07023 src/mcp-server/shared.ts: id: 074e80d4be1e last_write_checksum: sha1:19c9034032819a14f15c430de4350c8aba99d725 @@ -2229,6 +2265,22 @@ trackedFiles: id: 729f28cea23b last_write_checksum: sha1:d2ceb74a6c4b569244f765ea0ddf76107398e88c pristine_git_object: f7ed80b8bd7694af9d99adee9e3021cdf469a36e + src/mcp-server/tools/integrationsTwoFactorSourceControllerGetAvailableTwoFactorSourcesV1.ts: + id: 7ddab178cd26 + last_write_checksum: sha1:e15805df5ac5287867b67a624ff1ba2900c26683 + pristine_git_object: 751a8b9936db2663a31fa95fadf4782b81973d72 + src/mcp-server/tools/integrationsTwoFactorSourceControllerGetTwoFactorSourceV1.ts: + id: 392081d84edd + last_write_checksum: sha1:fccc0e417df80b66ba4ea565ee87b1e343ab3f04 + pristine_git_object: ee7efcd8d4a7a52af7f467da6bf28ac97c81856a + src/mcp-server/tools/integrationsTwoFactorSourceControllerGetTwoFactorStatusesV1.ts: + id: 1af0e5a5ab2f + last_write_checksum: sha1:7e8885117b0baac8a44148032e6a928f26d39398 + pristine_git_object: da97659045aebc9eb6ee6240c3c1a5f3da808865 + src/mcp-server/tools/integrationsTwoFactorSourceControllerSetTwoFactorSourceV1.ts: + id: 21161e1b101b + last_write_checksum: sha1:4d884383a3bf62a6f1454a9257092ab4396ea03e + pristine_git_object: 0e028af47b00936a3bafc974401132a86372fc71 src/mcp-server/tools/integrationsVariablesControllerFetchVariableOptionsV1.ts: id: 2fbd5cd83b8b last_write_checksum: sha1:9cdf32437ab50cad7a3914f82956677f81ba22b8 @@ -2277,6 +2329,10 @@ trackedFiles: id: 70fe134e0bb3 last_write_checksum: sha1:f1eb4251e7dafce9c11a9175081b07897a5dfd9c pristine_git_object: a03a487deade89225e1ccd2b522755d06e25b03c + src/mcp-server/tools/ismsISMSControllerGetVersionsV1.ts: + id: 4f79bbac06c3 + last_write_checksum: sha1:f7cd99324f97e42131625758baabb8a024f9c0a9 + pristine_git_object: c393f3635184ef600160ec84c80e6a683c21cec7 src/mcp-server/tools/ismsISMSControllerRemoveControlV1.ts: id: 56cf170ad78f last_write_checksum: sha1:dbae79dbb31d70165172980678a6e6c20f683445 @@ -2529,6 +2585,10 @@ trackedFiles: id: b4a93ffb9ab9 last_write_checksum: sha1:7c4504c69d04162d1503193a2f180cc23b790870 pristine_git_object: ed1d8822d40662420051761e19b72c13448901e5 + src/mcp-server/tools/peoplePeopleControllerGetMemberAccessV1.ts: + id: 716a5ffe1c69 + last_write_checksum: sha1:cba9766616c2993dbab6d5c6e21aac7f1bcda8fb + pristine_git_object: e634364575ef5f620f57437888e57594a4b0117d src/mcp-server/tools/peoplePeopleControllerGetMentionableMembersV1.ts: id: 72892bd31f4c last_write_checksum: sha1:4610a0db973b8abd46d84370e0107ca164dd7b2c @@ -3073,6 +3133,10 @@ trackedFiles: id: 73713425eb8d last_write_checksum: sha1:063269b642ca60342950f1bc3fad8373f907d83e pristine_git_object: a3b504f61c789c2afcfb0a5fcf28ccb84ae51061 + src/mcp-server/tools/trustAccessTrustAccessControllerGetPublicSecurityQuestionnaireV1.ts: + id: d426049d50b5 + last_write_checksum: sha1:b62b6e57d198b1bfe23374d1a9ab5f0f970f20b4 + pristine_git_object: ba32347050bbbf9410655c9dc64b18c2899f1c1f src/mcp-server/tools/trustAccessTrustAccessControllerGetPublicVendorsV1.ts: id: 2e70faeb4cd0 last_write_checksum: sha1:e50ffc00e7bb4b66645a523720c7c26348223679 @@ -3209,6 +3273,10 @@ trackedFiles: id: 9751b0d6576c last_write_checksum: sha1:4fe41d8042ada5508bdc58a244575d62933671ec pristine_git_object: 2fa110ca68b12eacde82b735b51eba56ee40c0f9 + src/mcp-server/tools/trustPortalTrustPortalControllerUpdateSecurityQuestionnaireV1.ts: + id: d1c62ab2c1a8 + last_write_checksum: sha1:0a03a29ff0180600528205cf9d48a4d87c90155e + pristine_git_object: 28de16dd0b8f4d66a1f32311ba6809edbe932bda src/mcp-server/tools/trustPortalTrustPortalControllerUpdateVendorTrustSettingsV1.ts: id: 41fbecdf62cf last_write_checksum: sha1:695fecdd53edd7be2a527fc1e0b02177c8760f3b @@ -3347,8 +3415,8 @@ trackedFiles: pristine_git_object: 9504c24932df260a7cfb55fba7e3aa72a2df50bf src/models/automationscontrollergettaskautomationrunsv1op.ts: id: 3a32dae6fb90 - last_write_checksum: sha1:9b53e7d8252374e93f75aac44ae8df8d1468134b - pristine_git_object: 88aaaf0517ea2cc227977f611d8249102ec7a17b + last_write_checksum: sha1:899092aac143ff5f1a71856793517782a0d5d234 + pristine_git_object: 26c1a1e6009e77289c4079e3c12b1a5c54990792 src/models/automationscontrollergettaskautomationsv1op.ts: id: e05e5bf492df last_write_checksum: sha1:7fc30740e7e6121a13a020cf9af67aaeceeb1418 @@ -3531,20 +3599,20 @@ trackedFiles: pristine_git_object: 2b0482cd73f9b0ba8b4bcaf371eeb4d667bded52 src/models/contextcontrollercreatecontextv1op.ts: id: d8e24cee4c41 - last_write_checksum: sha1:5c720b77048706bda800032cb758d0593a17ec87 - pristine_git_object: be1415665c8903e61ed24b6abe15480696231c98 + last_write_checksum: sha1:be5d3b83a4db8552ffd44f043659e0d3a1f95eb0 + pristine_git_object: 1c4c44ddfc859806420fd3981c61188dc727eaf8 src/models/contextcontrollerdeletecontextv1op.ts: id: eb6e2940f468 - last_write_checksum: sha1:ac038d54e338e5a8d180c23b0a8555b359e742ae - pristine_git_object: 5f4c354078a4ebaa08b2fab8fc62b583071c785e + last_write_checksum: sha1:e89ec73e92f445fcfbc650a3cb419ad245d2fd6b + pristine_git_object: 66c1eb084e276eb3dc7fc3a58aacbb4f1472aa6a src/models/contextcontrollergetallcontextv1op.ts: id: 68e3022de15e - last_write_checksum: sha1:8fb829ca235d8120cf1a8a75fba52ee3e835f1c6 - pristine_git_object: ec2cafca9beddf4705285e8d4734e4b78592e429 + last_write_checksum: sha1:1561df554f38c415a3b969e92b56677554db5f97 + pristine_git_object: ab07e6e915440b6175016cfa328165439e43c1d6 src/models/contextcontrollergetcontextbyidv1op.ts: id: 634a3baa2161 - last_write_checksum: sha1:b6c32b967c8ab6cc9c502bd0ec8ef4855571d63b - pristine_git_object: fe26dabef93971318f3c8942bb30cb0fc0d1a539 + last_write_checksum: sha1:9765cd5d12fb3d81afb146ebce969a80a3f2e851 + pristine_git_object: e1d06d3e72422d8af70cac9931ee6f3e965f806c src/models/contextcontrollerupdatecontextv1op.ts: id: e12f891e44f4 last_write_checksum: sha1:feb642540bd81bc7f2284a3ed73c27dddbd69690 @@ -3587,8 +3655,8 @@ trackedFiles: pristine_git_object: e6e7b767b88afe5e60a347e05c7274ee1737f8a0 src/models/controlscontrollerunlinkdocumenttypev1op.ts: id: edc19b966a6a - last_write_checksum: sha1:ce611aa5c47ad1ee56cc0d9f7552d297abc4be54 - pristine_git_object: 70efb8dea0b90b4ba7083e51b16183fb3ab4c300 + last_write_checksum: sha1:c7a4e110c259a7447e0ef9f61a1a78a7bd3ae69c + pristine_git_object: de7cbf43a11faa33d642473bc4bdf2944e0ee2af src/models/createaccessrequestdto.ts: id: c099827d5497 last_write_checksum: sha1:06ccfeae9414d617517491bb34f55bba1e7251f1 @@ -3735,8 +3803,8 @@ trackedFiles: pristine_git_object: ad837e0abf5e2c28e27546c6947f450bd8700a5b src/models/devicescontrollergetalldevicesv1op.ts: id: 9b02b8d3b378 - last_write_checksum: sha1:e92a899e03f1a91280652d5ed0353d763ec448fa - pristine_git_object: abe29a2fda6c182b1eb83cb56c0f458ce6c9153d + last_write_checksum: sha1:d9c16463ed1e71ba83b778af32da3140f2d1b733 + pristine_git_object: a59303615565c52104bc5b0aeee15529944d9d41 src/models/devicescontrollergetdevicesbymemberv1op.ts: id: 24897121a89f last_write_checksum: sha1:b1d58420614fcbf5ab206f876bec39812dc4c876 @@ -3851,8 +3919,8 @@ trackedFiles: pristine_git_object: 47b2903c68fe3afb80c070e70c8b830c8854f90c src/models/exportismsdocumentdto.ts: id: befa3c437b22 - last_write_checksum: sha1:9e6cfa72d8ecd2b6af85f38ce08fd62bf9a387e0 - pristine_git_object: 283e5373cb9d7e190d09868ba54e0e7326c1f7ae + last_write_checksum: sha1:05333c4f216a59403b9b8775674f5e3c0f456754 + pristine_git_object: ed491d1682b11083edb54785b9f2edfb470947f5 src/models/exportquestionnairedto.ts: id: 9aa09fc1d930 last_write_checksum: sha1:853525161d3c61f8cf40e2ca5781f75e299c2d5a @@ -3957,6 +4025,10 @@ trackedFiles: id: d8d3af10ad61 last_write_checksum: sha1:2332e44abbcc35882c6646076266a5ec2c508414 pristine_git_object: 0be60b267078d01132bc4b3821fe71b9fb5eb5a5 + src/models/frameworkscontrollerupdatecustomv1op.ts: + id: e6efba1df4ab + last_write_checksum: sha1:4684d54a14450e18e63d9b3c160eb214668858bf + pristine_git_object: ebc34d8cb08e2c82ff9ac9ccd2e3051cca61be12 src/models/generatealldto.ts: id: 26b9d1817bbf last_write_checksum: sha1:0a859d36a8868feaf3d74d1f4d6d89263811a7d5 @@ -3997,6 +4069,10 @@ trackedFiles: id: edbb28012ec7 last_write_checksum: sha1:1a43fe8a67af8a5302c1311c05066e97d2fcb5b5 pristine_git_object: 3bf8745319f01fd5a6bc40f5f52eff80bd476006 + src/models/ismscontrollergetversionsv1op.ts: + id: 5c5ebcd63a45 + last_write_checksum: sha1:ada88b6d9a7d7b5cc343446683f449c775dea03b + pristine_git_object: 3f04e3775dbc7d2072367445844b589333a20843 src/models/ismscontrollerremovecontrolv1op.ts: id: a0fbad374b7b last_write_checksum: sha1:b570a4404098feb9dd3061987df3b835da647b13 @@ -4015,8 +4091,8 @@ trackedFiles: pristine_git_object: ee9f9cc32b08525d76d14b67debe97d762347ec9 src/models/ismsregisterscontrollercreaterowv1op.ts: id: 9f076d5294c0 - last_write_checksum: sha1:46d7757d1a0d68cdd95cda690c8c036b6201ffe9 - pristine_git_object: 69e20134cdd9468658af2cccb64ff6b1080bfdac + last_write_checksum: sha1:becce5442cfaffd756c6a666c6a7d98a598690bf + pristine_git_object: 8506dc7ad17c60d2184b81b218da226446733378 src/models/ismsregisterscontrollerdeleterowv1op.ts: id: 2a3c3e9c20ab last_write_checksum: sha1:99778effb0c359cac2d9c900043015f39bd6ff41 @@ -4027,8 +4103,8 @@ trackedFiles: pristine_git_object: 560ed38a1fd2f55ce151da6f5c27584f039ee7eb src/models/ismsregisterscontrollerupdaterowv1op.ts: id: 52527e12c047 - last_write_checksum: sha1:9d69cbfdbf62941cc3f692b3864c1403ce79a966 - pristine_git_object: 73ba642b21700b33083eadbd06fee7726befacd3 + last_write_checksum: sha1:080f840cbe11bb45be40c153fff772e6c41aa901 + pristine_git_object: 2a9c7004954e1fac95fbe07008e43276fc13a4c4 src/models/knowledgebasecontrollercreateruntokenv1op.ts: id: 435247f848ea last_write_checksum: sha1:37a33eb2a331bc201b7b5dd8efff7ddd13f907e9 @@ -4139,24 +4215,24 @@ trackedFiles: pristine_git_object: e6fffc6c02314dd3eb53b820b3abc93eef7aca84 src/models/organizationcontrollerdeleteorganizationv1op.ts: id: b8e103ea307b - last_write_checksum: sha1:8d388f1d81b48a2d77205dff6f5b247063a2f3a1 - pristine_git_object: 4a5ab7d79a3e7d22dd50bd2b679c156b9cc2c474 + last_write_checksum: sha1:ec4f45f258a73f7769f804ef24e076af7d8e7fc2 + pristine_git_object: 03e3692979ff57f541cd10451591cfdd8725e129 src/models/organizationcontrollergetorganizationv1op.ts: id: 19ebaaaf446c - last_write_checksum: sha1:18cc9cf87dc7ff36bbdd03d12b633790ece37ec5 - pristine_git_object: 758bedf6fa793d75a8d1eeaabef7dacf9be82af2 + last_write_checksum: sha1:ddaaa02ca1f7c0ca51f696a76e3ec9376e241755 + pristine_git_object: 709401bc59c9120340ef224c120a979e4965b134 src/models/organizationcontrollergetprimarycolorv1op.ts: id: 1985c7757aef - last_write_checksum: sha1:d6fbdbd1ed8ef6e04476ed836519ceaf77c0e385 - pristine_git_object: 5845fb40d417bf2412eb506681b1053dceacbb1a + last_write_checksum: sha1:09c2660cff31471a84cd144a6eeb52c2124f007d + pristine_git_object: 31bc4212abd014595a15157815abf4464f76864d src/models/organizationcontrollertransferownershipv1op.ts: id: 9dd4eb8b73c9 last_write_checksum: sha1:f16a0adef693fcfcf60fe2f0db68352bd397b71e pristine_git_object: b8a4579eabea111523a58f667941029866a88024 src/models/organizationcontrollerupdateorganizationv1op.ts: id: cdad369ac8ae - last_write_checksum: sha1:abf5af821f96825929dcd9c67dedc5c592f6b042 - pristine_git_object: beb3b8c21ab6382a23a038a3ce610efab50f1279 + last_write_checksum: sha1:78c977a1efd492e43bffd9375b13fcac6aca505a + pristine_git_object: 286f4b84b6950fc94f942aa7f02f1ede4dc8a899 src/models/organizationcontrollerupdaterolenotificationsv1op.ts: id: 0280196295a5 last_write_checksum: sha1:de5b71a8557624b2d0989c28d4982abffe6fe977 @@ -4203,8 +4279,8 @@ trackedFiles: pristine_git_object: 8283d15511c50a47ad51162cd4a17493f3ca1b6a src/models/peoplecontrollerbulkcreatemembersv1op.ts: id: 5a52bae2125a - last_write_checksum: sha1:98f3ea4545d812950832febc647e907c86df783d - pristine_git_object: cfe7e4094784b21e3afecb98d09e1995d86c3c5d + last_write_checksum: sha1:15089844c6c9192273019e02145bb07440da3b01 + pristine_git_object: 79c66589938e1aa2216d31a210c0f4a3de2df545 src/models/peoplecontrollercreatememberv1op.ts: id: 4c092e16926d last_write_checksum: sha1:fc050121bc8cbd09c860aa5d107d066e942c8a73 @@ -4215,12 +4291,12 @@ trackedFiles: pristine_git_object: 4b3c87efbb6cee6b658b135172ad4a9c079c3977 src/models/peoplecontrollerdeletememberv1op.ts: id: 25cdfafdb63a - last_write_checksum: sha1:f60cde9fb3475a6590fcf467bcdbe29bf783ccf8 - pristine_git_object: bd157f96f3e68afeb34d1ce7bd679b97c4b48f1d + last_write_checksum: sha1:7cb1a2c0f4a916afebbb99b22b4fe1bac265db93 + pristine_git_object: 01cd59b6e4e5b6cab0ed565825dd2fe92b6427ea src/models/peoplecontrollergetallpeoplev1op.ts: id: 92e883fd1ef5 - last_write_checksum: sha1:d771d4d4e041a572758975ed5a632b531bcf3006 - pristine_git_object: 9a41bf58848570011fad4abd4b8e8328db59f416 + last_write_checksum: sha1:632caa3b7d64b625d20ee864df03dc78067b2e91 + pristine_git_object: 32bfd8bd5c4b279e715a68028f07d8a395408967 src/models/peoplecontrollergetemploymentevidencev1op.ts: id: 937626e11ed4 last_write_checksum: sha1:e3db58a945a6a73d8e37b02d003a1abd74d99691 @@ -4229,6 +4305,10 @@ trackedFiles: id: 04c16901e826 last_write_checksum: sha1:771a98d0d0956f3c152169165498f83c7f2f9a9f pristine_git_object: 9a5672df101af230a0a7f516532aa4088047c09c + src/models/peoplecontrollergetmemberaccessv1op.ts: + id: 56ad9522cdf3 + last_write_checksum: sha1:9615d11ce0d51a394bd2141911291d99a6bb68e6 + pristine_git_object: c8c5110a9b181cb580fc03be18d7810221917494 src/models/peoplecontrollergetmentionablemembersv1op.ts: id: 0d816bd0d0b7 last_write_checksum: sha1:df71acc76f6775913d5313c483aecab083400786 @@ -4247,8 +4327,8 @@ trackedFiles: pristine_git_object: 2e10e062b9a1d3d11e95b552bcde010804c04ab9 src/models/peoplecontrollerremovehostv1op.ts: id: 1ea67930f759 - last_write_checksum: sha1:129a83128601c0507fea4255c1de6fb2cbab42b5 - pristine_git_object: 79899a6ecefd29a8073e554ee194ba12d9f8fb69 + last_write_checksum: sha1:91d1ca672cd3d8ff55261961bb51807f7bd8744a + pristine_git_object: 61a07b4dfb8648057de1e3900f737036f546eaa1 src/models/peoplecontrollerresendportalinvitev1op.ts: id: 8da03cfee159 last_write_checksum: sha1:652a7486677fba27c0b2b4dcc887b638d2cee56c @@ -4299,8 +4379,8 @@ trackedFiles: pristine_git_object: a7059c3348e1f05f4b8ac5c8ebad824880f5ac87 src/models/policiescontrollerdeletepolicyv1op.ts: id: 5a943f28855a - last_write_checksum: sha1:444c6e3adb2a5a0de9ce50e2b05fba5eeefdf92b - pristine_git_object: 0c247aa9f1b29bfcdd7bdfc5fc457b3ef01cd9f6 + last_write_checksum: sha1:16622ed18e5ae6c8a23e44fc66538cc6d3a7f5b2 + pristine_git_object: 63892579e92eba0fe9dfdc1b77bc501f52a028a9 src/models/policiescontrollerdeletepolicyversionv1op.ts: id: 6233bbf06dcc last_write_checksum: sha1:9e6f986479065a1bd86b6344d840ca3ced533bdf @@ -4315,8 +4395,8 @@ trackedFiles: pristine_git_object: de5114bdbda3a16a18d8b5bb6f6f087727905dd5 src/models/policiescontrollergetallpoliciesv1op.ts: id: 6dc8b529c8aa - last_write_checksum: sha1:dcc03b827c667bf66003a729eac7e0d110782ef3 - pristine_git_object: 44e52242ac32fc90f38a376a6a8e30b182311166 + last_write_checksum: sha1:1382db4b406b8a24b4467445c6df1ee47e3af1f7 + pristine_git_object: 68d7996df5ffbb63016aec78a54b7368f0466f22 src/models/policiescontrollergetpdfsignedurlv1op.ts: id: 365c82d72274 last_write_checksum: sha1:dc7b842c258f3e64ae616fa11a00435bb98e555a @@ -4411,8 +4491,8 @@ trackedFiles: pristine_git_object: cb21b76784838d821f6059460d882cd3d49fa0a5 src/models/questionnairecontrollerautoanswerandexportuploadv1op.ts: id: 96d4505fff84 - last_write_checksum: sha1:e35f896fde986d1ffcae686f67780a768ae48c96 - pristine_git_object: 9b07cdf319fbd98fa4f57e2ac757fb0fe4bf9355 + last_write_checksum: sha1:0a631d4d8d18eeb16f6edb6763b343d1527bee35 + pristine_git_object: ceaaf408bd1c5fbb9e6e718ac14e5af41a98e36b src/models/questionnairecontrollerdeleteanswerv1op.ts: id: ba42da9bfe5e last_write_checksum: sha1:0cecec7df33e2bffe3e478bddb91ee68ca05a91d @@ -4427,8 +4507,8 @@ trackedFiles: pristine_git_object: bb11e695da8b536b6a0ee49b0bd00ce3cca0bfc2 src/models/questionnairecontrollerparsequestionnaireuploadv1op.ts: id: 0b0273261c36 - last_write_checksum: sha1:d768422f84929fe0dc0d3d50b6be2ebd849092da - pristine_git_object: bb26ede0a2f285e933ec650b1bad6b15e107a336 + last_write_checksum: sha1:33bdd1bb72025b2498be65c39cb3c44ab57b2543 + pristine_git_object: 0389a33dca9ae17ca9ad40061a8645a08d822200 src/models/questionnairecontrollerparsequestionnairev1op.ts: id: f5004d6f077b last_write_checksum: sha1:316d9cc1082e392ff7af26821bd357e20d928aa7 @@ -4443,8 +4523,8 @@ trackedFiles: pristine_git_object: 21c442f93c9be2e68d47afbbc0a82586e1adc9ec src/models/questionnairecontrolleruploadandparseuploadv1op.ts: id: a81b614033bf - last_write_checksum: sha1:ea4ddb61427657bafa2c0905908e52df07ddd0eb - pristine_git_object: 1fcb13c4752839ed2ad5b7fdf14de8dcde68543a + last_write_checksum: sha1:ab75bf007097f3dfd0646ce2c61b19df695bf21c + pristine_git_object: a254295e875c4f3fbba2f6417966f8b2ec70c8ee src/models/questionnairecontrolleruploadandparsev1op.ts: id: 0214ae0bc919 last_write_checksum: sha1:5e73f3cec1443d1d8abe7d1f96c5d0e5afa030fe @@ -4471,24 +4551,24 @@ trackedFiles: pristine_git_object: 7421012bfb8bdb64380043dad39e6e6e497d189b src/models/riskscontrollercreateriskv1op.ts: id: d7f061ff86f2 - last_write_checksum: sha1:3c9d85d99cd8d102bd9addfab806a1b818874286 - pristine_git_object: 17a08825ff656cd3191be4a7082ef92a8f1ba7a7 + last_write_checksum: sha1:9170f88361cc373a34dc033e700a0237bdd78937 + pristine_git_object: f664ec7e1765ad5e1c389dc1733712bedb71fccd src/models/riskscontrollerdeleteriskv1op.ts: id: b63d0463f981 - last_write_checksum: sha1:9a66a7316bada8e6b216d02b4a1fdd33728f7986 - pristine_git_object: 3325ac6e35db3cee38644b24f3a98f1fb6cb6b28 + last_write_checksum: sha1:a34aa26fbeb818ed4951376b0c4cdc62a3529cb9 + pristine_git_object: 8152b9c23d137543e9fb5ffc8b9b623b0b9c729e src/models/riskscontrollergetallrisksv1op.ts: id: e82ebf0b5a0d - last_write_checksum: sha1:3d0f31cc2937ed0a5f3f9571b49da1a0fc4a609b - pristine_git_object: 34b605bef1aaeea6beef121611057b9137df082b + last_write_checksum: sha1:080d532205de69e55a599934df29da655585a9a6 + pristine_git_object: 8cd9f69cae8904e3261c314867e84499aec9bc69 src/models/riskscontrollergetriskbyidv1op.ts: id: e33ceb7e8c1e - last_write_checksum: sha1:8e844ed66deea0024e20f240d589c0fe52d4e4cd - pristine_git_object: 3b0199f171704d7090aaea07c952c16b3a0e30dc + last_write_checksum: sha1:3b7082f23a514a530d0d9b34ca305263a394b23e + pristine_git_object: 131f337ee2f0a0a094c1c84040f292e811e7c10c src/models/riskscontrollerupdateriskv1op.ts: id: d285b10caa6e - last_write_checksum: sha1:b100dc8776d02dfcc333ed56aaf6bcc43769bac0 - pristine_git_object: 4f0c959aa10b88dc30ca832d5d8a000bab68fce3 + last_write_checksum: sha1:08fe7016ac09d75fefead996b93ebf49d3bacc52 + pristine_git_object: f03874ef2b1cb1cb5bb5834d2fb9e2d52eeff7cb src/models/rolescontrollercreaterolev1op.ts: id: 96c8f3431883 last_write_checksum: sha1:790fc9ffc92e415dbaf74093da1a2242fcaf8ad0 @@ -4599,8 +4679,12 @@ trackedFiles: pristine_git_object: 9425812a2998684f0ecc3cc6e66719295c43e87e src/models/setemployeesyncproviderdto.ts: id: 5d1f401bcaa5 - last_write_checksum: sha1:b25ad4932bf7e64c7f5dea197c4e9542d26ce34b - pristine_git_object: f6423f370e8bbd542c2ea012e9a39f1bc4727275 + last_write_checksum: sha1:883516d17a5e4c733256df82c422d96eac7fe20d + pristine_git_object: dce5e066385afb0d0448aea7d4e3e694504fabd0 + src/models/settwofactorsourcedto.ts: + id: d2f1a0df247a + last_write_checksum: sha1:7a277e83e8c431d1c9384416d50bf92a71a3fcd0 + pristine_git_object: fa4d79aa1dcc3d130dbe3f49d32fa729bd9b9982 src/models/soacontrollersaveanswerv1op.ts: id: 345a7890d72d last_write_checksum: sha1:622301ceda28a81347b97460fd68a245a8cfc001 @@ -4675,8 +4759,8 @@ trackedFiles: pristine_git_object: 8652c33cb6d586b61836e5ce82697944e3cec502 src/models/taskitemresponsedto.ts: id: b981450ffe4a - last_write_checksum: sha1:989e2cfdd8264a735138272aa9140e03297534e1 - pristine_git_object: ddc07f722573bec390bb9e622dc63319ff184f15 + last_write_checksum: sha1:c04533958c73fcbf6274dcf773ff65db236121f8 + pristine_git_object: 602cbdc666e12d3665e781f0cb3d568e0d931efa src/models/taskmanagementcontrollerdeletetaskitemattachmentv1op.ts: id: ee3679b32d1a last_write_checksum: sha1:ef2657ea915530d788b09e6d3e01a180da6be98e @@ -4703,8 +4787,8 @@ trackedFiles: pristine_git_object: 1bdd9a086c931d46bb2ab8050caf031709917bfa src/models/taskresponsedto.ts: id: a150fbb257f8 - last_write_checksum: sha1:e95513bcd4c3b27030697aaa8b83a3b40eceb774 - pristine_git_object: 4a7daac265fad983c0b72e54687d4ec468f14144 + last_write_checksum: sha1:b81ce360f3806adbb21b21dce52f8526c600720a + pristine_git_object: 3774bea6a33397d1c4f65348e65ae2a25908d2ba src/models/taskscontrollerapprovetaskv1op.ts: id: f79d722dd7fa last_write_checksum: sha1:305c5294dcd50991c078d1ce286de24e0f4af5e9 @@ -4849,6 +4933,10 @@ trackedFiles: id: 4a9febcb3f3b last_write_checksum: sha1:dd2f48939db288a3d25ca53327a95aa30d051138 pristine_git_object: fe72ee5dae1d284f526d09e9f850f3bd104f8e6c + src/models/trustaccesscontrollergetpublicsecurityquestionnairev1op.ts: + id: 7008a3174a56 + last_write_checksum: sha1:a664286b24fab2a0eb04444ba41c09c06c3c6b90 + pristine_git_object: b734cbce2ffaa109a6d48fac714bfe8585ca1731 src/models/trustaccesscontrollergetpublicvendorsv1op.ts: id: 5d9271ceeeb9 last_write_checksum: sha1:64dcc5c0b59777f395462b276de6a05aeb80589b @@ -4923,12 +5011,16 @@ trackedFiles: pristine_git_object: bc5333433600a0d2b988be0a422baed464969847 src/models/trustportalcontrollerupdatecustomframeworkv1op.ts: id: 0c0141cc1669 - last_write_checksum: sha1:5717e944537591a1bf5e59864587b166e702eec3 - pristine_git_object: 9f5b8d021e4622ccadd8f79f8f38ec343370290e + last_write_checksum: sha1:ce1c45715736663805c1af9688c3e84a568f3e6d + pristine_git_object: 67ab22693b455bdd61a5f243dfc6e9c06c2c6501 src/models/trustportalcontrollerupdatecustomlinkv1op.ts: id: b10f6bec788d last_write_checksum: sha1:990ecfb4b690d261e2dd8f360122aa4c983528f9 pristine_git_object: 36a18e12809da9ee30a7295b0c83a1c332fb19a9 + src/models/trustportalcontrollerupdatesecurityquestionnairev1op.ts: + id: 5d91b6cee824 + last_write_checksum: sha1:0dda2e3b6174b36a41fbdd5ec91769682539a067 + pristine_git_object: 424a746d6ef67fb1cbb5aa73334396cce1e276dd src/models/trustportalcontrollerupdatevendortrustsettingsv1op.ts: id: e5c169e07eed last_write_checksum: sha1:bac271b890cb8c938826652f8a66bba13a847f38 @@ -4965,6 +5057,10 @@ trackedFiles: id: 42d288a8eabf last_write_checksum: sha1:ddb966e23463a454726db0f0d234887642d7b01b pristine_git_object: 7d35243fc9a0cd46c1f62643c85c3c552c06d356 + src/models/updatecustomframeworkdto.ts: + id: 96a51b772a62 + last_write_checksum: sha1:0616df7afd1798fddc3ece924b6d850ffab6a640 + pristine_git_object: 9f9939fa410491c732914fa9ce7eeefdf1465eaf src/models/updateemailpreferencesdto.ts: id: da4acefa58ba last_write_checksum: sha1:7279dc18b3b4282e38ca412d9d08b16c6629820b @@ -5071,20 +5167,20 @@ trackedFiles: pristine_git_object: 765f36087af0bae24ae3f611d26dff7d490c899d src/models/vendorscontrollercreatevendorv1op.ts: id: aca32530d7a7 - last_write_checksum: sha1:30e752cb723df14962cf23fe80a9d383586ea234 - pristine_git_object: 211fb05b950ebdc7dd9e285f9c46494fe3250a80 + last_write_checksum: sha1:27ceadb7fd2bf7aea83b640e1286cb929701deed + pristine_git_object: baa5a1cdc53f3613defada35209df2dbdb2a2251 src/models/vendorscontrollerdeletevendorv1op.ts: id: fa46a1d1af33 - last_write_checksum: sha1:20e5baa10203f971907eb69719f4775a04fccb43 - pristine_git_object: c302755faf2564a9f3ae1294690c84f75226f46e + last_write_checksum: sha1:178be12b064a4c0fc2c5c8e1c5972ed46f7ae467 + pristine_git_object: 1c6e16ab2d31b7774b2b4dae901889052c550b75 src/models/vendorscontrollergetallvendorsv1op.ts: id: b903eefb0bb7 - last_write_checksum: sha1:4931b9badeacb65f6dec7bacb9306123434fc69e - pristine_git_object: 549818dcb9b2dfda5f257b394adc1316d6812da6 + last_write_checksum: sha1:b59f3a2986142d9aed70e65447117992961630fe + pristine_git_object: f84d277c63b7f963deb421f20e9d12be7327bbe7 src/models/vendorscontrollergetvendorbyidv1op.ts: id: fb82794e2944 - last_write_checksum: sha1:e5756bd792a179a3c5455f795f665e9756ae9f67 - pristine_git_object: c4bb0327b96a86bc693f8027a9eddaec12af179d + last_write_checksum: sha1:f0902cb583942e47920014eb7011234b0f0a9b64 + pristine_git_object: 353b5dcc19d50a003402f50040d1cfe0a24b7a40 src/models/vendorscontrollersearchglobalvendorsv1op.ts: id: 33de8ab7af5e last_write_checksum: sha1:924dffe8843be3bef21f68162cb16b0041ab5101 @@ -5095,12 +5191,12 @@ trackedFiles: pristine_git_object: 814a6229aa50f99154895cde28fd6120b26ed604 src/models/vendorscontrollerupdatevendorv1op.ts: id: 44ab2764bf24 - last_write_checksum: sha1:dff2233bf083b350022aebd7be3f88359e22d196 - pristine_git_object: d89990b1a39878e9651513ee19fcba40b01670b4 + last_write_checksum: sha1:808777a449ffc9e74ffa4bf54c9804b3e140dd30 + pristine_git_object: b28276e362f124b0639d9df85dcd70a425825920 src/tool-names.ts: id: a9977280f9eb - last_write_checksum: sha1:db18d786cc299f0eaacf93daaef5242df6f27a83 - pristine_git_object: 10a3e6a2d833e0bfcfbd0afb7c899f7e3d27eec3 + last_write_checksum: sha1:0bc7c5fd8b316c0c45147742b01515264ce70be1 + pristine_git_object: 9a9ccbe30b309f9868ffbb0ab0a3458e41ec344f src/types/async.ts: id: fac8da972f86 last_write_checksum: sha1:675d04bb4b4081dc3482f18de98674f9b446e7b4 @@ -5144,7 +5240,7 @@ examples: OrganizationController_updateOrganization_v1: speakeasy-default-organization-controller-update-organization-v1: requestBody: - application/json: {"name": "New Acme Corporation", "slug": "new-acme-corp", "logo": "https://example.com/logo.png", "metadata": "{\"theme\": \"dark\", \"preferences\": {}}", "website": "https://acme-corp.com", "onboardingCompleted": true, "hasAccess": true, "fleetDmLabelId": 123, "isFleetSetupCompleted": false, "primaryColor": "#3B82F6", "advancedModeEnabled": false, "backgroundCheckStepEnabled": true} + application/json: {"name": "New Acme Corporation", "slug": "new-acme-corp", "logo": "https://example.com/logo.png", "metadata": "{\"theme\": \"dark\", \"preferences\": {}}", "website": "https://acme-corp.com", "onboardingCompleted": true, "fleetDmLabelId": 123, "isFleetSetupCompleted": false, "primaryColor": "#3B82F6", "advancedModeEnabled": false, "backgroundCheckStepEnabled": true, "evidenceApprovalEnabled": false, "deviceAgentStepEnabled": true, "securityTrainingStepEnabled": true, "whistleblowerReportEnabled": true, "accessRequestFormEnabled": true} responses: "200": application/json: {"id": "org_abc123def456", "name": "New Acme Corporation", "slug": "new-acme-corp", "logo": "https://example.com/logo.png", "metadata": "{\"theme\": \"dark\", \"preferences\": {}}", "website": "https://acme-corp.com", "onboardingCompleted": true, "hasAccess": true, "fleetDmLabelId": 123, "isFleetSetupCompleted": false, "primaryColor": "#3B82F6"} @@ -7601,25 +7697,41 @@ examples: speakeasy-default-isms-profile-controller-generate-all-v1: requestBody: application/json: {"frameworkId": "frk_abc123def456"} + PeopleController_getMemberAccess_v1: + speakeasy-default-people-controller-get-member-access-v1: + parameters: + path: + id: "mem_abc123def456" + TwoFactorSourceController_getTwoFactorSource_v1: {} + TwoFactorSourceController_setTwoFactorSource_v1: + speakeasy-default-two-factor-source-controller-set-two-factor-source-v1: + requestBody: + application/json: {"provider": {}} + TwoFactorSourceController_getAvailableTwoFactorSources_v1: {} + TwoFactorSourceController_getTwoFactorStatuses_v1: {} + TrustPortalController_updateSecurityQuestionnaire_v1: + speakeasy-default-trust-portal-controller-update-security-questionnaire-v1: + requestBody: + application/json: {"enabled": true} + TrustAccessController_getPublicSecurityQuestionnaire_v1: + speakeasy-default-trust-access-controller-get-public-security-questionnaire-v1: + parameters: + path: + friendlyUrl: "https://oval-lyre.info/" + responses: + "200": + application/json: {} + IsmsController_getVersions_v1: + speakeasy-default-isms-controller-get-versions-v1: + parameters: + path: + id: "" + FrameworksController_updateCustom_v1: + speakeasy-default-frameworks-controller-update-custom-v1: + parameters: + path: + id: "" + requestBody: + application/json: {"name": "Internal Controls"} examplesVersion: 1.0.2 -releaseNotes: | - ## Mcp-typescript SDK Changes: - * `CompAi.Trust Portal.TrustPortalController_uploadCustomFrameworkBadge_v1()`: **Added** - * `CompAi.Trust Portal.TrustPortalController_removeCustomFrameworkBadge_v1()`: **Added** - * `CompAi.ISMS.IsmsController_ensureSetup_v1()`: **Added** - * `CompAi.ISMS.IsmsController_getDocument_v1()`: **Added** - * `CompAi.ISMS.IsmsController_addControls_v1()`: **Added** - * `CompAi.ISMS.IsmsController_removeControl_v1()`: **Added** - * `CompAi.ISMS.IsmsController_generate_v1()`: **Added** - * `CompAi.ISMS.IsmsController_submitForApproval_v1()`: **Added** - * `CompAi.ISMS.IsmsController_approve_v1()`: **Added** - * `CompAi.ISMS.IsmsController_decline_v1()`: **Added** - * `CompAi.ISMS.IsmsController_drift_v1()`: **Added** - * `CompAi.ISMS.IsmsController_exportDocument_v1()`: **Added** - * `CompAi.ISMS.IsmsRegistersController_createRow_v1()`: **Added** - * `CompAi.ISMS.IsmsRegistersController_updateRow_v1()`: **Added** - * `CompAi.ISMS.IsmsRegistersController_deleteRow_v1()`: **Added** - * `CompAi.ISMS.IsmsRegistersController_saveNarrative_v1()`: **Added** - * `CompAi.ISMS.IsmsProfileController_getProfile_v1()`: **Added** - * `CompAi.ISMS.IsmsProfileController_saveProfile_v1()`: **Added** - * `CompAi.ISMS.IsmsProfileController_generateAll_v1()`: **Added** +releaseNotes: "## Mcp-typescript SDK Changes:\n* `CompAi.Organization.OrganizationController_updateOrganization_v1()`: `request` **Changed** (Breaking ⚠️)\n* `CompAi.Integrations.TwoFactorSourceController_getAvailableTwoFactorSources_v1()`: **Added**\n* `CompAi.Integrations.TwoFactorSourceController_setTwoFactorSource_v1()`: **Added**\n* `CompAi.People.PeopleController_getMemberAccess_v1()`: **Added**\n* `CompAi.Integrations.TwoFactorSourceController_getTwoFactorStatuses_v1()`: **Added**\n* `CompAi.Trust Portal.TrustPortalController_updateSecurityQuestionnaire_v1()`: **Added**\n* `CompAi.Trust Access.TrustAccessController_getPublicSecurityQuestionnaire_v1()`: **Added**\n* `CompAi.ISMS.IsmsController_getVersions_v1()`: **Added**\n* `CompAi.Frameworks.FrameworksController_updateCustom_v1()`: **Added**\n* `CompAi.Integrations.TwoFactorSourceController_getTwoFactorSource_v1()`: **Added**\n* `CompAi.ISMS.IsmsController_exportDocument_v1()`: \n * `request.body.versionId` **Added**\n* `CompAi.ISMS.IsmsRegistersController_createRow_v1()`: \n * `request.body` **Changed**\n* `CompAi.ISMS.IsmsRegistersController_updateRow_v1()`: \n * `request.body` **Changed**\n" diff --git a/apps/mcp-server/.speakeasy/gen.yaml b/apps/mcp-server/.speakeasy/gen.yaml index de540b10a7..bb51bd1f3f 100644 --- a/apps/mcp-server/.speakeasy/gen.yaml +++ b/apps/mcp-server/.speakeasy/gen.yaml @@ -31,7 +31,7 @@ generation: generateNewTests: true skipResponseBodyAssertions: false mcp-typescript: - version: 0.2.1 + version: 0.2.2 additionalDependencies: dependencies: {} devDependencies: {} diff --git a/apps/mcp-server/.speakeasy/out.openapi.yaml b/apps/mcp-server/.speakeasy/out.openapi.yaml index fa70a3dabf..c66c4c1717 100644 --- a/apps/mcp-server/.speakeasy/out.openapi.yaml +++ b/apps/mcp-server/.speakeasy/out.openapi.yaml @@ -142,10 +142,6 @@ paths: type: "boolean" description: "Whether onboarding is completed" example: true - hasAccess: - type: "boolean" - description: "Whether organization has access to the platform" - example: true fleetDmLabelId: type: "integer" description: "FleetDM label ID for device management" @@ -166,6 +162,26 @@ paths: type: "boolean" description: "Whether the background-check step is required during member onboarding. Set to false to turn off the \"Require background checks\" setting; true to require it." example: true + evidenceApprovalEnabled: + type: "boolean" + description: "Whether evidence requires approval before it is accepted." + example: false + deviceAgentStepEnabled: + type: "boolean" + description: "Whether the device-agent step is enabled during member onboarding." + example: true + securityTrainingStepEnabled: + type: "boolean" + description: "Whether the security-training step is enabled during member onboarding." + example: true + whistleblowerReportEnabled: + type: "boolean" + description: "Whether the whistleblower reporting feature is enabled." + example: true + accessRequestFormEnabled: + type: "boolean" + description: "Whether the trust-portal access request form is enabled." + example: true additionalProperties: false responses: "200": @@ -1531,6 +1547,35 @@ paths: description: "Permanently removes a member from the organization. This action cannot be undone." og:title: "Delete member | Comp AI API" og:description: "Permanently removes a member from the organization. This action cannot be undone." + /v1/people/{id}/access: + get: + description: "Aggregates the latest Employee Access check results from every connected integration bound to the Employee Access task, matched to the member by email." + operationId: "PeopleController_getMemberAccess_v1" + parameters: + - name: "id" + required: true + in: "path" + description: "Member ID" + schema: + example: "mem_abc123def456" + type: "string" + responses: + "200": + description: "" + security: + - apikey: [] + summary: "Member's access across connected integrations" + tags: + - "People" + x-mint: + metadata: + title: "Member's access across connected integrations | Comp AI API" + sidebarTitle: "Member's access across connected integrations" + description: "Aggregates the latest Employee Access check results from every connected integration bound to the Employee Access task, matched to the member by email." + og:title: "Member's access across connected integrations | Comp AI API" + og:description: "Aggregates the latest Employee Access check results from every connected integration bound to the Employee Access task, matched to the member by email." + x-speakeasy-mcp: + name: "get-member-access" /v1/people/{id}/training-videos: get: operationId: "PeopleController_getTrainingVideos_v1" @@ -2174,3449 +2219,1891 @@ paths: og:description: "Mark a phase as ready for review in Comp AI. Track audit and compliance readiness timelines, phases, and review milestones for an organization." x-speakeasy-mcp: name: "mark-ready-for-review" - /v1/risks: + /v1/integrations/connections/providers: get: - description: "List organization risks with owners, departments, severity, mitigation status, and evidence for risk management reporting." - operationId: "RisksController_getAllRisks_v1" + operationId: "ConnectionsController_listProviders_v1" parameters: - - name: "title" - required: false - in: "query" - description: "Search by title (case-insensitive contains)" - schema: - example: "data breach" - type: "string" - - name: "page" - required: false - in: "query" - description: "Page number (1-indexed)" - schema: - minimum: 1 - default: 1 - example: 1 - type: "number" - - name: "perPage" - required: false - in: "query" - description: "Number of items per page" - schema: - minimum: 1 - maximum: 250 - default: 50 - example: 50 - type: "number" - - name: "sort" - required: false - in: "query" - description: "Sort by field" - schema: - default: "createdAt" - type: "string" - enum: - - "createdAt" - - "updatedAt" - - "title" - - "status" - - name: "sortDirection" - required: false - in: "query" - description: "Sort direction" - schema: - default: "desc" - type: "string" - enum: - - "asc" - - "desc" - - name: "status" - required: false + - name: "activeOnly" + required: true in: "query" - description: "Filter by status" schema: type: "string" - enum: - - "open" - - "pending" - - "closed" - - "archived" - - name: "category" - required: false - in: "query" - description: "Filter by category" + responses: + "200": + description: "" + security: + - apikey: [] + summary: "List integration providers" + tags: + - "Integrations" + description: "List available integration providers that can connect to the organization for automated evidence collection and compliance checks." + x-mint: + metadata: + title: "List integration providers | Comp AI API" + sidebarTitle: "List integration providers" + description: "List available integration providers that can connect to the organization for automated evidence collection and compliance checks." + og:title: "List integration providers | Comp AI API" + og:description: "List available integration providers that can connect to the organization for automated evidence collection and compliance checks." + x-speakeasy-mcp: + name: "list-providers" + /v1/integrations/connections/providers/{slug}: + get: + operationId: "ConnectionsController_getProvider_v1" + parameters: + - name: "slug" + required: true + in: "path" schema: type: "string" - enum: - - "customer" - - "fraud" - - "governance" - - "operations" - - "other" - - "people" - - "regulatory" - - "reporting" - - "resilience" - - "technology" - - "vendor_management" - - name: "department" - required: false - in: "query" - description: "Filter by department. Built-in values: none, admin, gov, hr, it, itsm, qms. Custom department names are also accepted." + responses: + "200": + description: "" + security: + - apikey: [] + summary: "Get an integration provider by slug" + tags: + - "Integrations" + description: "Get an integration provider by slug in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + x-mint: + metadata: + title: "Get an integration provider by slug | Comp AI API" + sidebarTitle: "Get an integration provider by slug" + description: "Get an integration provider by slug in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." + og:title: "Get an integration provider by slug | Comp AI API" + og:description: "Get an integration provider by slug in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." + x-speakeasy-mcp: + name: "get-provider" + /v1/integrations/connections: + get: + operationId: "ConnectionsController_listConnections_v1" + parameters: [] + responses: + "200": + description: "" + security: + - apikey: [] + summary: "List integration connections" + tags: + - "Integrations" + description: "List integration connections in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + x-mint: + metadata: + title: "List integration connections | Comp AI API" + sidebarTitle: "List integration connections" + description: "List integration connections in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect." + og:title: "List integration connections | Comp AI API" + og:description: "List integration connections in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect." + x-speakeasy-mcp: + name: "list-connections" + post: + operationId: "ConnectionsController_createConnection_v1" + parameters: [] + requestBody: + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/CreateConnectionDto" + responses: + "201": + description: "" + security: + - apikey: [] + summary: "Create integration connection" + tags: + - "Integrations" + description: "Create an integration connection so Comp AI can collect evidence, run checks, or sync data from a connected provider." + x-mint: + metadata: + title: "Create integration connection | Comp AI API" + sidebarTitle: "Create integration connection" + description: "Create an integration connection so Comp AI can collect evidence, run checks, or sync data from a connected provider." + og:title: "Create integration connection | Comp AI API" + og:description: "Create an integration connection so Comp AI can collect evidence, run checks, or sync data from a connected provider." + x-speakeasy-mcp: + name: "create-connection" + /v1/integrations/connections/{id}: + get: + operationId: "ConnectionsController_getConnection_v1" + parameters: + - name: "id" + required: true + in: "path" schema: - maxLength: 64 - example: "it" type: "string" - - name: "assigneeId" - required: false - in: "query" - description: "Filter by assignee member ID" + responses: + "200": + description: "" + security: + - apikey: [] + summary: "Get an integration connection by ID" + tags: + - "Integrations" + description: "Get an integration connection by ID in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + x-mint: + metadata: + title: "Get an integration connection by ID | Comp AI API" + sidebarTitle: "Get an integration connection by ID" + description: "Get an integration connection by ID in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." + og:title: "Get an integration connection by ID | Comp AI API" + og:description: "Get an integration connection by ID in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." + x-speakeasy-mcp: + name: "get-connection" + delete: + operationId: "ConnectionsController_deleteConnection_v1" + parameters: + - name: "id" + required: true + in: "path" schema: - example: "mem_abc123def456" type: "string" responses: "200": - description: "Risks retrieved successfully" - content: - application/json: - schema: - type: "object" - properties: - data: - type: "array" - items: - type: "object" - properties: - id: - type: "string" - description: "Risk ID" - example: "rsk_abc123def456" - title: - type: "string" - description: "Risk title" - example: "Data breach vulnerability in user authentication system" - description: - type: "string" - description: "Risk description" - example: "Weak password requirements could lead to unauthorized access to user accounts" - category: - type: "string" - enum: - - "customer" - - "governance" - - "operations" - - "other" - - "people" - - "regulatory" - - "reporting" - - "resilience" - - "technology" - - "vendor_management" - example: "technology" - status: - type: "string" - enum: - - "open" - - "pending" - - "closed" - - "archived" - example: "open" - likelihood: - type: "string" - enum: - - "very_unlikely" - - "unlikely" - - "possible" - - "likely" - - "very_likely" - example: "possible" - impact: - type: "string" - enum: - - "insignificant" - - "minor" - - "moderate" - - "major" - - "severe" - example: "major" - treatmentStrategy: - type: "string" - enum: - - "accept" - - "avoid" - - "mitigate" - - "transfer" - example: "mitigate" - assigneeId: - type: "string" - nullable: true - description: "ID of the user assigned to this risk" - example: "mem_abc123def456" - createdAt: - type: "string" - format: "date-time" - description: "When the risk was created" - updatedAt: - type: "string" - format: "date-time" - description: "When the risk was last updated" - count: - type: "number" - description: "Total number of risks" - example: 15 - authType: - type: "string" - enum: - - "api-key" - - "session" - description: "How the request was authenticated" - authenticatedUser: - type: "object" - description: "User information (only for session auth)" - properties: - id: - type: "string" - example: "usr_def456ghi789" - email: - type: "string" - example: "user@example.com" - "401": - description: "Unauthorized - Invalid authentication or insufficient permissions" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "string" - example: "Invalid or expired API key" - "404": - description: "Organization not found" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "string" - example: "Organization with ID org_abc123def456 not found" - "500": - description: "Internal server error" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "string" - example: "Internal server error" - security: - - apikey: [] - summary: "List organization risks" - tags: - - "Risks" - x-mint: - metadata: - title: "List organization risks | Comp AI API" - sidebarTitle: "List organization risks" - description: "List organization risks with owners, departments, severity, mitigation status, and evidence for risk management reporting." - og:title: "List organization risks | Comp AI API" - og:description: "List organization risks with owners, departments, severity, mitigation status, and evidence for risk management reporting." - x-speakeasy-mcp: - name: "get-all-risks" - post: - description: "Create a risk record with ownership and context so compliance teams can track mitigation and remediation work." - operationId: "RisksController_createRisk_v1" - parameters: [] - requestBody: - required: true - description: "Risk creation data" - content: - application/json: - schema: - $ref: "#/components/schemas/CreateRiskDto" - responses: - "201": - description: "Risk created successfully" - content: - application/json: - schema: - type: "object" - properties: - id: - type: "string" - description: "Risk ID" - example: "rsk_abc123def456" - title: - type: "string" - description: "Risk title" - example: "Data breach vulnerability in user authentication system" - description: - type: "string" - description: "Risk description" - example: "Weak password requirements could lead to unauthorized access to user accounts" - category: - type: "string" - enum: - - "customer" - - "governance" - - "operations" - - "other" - - "people" - - "regulatory" - - "reporting" - - "resilience" - - "technology" - - "vendor_management" - example: "technology" - department: - type: "string" - enum: - - "none" - - "admin" - - "gov" - - "hr" - - "it" - - "itsm" - - "qms" - nullable: true - example: "it" - status: - type: "string" - enum: - - "open" - - "pending" - - "closed" - - "archived" - example: "open" - likelihood: - type: "string" - enum: - - "very_unlikely" - - "unlikely" - - "possible" - - "likely" - - "very_likely" - example: "possible" - impact: - type: "string" - enum: - - "insignificant" - - "minor" - - "moderate" - - "major" - - "severe" - example: "major" - residualLikelihood: - type: "string" - enum: - - "very_unlikely" - - "unlikely" - - "possible" - - "likely" - - "very_likely" - example: "unlikely" - residualImpact: - type: "string" - enum: - - "insignificant" - - "minor" - - "moderate" - - "major" - - "severe" - example: "minor" - treatmentStrategyDescription: - type: "string" - nullable: true - example: "Implement multi-factor authentication and strengthen password requirements" - treatmentStrategy: - type: "string" - enum: - - "accept" - - "avoid" - - "mitigate" - - "transfer" - example: "mitigate" - organizationId: - type: "string" - example: "org_abc123def456" - assigneeId: - type: "string" - nullable: true - description: "ID of the user assigned to this risk" - example: "mem_abc123def456" - createdAt: - type: "string" - format: "date-time" - description: "When the risk was created" - updatedAt: - type: "string" - format: "date-time" - description: "When the risk was last updated" - authType: - type: "string" - enum: - - "api-key" - - "session" - description: "How the request was authenticated" - authenticatedUser: - type: "object" - description: "User information (only for session auth)" - properties: - id: - type: "string" - example: "usr_def456ghi789" - email: - type: "string" - example: "user@example.com" - "400": - description: "Bad request - Invalid input data" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "array" - items: - type: "string" - example: - - "title should not be empty" - - "description should not be empty" - - "category must be a valid enum value" - error: - type: "string" - example: "Bad Request" - statusCode: - type: "number" - example: 400 - "401": - description: "Unauthorized - Invalid authentication or insufficient permissions" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "string" - example: "Invalid or expired API key" - "404": - description: "Organization not found" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "string" - example: "Organization with ID org_abc123def456 not found" - "500": - description: "Internal server error" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "string" - example: "Internal server error" - security: - - apikey: [] - summary: "Create organization risk" - tags: - - "Risks" - x-mint: - metadata: - title: "Create organization risk | Comp AI API" - sidebarTitle: "Create organization risk" - description: "Create a risk record with ownership and context so compliance teams can track mitigation and remediation work." - og:title: "Create organization risk | Comp AI API" - og:description: "Create a risk record with ownership and context so compliance teams can track mitigation and remediation work." - x-speakeasy-mcp: - name: "create-risk" - /v1/risks/stats/by-assignee: - get: - operationId: "RisksController_getStatsByAssignee_v1" - parameters: [] - responses: - "200": - description: "" - security: - - apikey: [] - summary: "Get risk statistics grouped by assignee" - tags: - - "Risks" - description: "Get risk statistics grouped by assignee in Comp AI. Create, update, and report on organizational risks with ownership, departments, and compliance remediation status." - x-mint: - metadata: - title: "Get risk statistics grouped by assignee | Comp AI API" - sidebarTitle: "Get risk statistics grouped by assignee" - description: "Get risk statistics grouped by assignee in Comp AI. Create, update, and report on organizational risks with ownership, departments, and compliance." - og:title: "Get risk statistics grouped by assignee | Comp AI API" - og:description: "Get risk statistics grouped by assignee in Comp AI. Create, update, and report on organizational risks with ownership, departments, and compliance." - x-speakeasy-mcp: - name: "get-stats-by-assignee" - /v1/risks/stats/by-department: - get: - operationId: "RisksController_getStatsByDepartment_v1" - parameters: [] - responses: - "200": - description: "" - security: - - apikey: [] - summary: "Get risk counts grouped by department" - tags: - - "Risks" - description: "Get risk counts grouped by department in Comp AI. Create, update, and report on organizational risks with ownership, departments, and compliance remediation status." - x-mint: - metadata: - title: "Get risk counts grouped by department | Comp AI API" - sidebarTitle: "Get risk counts grouped by department" - description: "Get risk counts grouped by department in Comp AI. Create, update, and report on organizational risks with ownership, departments, and compliance remediation." - og:title: "Get risk counts grouped by department | Comp AI API" - og:description: "Get risk counts grouped by department in Comp AI. Create, update, and report on organizational risks with ownership, departments, and compliance remediation." - x-speakeasy-mcp: - name: "get-stats-by-department" - /v1/risks/{id}: - get: - description: "Retrieve one organization risk with owner, department, likelihood, impact, mitigation, and remediation context." - operationId: "RisksController_getRiskById_v1" - parameters: - - name: "id" - required: true - in: "path" - description: "Risk ID" - schema: - example: "rsk_abc123def456" - type: "string" - responses: - "200": - description: "Risk retrieved successfully" - content: - application/json: - schema: - type: "object" - properties: - id: - type: "string" - description: "Risk ID" - example: "rsk_abc123def456" - title: - type: "string" - description: "Risk title" - example: "Data breach vulnerability in user authentication system" - description: - type: "string" - description: "Risk description" - example: "Weak password requirements could lead to unauthorized access to user accounts" - category: - type: "string" - enum: - - "customer" - - "governance" - - "operations" - - "other" - - "people" - - "regulatory" - - "reporting" - - "resilience" - - "technology" - - "vendor_management" - example: "technology" - department: - type: "string" - enum: - - "none" - - "admin" - - "gov" - - "hr" - - "it" - - "itsm" - - "qms" - nullable: true - example: "it" - status: - type: "string" - enum: - - "open" - - "pending" - - "closed" - - "archived" - example: "open" - likelihood: - type: "string" - enum: - - "very_unlikely" - - "unlikely" - - "possible" - - "likely" - - "very_likely" - example: "possible" - impact: - type: "string" - enum: - - "insignificant" - - "minor" - - "moderate" - - "major" - - "severe" - example: "major" - residualLikelihood: - type: "string" - enum: - - "very_unlikely" - - "unlikely" - - "possible" - - "likely" - - "very_likely" - example: "unlikely" - residualImpact: - type: "string" - enum: - - "insignificant" - - "minor" - - "moderate" - - "major" - - "severe" - example: "minor" - treatmentStrategyDescription: - type: "string" - nullable: true - example: "Implement multi-factor authentication and strengthen password requirements" - treatmentStrategy: - type: "string" - enum: - - "accept" - - "avoid" - - "mitigate" - - "transfer" - example: "mitigate" - organizationId: - type: "string" - example: "org_abc123def456" - assigneeId: - type: "string" - nullable: true - description: "ID of the user assigned to this risk" - example: "mem_abc123def456" - createdAt: - type: "string" - format: "date-time" - description: "When the risk was created" - updatedAt: - type: "string" - format: "date-time" - description: "When the risk was last updated" - authType: - type: "string" - enum: - - "api-key" - - "session" - description: "How the request was authenticated" - authenticatedUser: - type: "object" - description: "User information (only for session auth)" - properties: - id: - type: "string" - example: "usr_def456ghi789" - email: - type: "string" - example: "user@example.com" - "401": - description: "Unauthorized - Invalid authentication or insufficient permissions" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "string" - example: "Invalid or expired API key" - "403": - description: "Forbidden - User does not have permission to access this risk" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "string" - example: "You do not have access to view this risk" - "404": - description: "Risk not found" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "string" - example: "Risk with ID rsk_abc123def456 not found in organization org_abc123def456" - "500": - description: "Internal server error" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "string" - example: "Internal server error" - security: - - apikey: [] - summary: "Get organization risk" - tags: - - "Risks" - x-mint: - metadata: - title: "Get organization risk | Comp AI API" - sidebarTitle: "Get organization risk" - description: "Retrieve one organization risk with owner, department, likelihood, impact, mitigation, and remediation context." - og:title: "Get organization risk | Comp AI API" - og:description: "Retrieve one organization risk with owner, department, likelihood, impact, mitigation, and remediation context." - x-speakeasy-mcp: - name: "get-risk-by-id" - patch: - description: "Update a risk record as mitigation work progresses so compliance reports reflect the current risk posture." - operationId: "RisksController_updateRisk_v1" - parameters: - - name: "id" - required: true - in: "path" - description: "Risk ID" - schema: - example: "rsk_abc123def456" - type: "string" - requestBody: - required: true - description: "Risk update data" - content: - application/json: - schema: - $ref: "#/components/schemas/UpdateRiskDto" - responses: - "200": - description: "Risk updated successfully" - content: - application/json: - schema: - type: "object" - properties: - id: - type: "string" - description: "Risk ID" - example: "rsk_abc123def456" - title: - type: "string" - description: "Risk title" - example: "Data breach vulnerability in user authentication system" - description: - type: "string" - description: "Risk description" - example: "Weak password requirements could lead to unauthorized access to user accounts" - category: - type: "string" - enum: - - "customer" - - "governance" - - "operations" - - "other" - - "people" - - "regulatory" - - "reporting" - - "resilience" - - "technology" - - "vendor_management" - example: "technology" - department: - type: "string" - enum: - - "none" - - "admin" - - "gov" - - "hr" - - "it" - - "itsm" - - "qms" - nullable: true - example: "it" - status: - type: "string" - enum: - - "open" - - "pending" - - "closed" - - "archived" - example: "open" - likelihood: - type: "string" - enum: - - "very_unlikely" - - "unlikely" - - "possible" - - "likely" - - "very_likely" - example: "possible" - impact: - type: "string" - enum: - - "insignificant" - - "minor" - - "moderate" - - "major" - - "severe" - example: "major" - residualLikelihood: - type: "string" - enum: - - "very_unlikely" - - "unlikely" - - "possible" - - "likely" - - "very_likely" - example: "unlikely" - residualImpact: - type: "string" - enum: - - "insignificant" - - "minor" - - "moderate" - - "major" - - "severe" - example: "minor" - treatmentStrategyDescription: - type: "string" - nullable: true - example: "Implement multi-factor authentication and strengthen password requirements" - treatmentStrategy: - type: "string" - enum: - - "accept" - - "avoid" - - "mitigate" - - "transfer" - example: "mitigate" - organizationId: - type: "string" - example: "org_abc123def456" - assigneeId: - type: "string" - nullable: true - description: "ID of the user assigned to this risk" - example: "mem_abc123def456" - createdAt: - type: "string" - format: "date-time" - description: "When the risk was created" - updatedAt: - type: "string" - format: "date-time" - description: "When the risk was last updated" - authType: - type: "string" - enum: - - "api-key" - - "session" - description: "How the request was authenticated" - authenticatedUser: - type: "object" - description: "User information (only for session auth)" - properties: - id: - type: "string" - example: "usr_def456ghi789" - email: - type: "string" - example: "user@example.com" - "400": - description: "Bad request - Invalid input data" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "array" - items: - type: "string" - example: - - "title should not be empty" - - "category must be a valid enum value" - - "status must be a valid enum value" - error: - type: "string" - example: "Bad Request" - statusCode: - type: "number" - example: 400 - "401": - description: "Unauthorized - Invalid authentication or insufficient permissions" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "string" - example: "Invalid or expired API key" - "404": - description: "Risk not found" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "string" - example: "Risk with ID rsk_abc123def456 not found in organization org_abc123def456" - "500": - description: "Internal server error" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "string" - example: "Internal server error" - security: - - apikey: [] - summary: "Update organization risk" - tags: - - "Risks" - x-mint: - metadata: - title: "Update organization risk | Comp AI API" - sidebarTitle: "Update organization risk" - description: "Update a risk record as mitigation work progresses so compliance reports reflect the current risk posture." - og:title: "Update organization risk | Comp AI API" - og:description: "Update a risk record as mitigation work progresses so compliance reports reflect the current risk posture." - x-speakeasy-mcp: - name: "update-risk" - delete: - description: "Delete an organization risk that no longer needs active tracking in the risk register or compliance program." - operationId: "RisksController_deleteRisk_v1" - parameters: - - name: "id" - required: true - in: "path" - description: "Risk ID" - schema: - example: "rsk_abc123def456" - type: "string" - responses: - "200": - description: "Risk deleted successfully" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "string" - example: "Risk deleted successfully" - deletedRisk: - type: "object" - properties: - id: - type: "string" - description: "Deleted risk ID" - example: "rsk_abc123def456" - title: - type: "string" - description: "Deleted risk title" - example: "Data breach vulnerability in user authentication system" - authType: - type: "string" - enum: - - "api-key" - - "session" - description: "How the request was authenticated" - authenticatedUser: - type: "object" - description: "User information (only for session auth)" - properties: - id: - type: "string" - example: "usr_def456ghi789" - email: - type: "string" - example: "user@example.com" - "401": - description: "Unauthorized - Invalid authentication or insufficient permissions" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "string" - example: "Invalid or expired API key" - "404": - description: "Risk not found" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "string" - example: "Risk with ID rsk_abc123def456 not found in organization org_abc123def456" - "500": - description: "Internal server error" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "string" - example: "Internal server error" - security: - - apikey: [] - summary: "Delete organization risk" - tags: - - "Risks" - x-mint: - metadata: - title: "Delete organization risk | Comp AI API" - sidebarTitle: "Delete organization risk" - description: "Delete an organization risk that no longer needs active tracking in the risk register or compliance program." - og:title: "Delete organization risk | Comp AI API" - og:description: "Delete an organization risk that no longer needs active tracking in the risk register or compliance program." - x-speakeasy-mcp: - name: "delete-risk" - /v1/vendors/global/search: - get: - operationId: "VendorsController_searchGlobalVendors_v1" - parameters: - - name: "name" - required: false - in: "query" - description: "Vendor name to search for" - schema: - type: "string" - responses: - "200": - description: "" - security: - - apikey: [] - summary: "Search global vendors" - tags: - - "Vendors" - description: "Search global vendor records to prefill vendor profiles and speed up third-party risk assessment workflows." - x-mint: - metadata: - title: "Search global vendors | Comp AI API" - sidebarTitle: "Search global vendors" - description: "Search global vendor records to prefill vendor profiles and speed up third-party risk assessment workflows." - og:title: "Search global vendors | Comp AI API" - og:description: "Search global vendor records to prefill vendor profiles and speed up third-party risk assessment workflows." - x-speakeasy-mcp: - name: "search-global-vendors" - /v1/vendors: - get: - description: "List third-party vendors with risk level, owner, assessment status, and Trust Center visibility for vendor risk management." - operationId: "VendorsController_getAllVendors_v1" - parameters: [] - responses: - "200": - description: "Vendors retrieved successfully" - content: - application/json: - schema: - type: "object" - properties: - data: - type: "array" - items: - type: "object" - properties: - id: - type: "string" - description: "Vendor ID" - example: "vnd_abc123def456" - name: - type: "string" - description: "Vendor name" - example: "CloudTech Solutions Inc." - description: - type: "string" - description: "Vendor description" - example: "Cloud infrastructure provider offering AWS-like services" - category: - type: "string" - enum: - - "cloud" - - "infrastructure" - - "software_as_a_service" - - "finance" - - "marketing" - - "sales" - - "hr" - - "other" - example: "cloud" - status: - type: "string" - enum: - - "not_assessed" - - "in_progress" - - "assessed" - example: "not_assessed" - inherentProbability: - type: "string" - enum: - - "very_unlikely" - - "unlikely" - - "possible" - - "likely" - - "very_likely" - example: "possible" - inherentImpact: - type: "string" - enum: - - "insignificant" - - "minor" - - "moderate" - - "major" - - "severe" - example: "moderate" - residualProbability: - type: "string" - enum: - - "very_unlikely" - - "unlikely" - - "possible" - - "likely" - - "very_likely" - example: "unlikely" - residualImpact: - type: "string" - enum: - - "insignificant" - - "minor" - - "moderate" - - "major" - - "severe" - example: "minor" - website: - type: "string" - nullable: true - example: "https://www.cloudtechsolutions.com" - assigneeId: - type: "string" - nullable: true - description: "ID of the user assigned to manage this vendor" - example: "mem_abc123def456" - createdAt: - type: "string" - format: "date-time" - description: "When the vendor was created" - updatedAt: - type: "string" - format: "date-time" - description: "When the vendor was last updated" - count: - type: "number" - description: "Total number of vendors" - example: 12 - authType: - type: "string" - enum: - - "api-key" - - "session" - description: "How the request was authenticated" - authenticatedUser: - type: "object" - description: "User information (only for session auth)" - properties: - id: - type: "string" - example: "usr_def456ghi789" - email: - type: "string" - example: "user@example.com" - "401": - description: "Unauthorized - Invalid authentication or insufficient permissions" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "string" - example: "Invalid or expired API key" - "404": - description: "Organization not found" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "string" - example: "Organization with ID org_abc123def456 not found" - "500": - description: "Internal server error" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "string" - example: "Internal server error" - security: - - apikey: [] - summary: "List vendors" - tags: - - "Vendors" - x-mint: - metadata: - title: "List vendors | Comp AI API" - sidebarTitle: "List vendors" - description: "List third-party vendors with risk level, owner, assessment status, and Trust Center visibility for vendor risk management." - og:title: "List vendors | Comp AI API" - og:description: "List third-party vendors with risk level, owner, assessment status, and Trust Center visibility for vendor risk management." - x-speakeasy-mcp: - name: "get-all-vendors" - post: - description: "Create a vendor record so teams can track third-party risk, assessment evidence, owner, category, and compliance status." - operationId: "VendorsController_createVendor_v1" - parameters: [] - requestBody: - required: true - description: "Vendor creation data" - content: - application/json: - schema: - $ref: "#/components/schemas/CreateVendorDto" - responses: - "201": - description: "Vendor created successfully" - content: - application/json: - schema: - type: "object" - properties: - id: - type: "string" - description: "Vendor ID" - example: "vnd_abc123def456" - name: - type: "string" - description: "Vendor name" - example: "CloudTech Solutions Inc." - description: - type: "string" - description: "Vendor description" - example: "Cloud infrastructure provider offering AWS-like services including compute, storage, and networking solutions for enterprise customers." - category: - type: "string" - enum: - - "cloud" - - "infrastructure" - - "software_as_a_service" - - "finance" - - "marketing" - - "sales" - - "hr" - - "other" - example: "cloud" - status: - type: "string" - enum: - - "not_assessed" - - "in_progress" - - "assessed" - example: "not_assessed" - inherentProbability: - type: "string" - enum: - - "very_unlikely" - - "unlikely" - - "possible" - - "likely" - - "very_likely" - example: "possible" - inherentImpact: - type: "string" - enum: - - "insignificant" - - "minor" - - "moderate" - - "major" - - "severe" - example: "moderate" - residualProbability: - type: "string" - enum: - - "very_unlikely" - - "unlikely" - - "possible" - - "likely" - - "very_likely" - example: "unlikely" - residualImpact: - type: "string" - enum: - - "insignificant" - - "minor" - - "moderate" - - "major" - - "severe" - example: "minor" - website: - type: "string" - nullable: true - example: "https://www.cloudtechsolutions.com" - organizationId: - type: "string" - example: "org_abc123def456" - assigneeId: - type: "string" - nullable: true - description: "ID of the user assigned to manage this vendor" - example: "mem_abc123def456" - createdAt: - type: "string" - format: "date-time" - description: "When the vendor was created" - updatedAt: - type: "string" - format: "date-time" - description: "When the vendor was last updated" - authType: - type: "string" - enum: - - "api-key" - - "session" - description: "How the request was authenticated" - authenticatedUser: - type: "object" - description: "User information (only for session auth)" - properties: - id: - type: "string" - example: "usr_def456ghi789" - email: - type: "string" - example: "user@example.com" - "400": - description: "Bad request - Invalid input data" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "array" - items: - type: "string" - example: - - "name should not be empty" - - "description should not be empty" - - "category must be a valid enum value" - - "website must be a URL address" - error: - type: "string" - example: "Bad Request" - statusCode: - type: "number" - example: 400 - "401": - description: "Unauthorized - Invalid authentication or insufficient permissions" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "string" - example: "Invalid or expired API key" - "404": - description: "Organization not found" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "string" - example: "Organization with ID org_abc123def456 not found" - "500": - description: "Internal server error" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "string" - example: "Internal server error" - security: - - apikey: [] - summary: "Create vendor" - tags: - - "Vendors" - x-mint: - metadata: - title: "Create vendor | Comp AI API" - sidebarTitle: "Create vendor" - description: "Create a vendor record so teams can track third-party risk, assessment evidence, owner, category, and compliance status." - og:title: "Create vendor | Comp AI API" - og:description: "Create a vendor record so teams can track third-party risk, assessment evidence, owner, category, and compliance status." - x-speakeasy-mcp: - name: "create-vendor" - /v1/vendors/{id}: - get: - description: "Retrieve one vendor record with ownership, review status, risk context, and third-party compliance metadata." - operationId: "VendorsController_getVendorById_v1" - parameters: - - name: "id" - required: true - in: "path" - description: "Vendor ID" - schema: - example: "vnd_abc123def456" - type: "string" - responses: - "200": - description: "Vendor retrieved successfully" - content: - application/json: - schema: - type: "object" - properties: - id: - type: "string" - description: "Vendor ID" - example: "vnd_abc123def456" - name: - type: "string" - description: "Vendor name" - example: "CloudTech Solutions Inc." - description: - type: "string" - description: "Vendor description" - example: "Cloud infrastructure provider offering AWS-like services including compute, storage, and networking solutions for enterprise customers." - category: - type: "string" - enum: - - "cloud" - - "infrastructure" - - "software_as_a_service" - - "finance" - - "marketing" - - "sales" - - "hr" - - "other" - example: "cloud" - status: - type: "string" - enum: - - "not_assessed" - - "in_progress" - - "assessed" - example: "not_assessed" - inherentProbability: - type: "string" - enum: - - "very_unlikely" - - "unlikely" - - "possible" - - "likely" - - "very_likely" - example: "possible" - inherentImpact: - type: "string" - enum: - - "insignificant" - - "minor" - - "moderate" - - "major" - - "severe" - example: "moderate" - residualProbability: - type: "string" - enum: - - "very_unlikely" - - "unlikely" - - "possible" - - "likely" - - "very_likely" - example: "unlikely" - residualImpact: - type: "string" - enum: - - "insignificant" - - "minor" - - "moderate" - - "major" - - "severe" - example: "minor" - website: - type: "string" - nullable: true - example: "https://www.cloudtechsolutions.com" - organizationId: - type: "string" - example: "org_abc123def456" - assigneeId: - type: "string" - nullable: true - description: "ID of the user assigned to manage this vendor" - example: "mem_abc123def456" - createdAt: - type: "string" - format: "date-time" - description: "When the vendor was created" - updatedAt: - type: "string" - format: "date-time" - description: "When the vendor was last updated" - authType: - type: "string" - enum: - - "api-key" - - "session" - description: "How the request was authenticated" - authenticatedUser: - type: "object" - description: "User information (only for session auth)" - properties: - id: - type: "string" - example: "usr_def456ghi789" - email: - type: "string" - example: "user@example.com" - "401": - description: "Unauthorized - Invalid authentication or insufficient permissions" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "string" - example: "Invalid or expired API key" - "404": - description: "Vendor not found" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "string" - example: "Vendor with ID vnd_abc123def456 not found in organization org_abc123def456" - "500": - description: "Internal server error" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "string" - example: "Internal server error" + description: "" security: - apikey: [] - summary: "Get vendor details" + summary: "Delete an integration connection" tags: - - "Vendors" + - "Integrations" + description: "Delete an integration connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." x-mint: metadata: - title: "Get vendor details | Comp AI API" - sidebarTitle: "Get vendor details" - description: "Retrieve one vendor record with ownership, review status, risk context, and third-party compliance metadata." - og:title: "Get vendor details | Comp AI API" - og:description: "Retrieve one vendor record with ownership, review status, risk context, and third-party compliance metadata." + title: "Delete an integration connection | Comp AI API" + sidebarTitle: "Delete an integration connection" + description: "Delete an integration connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." + og:title: "Delete an integration connection | Comp AI API" + og:description: "Delete an integration connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." x-speakeasy-mcp: - name: "get-vendor-by-id" + name: "delete-connection" patch: - description: "Update vendor ownership, risk attributes, review metadata, and third-party compliance context for an organization." - operationId: "VendorsController_updateVendor_v1" + operationId: "ConnectionsController_updateConnection_v1" parameters: - name: "id" required: true in: "path" - description: "Vendor ID" schema: - example: "vnd_abc123def456" type: "string" requestBody: required: true - description: "Vendor update data" content: application/json: schema: - $ref: "#/components/schemas/UpdateVendorDto" + $ref: "#/components/schemas/UpdateConnectionDto" responses: "200": - description: "Vendor updated successfully" - content: - application/json: - schema: - type: "object" - properties: - id: - type: "string" - description: "Vendor ID" - example: "vnd_abc123def456" - name: - type: "string" - description: "Vendor name" - example: "CloudTech Solutions Inc." - description: - type: "string" - description: "Vendor description" - example: "Cloud infrastructure provider offering AWS-like services including compute, storage, and networking solutions for enterprise customers." - category: - type: "string" - enum: - - "cloud" - - "infrastructure" - - "software_as_a_service" - - "finance" - - "marketing" - - "sales" - - "hr" - - "other" - example: "cloud" - status: - type: "string" - enum: - - "not_assessed" - - "in_progress" - - "assessed" - example: "assessed" - inherentProbability: - type: "string" - enum: - - "very_unlikely" - - "unlikely" - - "possible" - - "likely" - - "very_likely" - example: "possible" - inherentImpact: - type: "string" - enum: - - "insignificant" - - "minor" - - "moderate" - - "major" - - "severe" - example: "moderate" - residualProbability: - type: "string" - enum: - - "very_unlikely" - - "unlikely" - - "possible" - - "likely" - - "very_likely" - example: "unlikely" - residualImpact: - type: "string" - enum: - - "insignificant" - - "minor" - - "moderate" - - "major" - - "severe" - example: "minor" - website: - type: "string" - nullable: true - example: "https://www.cloudtechsolutions.com" - organizationId: - type: "string" - example: "org_abc123def456" - assigneeId: - type: "string" - nullable: true - description: "ID of the user assigned to manage this vendor" - example: "mem_abc123def456" - createdAt: - type: "string" - format: "date-time" - description: "When the vendor was created" - updatedAt: - type: "string" - format: "date-time" - description: "When the vendor was last updated" - authType: - type: "string" - enum: - - "api-key" - - "session" - description: "How the request was authenticated" - authenticatedUser: - type: "object" - description: "User information (only for session auth)" - properties: - id: - type: "string" - example: "usr_def456ghi789" - email: - type: "string" - example: "user@example.com" - "400": - description: "Bad request - Invalid input data" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "array" - items: - type: "string" - example: - - "name should not be empty" - - "category must be a valid enum value" - - "status must be a valid enum value" - - "website must be a URL address" - error: - type: "string" - example: "Bad Request" - statusCode: - type: "number" - example: 400 - "401": - description: "Unauthorized - Invalid authentication or insufficient permissions" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "string" - example: "Invalid or expired API key" - "404": - description: "Vendor not found" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "string" - example: "Vendor with ID vnd_abc123def456 not found in organization org_abc123def456" - "500": - description: "Internal server error" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "string" - example: "Internal server error" + description: "" + security: + - apikey: [] + summary: "Update an integration connection" + tags: + - "Integrations" + description: "Update an integration connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + x-mint: + metadata: + title: "Update an integration connection | Comp AI API" + sidebarTitle: "Update an integration connection" + description: "Update an integration connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." + og:title: "Update an integration connection | Comp AI API" + og:description: "Update an integration connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." + x-speakeasy-mcp: + name: "update-connection" + /v1/integrations/connections/{id}/test: + post: + operationId: "ConnectionsController_testConnection_v1" + parameters: + - name: "id" + required: true + in: "path" + schema: + type: "string" + responses: + "201": + description: "" + security: + - apikey: [] + summary: "Test an integration connection" + tags: + - "Integrations" + description: "Test an integration connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + x-mint: + metadata: + title: "Test an integration connection | Comp AI API" + sidebarTitle: "Test an integration connection" + description: "Test an integration connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." + og:title: "Test an integration connection | Comp AI API" + og:description: "Test an integration connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." + x-speakeasy-mcp: + name: "test-connection" + /v1/integrations/connections/{id}/pause: + post: + operationId: "ConnectionsController_pauseConnection_v1" + parameters: + - name: "id" + required: true + in: "path" + schema: + type: "string" + responses: + "201": + description: "" + security: + - apikey: [] + summary: "Pause an integration connection" + tags: + - "Integrations" + description: "Pause an integration connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + x-mint: + metadata: + title: "Pause an integration connection | Comp AI API" + sidebarTitle: "Pause an integration connection" + description: "Pause an integration connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." + og:title: "Pause an integration connection | Comp AI API" + og:description: "Pause an integration connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." + x-speakeasy-mcp: + name: "pause-connection" + /v1/integrations/connections/{id}/resume: + post: + operationId: "ConnectionsController_resumeConnection_v1" + parameters: + - name: "id" + required: true + in: "path" + schema: + type: "string" + responses: + "201": + description: "" + security: + - apikey: [] + summary: "Resume an integration connection" + tags: + - "Integrations" + description: "Resume an integration connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + x-mint: + metadata: + title: "Resume an integration connection | Comp AI API" + sidebarTitle: "Resume an integration connection" + description: "Resume an integration connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." + og:title: "Resume an integration connection | Comp AI API" + og:description: "Resume an integration connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." + x-speakeasy-mcp: + name: "resume-connection" + /v1/integrations/connections/{id}/disconnect: + post: + operationId: "ConnectionsController_disconnectConnection_v1" + parameters: + - name: "id" + required: true + in: "path" + schema: + type: "string" + responses: + "201": + description: "" security: - apikey: [] - summary: "Update vendor record" + summary: "Disconnect an integration" tags: - - "Vendors" + - "Integrations" + description: "Disconnect an integration in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." x-mint: metadata: - title: "Update vendor record | Comp AI API" - sidebarTitle: "Update vendor record" - description: "Update vendor ownership, risk attributes, review metadata, and third-party compliance context for an organization." - og:title: "Update vendor record | Comp AI API" - og:description: "Update vendor ownership, risk attributes, review metadata, and third-party compliance context for an organization." + title: "Disconnect an integration | Comp AI API" + sidebarTitle: "Disconnect an integration" + description: "Disconnect an integration in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect." + og:title: "Disconnect an integration | Comp AI API" + og:description: "Disconnect an integration in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect." x-speakeasy-mcp: - name: "update-vendor" - delete: - description: "Permanently removes a vendor from the organization. This action cannot be undone." - operationId: "VendorsController_deleteVendor_v1" + name: "disconnect-connection" + /v1/integrations/connections/{id}/services: + put: + operationId: "ConnectionsController_updateConnectionServices_v1" parameters: - name: "id" required: true in: "path" - description: "Vendor ID" schema: - example: "vnd_abc123def456" type: "string" + requestBody: + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/UpdateConnectionServicesDto" responses: "200": - description: "Vendor deleted successfully" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "string" - example: "Vendor deleted successfully" - deletedVendor: - type: "object" - properties: - id: - type: "string" - description: "Deleted vendor ID" - example: "vnd_abc123def456" - name: - type: "string" - description: "Deleted vendor name" - example: "CloudTech Solutions Inc." - authType: - type: "string" - enum: - - "api-key" - - "session" - description: "How the request was authenticated" - authenticatedUser: - type: "object" - description: "User information (only for session auth)" - properties: - id: - type: "string" - example: "usr_def456ghi789" - email: - type: "string" - example: "user@example.com" - "401": - description: "Unauthorized - Invalid authentication or insufficient permissions" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "string" - example: "Invalid or expired API key" - "404": - description: "Vendor not found" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "string" - example: "Vendor with ID vnd_abc123def456 not found in organization org_abc123def456" - "500": - description: "Internal server error" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "string" - example: "Internal server error" + description: "" + security: + - apikey: [] + summary: "Set services enabled on a connection" + tags: + - "Integrations" + description: "Set services enabled on a connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + x-mint: + metadata: + title: "Set services enabled on a connection | Comp AI API" + sidebarTitle: "Set services enabled on a connection" + description: "Set services enabled on a connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." + og:title: "Set services enabled on a connection | Comp AI API" + og:description: "Set services enabled on a connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." + x-speakeasy-mcp: + name: "update-connection-services" + get: + operationId: "ServicesController_getConnectionServices_v1" + parameters: + - name: "id" + required: true + in: "path" + schema: + type: "string" + responses: + "200": + description: "" + security: + - apikey: [] + summary: "List services enabled on a connection" + tags: + - "Integrations" + description: "List services enabled on a connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + x-mint: + metadata: + title: "List services enabled on a connection | Comp AI API" + sidebarTitle: "List services enabled on a connection" + description: "List services enabled on a connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." + og:title: "List services enabled on a connection | Comp AI API" + og:description: "List services enabled on a connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." + x-speakeasy-mcp: + name: "get-connection-services" + /v1/integrations/checks/providers/{providerSlug}: + get: + operationId: "ChecksController_listProviderChecks_v1" + parameters: + - name: "providerSlug" + required: true + in: "path" + schema: + type: "string" + responses: + "200": + description: "" + security: + - apikey: [] + summary: "List check definitions for a provider" + tags: + - "Integrations" + description: "List check definitions for a provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + x-mint: + metadata: + title: "List check definitions for a provider | Comp AI API" + sidebarTitle: "List check definitions for a provider" + description: "List check definitions for a provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." + og:title: "List check definitions for a provider | Comp AI API" + og:description: "List check definitions for a provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." + x-speakeasy-mcp: + name: "list-provider-checks" + /v1/integrations/checks/connections/{connectionId}: + get: + operationId: "ChecksController_listConnectionChecks_v1" + parameters: + - name: "connectionId" + required: true + in: "path" + schema: + type: "string" + responses: + "200": + description: "" + security: + - apikey: [] + summary: "List checks for a connection" + tags: + - "Integrations" + description: "List checks for a connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + x-mint: + metadata: + title: "List checks for a connection | Comp AI API" + sidebarTitle: "List checks for a connection" + description: "List checks for a connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect." + og:title: "List checks for a connection | Comp AI API" + og:description: "List checks for a connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect." + x-speakeasy-mcp: + name: "list-connection-checks" + /v1/integrations/checks/connections/{connectionId}/run: + post: + operationId: "ChecksController_runConnectionChecks_v1" + parameters: + - name: "connectionId" + required: true + in: "path" + schema: + type: "string" + requestBody: + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/RunChecksDto" + responses: + "201": + description: "" + security: + - apikey: [] + summary: "Run integration checks" + tags: + - "Integrations" + description: "Run all compliance checks for an integration connection and capture results as automated evidence." + x-mint: + metadata: + title: "Run integration checks | Comp AI API" + sidebarTitle: "Run integration checks" + description: "Run all compliance checks for an integration connection and capture results as automated evidence." + og:title: "Run integration checks | Comp AI API" + og:description: "Run all compliance checks for an integration connection and capture results as automated evidence." + x-speakeasy-mcp: + name: "run-connection-checks" + /v1/integrations/checks/connections/{connectionId}/run/{checkId}: + post: + operationId: "ChecksController_runSingleCheck_v1" + parameters: + - name: "connectionId" + required: true + in: "path" + schema: + type: "string" + - name: "checkId" + required: true + in: "path" + schema: + type: "string" + responses: + "201": + description: "" security: - apikey: [] - summary: "Delete vendor" + summary: "Run a single check on a connection" tags: - - "Vendors" + - "Integrations" + description: "Run a single check on a connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." x-mint: metadata: - title: "Delete vendor | Comp AI API" - sidebarTitle: "Delete vendor" - description: "Permanently removes a vendor from the organization. This action cannot be undone." - og:title: "Delete vendor | Comp AI API" - og:description: "Permanently removes a vendor from the organization. This action cannot be undone." + title: "Run a single check on a connection | Comp AI API" + sidebarTitle: "Run a single check on a connection" + description: "Run a single check on a connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." + og:title: "Run a single check on a connection | Comp AI API" + og:description: "Run a single check on a connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." x-speakeasy-mcp: - name: "delete-vendor" - /v1/vendors/{id}/trigger-assessment: - post: - operationId: "VendorsController_triggerAssessment_v1" + name: "run-single-check" + /v1/integrations/variables/providers/{providerSlug}: + get: + operationId: "VariablesController_getProviderVariables_v1" parameters: - - name: "id" + - name: "providerSlug" required: true in: "path" - description: "Vendor ID" schema: - example: "vnd_abc123def456" type: "string" responses: - "201": + "200": description: "" security: - apikey: [] - summary: "Trigger vendor risk assessment" + summary: "List variable definitions for a provider" tags: - - "Vendors" - description: "Trigger a vendor risk assessment so Comp AI can update third-party risk evidence and vendor security review status." + - "Integrations" + description: "List variable definitions for a provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." x-mint: metadata: - title: "Trigger vendor risk assessment | Comp AI API" - sidebarTitle: "Trigger vendor risk assessment" - description: "Trigger a vendor risk assessment so Comp AI can update third-party risk evidence and vendor security review status." - og:title: "Trigger vendor risk assessment | Comp AI API" - og:description: "Trigger a vendor risk assessment so Comp AI can update third-party risk evidence and vendor security review status." + title: "List variable definitions for a provider | Comp AI API" + sidebarTitle: "List variable definitions for a provider" + description: "List variable definitions for a provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." + og:title: "List variable definitions for a provider | Comp AI API" + og:description: "List variable definitions for a provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." x-speakeasy-mcp: - name: "trigger-assessment" - /v1/context: + name: "get-provider-variables" + /v1/integrations/variables/connections/{connectionId}: get: - description: "List organization context entries used as approved source material for evidence, questionnaires, policies, and AI workflows." - operationId: "ContextController_getAllContext_v1" + operationId: "VariablesController_getConnectionVariables_v1" parameters: - - name: "search" - required: false - in: "query" - description: "Search by question text" + - name: "connectionId" + required: true + in: "path" schema: type: "string" - - name: "page" - required: false - in: "query" - description: "Page number (1-based)" + responses: + "200": + description: "" + security: + - apikey: [] + summary: "List connection variables" + tags: + - "Integrations" + description: "List connection variables in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + x-mint: + metadata: + title: "List connection variables | Comp AI API" + sidebarTitle: "List connection variables" + description: "List connection variables in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect." + og:title: "List connection variables | Comp AI API" + og:description: "List connection variables in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect." + x-speakeasy-mcp: + name: "get-connection-variables" + post: + operationId: "VariablesController_saveConnectionVariables_v1" + parameters: + - name: "connectionId" + required: true + in: "path" schema: type: "string" - - name: "perPage" - required: false - in: "query" - description: "Items per page" + requestBody: + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/SaveVariablesDto" + responses: + "201": + description: "" + security: + - apikey: [] + summary: "Update connection variables" + tags: + - "Integrations" + description: "Update connection variables in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + x-mint: + metadata: + title: "Update connection variables | Comp AI API" + sidebarTitle: "Update connection variables" + description: "Update connection variables in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect." + og:title: "Update connection variables | Comp AI API" + og:description: "Update connection variables in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect." + x-speakeasy-mcp: + name: "save-connection-variables" + /v1/integrations/variables/connections/{connectionId}/options/{variableId}: + get: + operationId: "VariablesController_fetchVariableOptions_v1" + parameters: + - name: "connectionId" + required: true + in: "path" + schema: + type: "string" + - name: "variableId" + required: true + in: "path" schema: type: "string" responses: "200": - description: "Context entries retrieved successfully" - content: - application/json: - schema: - type: "object" - properties: - data: - type: "array" - items: - type: "object" - properties: - id: - type: "string" - organizationId: - type: "string" - question: - type: "string" - answer: - type: "string" - tags: - type: "array" - items: - type: "string" - createdAt: - type: "string" - format: "date-time" - updatedAt: - type: "string" - format: "date-time" - count: - type: "number" - authType: - type: "string" - enum: - - "api-key" - - "session" - example: - data: - - id: "ctx_abc123def456" - organizationId: "org_xyz789uvw012" - question: "How do we handle user authentication in our application?" - answer: "We use a hybrid authentication system supporting both API keys and session-based authentication." - tags: - - "authentication" - - "security" - - "api" - - "sessions" - createdAt: "2024-01-15T10:30:00.000Z" - updatedAt: "2024-01-15T14:20:00.000Z" - - id: "ctx_ghi789jkl012" - organizationId: "org_xyz789uvw012" - question: "What database do we use and why?" - answer: "We use PostgreSQL as our primary database with Prisma as the ORM." - tags: - - "database" - - "postgresql" - - "prisma" - - "architecture" - createdAt: "2024-01-14T09:15:00.000Z" - updatedAt: "2024-01-14T09:15:00.000Z" - count: 2 - authType: "apikey" - "401": - description: "Unauthorized - Invalid or missing authentication" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "string" - statusCode: - type: "number" - example: 401 - example: - message: "Unauthorized" - statusCode: 401 - "404": - description: "Organization not found" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "string" - statusCode: - type: "number" - example: 404 - example: - message: "Organization not found" - statusCode: 404 - "500": - description: "Internal server error" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "string" - statusCode: - type: "number" - example: 500 - example: - message: "Internal server error" - statusCode: 500 + description: "" + security: + - apikey: [] + summary: "Get options for a connection variable" + tags: + - "Integrations" + description: "Get options for a connection variable in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + x-mint: + metadata: + title: "Get options for a connection variable | Comp AI API" + sidebarTitle: "Get options for a connection variable" + description: "Get options for a connection variable in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." + og:title: "Get options for a connection variable | Comp AI API" + og:description: "Get options for a connection variable in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." + x-speakeasy-mcp: + name: "fetch-variable-options" + /v1/integrations/tasks/template/{templateId}/checks: + get: + operationId: "TaskIntegrationsController_getChecksForTaskTemplate_v1" + parameters: + - name: "templateId" + required: true + in: "path" + schema: + type: "string" + responses: + "200": + description: "" security: - apikey: [] - summary: "List organization context" + summary: "List checks for a task template" tags: - - "Context" + - "Integrations" + description: "List checks for a task template in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." x-mint: metadata: - title: "List organization context | Comp AI API" - sidebarTitle: "List organization context" - description: "List organization context entries used as approved source material for evidence, questionnaires, policies, and AI workflows." - og:title: "List organization context | Comp AI API" - og:description: "List organization context entries used as approved source material for evidence, questionnaires, policies, and AI workflows." + title: "List checks for a task template | Comp AI API" + sidebarTitle: "List checks for a task template" + description: "List checks for a task template in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." + og:title: "List checks for a task template | Comp AI API" + og:description: "List checks for a task template in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." x-speakeasy-mcp: - name: "get-all-context" + name: "get-checks-for-task-template" + /v1/integrations/tasks/{taskId}/checks: + get: + operationId: "TaskIntegrationsController_getChecksForTask_v1" + parameters: + - name: "taskId" + required: true + in: "path" + schema: + type: "string" + responses: + "200": + description: "" + security: + - apikey: [] + summary: "List checks attached to a task" + tags: + - "Integrations" + description: "List checks attached to a task in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + x-mint: + metadata: + title: "List checks attached to a task | Comp AI API" + sidebarTitle: "List checks attached to a task" + description: "List checks attached to a task in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." + og:title: "List checks attached to a task | Comp AI API" + og:description: "List checks attached to a task in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." + x-speakeasy-mcp: + name: "get-checks-for-task" + /v1/integrations/tasks/{taskId}/run-check: post: - description: "Creates a new context entry for the authenticated organization. All required fields must be provided." - operationId: "ContextController_createContext_v1" - parameters: [] + operationId: "TaskIntegrationsController_runCheckForTask_v1" + parameters: + - name: "taskId" + required: true + in: "path" + schema: + type: "string" requestBody: required: true - description: "Context entry data" content: application/json: schema: - $ref: "#/components/schemas/CreateContextDto" - examples: - Authentication Context: - value: - question: "How do we handle user authentication in our application?" - answer: "We use a hybrid authentication system supporting both API keys and session-based authentication. API keys are used for programmatic access while sessions are used for web interface interactions." - tags: - - "authentication" - - "security" - - "api" - - "sessions" - Database Context: - value: - question: "What database do we use and why?" - answer: "We use PostgreSQL as our primary database with Prisma as the ORM. PostgreSQL provides excellent performance, ACID compliance, and supports advanced features like JSON columns and full-text search." - tags: - - "database" - - "postgresql" - - "prisma" - - "architecture" + $ref: "#/components/schemas/RunCheckForTaskDto" responses: "201": - description: "Context entry created successfully" - content: - application/json: - schema: - type: "object" - properties: - id: - type: "string" - organizationId: - type: "string" - question: - type: "string" - answer: - type: "string" - tags: - type: "array" - items: - type: "string" - createdAt: - type: "string" - format: "date-time" - updatedAt: - type: "string" - format: "date-time" - authType: - type: "string" - enum: - - "api-key" - - "session" - example: - id: "ctx_abc123def456" - organizationId: "org_xyz789uvw012" - question: "How do we handle user authentication in our application?" - answer: "We use a hybrid authentication system supporting both API keys and session-based authentication." - tags: - - "authentication" - - "security" - - "api" - - "sessions" - createdAt: "2024-01-15T10:30:00.000Z" - updatedAt: "2024-01-15T10:30:00.000Z" - authType: "apikey" - "400": - description: "Bad request - Invalid input data" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "array" - items: - type: "string" - error: - type: "string" - statusCode: - type: "number" - example: - message: - - "question should not be empty" - - "answer should not be empty" - error: "Bad Request" - statusCode: 400 - "401": - description: "Unauthorized - Invalid or missing authentication" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "string" - statusCode: - type: "number" - example: 401 - example: - message: "Unauthorized" - statusCode: 401 - "404": - description: "Organization not found" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "string" - statusCode: - type: "number" - example: 404 - example: - message: "Organization not found" - statusCode: 404 - "500": - description: "Internal server error" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "string" - statusCode: - type: "number" - example: 500 - example: - message: "Internal server error" - statusCode: 500 + description: "" + security: + - apikey: [] + summary: "Run a check for a task" + tags: + - "Integrations" + description: "Run a check for a task in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + x-mint: + metadata: + title: "Run a check for a task | Comp AI API" + sidebarTitle: "Run a check for a task" + description: "Run a check for a task in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect." + og:title: "Run a check for a task | Comp AI API" + og:description: "Run a check for a task in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect." + x-speakeasy-mcp: + name: "run-check-for-task" + /v1/integrations/tasks/{taskId}/checks/disconnect: + post: + operationId: "TaskIntegrationsController_disconnectCheckFromTask_v1" + parameters: + - name: "taskId" + required: true + in: "path" + schema: + type: "string" + requestBody: + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/ToggleCheckForTaskDto" + responses: + "201": + description: "" + security: + - apikey: [] + summary: "Disconnect checks from a task" + tags: + - "Integrations" + description: "Disconnect checks from a task in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + x-mint: + metadata: + title: "Disconnect checks from a task | Comp AI API" + sidebarTitle: "Disconnect checks from a task" + description: "Disconnect checks from a task in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect." + og:title: "Disconnect checks from a task | Comp AI API" + og:description: "Disconnect checks from a task in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect." + x-speakeasy-mcp: + name: "disconnect-check-from-task" + /v1/integrations/tasks/{taskId}/checks/reconnect: + post: + operationId: "TaskIntegrationsController_reconnectCheckToTask_v1" + parameters: + - name: "taskId" + required: true + in: "path" + schema: + type: "string" + requestBody: + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/ToggleCheckForTaskDto" + responses: + "201": + description: "" security: - apikey: [] - summary: "Create a new context entry" + summary: "Reconnect checks to a task" tags: - - "Context" + - "Integrations" + description: "Reconnect checks to a task in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." x-mint: metadata: - title: "Create a new context entry | Comp AI API" - sidebarTitle: "Create a new context entry" - description: "Creates a new context entry for the authenticated organization. All required fields must be provided." - og:title: "Create a new context entry | Comp AI API" - og:description: "Creates a new context entry for the authenticated organization. All required fields must be provided." + title: "Reconnect checks to a task | Comp AI API" + sidebarTitle: "Reconnect checks to a task" + description: "Reconnect checks to a task in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect." + og:title: "Reconnect checks to a task | Comp AI API" + og:description: "Reconnect checks to a task in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect." x-speakeasy-mcp: - name: "create-context" - /v1/context/{id}: + name: "reconnect-check-to-task" + /v1/integrations/tasks/{taskId}/runs: get: - description: "Retrieve one organization context entry with source details and approved content for compliance automation workflows." - operationId: "ContextController_getContextById_v1" + operationId: "TaskIntegrationsController_getTaskCheckRuns_v1" parameters: - - name: "id" + - name: "taskId" required: true in: "path" - description: "Context entry ID" schema: - example: "ctx_abc123def456" + type: "string" + - name: "limit" + required: true + in: "query" + schema: type: "string" responses: "200": - description: "Context entry retrieved successfully" - content: - application/json: - schema: - type: "object" - properties: - id: - type: "string" - example: "ctx_abc123def456" - organizationId: - type: "string" - example: "org_xyz789uvw012" - question: - type: "string" - answer: - type: "string" - tags: - type: "array" - items: - type: "string" - example: - - "authentication" - - "security" - createdAt: - type: "string" - format: "date-time" - updatedAt: - type: "string" - format: "date-time" - authType: - type: "string" - enum: - - "api-key" - - "session" - example: - id: "ctx_abc123def456" - organizationId: "org_xyz789uvw012" - question: "How do we handle user authentication in our application?" - answer: "We use a hybrid authentication system supporting both API keys and session-based authentication." - tags: - - "authentication" - - "security" - - "api" - - "sessions" - createdAt: "2024-01-15T10:30:00.000Z" - updatedAt: "2024-01-15T14:20:00.000Z" - authType: "apikey" - "401": - description: "Unauthorized - Invalid or missing authentication" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "string" - example: "Unauthorized" - statusCode: - type: "number" - example: 401 - example: - message: "Unauthorized" - statusCode: 401 - "404": - description: "Context entry not found" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "string" - statusCode: - type: "number" - example: 404 - example: - message: "Context entry with ID ctx_abc123def456 not found in organization org_xyz789uvw012" - statusCode: 404 - "500": - description: "Internal server error" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "string" - statusCode: - type: "number" - example: 500 - example: - message: "Internal server error" - statusCode: 500 + description: "" + security: + - apikey: [] + summary: "List check runs for a task" + tags: + - "Integrations" + description: "List check runs for a task in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + x-mint: + metadata: + title: "List check runs for a task | Comp AI API" + sidebarTitle: "List check runs for a task" + description: "List check runs for a task in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect." + og:title: "List check runs for a task | Comp AI API" + og:description: "List check runs for a task in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect." + x-speakeasy-mcp: + name: "get-task-check-runs" + /v1/integrations/sync/google-workspace/employees: + post: + operationId: "SyncController_syncGoogleWorkspaceEmployees_v1" + parameters: + - name: "connectionId" + required: true + in: "query" + schema: + type: "string" + responses: + "201": + description: "" + security: + - apikey: [] + summary: "Sync Google Workspace employees" + tags: + - "Integrations" + description: "Sync Google Workspace employees in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + x-mint: + metadata: + title: "Sync Google Workspace employees | Comp AI API" + sidebarTitle: "Sync Google Workspace employees" + description: "Sync Google Workspace employees in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." + og:title: "Sync Google Workspace employees | Comp AI API" + og:description: "Sync Google Workspace employees in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." + x-speakeasy-mcp: + name: "sync-google-workspace-employees" + /v1/integrations/sync/google-workspace/status: + post: + operationId: "SyncController_getGoogleWorkspaceStatus_v1" + parameters: [] + responses: + "201": + description: "" + security: + - apikey: [] + summary: "Get Google Workspace sync status" + tags: + - "Integrations" + description: "Get Google Workspace sync status in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + x-mint: + metadata: + title: "Get Google Workspace sync status | Comp AI API" + sidebarTitle: "Get Google Workspace sync status" + description: "Get Google Workspace sync status in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." + og:title: "Get Google Workspace sync status | Comp AI API" + og:description: "Get Google Workspace sync status in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." + x-speakeasy-mcp: + name: "get-google-workspace-status" + /v1/integrations/sync/rippling/employees: + post: + operationId: "SyncController_syncRipplingEmployees_v1" + parameters: + - name: "connectionId" + required: true + in: "query" + schema: + type: "string" + responses: + "201": + description: "" + security: + - apikey: [] + summary: "Sync Rippling employees" + tags: + - "Integrations" + description: "Sync Rippling employees in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + x-mint: + metadata: + title: "Sync Rippling employees | Comp AI API" + sidebarTitle: "Sync Rippling employees" + description: "Sync Rippling employees in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect." + og:title: "Sync Rippling employees | Comp AI API" + og:description: "Sync Rippling employees in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect." + x-speakeasy-mcp: + name: "sync-rippling-employees" + /v1/integrations/sync/rippling/status: + post: + operationId: "SyncController_getRipplingStatus_v1" + parameters: [] + responses: + "201": + description: "" + security: + - apikey: [] + summary: "Get Rippling sync status" + tags: + - "Integrations" + description: "Get Rippling sync status in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + x-mint: + metadata: + title: "Get Rippling sync status | Comp AI API" + sidebarTitle: "Get Rippling sync status" + description: "Get Rippling sync status in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect." + og:title: "Get Rippling sync status | Comp AI API" + og:description: "Get Rippling sync status in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect." + x-speakeasy-mcp: + name: "get-rippling-status" + /v1/integrations/sync/jumpcloud/employees: + post: + operationId: "SyncController_syncJumpCloudEmployees_v1" + parameters: + - name: "connectionId" + required: true + in: "query" + schema: + type: "string" + responses: + "201": + description: "" security: - apikey: [] - summary: "Get organization context" + summary: "Sync JumpCloud employees" tags: - - "Context" + - "Integrations" + description: "Sync JumpCloud employees in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." x-mint: metadata: - title: "Get organization context | Comp AI API" - sidebarTitle: "Get organization context" - description: "Retrieve one organization context entry with source details and approved content for compliance automation workflows." - og:title: "Get organization context | Comp AI API" - og:description: "Retrieve one organization context entry with source details and approved content for compliance automation workflows." + title: "Sync JumpCloud employees | Comp AI API" + sidebarTitle: "Sync JumpCloud employees" + description: "Sync JumpCloud employees in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect." + og:title: "Sync JumpCloud employees | Comp AI API" + og:description: "Sync JumpCloud employees in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect." x-speakeasy-mcp: - name: "get-context-by-id" - patch: - description: "Update an organization context entry so approved business details stay current for evidence and questionnaire automation." - operationId: "ContextController_updateContext_v1" - parameters: - - name: "id" - required: true - in: "path" - description: "Context entry ID" - schema: - example: "ctx_abc123def456" - type: "string" + name: "sync-jump-cloud-employees" + /v1/integrations/sync/jumpcloud/status: + post: + operationId: "SyncController_getJumpCloudStatus_v1" + parameters: [] + responses: + "201": + description: "" + security: + - apikey: [] + summary: "Get JumpCloud sync status" + tags: + - "Integrations" + description: "Get JumpCloud sync status in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + x-mint: + metadata: + title: "Get JumpCloud sync status | Comp AI API" + sidebarTitle: "Get JumpCloud sync status" + description: "Get JumpCloud sync status in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect." + og:title: "Get JumpCloud sync status | Comp AI API" + og:description: "Get JumpCloud sync status in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect." + x-speakeasy-mcp: + name: "get-jump-cloud-status" + /v1/integrations/sync/employee-sync-provider: + get: + operationId: "SyncController_getEmployeeSyncProvider_v1" + parameters: [] + responses: + "200": + description: "" + security: + - apikey: [] + summary: "Get the currently configured employee sync provider" + tags: + - "Integrations" + description: "Get the currently configured employee sync provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + x-mint: + metadata: + title: "Get the currently configured employee sync | Comp AI API" + sidebarTitle: "Get the currently configured employee sync provider" + description: "Get the currently configured employee sync provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage." + og:title: "Get the currently configured employee sync | Comp AI API" + og:description: "Get the currently configured employee sync provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage." + x-speakeasy-mcp: + name: "get-employee-sync-provider" + post: + operationId: "SyncController_setEmployeeSyncProvider_v1" + parameters: [] requestBody: required: true - description: "Partial context entry data to update" content: application/json: schema: - $ref: "#/components/schemas/UpdateContextDto" - examples: - Update Tags: - value: - tags: - - "authentication" - - "security" - - "api" - - "sessions" - - "updated" - Update Answer: - value: - answer: "Updated: We use a hybrid authentication system supporting both API keys and session-based authentication. Recent updates include support for OAuth2 providers." + $ref: "#/components/schemas/SetEmployeeSyncProviderDto" responses: - "200": - description: "Context entry updated successfully" - content: - application/json: - example: - id: "ctx_abc123def456" - organizationId: "org_xyz789uvw012" - question: "How do we handle user authentication in our application?" - answer: "Updated: We use a hybrid authentication system supporting both API keys and session-based authentication with OAuth2 support." - tags: - - "authentication" - - "security" - - "api" - - "sessions" - - "oauth2" - createdAt: "2024-01-15T10:30:00.000Z" - updatedAt: "2024-01-15T15:45:00.000Z" - authType: "apikey" - "400": - description: "Bad request - Invalid input data" - content: - application/json: - example: - message: - - "tags must be an array of strings" - error: "Bad Request" - statusCode: 400 - "401": - description: "Unauthorized - Invalid or missing authentication" - content: - application/json: - example: - message: "Unauthorized" - statusCode: 401 - "404": - description: "Context entry not found" - content: - application/json: - example: - message: "Context entry with ID ctx_abc123def456 not found in organization org_xyz789uvw012" - statusCode: 404 - "500": - description: "Internal server error" - content: - application/json: - example: - message: "Internal server error" - statusCode: 500 + "201": + description: "" security: - apikey: [] - summary: "Update organization context" + summary: "Set the employee sync provider" tags: - - "Context" + - "Integrations" + description: "Set the employee sync provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." x-mint: metadata: - title: "Update organization context | Comp AI API" - sidebarTitle: "Update organization context" - description: "Update an organization context entry so approved business details stay current for evidence and questionnaire automation." - og:title: "Update organization context | Comp AI API" - og:description: "Update an organization context entry so approved business details stay current for evidence and questionnaire automation." + title: "Set the employee sync provider | Comp AI API" + sidebarTitle: "Set the employee sync provider" + description: "Set the employee sync provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." + og:title: "Set the employee sync provider | Comp AI API" + og:description: "Set the employee sync provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." x-speakeasy-mcp: - name: "update-context" - delete: - description: "Permanently removes a context entry from the organization. This action cannot be undone." - operationId: "ContextController_deleteContext_v1" - parameters: - - name: "id" - required: true - in: "path" - description: "Context entry ID" - schema: - example: "ctx_abc123def456" - type: "string" + name: "set-employee-sync-provider" + /v1/integrations/sync/device-sync-provider: + get: + operationId: "SyncController_getDeviceSyncProvider_v1" + parameters: [] responses: "200": - description: "Context entry deleted successfully" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "string" - deletedContext: - type: "object" - properties: - id: - type: "string" - question: - type: "string" - authType: - type: "string" - enum: - - "api-key" - - "session" - example: - message: "Context entry deleted successfully" - deletedContext: - id: "ctx_abc123def456" - question: "How do we handle user authentication in our application?" - authType: "apikey" - "401": - description: "Unauthorized - Invalid or missing authentication" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "string" - statusCode: - type: "number" - example: 401 - example: - message: "Unauthorized" - statusCode: 401 - "404": - description: "Context entry not found" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "string" - statusCode: - type: "number" - example: 404 - example: - message: "Context entry with ID ctx_abc123def456 not found in organization org_xyz789uvw012" - statusCode: 404 - "500": - description: "Internal server error" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "string" - statusCode: - type: "number" - example: 500 - example: - message: "Internal server error" - statusCode: 500 + description: "" + security: + - apikey: [] + summary: "Get the currently configured device sync provider" + tags: + - "Integrations" + description: "Get the currently configured device sync provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + x-mint: + metadata: + title: "Get the currently configured device sync | Comp AI API" + sidebarTitle: "Get the currently configured device sync provider" + description: "Get the currently configured device sync provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage." + og:title: "Get the currently configured device sync | Comp AI API" + og:description: "Get the currently configured device sync provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage." + x-speakeasy-mcp: + name: "get-device-sync-provider" + post: + operationId: "SyncController_setDeviceSyncProvider_v1" + parameters: [] + responses: + "201": + description: "" security: - apikey: [] - summary: "Delete context entry" + summary: "Set the device sync provider" tags: - - "Context" + - "Integrations" + description: "Set the device sync provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." x-mint: metadata: - title: "Delete context entry | Comp AI API" - sidebarTitle: "Delete context entry" - description: "Permanently removes a context entry from the organization. This action cannot be undone." - og:title: "Delete context entry | Comp AI API" - og:description: "Permanently removes a context entry from the organization. This action cannot be undone." + title: "Set the device sync provider | Comp AI API" + sidebarTitle: "Set the device sync provider" + description: "Set the device sync provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect." + og:title: "Set the device sync provider | Comp AI API" + og:description: "Set the device sync provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect." x-speakeasy-mcp: - name: "delete-context" - /v1/devices: + name: "set-device-sync-provider" + /v1/integrations/sync/available-providers: get: - description: "List managed employee devices with endpoint compliance status, ownership, and security check results for workforce controls." - operationId: "DevicesController_getAllDevices_v1" - parameters: [] + operationId: "SyncController_getAvailableSyncProviders_v1" + parameters: + - name: "syncType" + required: true + in: "query" + schema: + type: "string" responses: "200": - description: "Devices retrieved successfully" - content: - application/json: - schema: - type: "object" - properties: - data: - type: "array" - items: - $ref: "#/components/schemas/DeviceResponseDto" - count: - type: "number" - description: "Total number of devices" - example: 25 - authType: - type: "string" - enum: - - "api-key" - - "session" - description: "How the request was authenticated" - authenticatedUser: - type: "object" - properties: - id: - type: "string" - description: "User ID" - example: "usr_abc123def456" - email: - type: "string" - description: "User email" - example: "user@company.com" - "401": - description: "Unauthorized - Invalid authentication or insufficient permissions" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "string" - example: "Invalid or expired API key" - "404": - description: "Organization not found" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "string" - example: "Organization with ID org_abc123def456 not found" - "500": - description: "Internal server error - FleetDM integration issue" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "string" - example: "Organization does not have FleetDM configured" + description: "" security: - apikey: [] - summary: "List managed devices" + summary: "List sync providers available to the org" tags: - - "Devices" + - "Integrations" + description: "List sync providers available to the org in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." x-mint: metadata: - title: "List managed devices | Comp AI API" - sidebarTitle: "List managed devices" - description: "List managed employee devices with endpoint compliance status, ownership, and security check results for workforce controls." - og:title: "List managed devices | Comp AI API" - og:description: "List managed employee devices with endpoint compliance status, ownership, and security check results for workforce controls." + title: "List sync providers available to the org | Comp AI API" + sidebarTitle: "List sync providers available to the org" + description: "List sync providers available to the org in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." + og:title: "List sync providers available to the org | Comp AI API" + og:description: "List sync providers available to the org in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." x-speakeasy-mcp: - name: "get-all-devices" - /v1/devices/member/{memberId}: - get: - description: "Returns all devices assigned to a specific member within the authenticated organization. Devices are fetched from FleetDM using the member's dedicated fleetDmLabelId." - operationId: "DevicesController_getDevicesByMember_v1" + name: "get-available-sync-providers" + /v1/integrations/sync/dynamic/{providerSlug}/employees: + post: + operationId: "SyncController_syncDynamicProviderEmployees_v1" parameters: - - name: "memberId" + - name: "providerSlug" required: true in: "path" - description: "Member ID to get devices for" schema: - example: "mem_abc123def456" + type: "string" + - name: "connectionId" + required: true + in: "query" + schema: type: "string" responses: - "200": - description: "Member devices retrieved successfully" - content: - application/json: - schema: - $ref: "#/components/schemas/DevicesByMemberResponseDto" - "401": - description: "Unauthorized - Invalid authentication or insufficient permissions" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "string" - example: "Unauthorized" - "404": - description: "Organization or member not found" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "string" - example: "Member with ID mem_abc123def456 not found in organization org_abc123def456" - "500": - description: "Internal server error - FleetDM integration issue" + "201": + description: "" security: - apikey: [] - summary: "Get devices by member ID" + summary: "Sync employees for a dynamic provider" tags: - - "Devices" + - "Integrations" + description: "Sync employees for a dynamic provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." x-mint: metadata: - title: "Get devices by member ID | Comp AI API" - sidebarTitle: "Get devices by member ID" - description: "Returns all devices assigned to a specific member within the authenticated organization. Devices are fetched from FleetDM using the member's dedicated." - og:title: "Get devices by member ID | Comp AI API" - og:description: "Returns all devices assigned to a specific member within the authenticated organization. Devices are fetched from FleetDM using the member's dedicated." + title: "Sync employees for a dynamic provider | Comp AI API" + sidebarTitle: "Sync employees for a dynamic provider" + description: "Sync employees for a dynamic provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." + og:title: "Sync employees for a dynamic provider | Comp AI API" + og:description: "Sync employees for a dynamic provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." x-speakeasy-mcp: - name: "get-devices-by-member" - /v1/devices/{id}: - delete: - description: "Delete device in Comp AI. Read and manage employee device inventory and Fleet compliance data used for endpoint security controls." - operationId: "DevicesController_deleteDevice_v1" + name: "sync-dynamic-provider-employees" + /v1/integrations/sync/dynamic/{providerSlug}/devices: + post: + operationId: "SyncController_syncDynamicProviderDevices_v1" parameters: - - name: "id" + - name: "providerSlug" required: true in: "path" - description: "Device ID to delete" schema: - example: "dev_abc123def456" type: "string" + - name: "connectionId" + required: true + in: "query" + schema: + type: "string" + responses: + "201": + description: "" + security: + - apikey: [] + summary: "Sync devices for a dynamic provider" + tags: + - "Integrations" + description: "Sync devices for a dynamic provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + x-mint: + metadata: + title: "Sync devices for a dynamic provider | Comp AI API" + sidebarTitle: "Sync devices for a dynamic provider" + description: "Sync devices for a dynamic provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." + og:title: "Sync devices for a dynamic provider | Comp AI API" + og:description: "Sync devices for a dynamic provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." + x-speakeasy-mcp: + name: "sync-dynamic-provider-devices" + /v1/integrations/sync/two-factor-source: + get: + operationId: "TwoFactorSourceController_getTwoFactorSource_v1" + parameters: [] + responses: + "200": + description: "" + security: + - apikey: [] + summary: "Get the configured 2FA source provider" + tags: + - "Integrations" + description: "Get the configured 2FA source provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + x-mint: + metadata: + title: "Get the configured 2FA source provider | Comp AI API" + sidebarTitle: "Get the configured 2FA source provider" + description: "Get the configured 2FA source provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." + og:title: "Get the configured 2FA source provider | Comp AI API" + og:description: "Get the configured 2FA source provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." + x-speakeasy-mcp: + name: "get-two-factor-source" + post: + operationId: "TwoFactorSourceController_setTwoFactorSource_v1" + parameters: [] + requestBody: + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/SetTwoFactorSourceDto" + responses: + "201": + description: "" + security: + - apikey: [] + summary: "Set the 2FA source provider" + tags: + - "Integrations" + description: "Set the 2FA source provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + x-mint: + metadata: + title: "Set the 2FA source provider | Comp AI API" + sidebarTitle: "Set the 2FA source provider" + description: "Set the 2FA source provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect." + og:title: "Set the 2FA source provider | Comp AI API" + og:description: "Set the 2FA source provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect." + x-speakeasy-mcp: + name: "set-two-factor-source" + /v1/integrations/sync/available-2fa-sources: + get: + operationId: "TwoFactorSourceController_getAvailableTwoFactorSources_v1" + parameters: [] + responses: + "200": + description: "" + security: + - apikey: [] + summary: "List integrations that can supply per-user 2FA status" + tags: + - "Integrations" + description: "List integrations that can supply per-user 2FA status in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + x-mint: + metadata: + title: "List integrations that can supply per-user | Comp AI API" + sidebarTitle: "List integrations that can supply per-user 2FA status" + description: "List integrations that can supply per-user 2FA status in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees." + og:title: "List integrations that can supply per-user | Comp AI API" + og:description: "List integrations that can supply per-user 2FA status in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees." + x-speakeasy-mcp: + name: "get-available-two-factor-sources" + /v1/integrations/sync/two-factor-statuses: + get: + operationId: "TwoFactorSourceController_getTwoFactorStatuses_v1" + parameters: [] responses: - "204": - description: "Device deleted successfully" - "403": - description: "Forbidden - only organization owners can delete devices" - "404": - description: "Organization or device not found" + "200": + description: "" security: - apikey: [] - summary: "Delete device" + summary: "Per-user 2FA status from the configured source" tags: - - "Devices" + - "Integrations" + description: "Per-user 2FA status from the configured source in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." x-mint: metadata: - title: "Delete device | Comp AI API" - sidebarTitle: "Delete device" - description: "Delete device in Comp AI. Read and manage employee device inventory and Fleet compliance data used for endpoint security controls." - og:title: "Delete device | Comp AI API" - og:description: "Delete device in Comp AI. Read and manage employee device inventory and Fleet compliance data used for endpoint security controls." + title: "Per-user 2FA status from the configured source | Comp AI API" + sidebarTitle: "Per-user 2FA status from the configured source" + description: "Per-user 2FA status from the configured source in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage." + og:title: "Per-user 2FA status from the configured source | Comp AI API" + og:description: "Per-user 2FA status from the configured source in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage." x-speakeasy-mcp: - name: "delete-device" - /v1/policies: + name: "get-two-factor-statuses" + /v1/cloud-security/activity: get: - description: "Lists active compliance policies by default. Use includeArchived=true to include archived rows and excludeContent=true when you only need policy metadata." - operationId: "PoliciesController_getAllPolicies_v1" + operationId: "CloudSecurityController_getActivity_v1" parameters: - - name: "X-Organization-Id" - in: "header" - description: "Organization ID (required for session auth, optional for API key auth)" - required: false - schema: - type: "string" - - name: "excludeContent" - required: false - in: "query" - description: "When true, omits `content` and `draftContent` from each policy in the response. Use this when listing policies to find one by name/ID — fetch the full content via GET /v1/policies/{id} after." - schema: - type: "boolean" - - name: "includeArchived" - required: false + - name: "connectionId" + required: true in: "query" - description: "When true, includes user-archived and framework-sync-archived policies in the response. Defaults to false." schema: - type: "boolean" + type: "string" responses: "200": - description: "Policies retrieved successfully" - content: - application/json: - schema: - type: "object" - properties: - data: - type: "array" - items: - $ref: "#/components/schemas/PolicyResponseDto" - description: "Array of policies" - authType: - type: "string" - enum: - - "api-key" - - "session" - description: "How the request was authenticated" - authenticatedUser: - type: "object" - description: "Authenticated user information (only present for session auth)" - properties: - id: - type: "string" - description: "User ID" - example: "usr_abc123def456" - email: - type: "string" - description: "User email" - example: "user@company.com" - required: - - "data" - - "authType" - example: - data: - - id: "pol_abc123def456" - name: "Data Privacy Policy" - description: "This policy outlines how we handle and protect personal data" - status: "draft" - content: - - type: "paragraph" - attrs: - textAlign: null - content: - - type: "text" - text: "This policy outlines our commitment to protecting personal data." - frequency: "yearly" - department: "IT" - isRequiredToSign: true - signedBy: [] - reviewDate: "2024-12-31T00:00:00.000Z" - isArchived: false - archivedAt: null - createdAt: "2024-01-01T00:00:00.000Z" - updatedAt: "2024-01-15T00:00:00.000Z" - lastArchivedAt: null - lastPublishedAt: "2024-01-10T00:00:00.000Z" - organizationId: "org_abc123def456" - assigneeId: "usr_abc123def456" - approverId: "usr_xyz789abc123" - policyTemplateId: null - authType: "session" - authenticatedUser: - id: "usr_abc123def456" - email: "user@company.com" - "401": - description: "Unauthorized - Invalid authentication or insufficient permissions" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "string" - example: "Unauthorized" - security: - - apikey: [] - summary: "List compliance policies" + description: "" + summary: "List recent cloud security activity" tags: - - "Policies" + - "CloudSecurity" + description: "List recent cloud security activity in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." + x-mint: + metadata: + title: "List recent cloud security activity | Comp AI API" + sidebarTitle: "List recent cloud security activity" + description: "List recent cloud security activity in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud." + og:title: "List recent cloud security activity | Comp AI API" + og:description: "List recent cloud security activity in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud." x-speakeasy-mcp: - name: "list-policies" + name: "get-activity" + /v1/cloud-security/providers: + get: + operationId: "CloudSecurityController_getProviders_v1" + parameters: [] + responses: + "200": + description: "" + summary: "List supported cloud providers" + tags: + - "CloudSecurity" + description: "List supported cloud providers in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." x-mint: metadata: - title: "List compliance policies | Comp AI API" - sidebarTitle: "List compliance policies" - description: "Lists active compliance policies by default. Use includeArchived=true to include archived rows and excludeContent=true when you only need policy metadata." - og:title: "List compliance policies | Comp AI API" - og:description: "Lists active compliance policies by default. Use includeArchived=true to include archived rows and excludeContent=true when you only need policy metadata." - x-codeSamples: - - lang: "bash" - label: "List policies" - source: "curl --request GET --url \"https://api.trycomp.ai/v1/policies\" --header \"X-API-Key: $COMP_AI_API_KEY\"" - - lang: "bash" - label: "List policies (lightweight, no content)" - source: "curl --request GET --url \"https://api.trycomp.ai/v1/policies?excludeContent=true\" --header \"X-API-Key: $COMP_AI_API_KEY\"" - - lang: "bash" - label: "List policies including archived" - source: "curl --request GET --url \"https://api.trycomp.ai/v1/policies?includeArchived=true\" --header \"X-API-Key: $COMP_AI_API_KEY\"" + title: "List supported cloud providers | Comp AI API" + sidebarTitle: "List supported cloud providers" + description: "List supported cloud providers in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture." + og:title: "List supported cloud providers | Comp AI API" + og:description: "List supported cloud providers in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture." + x-speakeasy-mcp: + name: "get-providers" + /v1/cloud-security/findings: + get: + operationId: "CloudSecurityController_getFindings_v1" + parameters: [] + responses: + "200": + description: "" + summary: "List cloud security findings" + tags: + - "CloudSecurity" + description: "List cloud security findings discovered by scans so teams can prioritize remediation before issues become audit findings." + x-mint: + metadata: + title: "List cloud security findings | Comp AI API" + sidebarTitle: "List cloud security findings" + description: "List cloud security findings discovered by scans so teams can prioritize remediation before issues become audit findings." + og:title: "List cloud security findings | Comp AI API" + og:description: "List cloud security findings discovered by scans so teams can prioritize remediation before issues become audit findings." + x-speakeasy-mcp: + name: "get-findings" + /v1/cloud-security/findings/{findingId}/exception: post: - description: "Create a policy record that can be reviewed, versioned, published, linked to controls, and used as source evidence for questionnaires." - operationId: "PoliciesController_createPolicy_v1" + description: "Accepts session, API key, or service token auth. For API key / service token callers without an explicit user attribution, the action is attributed to the org's owner and the audit log description records the calling key/service name." + operationId: "CloudSecurityController_markFindingAsException_v1" parameters: - - name: "X-Organization-Id" - in: "header" - description: "Organization ID (required for session auth, optional for API key auth)" - required: false + - name: "findingId" + required: true + in: "path" schema: type: "string" requestBody: required: true - description: "Policy creation data" content: application/json: schema: - $ref: "#/components/schemas/CreatePolicyDto" + $ref: "#/components/schemas/MarkExceptionDto" responses: "201": - description: "Policy created successfully" - content: - application/json: - schema: - $ref: "#/components/schemas/PolicyResponseDto" - example: - id: "pol_abc123def456" - name: "Data Privacy Policy" - description: "This policy outlines how we handle and protect personal data" - status: "draft" - content: - - type: "paragraph" - content: - - type: "text" - text: "Policy content here" - frequency: "yearly" - department: "it" - isRequiredToSign: true - signedBy: [] - reviewDate: "2024-12-31T00:00:00.000Z" - isArchived: false - createdAt: "2024-01-01T00:00:00.000Z" - updatedAt: "2024-01-15T00:00:00.000Z" - organizationId: "org_abc123def456" - assigneeId: "usr_abc123def456" - approverId: "usr_xyz789abc123" - "400": - description: "Bad Request - Invalid policy data" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "string" - example: "Invalid policy content format" - "401": - description: "Unauthorized - Invalid authentication or insufficient permissions" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "string" - example: "Unauthorized" - security: - - apikey: [] - summary: "Create compliance policy" + description: "" + summary: "Mark a finding as an exception so it no longer appears in the active Scan Results list" tags: - - "Policies" + - "CloudSecurity" x-mint: metadata: - title: "Create compliance policy | Comp AI API" - sidebarTitle: "Create compliance policy" - description: "Create a policy record that can be reviewed, versioned, published, linked to controls, and used as source evidence for questionnaires." - og:title: "Create compliance policy | Comp AI API" - og:description: "Create a policy record that can be reviewed, versioned, published, linked to controls, and used as source evidence for questionnaires." + title: "Mark a finding as an exception so it no | Comp AI API" + sidebarTitle: "Mark a finding as an exception so it no longer appears in the active Scan Results list" + description: "Accepts session, API key, or service token auth. For API key / service token callers without an explicit user attribution, the action is attributed to the." + og:title: "Mark a finding as an exception so it no | Comp AI API" + og:description: "Accepts session, API key, or service token auth. For API key / service token callers without an explicit user attribution, the action is attributed to the." x-speakeasy-mcp: - name: "create-policy" - /v1/policies/publish-all: - post: - operationId: "PoliciesController_publishAllPolicies_v1" + name: "mark-finding-as-exception" + /v1/cloud-security/connections/{connectionId}/scan-mode: + patch: + description: "Accepts session, API key, or service token auth. For API key / service token callers without an explicit user attribution, the action is attributed to the org's owner." + operationId: "CloudSecurityController_updateAwsScanMode_v1" parameters: - - name: "X-Organization-Id" - in: "header" - description: "Organization ID (required for session auth, optional for API key auth)" - required: false + - name: "connectionId" + required: true + in: "path" schema: type: "string" + requestBody: + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/UpdateAwsScanModeDto" responses: - "201": + "200": description: "" - security: - - apikey: [] - summary: "Publish all draft policies" + summary: "Switch the AWS scan engine for a connection (Comp AI scanners ↔ Security Hub)" tags: - - "Policies" - description: "Publish draft policies in bulk so approved policy content can power Trust Center sharing, questionnaire answers, and audit evidence." + - "CloudSecurity" x-mint: metadata: - title: "Publish all draft policies | Comp AI API" - sidebarTitle: "Publish all draft policies" - description: "Publish draft policies in bulk so approved policy content can power Trust Center sharing, questionnaire answers, and audit evidence." - og:title: "Publish all draft policies | Comp AI API" - og:description: "Publish draft policies in bulk so approved policy content can power Trust Center sharing, questionnaire answers, and audit evidence." + title: "Switch the AWS scan engine for a connection | Comp AI API" + sidebarTitle: "Switch the AWS scan engine for a connection (Comp AI scanners ↔ Security Hub)" + description: "Accepts session, API key, or service token auth. For API key / service token callers without an explicit user attribution, the action is attributed to the." + og:title: "Switch the AWS scan engine for a connection | Comp AI API" + og:description: "Accepts session, API key, or service token auth. For API key / service token callers without an explicit user attribution, the action is attributed to the." x-speakeasy-mcp: - name: "publish-all-policies" - /v1/policies/download-all: - get: - description: "Generate a single PDF bundle of published compliance policies for auditors, customer security reviews, and Trust Center workflows." - operationId: "PoliciesController_downloadAllPolicies_v1" + name: "update-aws-scan-mode" + /v1/cloud-security/exceptions/{exceptionId}: + delete: + description: "Accepts session, API key, or service token auth. For API key / service token callers without an explicit user attribution, the action is attributed to the org's owner." + operationId: "CloudSecurityController_revokeException_v1" parameters: - - name: "X-Organization-Id" - in: "header" - description: "Organization ID (required for session auth, optional for API key auth)" - required: false + - name: "exceptionId" + required: true + in: "path" schema: type: "string" responses: "200": - description: "Signed URL for PDF bundle returned" - "404": - description: "No published policies found" - security: - - apikey: [] - summary: "Download all published policies" + description: "" + summary: "Revoke an exception, reopening the finding" tags: - - "Policies" + - "CloudSecurity" x-mint: metadata: - title: "Download all published policies | Comp AI API" - sidebarTitle: "Download all published policies" - description: "Generate a single PDF bundle of published compliance policies for auditors, customer security reviews, and Trust Center workflows." - og:title: "Download all published policies | Comp AI API" - og:description: "Generate a single PDF bundle of published compliance policies for auditors, customer security reviews, and Trust Center workflows." + title: "Revoke an exception, reopening the finding | Comp AI API" + sidebarTitle: "Revoke an exception, reopening the finding" + description: "Accepts session, API key, or service token auth. For API key / service token callers without an explicit user attribution, the action is attributed to the." + og:title: "Revoke an exception, reopening the finding | Comp AI API" + og:description: "Accepts session, API key, or service token auth. For API key / service token callers without an explicit user attribution, the action is attributed to the." x-speakeasy-mcp: - name: "download-all-policies" - /v1/policies/{id}/controls: + name: "revoke-exception" + /v1/cloud-security/history: get: - operationId: "PoliciesController_getPolicyControls_v1" + operationId: "CloudSecurityController_getHistory_v1" parameters: - - name: "X-Organization-Id" - in: "header" - description: "Organization ID (required for session auth, optional for API key auth)" - required: false + - name: "connectionId" + required: true + in: "query" schema: type: "string" - - name: "id" + responses: + "200": + description: "" + summary: "List resolution, exception, and regression history for a connection" + tags: + - "CloudSecurity" + description: "List resolution, exception, and regression history for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." + x-mint: + metadata: + title: "List resolution, exception, and regression | Comp AI API" + sidebarTitle: "List resolution, exception, and regression history for a connection" + description: "List resolution, exception, and regression history for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services." + og:title: "List resolution, exception, and regression | Comp AI API" + og:description: "List resolution, exception, and regression history for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services." + x-speakeasy-mcp: + name: "get-history" + /v1/cloud-security/findings/{findingId}/check-definition: + get: + operationId: "CloudSecurityController_getCheckDefinition_v1" + parameters: + - name: "findingId" required: true in: "path" - description: "Policy ID" schema: - example: "pol_abc123def456" type: "string" responses: "200": description: "" - security: - - apikey: [] - summary: "Get mapped and all controls for a policy" + summary: "Resolve the \"About this check\" description for a finding (AI-cached for AWS; provider-derived for GCP/Azure)" tags: - - "Policies" - description: "Get mapped and all controls for a policy in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting and approval workflows." + - "CloudSecurity" + description: "Resolve the \"About this check\" description for a finding (AI-cached for AWS; provider-derived for GCP/Azure) in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture." x-mint: metadata: - title: "Get mapped and all controls for a policy | Comp AI API" - sidebarTitle: "Get mapped and all controls for a policy" - description: "Get mapped and all controls for a policy in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting." - og:title: "Get mapped and all controls for a policy | Comp AI API" - og:description: "Get mapped and all controls for a policy in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting." + title: "Resolve the \"About this check\" description | Comp AI API" + sidebarTitle: "Resolve the \"About this check\" description for a finding (AI-cached for AWS; provider-derived for GCP/Azure)" + description: "Resolve the \"About this check\" description for a finding (AI-cached for AWS; provider-derived for GCP/Azure) in Comp AI. Run AWS, Azure, and GCP cloud." + og:title: "Resolve the \"About this check\" description | Comp AI API" + og:description: "Resolve the \"About this check\" description for a finding (AI-cached for AWS; provider-derived for GCP/Azure) in Comp AI. Run AWS, Azure, and GCP cloud." x-speakeasy-mcp: - name: "get-policy-controls" + name: "get-check-definition" + /v1/cloud-security/resolve-session/{connectionId}: post: - operationId: "PoliciesController_addPolicyControls_v1" + operationId: "CloudSecurityController_resolveSession_v1" parameters: - - name: "X-Organization-Id" - in: "header" - description: "Organization ID (required for session auth, optional for API key auth)" - required: false - schema: - type: "string" - - name: "id" + - name: "connectionId" required: true in: "path" - description: "Policy ID" schema: - example: "pol_abc123def456" type: "string" responses: "201": description: "" - security: - - apikey: [] - summary: "Map controls to a policy" + summary: "Resolve short-lived AWS credentials for a connection (internal only)" tags: - - "Policies" - description: "Map controls to a policy in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting and approval workflows." + - "CloudSecurity" + description: "Resolve short-lived AWS credentials for a connection (internal only) in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." x-mint: metadata: - title: "Map controls to a policy | Comp AI API" - sidebarTitle: "Map controls to a policy" - description: "Map controls to a policy in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting and approval workflows." - og:title: "Map controls to a policy | Comp AI API" - og:description: "Map controls to a policy in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting and approval workflows." + title: "Resolve short-lived AWS credentials for a | Comp AI API" + sidebarTitle: "Resolve short-lived AWS credentials for a connection (internal only)" + description: "Resolve short-lived AWS credentials for a connection (internal only) in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services." + og:title: "Resolve short-lived AWS credentials for a | Comp AI API" + og:description: "Resolve short-lived AWS credentials for a connection (internal only) in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services." x-speakeasy-mcp: - name: "add-policy-controls" - /v1/policies/{id}/evidence-tasks: - get: - operationId: "PoliciesController_getPolicyEvidenceTasks_v1" + name: "resolve-session" + /v1/cloud-security/scan/{connectionId}: + post: + operationId: "CloudSecurityController_scan_v1" parameters: - - name: "X-Organization-Id" - in: "header" - description: "Organization ID (required for session auth, optional for API key auth)" - required: false - schema: - type: "string" - - name: "id" + - name: "connectionId" required: true in: "path" - description: "Policy ID" schema: - example: "pol_abc123def456" type: "string" responses: - "200": + "201": description: "" - security: - - apikey: [] - summary: "Get tasks that serve as evidence for a policy, grouped by control" + summary: "Run cloud security scan" tags: - - "Policies" - description: "Get tasks that serve as evidence for a policy, grouped by control in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting and approval workflows." + - "CloudSecurity" + description: "Trigger a cloud security scan for a connected AWS, Azure, or GCP account and collect findings for compliance remediation." x-mint: metadata: - title: "Get tasks that serve as evidence for a | Comp AI API" - sidebarTitle: "Get tasks that serve as evidence for a policy, grouped by control" - description: "Get tasks that serve as evidence for a policy, grouped by control in Comp AI. Create, version, publish, export, map, and improve compliance policies." - og:title: "Get tasks that serve as evidence for a | Comp AI API" - og:description: "Get tasks that serve as evidence for a policy, grouped by control in Comp AI. Create, version, publish, export, map, and improve compliance policies." + title: "Run cloud security scan | Comp AI API" + sidebarTitle: "Run cloud security scan" + description: "Trigger a cloud security scan for a connected AWS, Azure, or GCP account and collect findings for compliance remediation." + og:title: "Run cloud security scan | Comp AI API" + og:description: "Trigger a cloud security scan for a connected AWS, Azure, or GCP account and collect findings for compliance remediation." x-speakeasy-mcp: - name: "get-policy-evidence-tasks" - /v1/policies/{id}/regenerate: + name: "scan" + /v1/cloud-security/detect-services/{connectionId}: post: - operationId: "PoliciesController_regeneratePolicy_v1" + operationId: "CloudSecurityController_detectServices_v1" parameters: - - name: "X-Organization-Id" - in: "header" - description: "Organization ID (required for session auth, optional for API key auth)" - required: false + - name: "connectionId" + required: true + in: "path" schema: type: "string" - - name: "id" + responses: + "201": + description: "" + summary: "Detect available cloud services for a connection" + tags: + - "CloudSecurity" + description: "Detect available cloud services for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." + x-mint: + metadata: + title: "Detect available cloud services for a | Comp AI API" + sidebarTitle: "Detect available cloud services for a connection" + description: "Detect available cloud services for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings." + og:title: "Detect available cloud services for a | Comp AI API" + og:description: "Detect available cloud services for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings." + x-speakeasy-mcp: + name: "detect-services" + /v1/cloud-security/detect-gcp-org/{connectionId}: + post: + operationId: "CloudSecurityController_detectGcpOrg_v1" + parameters: + - name: "connectionId" required: true in: "path" - description: "Policy ID" schema: - example: "pol_abc123def456" type: "string" responses: "201": - description: "" - security: - - apikey: [] - summary: "Regenerate policy with AI" + description: "" + summary: "Detect the GCP organization for a connection" tags: - - "Policies" - description: "Regenerate policy content using Comp AI while keeping the result reviewable before it is published or used as compliance evidence." + - "CloudSecurity" + description: "Detect the GCP organization for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." x-mint: metadata: - title: "Regenerate policy with AI | Comp AI API" - sidebarTitle: "Regenerate policy with AI" - description: "Regenerate policy content using Comp AI while keeping the result reviewable before it is published or used as compliance evidence." - og:title: "Regenerate policy with AI | Comp AI API" - og:description: "Regenerate policy content using Comp AI while keeping the result reviewable before it is published or used as compliance evidence." + title: "Detect the GCP organization for a connection | Comp AI API" + sidebarTitle: "Detect the GCP organization for a connection" + description: "Detect the GCP organization for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect." + og:title: "Detect the GCP organization for a connection | Comp AI API" + og:description: "Detect the GCP organization for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect." x-speakeasy-mcp: - name: "regenerate-policy" - /v1/policies/{id}/pdf/signed-url: - get: - operationId: "PoliciesController_getPdfSignedUrl_v1" + name: "detect-gcp-org" + /v1/cloud-security/select-gcp-projects/{connectionId}: + post: + operationId: "CloudSecurityController_selectGcpProjects_v1" parameters: - - name: "X-Organization-Id" - in: "header" - description: "Organization ID (required for session auth, optional for API key auth)" - required: false - schema: - type: "string" - - name: "id" + - name: "connectionId" required: true in: "path" - description: "Policy ID" - schema: - example: "pol_abc123def456" - type: "string" - - name: "versionId" - required: false - in: "query" schema: type: "string" responses: - "200": + "201": description: "" - security: - - apikey: [] - summary: "Get a signed URL for the policy PDF" + summary: "Select GCP projects for a connection" tags: - - "Policies" - description: "Get a signed URL for the policy PDF in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting and approval workflows." + - "CloudSecurity" + description: "Select GCP projects for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." x-mint: metadata: - title: "Get a signed URL for the policy PDF | Comp AI API" - sidebarTitle: "Get a signed URL for the policy PDF" - description: "Get a signed URL for the policy PDF in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting." - og:title: "Get a signed URL for the policy PDF | Comp AI API" - og:description: "Get a signed URL for the policy PDF in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting." + title: "Select GCP projects for a connection | Comp AI API" + sidebarTitle: "Select GCP projects for a connection" + description: "Select GCP projects for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud." + og:title: "Select GCP projects for a connection | Comp AI API" + og:description: "Select GCP projects for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud." x-speakeasy-mcp: - name: "get-pdf-signed-url" - /v1/policies/{id}/pdf: + name: "select-gcp-projects" + /v1/cloud-security/setup-gcp/{connectionId}: post: - description: "Uploads a PDF via multipart `file` or base64 `fileData` JSON. Defaults to the latest draft if no `versionId`; 400 if no draft is available. UI-only — AI clients should use the presigned `/pdf/upload-url` + `/pdf/confirm` flow." - operationId: "PoliciesController_uploadPolicyPdf_v1" + operationId: "CloudSecurityController_setupGcp_v1" parameters: - - name: "X-Organization-Id" - in: "header" - description: "Organization ID (required for session auth, optional for API key auth)" - required: false - schema: - type: "string" - - name: "id" + - name: "connectionId" required: true in: "path" - description: "Policy ID" schema: - example: "pol_abc123def456" type: "string" - requestBody: - required: true - content: - multipart/form-data: - schema: - oneOf: - - description: "Multipart file upload (recommended)" - type: "object" - properties: - file: - type: "string" - format: "binary" - versionId: - type: "string" - description: "Target version ID. If omitted, uploads to the latest draft version." - required: - - "file" - - description: "JSON with base64-encoded file data" - type: "object" - properties: - fileName: - type: "string" - fileType: - type: "string" - fileData: - type: "string" - description: "Base64-encoded file content" - versionId: - type: "string" - description: "Target version ID. If omitted, uploads to the latest draft version." - required: - - "fileName" - - "fileType" - - "fileData" - application/json: - schema: - oneOf: - - description: "Multipart file upload (recommended)" - type: "object" - properties: - file: - type: "string" - format: "binary" - versionId: - type: "string" - description: "Target version ID. If omitted, uploads to the latest draft version." - required: - - "file" - - description: "JSON with base64-encoded file data" - type: "object" - properties: - fileName: - type: "string" - fileType: - type: "string" - fileData: - type: "string" - description: "Base64-encoded file content" - versionId: - type: "string" - description: "Target version ID. If omitted, uploads to the latest draft version." - required: - - "fileName" - - "fileType" - - "fileData" responses: "201": description: "" - security: - - apikey: [] - summary: "Upload a PDF to a policy version (UI-only)" + summary: "Set up GCP for a connection" tags: - - "Policies" - x-speakeasy-mcp: - disabled: true + - "CloudSecurity" + description: "Set up GCP for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." x-mint: metadata: - title: "Upload a PDF to a policy version (UI-only) | Comp AI API" - sidebarTitle: "Upload a PDF to a policy version (UI-only)" - description: "Uploads a PDF via multipart `file` or base64 `fileData` JSON. Defaults to the latest draft if no `versionId`; 400 if no draft is available. UI-only — AI." - og:title: "Upload a PDF to a policy version (UI-only) | Comp AI API" - og:description: "Uploads a PDF via multipart `file` or base64 `fileData` JSON. Defaults to the latest draft if no `versionId`; 400 if no draft is available. UI-only — AI." - delete: - description: "Deletes the PDF from a specific policy version. If no versionId is provided, deletes from the latest draft version. Cannot delete PDFs from published or pending-approval versions." - operationId: "PoliciesController_deletePolicyPdf_v1" + title: "Set up GCP for a connection | Comp AI API" + sidebarTitle: "Set up GCP for a connection" + description: "Set up GCP for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture." + og:title: "Set up GCP for a connection | Comp AI API" + og:description: "Set up GCP for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture." + x-speakeasy-mcp: + name: "setup-gcp" + /v1/cloud-security/setup-gcp/{connectionId}/resolve-step: + post: + operationId: "CloudSecurityController_resolveGcpSetupStep_v1" parameters: - - name: "X-Organization-Id" - in: "header" - description: "Organization ID (required for session auth, optional for API key auth)" - required: false - schema: - type: "string" - - name: "id" + - name: "connectionId" required: true in: "path" - description: "Policy ID" - schema: - example: "pol_abc123def456" - type: "string" - - name: "versionId" - required: false - in: "query" - description: "Target version ID. If omitted, targets the latest draft version." schema: type: "string" responses: - "200": + "201": description: "" - security: - - apikey: [] - summary: "Delete a policy version PDF" + summary: "Resolve a GCP setup step" tags: - - "Policies" + - "CloudSecurity" + description: "Resolve a GCP setup step in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." x-mint: metadata: - title: "Delete a policy version PDF | Comp AI API" - sidebarTitle: "Delete a policy version PDF" - description: "Deletes the PDF from a specific policy version. If no versionId is provided, deletes from the latest draft version. Cannot delete PDFs from published." - og:title: "Delete a policy version PDF | Comp AI API" - og:description: "Deletes the PDF from a specific policy version. If no versionId is provided, deletes from the latest draft version. Cannot delete PDFs from published." + title: "Resolve a GCP setup step | Comp AI API" + sidebarTitle: "Resolve a GCP setup step" + description: "Resolve a GCP setup step in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture." + og:title: "Resolve a GCP setup step | Comp AI API" + og:description: "Resolve a GCP setup step in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture." x-speakeasy-mcp: - name: "delete-policy-pdf" - /v1/policies/{id}/pdf/upload-url: + name: "resolve-gcp-setup-step" + /v1/cloud-security/setup-azure/{connectionId}: post: - description: "Generates a presigned S3 URL for uploading a policy PDF directly to storage. Use this when attaching a PDF to a compliance policy — the file bytes are uploaded straight to S3 without passing through the API. Requires the policy ID; if you only know the policy name, look it up first via the list-compliance-policies tool. After uploading the file to the returned URL, finalize the attachment by calling confirm-policy-pdf-uploaded with the same s3Key." - operationId: "PoliciesController_requestPolicyPdfUploadUrl_v1" + operationId: "CloudSecurityController_setupAzure_v1" parameters: - - name: "X-Organization-Id" - in: "header" - description: "Organization ID (required for session auth, optional for API key auth)" - required: false - schema: - type: "string" - - name: "id" + - name: "connectionId" required: true in: "path" - description: "Policy ID" schema: - example: "pol_abc123def456" type: "string" - requestBody: - required: true - content: - application/json: - schema: - $ref: "#/components/schemas/RequestPolicyPdfUploadUrlDto" responses: "201": description: "" - content: - application/json: - schema: - $ref: "#/components/schemas/PolicyPdfUploadUrlResponseDto" - security: - - apikey: [] - summary: "Request a presigned URL to upload a policy PDF" + summary: "Set up Azure for a connection" tags: - - "Policies" - x-speakeasy-mcp: - name: "request-policy-pdf-upload-url" + - "CloudSecurity" + description: "Set up Azure for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." x-mint: metadata: - title: "Request a presigned URL to upload a policy PDF | Comp AI API" - sidebarTitle: "Request a presigned URL to upload a policy PDF" - description: "Generates a presigned S3 URL for uploading a policy PDF directly to storage. Use this when attaching a PDF to a compliance policy — the file bytes are." - og:title: "Request a presigned URL to upload a policy PDF | Comp AI API" - og:description: "Generates a presigned S3 URL for uploading a policy PDF directly to storage. Use this when attaching a PDF to a compliance policy — the file bytes are." - /v1/policies/{id}/pdf/confirm: + title: "Set up Azure for a connection | Comp AI API" + sidebarTitle: "Set up Azure for a connection" + description: "Set up Azure for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture." + og:title: "Set up Azure for a connection | Comp AI API" + og:description: "Set up Azure for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture." + x-speakeasy-mcp: + name: "setup-azure" + /v1/cloud-security/validate-azure/{connectionId}: post: - description: "Links an uploaded PDF to a compliance policy after the file has been PUT to a presigned S3 URL. Call this after request-policy-pdf-upload-url returned an s3Key and you successfully uploaded the file bytes to that URL. The endpoint verifies the file exists in S3 before linking it to the policy or version." - operationId: "PoliciesController_confirmPolicyPdfUploaded_v1" + operationId: "CloudSecurityController_validateAzure_v1" parameters: - - name: "X-Organization-Id" - in: "header" - description: "Organization ID (required for session auth, optional for API key auth)" - required: false - schema: - type: "string" - - name: "id" + - name: "connectionId" required: true in: "path" - description: "Policy ID" schema: - example: "pol_abc123def456" type: "string" - requestBody: - required: true - content: - application/json: - schema: - $ref: "#/components/schemas/ConfirmPolicyPdfUploadedDto" responses: "201": description: "" - security: - - apikey: [] - summary: "Confirm a policy PDF upload completed" + summary: "Validate Azure credentials for a connection" tags: - - "Policies" - x-speakeasy-mcp: - name: "confirm-policy-pdf-uploaded" + - "CloudSecurity" + description: "Validate Azure credentials for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." x-mint: metadata: - title: "Confirm a policy PDF upload completed | Comp AI API" - sidebarTitle: "Confirm a policy PDF upload completed" - description: "Links an uploaded PDF to a compliance policy after the file has been PUT to a presigned S3 URL. Call this after request-policy-pdf-upload-url returned an." - og:title: "Confirm a policy PDF upload completed | Comp AI API" - og:description: "Links an uploaded PDF to a compliance policy after the file has been PUT to a presigned S3 URL. Call this after request-policy-pdf-upload-url returned an." - /v1/policies/{id}/pdf-url: - get: - operationId: "PoliciesController_getPdfUrl_v1" + title: "Validate Azure credentials for a connection | Comp AI API" + sidebarTitle: "Validate Azure credentials for a connection" + description: "Validate Azure credentials for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect." + og:title: "Validate Azure credentials for a connection | Comp AI API" + og:description: "Validate Azure credentials for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect." + x-speakeasy-mcp: + name: "validate-azure" + /v1/cloud-security/trigger/{connectionId}: + post: + operationId: "CloudSecurityController_triggerScan_v1" parameters: - - name: "X-Organization-Id" - in: "header" - description: "Organization ID (required for session auth, optional for API key auth)" - required: false - schema: - type: "string" - - name: "id" + - name: "connectionId" required: true in: "path" - description: "Policy ID" - schema: - example: "pol_abc123def456" - type: "string" - - name: "versionId" - required: false - in: "query" schema: type: "string" responses: - "200": + "201": description: "" - security: - - apikey: [] - summary: "Get signed URL for policy PDF (alternate path)" + summary: "Trigger a cloud security run for a connection" tags: - - "Policies" - description: "Get signed URL for policy PDF (alternate path) in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting and approval workflows." + - "CloudSecurity" + description: "Trigger a cloud security run for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." x-mint: metadata: - title: "Get signed URL for policy PDF (alternate path) | Comp AI API" - sidebarTitle: "Get signed URL for policy PDF (alternate path)" - description: "Get signed URL for policy PDF (alternate path) in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting." - og:title: "Get signed URL for policy PDF (alternate path) | Comp AI API" - og:description: "Get signed URL for policy PDF (alternate path) in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting." + title: "Trigger a cloud security run for a connection | Comp AI API" + sidebarTitle: "Trigger a cloud security run for a connection" + description: "Trigger a cloud security run for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings." + og:title: "Trigger a cloud security run for a connection | Comp AI API" + og:description: "Trigger a cloud security run for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings." x-speakeasy-mcp: - name: "get-pdf-url" - /v1/policies/{id}/controls/{controlId}: - delete: - operationId: "PoliciesController_removePolicyControl_v1" + name: "trigger-scan" + /v1/cloud-security/runs/{runId}: + get: + operationId: "CloudSecurityController_getRunStatus_v1" parameters: - - name: "X-Organization-Id" - in: "header" - description: "Organization ID (required for session auth, optional for API key auth)" - required: false - schema: - type: "string" - - name: "id" + - name: "runId" required: true in: "path" - description: "Policy ID" schema: - example: "pol_abc123def456" type: "string" - - name: "controlId" + - name: "connectionId" required: true - in: "path" + in: "query" schema: type: "string" responses: "200": description: "" - security: - - apikey: [] - summary: "Remove a control mapping from a policy" + summary: "Get a cloud security scan run by ID" tags: - - "Policies" - description: "Remove a control mapping from a policy in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting and approval workflows." + - "CloudSecurity" + description: "Get a cloud security scan run by ID in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." x-mint: metadata: - title: "Remove a control mapping from a policy | Comp AI API" - sidebarTitle: "Remove a control mapping from a policy" - description: "Remove a control mapping from a policy in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting." - og:title: "Remove a control mapping from a policy | Comp AI API" - og:description: "Remove a control mapping from a policy in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting." + title: "Get a cloud security scan run by ID | Comp AI API" + sidebarTitle: "Get a cloud security scan run by ID" + description: "Get a cloud security scan run by ID in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud." + og:title: "Get a cloud security scan run by ID | Comp AI API" + og:description: "Get a cloud security scan run by ID in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud." x-speakeasy-mcp: - name: "remove-policy-control" - /v1/policies/{id}: + name: "get-run-status" + /v1/risks: get: - description: "Retrieve a single compliance policy by its ID, including current content, draft content, review status, framework links, and audit metadata. Use this to read or inspect one policy in detail. If you only have a policy name, find its ID first by listing compliance policies." - operationId: "PoliciesController_getPolicy_v1" + description: "List organization risks with owners, departments, severity, mitigation status, and evidence for risk management reporting." + operationId: "RisksController_getAllRisks_v1" parameters: - - name: "X-Organization-Id" - in: "header" - description: "Organization ID (required for session auth, optional for API key auth)" + - name: "title" required: false + in: "query" + description: "Search by title (case-insensitive contains)" schema: + example: "data breach" type: "string" - - name: "id" - required: true - in: "path" - description: "Policy ID" + - name: "page" + required: false + in: "query" + description: "Page number (1-indexed)" schema: - example: "pol_abc123def456" + minimum: 1 + default: 1 + example: 1 + type: "number" + - name: "perPage" + required: false + in: "query" + description: "Number of items per page" + schema: + minimum: 1 + maximum: 250 + default: 50 + example: 50 + type: "number" + - name: "sort" + required: false + in: "query" + description: "Sort by field" + schema: + default: "createdAt" + type: "string" + enum: + - "createdAt" + - "updatedAt" + - "title" + - "status" + - name: "sortDirection" + required: false + in: "query" + description: "Sort direction" + schema: + default: "desc" + type: "string" + enum: + - "asc" + - "desc" + - name: "status" + required: false + in: "query" + description: "Filter by status" + schema: + type: "string" + enum: + - "open" + - "pending" + - "closed" + - "archived" + - name: "category" + required: false + in: "query" + description: "Filter by category" + schema: + type: "string" + enum: + - "customer" + - "fraud" + - "governance" + - "operations" + - "other" + - "people" + - "regulatory" + - "reporting" + - "resilience" + - "technology" + - "vendor_management" + - name: "department" + required: false + in: "query" + description: "Filter by department. Built-in values: none, admin, gov, hr, it, itsm, qms. Custom department names are also accepted." + schema: + maxLength: 64 + example: "it" + type: "string" + - name: "assigneeId" + required: false + in: "query" + description: "Filter by assignee member ID" + schema: + example: "mem_abc123def456" type: "string" responses: "200": - description: "Policy retrieved successfully" + description: "Risks retrieved successfully" content: application/json: schema: - $ref: "#/components/schemas/PolicyResponseDto" - example: - id: "pol_abc123def456" - name: "Data Privacy Policy" - status: "draft" - content: - - type: "paragraph" - content: - - type: "text" - text: "..." - isRequiredToSign: true - signedBy: [] - createdAt: "2024-01-01T00:00:00.000Z" - updatedAt: "2024-01-15T00:00:00.000Z" - organizationId: "org_abc123def456" + type: "object" + properties: + data: + type: "array" + items: + type: "object" + properties: + id: + type: "string" + description: "Risk ID" + example: "rsk_abc123def456" + title: + type: "string" + description: "Risk title" + example: "Data breach vulnerability in user authentication system" + description: + type: "string" + description: "Risk description" + example: "Weak password requirements could lead to unauthorized access to user accounts" + category: + type: "string" + enum: + - "customer" + - "governance" + - "operations" + - "other" + - "people" + - "regulatory" + - "reporting" + - "resilience" + - "technology" + - "vendor_management" + example: "technology" + status: + type: "string" + enum: + - "open" + - "pending" + - "closed" + - "archived" + example: "open" + likelihood: + type: "string" + enum: + - "very_unlikely" + - "unlikely" + - "possible" + - "likely" + - "very_likely" + example: "possible" + impact: + type: "string" + enum: + - "insignificant" + - "minor" + - "moderate" + - "major" + - "severe" + example: "major" + treatmentStrategy: + type: "string" + enum: + - "accept" + - "avoid" + - "mitigate" + - "transfer" + example: "mitigate" + assigneeId: + type: "string" + nullable: true + description: "ID of the user assigned to this risk" + example: "mem_abc123def456" + createdAt: + type: "string" + format: "date-time" + description: "When the risk was created" + updatedAt: + type: "string" + format: "date-time" + description: "When the risk was last updated" + count: + type: "number" + description: "Total number of risks" + example: 15 + authType: + type: "string" + enum: + - "api-key" + - "session" + description: "How the request was authenticated" + authenticatedUser: + type: "object" + description: "User information (only for session auth)" + properties: + id: + type: "string" + example: "usr_def456ghi789" + email: + type: "string" + example: "user@example.com" "401": description: "Unauthorized - Invalid authentication or insufficient permissions" content: @@ -5626,9 +4113,9 @@ paths: properties: message: type: "string" - example: "Unauthorized" + example: "Invalid or expired API key" "404": - description: "Policy not found" + description: "Organization not found" content: application/json: schema: @@ -5636,86 +4123,197 @@ paths: properties: message: type: "string" - example: "Policy with ID pol_abc123def456 not found" + example: "Organization with ID org_abc123def456 not found" + "500": + description: "Internal server error" + content: + application/json: + schema: + type: "object" + properties: + message: + type: "string" + example: "Internal server error" security: - apikey: [] - summary: "Get compliance policy" + summary: "List organization risks" tags: - - "Policies" - x-speakeasy-mcp: - name: "get-policy" + - "Risks" x-mint: metadata: - title: "Get compliance policy | Comp AI API" - sidebarTitle: "Get compliance policy" - description: "Retrieve a single compliance policy by its ID, including current content, draft content, review status, framework links, and audit metadata. Use this." - og:title: "Get compliance policy | Comp AI API" - og:description: "Retrieve a single compliance policy by its ID, including current content, draft content, review status, framework links, and audit metadata. Use this." - patch: - description: "Update compliance policy details or content while keeping policy workflows connected to controls, tasks, and approvals." - operationId: "PoliciesController_updatePolicy_v1" - parameters: - - name: "X-Organization-Id" - in: "header" - description: "Organization ID (required for session auth, optional for API key auth)" - required: false - schema: - type: "string" - - name: "id" - required: true - in: "path" - description: "Policy ID" - schema: - example: "pol_abc123def456" - type: "string" + title: "List organization risks | Comp AI API" + sidebarTitle: "List organization risks" + description: "List organization risks with owners, departments, severity, mitigation status, and evidence for risk management reporting." + og:title: "List organization risks | Comp AI API" + og:description: "List organization risks with owners, departments, severity, mitigation status, and evidence for risk management reporting." + x-speakeasy-mcp: + name: "get-all-risks" + post: + description: "Create a risk record with ownership and context so compliance teams can track mitigation and remediation work." + operationId: "RisksController_createRisk_v1" + parameters: [] requestBody: required: true - description: "Policy update data" + description: "Risk creation data" content: application/json: schema: - $ref: "#/components/schemas/UpdatePolicyDto" + $ref: "#/components/schemas/CreateRiskDto" responses: - "200": - description: "Policy updated successfully" + "201": + description: "Risk created successfully" content: application/json: schema: - $ref: "#/components/schemas/PolicyResponseDto" - example: - id: "pol_abc123def456" - name: "Data Privacy Policy" - description: "This policy outlines how we handle and protect personal data" - status: "published" - content: - - type: "heading" - attrs: - level: 2 - content: - - type: "text" - text: "Purpose" - frequency: "yearly" - department: "it" - isRequiredToSign: true - signedBy: - - "usr_123" - reviewDate: "2024-12-31T00:00:00.000Z" - isArchived: false - createdAt: "2024-01-01T00:00:00.000Z" - updatedAt: "2024-01-15T00:00:00.000Z" - organizationId: "org_abc123def456" - assigneeId: "usr_abc123def456" - approverId: "usr_xyz789abc123" + type: "object" + properties: + id: + type: "string" + description: "Risk ID" + example: "rsk_abc123def456" + title: + type: "string" + description: "Risk title" + example: "Data breach vulnerability in user authentication system" + description: + type: "string" + description: "Risk description" + example: "Weak password requirements could lead to unauthorized access to user accounts" + category: + type: "string" + enum: + - "customer" + - "governance" + - "operations" + - "other" + - "people" + - "regulatory" + - "reporting" + - "resilience" + - "technology" + - "vendor_management" + example: "technology" + department: + type: "string" + enum: + - "none" + - "admin" + - "gov" + - "hr" + - "it" + - "itsm" + - "qms" + nullable: true + example: "it" + status: + type: "string" + enum: + - "open" + - "pending" + - "closed" + - "archived" + example: "open" + likelihood: + type: "string" + enum: + - "very_unlikely" + - "unlikely" + - "possible" + - "likely" + - "very_likely" + example: "possible" + impact: + type: "string" + enum: + - "insignificant" + - "minor" + - "moderate" + - "major" + - "severe" + example: "major" + residualLikelihood: + type: "string" + enum: + - "very_unlikely" + - "unlikely" + - "possible" + - "likely" + - "very_likely" + example: "unlikely" + residualImpact: + type: "string" + enum: + - "insignificant" + - "minor" + - "moderate" + - "major" + - "severe" + example: "minor" + treatmentStrategyDescription: + type: "string" + nullable: true + example: "Implement multi-factor authentication and strengthen password requirements" + treatmentStrategy: + type: "string" + enum: + - "accept" + - "avoid" + - "mitigate" + - "transfer" + example: "mitigate" + organizationId: + type: "string" + example: "org_abc123def456" + assigneeId: + type: "string" + nullable: true + description: "ID of the user assigned to this risk" + example: "mem_abc123def456" + createdAt: + type: "string" + format: "date-time" + description: "When the risk was created" + updatedAt: + type: "string" + format: "date-time" + description: "When the risk was last updated" + authType: + type: "string" + enum: + - "api-key" + - "session" + description: "How the request was authenticated" + authenticatedUser: + type: "object" + description: "User information (only for session auth)" + properties: + id: + type: "string" + example: "usr_def456ghi789" + email: + type: "string" + example: "user@example.com" "400": - description: "Bad Request - Invalid update data" + description: "Bad request - Invalid input data" content: application/json: schema: type: "object" properties: message: + type: "array" + items: + type: "string" + example: + - "title should not be empty" + - "description should not be empty" + - "category must be a valid enum value" + error: type: "string" - example: "Validation failed" + example: "Bad Request" + statusCode: + type: "number" + example: 400 "401": description: "Unauthorized - Invalid authentication or insufficient permissions" content: @@ -5725,9 +4323,9 @@ paths: properties: message: type: "string" - example: "Unauthorized" + example: "Invalid or expired API key" "404": - description: "Policy not found" + description: "Organization not found" content: application/json: schema: @@ -5735,67 +4333,221 @@ paths: properties: message: type: "string" - example: "Policy with ID pol_abc123def456 not found" + example: "Organization with ID org_abc123def456 not found" + "500": + description: "Internal server error" + content: + application/json: + schema: + type: "object" + properties: + message: + type: "string" + example: "Internal server error" security: - apikey: [] - summary: "Update compliance policy" + summary: "Create organization risk" tags: - - "Policies" + - "Risks" x-mint: metadata: - title: "Update compliance policy | Comp AI API" - sidebarTitle: "Update compliance policy" - description: "Update compliance policy details or content while keeping policy workflows connected to controls, tasks, and approvals." - og:title: "Update compliance policy | Comp AI API" - og:description: "Update compliance policy details or content while keeping policy workflows connected to controls, tasks, and approvals." + title: "Create organization risk | Comp AI API" + sidebarTitle: "Create organization risk" + description: "Create a risk record with ownership and context so compliance teams can track mitigation and remediation work." + og:title: "Create organization risk | Comp AI API" + og:description: "Create a risk record with ownership and context so compliance teams can track mitigation and remediation work." x-speakeasy-mcp: - name: "update-policy" - delete: - description: "Delete a compliance policy that is no longer part of the organization evidence library or control program." - operationId: "PoliciesController_deletePolicy_v1" + name: "create-risk" + /v1/risks/stats/by-assignee: + get: + operationId: "RisksController_getStatsByAssignee_v1" + parameters: [] + responses: + "200": + description: "" + security: + - apikey: [] + summary: "Get risk statistics grouped by assignee" + tags: + - "Risks" + description: "Get risk statistics grouped by assignee in Comp AI. Create, update, and report on organizational risks with ownership, departments, and compliance remediation status." + x-mint: + metadata: + title: "Get risk statistics grouped by assignee | Comp AI API" + sidebarTitle: "Get risk statistics grouped by assignee" + description: "Get risk statistics grouped by assignee in Comp AI. Create, update, and report on organizational risks with ownership, departments, and compliance." + og:title: "Get risk statistics grouped by assignee | Comp AI API" + og:description: "Get risk statistics grouped by assignee in Comp AI. Create, update, and report on organizational risks with ownership, departments, and compliance." + x-speakeasy-mcp: + name: "get-stats-by-assignee" + /v1/risks/stats/by-department: + get: + operationId: "RisksController_getStatsByDepartment_v1" + parameters: [] + responses: + "200": + description: "" + security: + - apikey: [] + summary: "Get risk counts grouped by department" + tags: + - "Risks" + description: "Get risk counts grouped by department in Comp AI. Create, update, and report on organizational risks with ownership, departments, and compliance remediation status." + x-mint: + metadata: + title: "Get risk counts grouped by department | Comp AI API" + sidebarTitle: "Get risk counts grouped by department" + description: "Get risk counts grouped by department in Comp AI. Create, update, and report on organizational risks with ownership, departments, and compliance remediation." + og:title: "Get risk counts grouped by department | Comp AI API" + og:description: "Get risk counts grouped by department in Comp AI. Create, update, and report on organizational risks with ownership, departments, and compliance remediation." + x-speakeasy-mcp: + name: "get-stats-by-department" + /v1/risks/{id}: + get: + description: "Retrieve one organization risk with owner, department, likelihood, impact, mitigation, and remediation context." + operationId: "RisksController_getRiskById_v1" parameters: - - name: "X-Organization-Id" - in: "header" - description: "Organization ID (required for session auth, optional for API key auth)" - required: false - schema: - type: "string" - name: "id" required: true in: "path" - description: "Policy ID" + description: "Risk ID" schema: - example: "pol_abc123def456" + example: "rsk_abc123def456" type: "string" responses: "200": - description: "Policy deleted successfully" + description: "Risk retrieved successfully" content: application/json: schema: type: "object" properties: - success: - type: "boolean" - description: "Indicates successful deletion" - example: true - deletedPolicy: - type: "object" - properties: - id: - type: "string" - description: "The deleted policy ID" - example: "pol_abc123def456" - name: - type: "string" - description: "The deleted policy name" - example: "Data Privacy Policy" + id: + type: "string" + description: "Risk ID" + example: "rsk_abc123def456" + title: + type: "string" + description: "Risk title" + example: "Data breach vulnerability in user authentication system" + description: + type: "string" + description: "Risk description" + example: "Weak password requirements could lead to unauthorized access to user accounts" + category: + type: "string" + enum: + - "customer" + - "governance" + - "operations" + - "other" + - "people" + - "regulatory" + - "reporting" + - "resilience" + - "technology" + - "vendor_management" + example: "technology" + department: + type: "string" + enum: + - "none" + - "admin" + - "gov" + - "hr" + - "it" + - "itsm" + - "qms" + nullable: true + example: "it" + status: + type: "string" + enum: + - "open" + - "pending" + - "closed" + - "archived" + example: "open" + likelihood: + type: "string" + enum: + - "very_unlikely" + - "unlikely" + - "possible" + - "likely" + - "very_likely" + example: "possible" + impact: + type: "string" + enum: + - "insignificant" + - "minor" + - "moderate" + - "major" + - "severe" + example: "major" + residualLikelihood: + type: "string" + enum: + - "very_unlikely" + - "unlikely" + - "possible" + - "likely" + - "very_likely" + example: "unlikely" + residualImpact: + type: "string" + enum: + - "insignificant" + - "minor" + - "moderate" + - "major" + - "severe" + example: "minor" + treatmentStrategyDescription: + type: "string" + nullable: true + example: "Implement multi-factor authentication and strengthen password requirements" + treatmentStrategy: + type: "string" + enum: + - "accept" + - "avoid" + - "mitigate" + - "transfer" + example: "mitigate" + organizationId: + type: "string" + example: "org_abc123def456" + assigneeId: + type: "string" + nullable: true + description: "ID of the user assigned to this risk" + example: "mem_abc123def456" + createdAt: + type: "string" + format: "date-time" + description: "When the risk was created" + updatedAt: + type: "string" + format: "date-time" + description: "When the risk was last updated" authType: type: "string" enum: - "api-key" - "session" description: "How the request was authenticated" + authenticatedUser: + type: "object" + description: "User information (only for session auth)" + properties: + id: + type: "string" + example: "usr_def456ghi789" + email: + type: "string" + example: "user@example.com" "401": description: "Unauthorized - Invalid authentication or insufficient permissions" content: @@ -5805,9 +4557,9 @@ paths: properties: message: type: "string" - example: "Unauthorized" - "404": - description: "Policy not found" + example: "Invalid or expired API key" + "403": + description: "Forbidden - User does not have permission to access this risk" content: application/json: schema: @@ -5815,59 +4567,9 @@ paths: properties: message: type: "string" - example: "Policy with ID pol_abc123def456 not found" - security: - - apikey: [] - summary: "Delete compliance policy" - tags: - - "Policies" - x-mint: - metadata: - title: "Delete compliance policy | Comp AI API" - sidebarTitle: "Delete compliance policy" - description: "Delete a compliance policy that is no longer part of the organization evidence library or control program." - og:title: "Delete compliance policy | Comp AI API" - og:description: "Delete a compliance policy that is no longer part of the organization evidence library or control program." - x-speakeasy-mcp: - name: "delete-policy" - /v1/policies/{id}/versions: - get: - description: "Get policy versions in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting and approval workflows." - operationId: "PoliciesController_getPolicyVersions_v1" - parameters: - - name: "X-Organization-Id" - in: "header" - description: "Organization ID (required for session auth, optional for API key auth)" - required: false - schema: - type: "string" - - name: "id" - required: true - in: "path" - description: "Policy ID" - schema: - type: "string" - example: "pol_abc123def456" - responses: - "200": - description: "Policy versions retrieved successfully" - content: - application/json: - schema: - type: "object" - properties: - versions: - type: "array" - items: - type: "object" - currentVersionId: - type: "string" - nullable: true - pendingVersionId: - type: "string" - nullable: true - "401": - description: "Unauthorized" + example: "You do not have access to view this risk" + "404": + description: "Risk not found" content: application/json: schema: @@ -5875,9 +4577,9 @@ paths: properties: message: type: "string" - example: "Unauthorized" - "404": - description: "Resource not found" + example: "Risk with ID rsk_abc123def456 not found in organization org_abc123def456" + "500": + description: "Internal server error" content: application/json: schema: @@ -5885,69 +4587,196 @@ paths: properties: message: type: "string" - example: "Resource not found" + example: "Internal server error" security: - apikey: [] - summary: "Get policy versions" + summary: "Get organization risk" tags: - - "Policies" - x-speakeasy-mcp: - name: "list-policy-versions" + - "Risks" x-mint: metadata: - title: "Get policy versions | Comp AI API" - sidebarTitle: "Get policy versions" - description: "Get policy versions in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting and approval workflows." - og:title: "Get policy versions | Comp AI API" - og:description: "Get policy versions in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting and approval workflows." - post: - description: "Creates a new draft version of a policy, cloned from the current published version (or a specified source version). Use this when you need to make any change to a published policy — content edits, PDF attachments, anything. Published." - operationId: "PoliciesController_createPolicyVersion_v1" + title: "Get organization risk | Comp AI API" + sidebarTitle: "Get organization risk" + description: "Retrieve one organization risk with owner, department, likelihood, impact, mitigation, and remediation context." + og:title: "Get organization risk | Comp AI API" + og:description: "Retrieve one organization risk with owner, department, likelihood, impact, mitigation, and remediation context." + x-speakeasy-mcp: + name: "get-risk-by-id" + patch: + description: "Update a risk record as mitigation work progresses so compliance reports reflect the current risk posture." + operationId: "RisksController_updateRisk_v1" parameters: - - name: "X-Organization-Id" - in: "header" - description: "Organization ID (required for session auth, optional for API key auth)" - required: false - schema: - type: "string" - name: "id" required: true in: "path" - description: "Policy ID" + description: "Risk ID" schema: + example: "rsk_abc123def456" type: "string" - example: "pol_abc123def456" requestBody: required: true - description: "Create a new policy version draft" + description: "Risk update data" content: application/json: schema: - $ref: "#/components/schemas/CreateVersionDto" + $ref: "#/components/schemas/UpdateRiskDto" responses: - "201": - description: "Policy version created" + "200": + description: "Risk updated successfully" content: application/json: schema: type: "object" properties: - versionId: + id: type: "string" - version: - type: "number" + description: "Risk ID" + example: "rsk_abc123def456" + title: + type: "string" + description: "Risk title" + example: "Data breach vulnerability in user authentication system" + description: + type: "string" + description: "Risk description" + example: "Weak password requirements could lead to unauthorized access to user accounts" + category: + type: "string" + enum: + - "customer" + - "governance" + - "operations" + - "other" + - "people" + - "regulatory" + - "reporting" + - "resilience" + - "technology" + - "vendor_management" + example: "technology" + department: + type: "string" + enum: + - "none" + - "admin" + - "gov" + - "hr" + - "it" + - "itsm" + - "qms" + nullable: true + example: "it" + status: + type: "string" + enum: + - "open" + - "pending" + - "closed" + - "archived" + example: "open" + likelihood: + type: "string" + enum: + - "very_unlikely" + - "unlikely" + - "possible" + - "likely" + - "very_likely" + example: "possible" + impact: + type: "string" + enum: + - "insignificant" + - "minor" + - "moderate" + - "major" + - "severe" + example: "major" + residualLikelihood: + type: "string" + enum: + - "very_unlikely" + - "unlikely" + - "possible" + - "likely" + - "very_likely" + example: "unlikely" + residualImpact: + type: "string" + enum: + - "insignificant" + - "minor" + - "moderate" + - "major" + - "severe" + example: "minor" + treatmentStrategyDescription: + type: "string" + nullable: true + example: "Implement multi-factor authentication and strengthen password requirements" + treatmentStrategy: + type: "string" + enum: + - "accept" + - "avoid" + - "mitigate" + - "transfer" + example: "mitigate" + organizationId: + type: "string" + example: "org_abc123def456" + assigneeId: + type: "string" + nullable: true + description: "ID of the user assigned to this risk" + example: "mem_abc123def456" + createdAt: + type: "string" + format: "date-time" + description: "When the risk was created" + updatedAt: + type: "string" + format: "date-time" + description: "When the risk was last updated" + authType: + type: "string" + enum: + - "api-key" + - "session" + description: "How the request was authenticated" + authenticatedUser: + type: "object" + description: "User information (only for session auth)" + properties: + id: + type: "string" + example: "usr_def456ghi789" + email: + type: "string" + example: "user@example.com" "400": - description: "Invalid request" + description: "Bad request - Invalid input data" content: application/json: schema: type: "object" properties: message: + type: "array" + items: + type: "string" + example: + - "title should not be empty" + - "category must be a valid enum value" + - "status must be a valid enum value" + error: type: "string" - example: "Invalid request" + example: "Bad Request" + statusCode: + type: "number" + example: 400 "401": - description: "Unauthorized" + description: "Unauthorized - Invalid authentication or insufficient permissions" content: application/json: schema: @@ -5955,74 +4784,9 @@ paths: properties: message: type: "string" - example: "Unauthorized" + example: "Invalid or expired API key" "404": - description: "Resource not found" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "string" - example: "Resource not found" - security: - - apikey: [] - summary: "Create policy version" - tags: - - "Policies" - x-speakeasy-mcp: - name: "create-policy-version" - x-mint: - metadata: - title: "Create policy version | Comp AI API" - sidebarTitle: "Create policy version" - description: "Creates a new draft version of a policy, cloned from the current published version (or a specified source version). Use this when you need to make any." - og:title: "Create policy version | Comp AI API" - og:description: "Creates a new draft version of a policy, cloned from the current published version (or a specified source version). Use this when you need to make any." - /v1/policies/{id}/versions/{versionId}: - get: - description: "Get policy version by ID in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting and approval workflows." - operationId: "PoliciesController_getPolicyVersionById_v1" - parameters: - - name: "X-Organization-Id" - in: "header" - description: "Organization ID (required for session auth, optional for API key auth)" - required: false - schema: - type: "string" - - name: "id" - required: true - in: "path" - description: "Policy ID" - schema: - type: "string" - example: "pol_abc123def456" - - name: "versionId" - required: true - in: "path" - description: "Policy version ID" - schema: - type: "string" - example: "pv_abc123def456" - responses: - "200": - description: "Policy version retrieved successfully" - content: - application/json: - schema: - type: "object" - properties: - version: - type: "object" - currentVersionId: - type: "string" - nullable: true - pendingVersionId: - type: "string" - nullable: true - "401": - description: "Unauthorized" + description: "Risk not found" content: application/json: schema: @@ -6030,9 +4794,9 @@ paths: properties: message: type: "string" - example: "Unauthorized" - "404": - description: "Resource not found" + example: "Risk with ID rsk_abc123def456 not found in organization org_abc123def456" + "500": + description: "Internal server error" content: application/json: schema: @@ -6040,64 +4804,72 @@ paths: properties: message: type: "string" - example: "Resource not found" + example: "Internal server error" security: - apikey: [] - summary: "Get policy version by ID" + summary: "Update organization risk" tags: - - "Policies" - x-speakeasy-mcp: - name: "get-policy-version" + - "Risks" x-mint: metadata: - title: "Get policy version by ID | Comp AI API" - sidebarTitle: "Get policy version by ID" - description: "Get policy version by ID in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting and approval workflows." - og:title: "Get policy version by ID | Comp AI API" - og:description: "Get policy version by ID in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting and approval workflows." - patch: - description: "Update version content in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting and approval workflows." - operationId: "PoliciesController_updateVersionContent_v1" + title: "Update organization risk | Comp AI API" + sidebarTitle: "Update organization risk" + description: "Update a risk record as mitigation work progresses so compliance reports reflect the current risk posture." + og:title: "Update organization risk | Comp AI API" + og:description: "Update a risk record as mitigation work progresses so compliance reports reflect the current risk posture." + x-speakeasy-mcp: + name: "update-risk" + delete: + description: "Delete an organization risk that no longer needs active tracking in the risk register or compliance program." + operationId: "RisksController_deleteRisk_v1" parameters: - - name: "X-Organization-Id" - in: "header" - description: "Organization ID (required for session auth, optional for API key auth)" - required: false - schema: - type: "string" - name: "id" required: true in: "path" - description: "Policy ID" - schema: - type: "string" - example: "pol_abc123def456" - - name: "versionId" - required: true - in: "path" - description: "Policy version ID" + description: "Risk ID" schema: + example: "rsk_abc123def456" type: "string" - example: "pv_abc123def456" - requestBody: - required: true - description: "Update content for a policy version" - content: - application/json: - schema: - $ref: "#/components/schemas/UpdateVersionContentDto" responses: "200": - description: "Version content updated" + description: "Risk deleted successfully" content: application/json: schema: type: "object" properties: - versionId: + message: type: "string" - "400": - description: "Invalid request" + example: "Risk deleted successfully" + deletedRisk: + type: "object" + properties: + id: + type: "string" + description: "Deleted risk ID" + example: "rsk_abc123def456" + title: + type: "string" + description: "Deleted risk title" + example: "Data breach vulnerability in user authentication system" + authType: + type: "string" + enum: + - "api-key" + - "session" + description: "How the request was authenticated" + authenticatedUser: + type: "object" + description: "User information (only for session auth)" + properties: + id: + type: "string" + example: "usr_def456ghi789" + email: + type: "string" + example: "user@example.com" + "401": + description: "Unauthorized - Invalid authentication or insufficient permissions" content: application/json: schema: @@ -6105,9 +4877,9 @@ paths: properties: message: type: "string" - example: "Invalid request" - "401": - description: "Unauthorized" + example: "Invalid or expired API key" + "404": + description: "Risk not found" content: application/json: schema: @@ -6115,9 +4887,9 @@ paths: properties: message: type: "string" - example: "Unauthorized" - "404": - description: "Resource not found" + example: "Risk with ID rsk_abc123def456 not found in organization org_abc123def456" + "500": + description: "Internal server error" content: application/json: schema: @@ -6125,57 +4897,173 @@ paths: properties: message: type: "string" - example: "Resource not found" + example: "Internal server error" security: - apikey: [] - summary: "Update version content" + summary: "Delete organization risk" tags: - - "Policies" - x-speakeasy-mcp: - name: "update-policy-version-content" + - "Risks" x-mint: metadata: - title: "Update version content | Comp AI API" - sidebarTitle: "Update version content" - description: "Update version content in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting and approval workflows." - og:title: "Update version content | Comp AI API" - og:description: "Update version content in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting and approval workflows." - delete: - description: "Delete policy version in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting and approval workflows." - operationId: "PoliciesController_deletePolicyVersion_v1" + title: "Delete organization risk | Comp AI API" + sidebarTitle: "Delete organization risk" + description: "Delete an organization risk that no longer needs active tracking in the risk register or compliance program." + og:title: "Delete organization risk | Comp AI API" + og:description: "Delete an organization risk that no longer needs active tracking in the risk register or compliance program." + x-speakeasy-mcp: + name: "delete-risk" + /v1/vendors/global/search: + get: + operationId: "VendorsController_searchGlobalVendors_v1" parameters: - - name: "X-Organization-Id" - in: "header" - description: "Organization ID (required for session auth, optional for API key auth)" + - name: "name" required: false + in: "query" + description: "Vendor name to search for" schema: type: "string" - - name: "id" - required: true - in: "path" - description: "Policy ID" - schema: - type: "string" - example: "pol_abc123def456" - - name: "versionId" - required: true - in: "path" - description: "Policy version ID" - schema: - type: "string" - example: "pv_abc123def456" responses: "200": - description: "Version deleted" + description: "" + security: + - apikey: [] + summary: "Search global vendors" + tags: + - "Vendors" + description: "Search global vendor records to prefill vendor profiles and speed up third-party risk assessment workflows." + x-mint: + metadata: + title: "Search global vendors | Comp AI API" + sidebarTitle: "Search global vendors" + description: "Search global vendor records to prefill vendor profiles and speed up third-party risk assessment workflows." + og:title: "Search global vendors | Comp AI API" + og:description: "Search global vendor records to prefill vendor profiles and speed up third-party risk assessment workflows." + x-speakeasy-mcp: + name: "search-global-vendors" + /v1/vendors: + get: + description: "List third-party vendors with risk level, owner, assessment status, and Trust Center visibility for vendor risk management." + operationId: "VendorsController_getAllVendors_v1" + parameters: [] + responses: + "200": + description: "Vendors retrieved successfully" content: application/json: schema: type: "object" properties: - deletedVersion: + data: + type: "array" + items: + type: "object" + properties: + id: + type: "string" + description: "Vendor ID" + example: "vnd_abc123def456" + name: + type: "string" + description: "Vendor name" + example: "CloudTech Solutions Inc." + description: + type: "string" + description: "Vendor description" + example: "Cloud infrastructure provider offering AWS-like services" + category: + type: "string" + enum: + - "cloud" + - "infrastructure" + - "software_as_a_service" + - "finance" + - "marketing" + - "sales" + - "hr" + - "other" + example: "cloud" + status: + type: "string" + enum: + - "not_assessed" + - "in_progress" + - "assessed" + example: "not_assessed" + inherentProbability: + type: "string" + enum: + - "very_unlikely" + - "unlikely" + - "possible" + - "likely" + - "very_likely" + example: "possible" + inherentImpact: + type: "string" + enum: + - "insignificant" + - "minor" + - "moderate" + - "major" + - "severe" + example: "moderate" + residualProbability: + type: "string" + enum: + - "very_unlikely" + - "unlikely" + - "possible" + - "likely" + - "very_likely" + example: "unlikely" + residualImpact: + type: "string" + enum: + - "insignificant" + - "minor" + - "moderate" + - "major" + - "severe" + example: "minor" + website: + type: "string" + nullable: true + example: "https://www.cloudtechsolutions.com" + assigneeId: + type: "string" + nullable: true + description: "ID of the user assigned to manage this vendor" + example: "mem_abc123def456" + createdAt: + type: "string" + format: "date-time" + description: "When the vendor was created" + updatedAt: + type: "string" + format: "date-time" + description: "When the vendor was last updated" + count: type: "number" - "400": - description: "Invalid request" + description: "Total number of vendors" + example: 12 + authType: + type: "string" + enum: + - "api-key" + - "session" + description: "How the request was authenticated" + authenticatedUser: + type: "object" + description: "User information (only for session auth)" + properties: + id: + type: "string" + example: "usr_def456ghi789" + email: + type: "string" + example: "user@example.com" + "401": + description: "Unauthorized - Invalid authentication or insufficient permissions" content: application/json: schema: @@ -6183,9 +5071,9 @@ paths: properties: message: type: "string" - example: "Invalid request" - "401": - description: "Unauthorized" + example: "Invalid or expired API key" + "404": + description: "Organization not found" content: application/json: schema: @@ -6193,9 +5081,9 @@ paths: properties: message: type: "string" - example: "Unauthorized" - "404": - description: "Resource not found" + example: "Organization with ID org_abc123def456 not found" + "500": + description: "Internal server error" content: application/json: schema: @@ -6203,60 +5091,167 @@ paths: properties: message: type: "string" - example: "Resource not found" + example: "Internal server error" security: - apikey: [] - summary: "Delete policy version" + summary: "List vendors" tags: - - "Policies" + - "Vendors" x-mint: metadata: - title: "Delete policy version | Comp AI API" - sidebarTitle: "Delete policy version" - description: "Delete policy version in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting and approval workflows." - og:title: "Delete policy version | Comp AI API" - og:description: "Delete policy version in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting and approval workflows." + title: "List vendors | Comp AI API" + sidebarTitle: "List vendors" + description: "List third-party vendors with risk level, owner, assessment status, and Trust Center visibility for vendor risk management." + og:title: "List vendors | Comp AI API" + og:description: "List third-party vendors with risk level, owner, assessment status, and Trust Center visibility for vendor risk management." x-speakeasy-mcp: - name: "delete-policy-version" - /v1/policies/{id}/versions/publish: + name: "get-all-vendors" post: - description: "Publishes a draft policy version, making it the active/current version of the policy. Pass the versionId of the draft you want to publish — for example one created via create-policy-version and then edited." - operationId: "PoliciesController_publishPolicyVersion_v1" - parameters: - - name: "X-Organization-Id" - in: "header" - description: "Organization ID (required for session auth, optional for API key auth)" - required: false - schema: - type: "string" - - name: "id" - required: true - in: "path" - description: "Policy ID" - schema: - type: "string" - example: "pol_abc123def456" + description: "Create a vendor record so teams can track third-party risk, assessment evidence, owner, category, and compliance status." + operationId: "VendorsController_createVendor_v1" + parameters: [] requestBody: required: true - description: "Publish a new policy version" + description: "Vendor creation data" content: application/json: schema: - $ref: "#/components/schemas/PublishVersionDto" + $ref: "#/components/schemas/CreateVendorDto" responses: - "200": - description: "Version published" + "201": + description: "Vendor created successfully" + content: + application/json: + schema: + type: "object" + properties: + id: + type: "string" + description: "Vendor ID" + example: "vnd_abc123def456" + name: + type: "string" + description: "Vendor name" + example: "CloudTech Solutions Inc." + description: + type: "string" + description: "Vendor description" + example: "Cloud infrastructure provider offering AWS-like services including compute, storage, and networking solutions for enterprise customers." + category: + type: "string" + enum: + - "cloud" + - "infrastructure" + - "software_as_a_service" + - "finance" + - "marketing" + - "sales" + - "hr" + - "other" + example: "cloud" + status: + type: "string" + enum: + - "not_assessed" + - "in_progress" + - "assessed" + example: "not_assessed" + inherentProbability: + type: "string" + enum: + - "very_unlikely" + - "unlikely" + - "possible" + - "likely" + - "very_likely" + example: "possible" + inherentImpact: + type: "string" + enum: + - "insignificant" + - "minor" + - "moderate" + - "major" + - "severe" + example: "moderate" + residualProbability: + type: "string" + enum: + - "very_unlikely" + - "unlikely" + - "possible" + - "likely" + - "very_likely" + example: "unlikely" + residualImpact: + type: "string" + enum: + - "insignificant" + - "minor" + - "moderate" + - "major" + - "severe" + example: "minor" + website: + type: "string" + nullable: true + example: "https://www.cloudtechsolutions.com" + organizationId: + type: "string" + example: "org_abc123def456" + assigneeId: + type: "string" + nullable: true + description: "ID of the user assigned to manage this vendor" + example: "mem_abc123def456" + createdAt: + type: "string" + format: "date-time" + description: "When the vendor was created" + updatedAt: + type: "string" + format: "date-time" + description: "When the vendor was last updated" + authType: + type: "string" + enum: + - "api-key" + - "session" + description: "How the request was authenticated" + authenticatedUser: + type: "object" + description: "User information (only for session auth)" + properties: + id: + type: "string" + example: "usr_def456ghi789" + email: + type: "string" + example: "user@example.com" + "400": + description: "Bad request - Invalid input data" content: application/json: schema: type: "object" properties: - versionId: + message: + type: "array" + items: + type: "string" + example: + - "name should not be empty" + - "description should not be empty" + - "category must be a valid enum value" + - "website must be a URL address" + error: type: "string" - version: + example: "Bad Request" + statusCode: type: "number" - "400": - description: "Invalid request" + example: 400 + "401": + description: "Unauthorized - Invalid authentication or insufficient permissions" content: application/json: schema: @@ -6264,9 +5259,9 @@ paths: properties: message: type: "string" - example: "Invalid request" - "401": - description: "Unauthorized" + example: "Invalid or expired API key" + "404": + description: "Organization not found" content: application/json: schema: @@ -6274,9 +5269,9 @@ paths: properties: message: type: "string" - example: "Unauthorized" - "404": - description: "Resource not found" + example: "Organization with ID org_abc123def456 not found" + "500": + description: "Internal server error" content: application/json: schema: @@ -6284,60 +5279,146 @@ paths: properties: message: type: "string" - example: "Resource not found" + example: "Internal server error" security: - apikey: [] - summary: "Publish policy version" + summary: "Create vendor" tags: - - "Policies" - x-speakeasy-mcp: - name: "publish-policy-version" + - "Vendors" x-mint: metadata: - title: "Publish policy version | Comp AI API" - sidebarTitle: "Publish policy version" - description: "Publishes a draft policy version, making it the active/current version of the policy. Pass the versionId of the draft you want to publish — for example one." - og:title: "Publish policy version | Comp AI API" - og:description: "Publishes a draft policy version, making it the active/current version of the policy. Pass the versionId of the draft you want to publish — for example one." - /v1/policies/{id}/versions/{versionId}/activate: - post: - description: "Set active policy version in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting and approval workflows." - operationId: "PoliciesController_setActivePolicyVersion_v1" + title: "Create vendor | Comp AI API" + sidebarTitle: "Create vendor" + description: "Create a vendor record so teams can track third-party risk, assessment evidence, owner, category, and compliance status." + og:title: "Create vendor | Comp AI API" + og:description: "Create a vendor record so teams can track third-party risk, assessment evidence, owner, category, and compliance status." + x-speakeasy-mcp: + name: "create-vendor" + /v1/vendors/{id}: + get: + description: "Retrieve one vendor record with ownership, review status, risk context, and third-party compliance metadata." + operationId: "VendorsController_getVendorById_v1" parameters: - - name: "X-Organization-Id" - in: "header" - description: "Organization ID (required for session auth, optional for API key auth)" - required: false - schema: - type: "string" - name: "id" required: true in: "path" - description: "Policy ID" - schema: - type: "string" - example: "pol_abc123def456" - - name: "versionId" - required: true - in: "path" - description: "Policy version ID" + description: "Vendor ID" schema: + example: "vnd_abc123def456" type: "string" - example: "pv_abc123def456" responses: "200": - description: "Active version updated" + description: "Vendor retrieved successfully" content: application/json: schema: type: "object" properties: - versionId: + id: type: "string" - version: - type: "number" - "400": - description: "Invalid request" + description: "Vendor ID" + example: "vnd_abc123def456" + name: + type: "string" + description: "Vendor name" + example: "CloudTech Solutions Inc." + description: + type: "string" + description: "Vendor description" + example: "Cloud infrastructure provider offering AWS-like services including compute, storage, and networking solutions for enterprise customers." + category: + type: "string" + enum: + - "cloud" + - "infrastructure" + - "software_as_a_service" + - "finance" + - "marketing" + - "sales" + - "hr" + - "other" + example: "cloud" + status: + type: "string" + enum: + - "not_assessed" + - "in_progress" + - "assessed" + example: "not_assessed" + inherentProbability: + type: "string" + enum: + - "very_unlikely" + - "unlikely" + - "possible" + - "likely" + - "very_likely" + example: "possible" + inherentImpact: + type: "string" + enum: + - "insignificant" + - "minor" + - "moderate" + - "major" + - "severe" + example: "moderate" + residualProbability: + type: "string" + enum: + - "very_unlikely" + - "unlikely" + - "possible" + - "likely" + - "very_likely" + example: "unlikely" + residualImpact: + type: "string" + enum: + - "insignificant" + - "minor" + - "moderate" + - "major" + - "severe" + example: "minor" + website: + type: "string" + nullable: true + example: "https://www.cloudtechsolutions.com" + organizationId: + type: "string" + example: "org_abc123def456" + assigneeId: + type: "string" + nullable: true + description: "ID of the user assigned to manage this vendor" + example: "mem_abc123def456" + createdAt: + type: "string" + format: "date-time" + description: "When the vendor was created" + updatedAt: + type: "string" + format: "date-time" + description: "When the vendor was last updated" + authType: + type: "string" + enum: + - "api-key" + - "session" + description: "How the request was authenticated" + authenticatedUser: + type: "object" + description: "User information (only for session auth)" + properties: + id: + type: "string" + example: "usr_def456ghi789" + email: + type: "string" + example: "user@example.com" + "401": + description: "Unauthorized - Invalid authentication or insufficient permissions" content: application/json: schema: @@ -6345,9 +5426,9 @@ paths: properties: message: type: "string" - example: "Invalid request" - "401": - description: "Unauthorized" + example: "Invalid or expired API key" + "404": + description: "Vendor not found" content: application/json: schema: @@ -6355,9 +5436,9 @@ paths: properties: message: type: "string" - example: "Unauthorized" - "404": - description: "Resource not found" + example: "Vendor with ID vnd_abc123def456 not found in organization org_abc123def456" + "500": + description: "Internal server error" content: application/json: schema: @@ -6365,77 +5446,174 @@ paths: properties: message: type: "string" - example: "Resource not found" + example: "Internal server error" security: - apikey: [] - summary: "Set active policy version" + summary: "Get vendor details" tags: - - "Policies" + - "Vendors" x-mint: metadata: - title: "Set active policy version | Comp AI API" - sidebarTitle: "Set active policy version" - description: "Set active policy version in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting and approval workflows." - og:title: "Set active policy version | Comp AI API" - og:description: "Set active policy version in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting and approval workflows." + title: "Get vendor details | Comp AI API" + sidebarTitle: "Get vendor details" + description: "Retrieve one vendor record with ownership, review status, risk context, and third-party compliance metadata." + og:title: "Get vendor details | Comp AI API" + og:description: "Retrieve one vendor record with ownership, review status, risk context, and third-party compliance metadata." x-speakeasy-mcp: - name: "set-active-policy-version" - /v1/policies/{id}/versions/{versionId}/submit-for-approval: - post: - description: "Submit version for approval in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting and approval workflows." - operationId: "PoliciesController_submitVersionForApproval_v1" + name: "get-vendor-by-id" + patch: + description: "Update vendor ownership, risk attributes, review metadata, and third-party compliance context for an organization." + operationId: "VendorsController_updateVendor_v1" parameters: - - name: "X-Organization-Id" - in: "header" - description: "Organization ID (required for session auth, optional for API key auth)" - required: false - schema: - type: "string" - name: "id" required: true in: "path" - description: "Policy ID" - schema: - type: "string" - example: "pol_abc123def456" - - name: "versionId" - required: true - in: "path" - description: "Policy version ID" + description: "Vendor ID" schema: + example: "vnd_abc123def456" type: "string" - example: "pv_abc123def456" requestBody: required: true - description: "Submit a policy version for approval" + description: "Vendor update data" content: application/json: schema: - $ref: "#/components/schemas/SubmitForApprovalDto" + $ref: "#/components/schemas/UpdateVendorDto" responses: "200": - description: "Version submitted for approval" + description: "Vendor updated successfully" content: application/json: schema: type: "object" properties: - versionId: + id: type: "string" - version: - type: "number" + description: "Vendor ID" + example: "vnd_abc123def456" + name: + type: "string" + description: "Vendor name" + example: "CloudTech Solutions Inc." + description: + type: "string" + description: "Vendor description" + example: "Cloud infrastructure provider offering AWS-like services including compute, storage, and networking solutions for enterprise customers." + category: + type: "string" + enum: + - "cloud" + - "infrastructure" + - "software_as_a_service" + - "finance" + - "marketing" + - "sales" + - "hr" + - "other" + example: "cloud" + status: + type: "string" + enum: + - "not_assessed" + - "in_progress" + - "assessed" + example: "assessed" + inherentProbability: + type: "string" + enum: + - "very_unlikely" + - "unlikely" + - "possible" + - "likely" + - "very_likely" + example: "possible" + inherentImpact: + type: "string" + enum: + - "insignificant" + - "minor" + - "moderate" + - "major" + - "severe" + example: "moderate" + residualProbability: + type: "string" + enum: + - "very_unlikely" + - "unlikely" + - "possible" + - "likely" + - "very_likely" + example: "unlikely" + residualImpact: + type: "string" + enum: + - "insignificant" + - "minor" + - "moderate" + - "major" + - "severe" + example: "minor" + website: + type: "string" + nullable: true + example: "https://www.cloudtechsolutions.com" + organizationId: + type: "string" + example: "org_abc123def456" + assigneeId: + type: "string" + nullable: true + description: "ID of the user assigned to manage this vendor" + example: "mem_abc123def456" + createdAt: + type: "string" + format: "date-time" + description: "When the vendor was created" + updatedAt: + type: "string" + format: "date-time" + description: "When the vendor was last updated" + authType: + type: "string" + enum: + - "api-key" + - "session" + description: "How the request was authenticated" + authenticatedUser: + type: "object" + description: "User information (only for session auth)" + properties: + id: + type: "string" + example: "usr_def456ghi789" + email: + type: "string" + example: "user@example.com" "400": - description: "Invalid request" + description: "Bad request - Invalid input data" content: application/json: schema: type: "object" properties: message: + type: "array" + items: + type: "string" + example: + - "name should not be empty" + - "category must be a valid enum value" + - "status must be a valid enum value" + - "website must be a URL address" + error: type: "string" - example: "Invalid request" + example: "Bad Request" + statusCode: + type: "number" + example: 400 "401": - description: "Unauthorized" + description: "Unauthorized - Invalid authentication or insufficient permissions" content: application/json: schema: @@ -6443,9 +5621,9 @@ paths: properties: message: type: "string" - example: "Unauthorized" + example: "Invalid or expired API key" "404": - description: "Resource not found" + description: "Vendor not found" content: application/json: schema: @@ -6453,475 +5631,708 @@ paths: properties: message: type: "string" - example: "Resource not found" - security: - - apikey: [] - summary: "Submit version for approval" - tags: - - "Policies" - x-speakeasy-mcp: - name: "submit-policy-version-for-approval" - x-mint: - metadata: - title: "Submit version for approval | Comp AI API" - sidebarTitle: "Submit version for approval" - description: "Submit version for approval in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting and approval." - og:title: "Submit version for approval | Comp AI API" - og:description: "Submit version for approval in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting and approval." - /v1/policies/{id}/accept-changes: - post: - operationId: "PoliciesController_acceptPolicyChanges_v1" - parameters: - - name: "X-Organization-Id" - in: "header" - description: "Organization ID (required for session auth, optional for API key auth)" - required: false - schema: - type: "string" - - name: "id" - required: true - in: "path" - description: "Policy ID" - schema: - example: "pol_abc123def456" - type: "string" - responses: - "201": - description: "" - security: - - apikey: [] - summary: "Accept pending policy changes and publish the version" - tags: - - "Policies" - x-speakeasy-mcp: - name: "accept-policy-changes" - description: "Accept pending policy changes and publish the version in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting and approval workflows." - x-mint: - metadata: - title: "Accept pending policy changes and publish the | Comp AI API" - sidebarTitle: "Accept pending policy changes and publish the version" - description: "Accept pending policy changes and publish the version in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted." - og:title: "Accept pending policy changes and publish the | Comp AI API" - og:description: "Accept pending policy changes and publish the version in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted." - /v1/policies/{id}/deny-changes: - post: - operationId: "PoliciesController_denyPolicyChanges_v1" - parameters: - - name: "X-Organization-Id" - in: "header" - description: "Organization ID (required for session auth, optional for API key auth)" - required: false - schema: - type: "string" - - name: "id" - required: true - in: "path" - description: "Policy ID" - schema: - example: "pol_abc123def456" - type: "string" - responses: - "201": - description: "" + example: "Vendor with ID vnd_abc123def456 not found in organization org_abc123def456" + "500": + description: "Internal server error" + content: + application/json: + schema: + type: "object" + properties: + message: + type: "string" + example: "Internal server error" security: - apikey: [] - summary: "Deny pending policy changes" - tags: - - "Policies" - description: "Deny pending policy changes in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting and approval workflows." - x-mint: - metadata: - title: "Deny pending policy changes | Comp AI API" - sidebarTitle: "Deny pending policy changes" - description: "Deny pending policy changes in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting and approval." - og:title: "Deny pending policy changes | Comp AI API" - og:description: "Deny pending policy changes in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting and approval." + summary: "Update vendor record" + tags: + - "Vendors" + x-mint: + metadata: + title: "Update vendor record | Comp AI API" + sidebarTitle: "Update vendor record" + description: "Update vendor ownership, risk attributes, review metadata, and third-party compliance context for an organization." + og:title: "Update vendor record | Comp AI API" + og:description: "Update vendor ownership, risk attributes, review metadata, and third-party compliance context for an organization." x-speakeasy-mcp: - name: "deny-policy-changes" - /v1/policies/{id}/ai-chat: - post: - description: "Ask policy-specific questions and request draft improvements while preserving human review before policy changes are applied." - operationId: "PoliciesController_aiChatPolicy_v1" + name: "update-vendor" + delete: + description: "Permanently removes a vendor from the organization. This action cannot be undone." + operationId: "VendorsController_deleteVendor_v1" parameters: - - name: "X-Organization-Id" - in: "header" - description: "Organization ID (required for session auth, optional for API key auth)" - required: false - schema: - type: "string" - name: "id" required: true in: "path" - description: "Policy ID" + description: "Vendor ID" schema: - example: "pol_abc123def456" + example: "vnd_abc123def456" type: "string" - requestBody: - required: true - content: - application/json: - schema: - $ref: "#/components/schemas/AISuggestPolicyRequestDto" responses: "200": - description: "Streaming AI response" + description: "Vendor deleted successfully" content: - text/event-stream: + application/json: schema: - type: "string" + type: "object" + properties: + message: + type: "string" + example: "Vendor deleted successfully" + deletedVendor: + type: "object" + properties: + id: + type: "string" + description: "Deleted vendor ID" + example: "vnd_abc123def456" + name: + type: "string" + description: "Deleted vendor name" + example: "CloudTech Solutions Inc." + authType: + type: "string" + enum: + - "api-key" + - "session" + description: "How the request was authenticated" + authenticatedUser: + type: "object" + description: "User information (only for session auth)" + properties: + id: + type: "string" + example: "usr_def456ghi789" + email: + type: "string" + example: "user@example.com" "401": - description: "Unauthorized" + description: "Unauthorized - Invalid authentication or insufficient permissions" + content: + application/json: + schema: + type: "object" + properties: + message: + type: "string" + example: "Invalid or expired API key" "404": - description: "Policy not found" + description: "Vendor not found" + content: + application/json: + schema: + type: "object" + properties: + message: + type: "string" + example: "Vendor with ID vnd_abc123def456 not found in organization org_abc123def456" + "500": + description: "Internal server error" + content: + application/json: + schema: + type: "object" + properties: + message: + type: "string" + example: "Internal server error" security: - apikey: [] - summary: "Chat with AI about a policy" + summary: "Delete vendor" tags: - - "Policies" + - "Vendors" x-mint: metadata: - title: "Chat with AI about a policy | Comp AI API" - sidebarTitle: "Chat with AI about a policy" - description: "Ask policy-specific questions and request draft improvements while preserving human review before policy changes are applied." - og:title: "Chat with AI about a policy | Comp AI API" - og:description: "Ask policy-specific questions and request draft improvements while preserving human review before policy changes are applied." + title: "Delete vendor | Comp AI API" + sidebarTitle: "Delete vendor" + description: "Permanently removes a vendor from the organization. This action cannot be undone." + og:title: "Delete vendor | Comp AI API" + og:description: "Permanently removes a vendor from the organization. This action cannot be undone." x-speakeasy-mcp: - name: "ai-chat-policy" - /v1/device-agent/exchange-code: + name: "delete-vendor" + /v1/vendors/{id}/trigger-assessment: post: - operationId: "DeviceAgentController_exchangeCode_v1" - parameters: [] - requestBody: - required: true - content: - application/json: - schema: - $ref: "#/components/schemas/ExchangeCodeDto" - responses: - "201": - description: "" - summary: "Exchange an auth code for device credentials" - tags: - - "Device Agent" - description: "Exchange an auth code for device credentials in Comp AI. Register employee devices, submit device compliance check-ins, download agent builds, and manage endpoint security status." - x-mint: - metadata: - title: "Exchange an auth code for device credentials | Comp AI API" - sidebarTitle: "Exchange an auth code for device credentials" - description: "Exchange an auth code for device credentials in Comp AI. Register employee devices, submit device compliance check-ins, download agent builds, and manage." - og:title: "Exchange an auth code for device credentials | Comp AI API" - og:description: "Exchange an auth code for device credentials in Comp AI. Register employee devices, submit device compliance check-ins, download agent builds, and manage." - x-speakeasy-mcp: - name: "exchange-code" - /v1/device-agent/updates/{filename}: - get: - operationId: "DeviceAgentController_getUpdateFile_v1" - parameters: - - name: "filename" - required: true - in: "path" - schema: - type: "string" - responses: - "200": - description: "" - summary: "Download a device-agent update" - tags: - - "Device Agent" - description: "Download a device-agent update in Comp AI. Register employee devices, submit device compliance check-ins, download agent builds, and manage endpoint security status." - x-mint: - metadata: - title: "Download a device-agent update | Comp AI API" - sidebarTitle: "Download a device-agent update" - description: "Download a device-agent update in Comp AI. Register employee devices, submit device compliance check-ins, download agent builds, and manage endpoint." - og:title: "Download a device-agent update | Comp AI API" - og:description: "Download a device-agent update in Comp AI. Register employee devices, submit device compliance check-ins, download agent builds, and manage endpoint." - x-speakeasy-mcp: - name: "get-update-file" - head: - operationId: "DeviceAgentController_headUpdateFile_v1" + operationId: "VendorsController_triggerAssessment_v1" parameters: - - name: "filename" + - name: "id" required: true in: "path" + description: "Vendor ID" schema: + example: "vnd_abc123def456" type: "string" - responses: - "200": - description: "" - summary: "Check a device-agent update's metadata" - tags: - - "Device Agent" - description: "Check a device-agent update's metadata in Comp AI. Register employee devices, submit device compliance check-ins, download agent builds, and manage endpoint security status." - x-mint: - metadata: - title: "Check a device-agent update's metadata | Comp AI API" - sidebarTitle: "Check a device-agent update's metadata" - description: "Check a device-agent update's metadata in Comp AI. Register employee devices, submit device compliance check-ins, download agent builds, and manage endpoint." - og:title: "Check a device-agent update's metadata | Comp AI API" - og:description: "Check a device-agent update's metadata in Comp AI. Register employee devices, submit device compliance check-ins, download agent builds, and manage endpoint." - x-speakeasy-mcp: - name: "head-update-file" - /v1/device-agent/auth-code: - post: - operationId: "DeviceAgentController_generateAuthCode_v1" - parameters: [] - requestBody: - required: true - content: - application/json: - schema: - $ref: "#/components/schemas/AuthCodeDto" responses: "201": description: "" - summary: "Create a device-agent auth code" + security: + - apikey: [] + summary: "Trigger vendor risk assessment" tags: - - "Device Agent" - description: "Create a device-agent auth code in Comp AI. Register employee devices, submit device compliance check-ins, download agent builds, and manage endpoint security status." + - "Vendors" + description: "Trigger a vendor risk assessment so Comp AI can update third-party risk evidence and vendor security review status." x-mint: metadata: - title: "Create a device-agent auth code | Comp AI API" - sidebarTitle: "Create a device-agent auth code" - description: "Create a device-agent auth code in Comp AI. Register employee devices, submit device compliance check-ins, download agent builds, and manage endpoint." - og:title: "Create a device-agent auth code | Comp AI API" - og:description: "Create a device-agent auth code in Comp AI. Register employee devices, submit device compliance check-ins, download agent builds, and manage endpoint." + title: "Trigger vendor risk assessment | Comp AI API" + sidebarTitle: "Trigger vendor risk assessment" + description: "Trigger a vendor risk assessment so Comp AI can update third-party risk evidence and vendor security review status." + og:title: "Trigger vendor risk assessment | Comp AI API" + og:description: "Trigger a vendor risk assessment so Comp AI can update third-party risk evidence and vendor security review status." x-speakeasy-mcp: - name: "generate-auth-code" - /v1/device-agent/my-organizations: + name: "trigger-assessment" + /v1/context: get: - operationId: "DeviceAgentController_getMyOrganizations_v1" - parameters: [] - responses: - "200": - description: "" - summary: "List organizations for the current device" - tags: - - "Device Agent" - description: "List organizations for the current device in Comp AI. Register employee devices, submit device compliance check-ins, download agent builds, and manage endpoint security status." - x-mint: - metadata: - title: "List organizations for the current device | Comp AI API" - sidebarTitle: "List organizations for the current device" - description: "List organizations for the current device in Comp AI. Register employee devices, submit device compliance check-ins, download agent builds, and manage." - og:title: "List organizations for the current device | Comp AI API" - og:description: "List organizations for the current device in Comp AI. Register employee devices, submit device compliance check-ins, download agent builds, and manage." - x-speakeasy-mcp: - name: "get-my-organizations" - /v1/device-agent/register: - post: - operationId: "DeviceAgentController_registerDevice_v1" - parameters: [] - requestBody: - required: true - content: - application/json: - schema: - $ref: "#/components/schemas/RegisterDeviceDto" + description: "List organization context entries used as approved source material for evidence, questionnaires, policies, and AI workflows." + operationId: "ContextController_getAllContext_v1" + parameters: + - name: "search" + required: false + in: "query" + description: "Search by question text" + schema: + type: "string" + - name: "page" + required: false + in: "query" + description: "Page number (1-based)" + schema: + type: "string" + - name: "perPage" + required: false + in: "query" + description: "Items per page" + schema: + type: "string" responses: - "201": - description: "" - summary: "Register device agent" + "200": + description: "Context entries retrieved successfully" + content: + application/json: + schema: + type: "object" + properties: + data: + type: "array" + items: + type: "object" + properties: + id: + type: "string" + organizationId: + type: "string" + question: + type: "string" + answer: + type: "string" + tags: + type: "array" + items: + type: "string" + createdAt: + type: "string" + format: "date-time" + updatedAt: + type: "string" + format: "date-time" + count: + type: "number" + authType: + type: "string" + enum: + - "api-key" + - "session" + example: + data: + - id: "ctx_abc123def456" + organizationId: "org_xyz789uvw012" + question: "How do we handle user authentication in our application?" + answer: "We use a hybrid authentication system supporting both API keys and session-based authentication." + tags: + - "authentication" + - "security" + - "api" + - "sessions" + createdAt: "2024-01-15T10:30:00.000Z" + updatedAt: "2024-01-15T14:20:00.000Z" + - id: "ctx_ghi789jkl012" + organizationId: "org_xyz789uvw012" + question: "What database do we use and why?" + answer: "We use PostgreSQL as our primary database with Prisma as the ORM." + tags: + - "database" + - "postgresql" + - "prisma" + - "architecture" + createdAt: "2024-01-14T09:15:00.000Z" + updatedAt: "2024-01-14T09:15:00.000Z" + count: 2 + authType: "apikey" + "401": + description: "Unauthorized - Invalid or missing authentication" + content: + application/json: + schema: + type: "object" + properties: + message: + type: "string" + statusCode: + type: "number" + example: 401 + example: + message: "Unauthorized" + statusCode: 401 + "404": + description: "Organization not found" + content: + application/json: + schema: + type: "object" + properties: + message: + type: "string" + statusCode: + type: "number" + example: 404 + example: + message: "Organization not found" + statusCode: 404 + "500": + description: "Internal server error" + content: + application/json: + schema: + type: "object" + properties: + message: + type: "string" + statusCode: + type: "number" + example: 500 + example: + message: "Internal server error" + statusCode: 500 + security: + - apikey: [] + summary: "List organization context" tags: - - "Device Agent" - description: "Register a Comp AI Device Agent installation so employee endpoint checks can report into compliance tasks and device inventory." + - "Context" x-mint: metadata: - title: "Register device agent | Comp AI API" - sidebarTitle: "Register device agent" - description: "Register a Comp AI Device Agent installation so employee endpoint checks can report into compliance tasks and device inventory." - og:title: "Register device agent | Comp AI API" - og:description: "Register a Comp AI Device Agent installation so employee endpoint checks can report into compliance tasks and device inventory." + title: "List organization context | Comp AI API" + sidebarTitle: "List organization context" + description: "List organization context entries used as approved source material for evidence, questionnaires, policies, and AI workflows." + og:title: "List organization context | Comp AI API" + og:description: "List organization context entries used as approved source material for evidence, questionnaires, policies, and AI workflows." x-speakeasy-mcp: - name: "register-device" - /v1/device-agent/check-in: + name: "get-all-context" post: - operationId: "DeviceAgentController_checkIn_v1" + description: "Creates a new context entry for the authenticated organization. All required fields must be provided." + operationId: "ContextController_createContext_v1" parameters: [] requestBody: required: true + description: "Context entry data" content: application/json: schema: - $ref: "#/components/schemas/CheckInDto" + $ref: "#/components/schemas/CreateContextDto" + examples: + Authentication Context: + value: + question: "How do we handle user authentication in our application?" + answer: "We use a hybrid authentication system supporting both API keys and session-based authentication. API keys are used for programmatic access while sessions are used for web interface interactions." + tags: + - "authentication" + - "security" + - "api" + - "sessions" + Database Context: + value: + question: "What database do we use and why?" + answer: "We use PostgreSQL as our primary database with Prisma as the ORM. PostgreSQL provides excellent performance, ACID compliance, and supports advanced features like JSON columns and full-text search." + tags: + - "database" + - "postgresql" + - "prisma" + - "architecture" responses: "201": - description: "" - summary: "Submit device compliance check-in" + description: "Context entry created successfully" + content: + application/json: + schema: + type: "object" + properties: + id: + type: "string" + organizationId: + type: "string" + question: + type: "string" + answer: + type: "string" + tags: + type: "array" + items: + type: "string" + createdAt: + type: "string" + format: "date-time" + updatedAt: + type: "string" + format: "date-time" + authType: + type: "string" + enum: + - "api-key" + - "session" + example: + id: "ctx_abc123def456" + organizationId: "org_xyz789uvw012" + question: "How do we handle user authentication in our application?" + answer: "We use a hybrid authentication system supporting both API keys and session-based authentication." + tags: + - "authentication" + - "security" + - "api" + - "sessions" + createdAt: "2024-01-15T10:30:00.000Z" + updatedAt: "2024-01-15T10:30:00.000Z" + authType: "apikey" + "400": + description: "Bad request - Invalid input data" + content: + application/json: + schema: + type: "object" + properties: + message: + type: "array" + items: + type: "string" + error: + type: "string" + statusCode: + type: "number" + example: + message: + - "question should not be empty" + - "answer should not be empty" + error: "Bad Request" + statusCode: 400 + "401": + description: "Unauthorized - Invalid or missing authentication" + content: + application/json: + schema: + type: "object" + properties: + message: + type: "string" + statusCode: + type: "number" + example: 401 + example: + message: "Unauthorized" + statusCode: 401 + "404": + description: "Organization not found" + content: + application/json: + schema: + type: "object" + properties: + message: + type: "string" + statusCode: + type: "number" + example: 404 + example: + message: "Organization not found" + statusCode: 404 + "500": + description: "Internal server error" + content: + application/json: + schema: + type: "object" + properties: + message: + type: "string" + statusCode: + type: "number" + example: 500 + example: + message: "Internal server error" + statusCode: 500 + security: + - apikey: [] + summary: "Create a new context entry" tags: - - "Device Agent" - description: "Submit device security check results for encryption, antivirus, password policy, screen lock, and other endpoint controls." + - "Context" x-mint: metadata: - title: "Submit device compliance check-in | Comp AI API" - sidebarTitle: "Submit device compliance check-in" - description: "Submit device security check results for encryption, antivirus, password policy, screen lock, and other endpoint controls." - og:title: "Submit device compliance check-in | Comp AI API" - og:description: "Submit device security check results for encryption, antivirus, password policy, screen lock, and other endpoint controls." + title: "Create a new context entry | Comp AI API" + sidebarTitle: "Create a new context entry" + description: "Creates a new context entry for the authenticated organization. All required fields must be provided." + og:title: "Create a new context entry | Comp AI API" + og:description: "Creates a new context entry for the authenticated organization. All required fields must be provided." x-speakeasy-mcp: - name: "check-in" - /v1/device-agent/status: + name: "create-context" + /v1/context/{id}: get: - operationId: "DeviceAgentController_getDeviceStatus_v1" + description: "Retrieve one organization context entry with source details and approved content for compliance automation workflows." + operationId: "ContextController_getContextById_v1" parameters: - - name: "deviceId" - required: true - in: "query" - schema: - type: "string" - - name: "organizationId" + - name: "id" required: true - in: "query" + in: "path" + description: "Context entry ID" schema: + example: "ctx_abc123def456" type: "string" responses: "200": - description: "" - summary: "Get device-agent status" - tags: - - "Device Agent" - description: "Get device-agent status in Comp AI. Register employee devices, submit device compliance check-ins, download agent builds, and manage endpoint security status." - x-mint: - metadata: - title: "Get device-agent status | Comp AI API" - sidebarTitle: "Get device-agent status" - description: "Get device-agent status in Comp AI. Register employee devices, submit device compliance check-ins, download agent builds, and manage endpoint security status." - og:title: "Get device-agent status | Comp AI API" - og:description: "Get device-agent status in Comp AI. Register employee devices, submit device compliance check-ins, download agent builds, and manage endpoint security status." - x-speakeasy-mcp: - name: "get-device-status" - /v1/device-agent/mac: - get: - description: "Downloads the Comp AI Device Agent installer for macOS as a DMG file. The agent helps monitor device compliance and security policies." - operationId: "DeviceAgentController_downloadMacAgent_v1" - parameters: [] - responses: - default: - description: "Internal server error\n\nmacOS agent file not found in S3\n\nUnauthorized - Invalid or missing authentication\n\nmacOS agent DMG file download" + description: "Context entry retrieved successfully" content: - application/x-apple-diskimage: + application/json: schema: - type: "string" - format: "binary" - example: "Binary DMG file content" - headers: - Content-Disposition: - description: "Indicates file should be downloaded with specific filename" + type: "object" + properties: + id: + type: "string" + example: "ctx_abc123def456" + organizationId: + type: "string" + example: "org_xyz789uvw012" + question: + type: "string" + answer: + type: "string" + tags: + type: "array" + items: + type: "string" + example: + - "authentication" + - "security" + createdAt: + type: "string" + format: "date-time" + updatedAt: + type: "string" + format: "date-time" + authType: + type: "string" + enum: + - "api-key" + - "session" + example: + id: "ctx_abc123def456" + organizationId: "org_xyz789uvw012" + question: "How do we handle user authentication in our application?" + answer: "We use a hybrid authentication system supporting both API keys and session-based authentication." + tags: + - "authentication" + - "security" + - "api" + - "sessions" + createdAt: "2024-01-15T10:30:00.000Z" + updatedAt: "2024-01-15T14:20:00.000Z" + authType: "apikey" + "401": + description: "Unauthorized - Invalid or missing authentication" + content: + application/json: schema: - type: "string" - example: "attachment; filename=\"Comp AI Agent-1.0.0-arm64.dmg\"" - Content-Type: - description: "MIME type for macOS disk image" + type: "object" + properties: + message: + type: "string" + example: "Unauthorized" + statusCode: + type: "number" + example: 401 + example: + message: "Unauthorized" + statusCode: 401 + "404": + description: "Context entry not found" + content: + application/json: schema: - type: "string" - example: "application/x-apple-diskimage" + type: "object" + properties: + message: + type: "string" + statusCode: + type: "number" + example: 404 + example: + message: "Context entry with ID ctx_abc123def456 not found in organization org_xyz789uvw012" + statusCode: 404 + "500": + description: "Internal server error" + content: + application/json: + schema: + type: "object" + properties: + message: + type: "string" + statusCode: + type: "number" + example: 500 + example: + message: "Internal server error" + statusCode: 500 security: - apikey: [] - summary: "Download macOS Device Agent" + summary: "Get organization context" tags: - - "Device Agent" + - "Context" x-mint: metadata: - title: "Download macOS Device Agent | Comp AI API" - sidebarTitle: "Download macOS Device Agent" - description: "Downloads the Comp AI Device Agent installer for macOS as a DMG file. The agent helps monitor device compliance and security policies." - og:title: "Download macOS Device Agent | Comp AI API" - og:description: "Downloads the Comp AI Device Agent installer for macOS as a DMG file. The agent helps monitor device compliance and security policies." + title: "Get organization context | Comp AI API" + sidebarTitle: "Get organization context" + description: "Retrieve one organization context entry with source details and approved content for compliance automation workflows." + og:title: "Get organization context | Comp AI API" + og:description: "Retrieve one organization context entry with source details and approved content for compliance automation workflows." x-speakeasy-mcp: - name: "download-mac-agent" - /v1/device-agent/windows: - get: - description: "Downloads a ZIP package containing the Comp AI Device Agent installer for Windows, along with setup scripts and instructions. The package includes an MSI installer, setup batch script customized for the organization and user, and a README." - operationId: "DeviceAgentController_downloadWindowsAgent_v1" - parameters: [] + name: "get-context-by-id" + patch: + description: "Update an organization context entry so approved business details stay current for evidence and questionnaire automation." + operationId: "ContextController_updateContext_v1" + parameters: + - name: "id" + required: true + in: "path" + description: "Context entry ID" + schema: + example: "ctx_abc123def456" + type: "string" + requestBody: + required: true + description: "Partial context entry data to update" + content: + application/json: + schema: + $ref: "#/components/schemas/UpdateContextDto" + examples: + Update Tags: + value: + tags: + - "authentication" + - "security" + - "api" + - "sessions" + - "updated" + Update Answer: + value: + answer: "Updated: We use a hybrid authentication system supporting both API keys and session-based authentication. Recent updates include support for OAuth2 providers." responses: - default: - description: "Internal server error\n\nWindows agent file not found in S3\n\nUnauthorized - Invalid or missing authentication\n\nWindows agent ZIP file download containing MSI installer and setup scripts" + "200": + description: "Context entry updated successfully" + content: + application/json: + example: + id: "ctx_abc123def456" + organizationId: "org_xyz789uvw012" + question: "How do we handle user authentication in our application?" + answer: "Updated: We use a hybrid authentication system supporting both API keys and session-based authentication with OAuth2 support." + tags: + - "authentication" + - "security" + - "api" + - "sessions" + - "oauth2" + createdAt: "2024-01-15T10:30:00.000Z" + updatedAt: "2024-01-15T15:45:00.000Z" + authType: "apikey" + "400": + description: "Bad request - Invalid input data" content: - application/zip: - schema: - type: "string" - format: "binary" - example: "Binary ZIP file content" - headers: - Content-Disposition: - description: "Indicates file should be downloaded with specific filename" - schema: - type: "string" - example: "attachment; filename=\"compai-device-agent-windows.zip\"" - Content-Type: - description: "MIME type for ZIP archive" - schema: - type: "string" - example: "application/zip" + application/json: + example: + message: + - "tags must be an array of strings" + error: "Bad Request" + statusCode: 400 + "401": + description: "Unauthorized - Invalid or missing authentication" + content: + application/json: + example: + message: "Unauthorized" + statusCode: 401 + "404": + description: "Context entry not found" + content: + application/json: + example: + message: "Context entry with ID ctx_abc123def456 not found in organization org_xyz789uvw012" + statusCode: 404 + "500": + description: "Internal server error" + content: + application/json: + example: + message: "Internal server error" + statusCode: 500 security: - apikey: [] - summary: "Download Windows Device Agent ZIP" + summary: "Update organization context" tags: - - "Device Agent" + - "Context" x-mint: metadata: - title: "Download Windows Device Agent ZIP | Comp AI API" - sidebarTitle: "Download Windows Device Agent ZIP" - description: "Downloads a ZIP package containing the Comp AI Device Agent installer for Windows, along with setup scripts and instructions. The package includes an MSI." - og:title: "Download Windows Device Agent ZIP | Comp AI API" - og:description: "Downloads a ZIP package containing the Comp AI Device Agent installer for Windows, along with setup scripts and instructions. The package includes an MSI." + title: "Update organization context | Comp AI API" + sidebarTitle: "Update organization context" + description: "Update an organization context entry so approved business details stay current for evidence and questionnaire automation." + og:title: "Update organization context | Comp AI API" + og:description: "Update an organization context entry so approved business details stay current for evidence and questionnaire automation." x-speakeasy-mcp: - name: "download-windows-agent" - /v1/device-agent/sessions/{deviceId}: + name: "update-context" delete: - operationId: "DeviceAgentController_revokeAgentAccess_v1" + description: "Permanently removes a context entry from the organization. This action cannot be undone." + operationId: "ContextController_deleteContext_v1" parameters: - - name: "deviceId" + - name: "id" required: true in: "path" + description: "Context entry ID" schema: - type: "string" - responses: - "204": - description: "" - summary: "Revoke a device agent session" - tags: - - "Device Agent" - description: "Revoke a device agent session in Comp AI. Register employee devices, submit device compliance check-ins, download agent builds, and manage endpoint security status." - x-mint: - metadata: - title: "Revoke a device agent session | Comp AI API" - sidebarTitle: "Revoke a device agent session" - description: "Revoke a device agent session in Comp AI. Register employee devices, submit device compliance check-ins, download agent builds, and manage endpoint security." - og:title: "Revoke a device agent session | Comp AI API" - og:description: "Revoke a device agent session in Comp AI. Register employee devices, submit device compliance check-ins, download agent builds, and manage endpoint security." - x-speakeasy-mcp: - name: "revoke-agent-access" - /v1/tasks: - get: - description: "List compliance tasks with assignments and status so teams can track audit readiness, evidence work, and control implementation." - operationId: "TasksController_getTasks_v1" - parameters: - - name: "includeRelations" - required: false - in: "query" - description: "Include controls and automations with runs" - schema: + example: "ctx_abc123def456" type: "string" responses: "200": - description: "Tasks retrieved successfully" + description: "Context entry deleted successfully" content: application/json: schema: - type: "array" - items: - $ref: "#/components/schemas/TaskResponseDto" + type: "object" + properties: + message: + type: "string" + deletedContext: + type: "object" + properties: + id: + type: "string" + question: + type: "string" + authType: + type: "string" + enum: + - "api-key" + - "session" example: - - id: "tsk_abc123def456" - title: "Implement user authentication" - description: "Add OAuth 2.0 authentication to the platform" - status: "in_progress" - createdAt: "2024-01-15T10:30:00Z" - updatedAt: "2024-01-15T10:30:00Z" + message: "Context entry deleted successfully" + deletedContext: + id: "ctx_abc123def456" + question: "How do we handle user authentication in our application?" + authType: "apikey" "401": - description: "Unauthorized - Invalid authentication" + description: "Unauthorized - Invalid or missing authentication" content: application/json: schema: @@ -6929,1076 +6340,1012 @@ paths: properties: message: type: "string" - example: "Unauthorized" + statusCode: + type: "number" + example: 401 + example: + message: "Unauthorized" + statusCode: 401 + "404": + description: "Context entry not found" + content: + application/json: + schema: + type: "object" + properties: + message: + type: "string" + statusCode: + type: "number" + example: 404 + example: + message: "Context entry with ID ctx_abc123def456 not found in organization org_xyz789uvw012" + statusCode: 404 + "500": + description: "Internal server error" + content: + application/json: + schema: + type: "object" + properties: + message: + type: "string" + statusCode: + type: "number" + example: 500 + example: + message: "Internal server error" + statusCode: 500 security: - apikey: [] - summary: "List compliance tasks" + summary: "Delete context entry" tags: - - "Tasks" + - "Context" x-mint: metadata: - title: "List compliance tasks | Comp AI API" - sidebarTitle: "List compliance tasks" - description: "List compliance tasks with assignments and status so teams can track audit readiness, evidence work, and control implementation." - og:title: "List compliance tasks | Comp AI API" - og:description: "List compliance tasks with assignments and status so teams can track audit readiness, evidence work, and control implementation." - x-codeSamples: - - lang: "bash" - label: "List tasks" - source: "curl --request GET --url \"https://api.trycomp.ai/v1/tasks\" --header \"X-API-Key: $COMP_AI_API_KEY\"" + title: "Delete context entry | Comp AI API" + sidebarTitle: "Delete context entry" + description: "Permanently removes a context entry from the organization. This action cannot be undone." + og:title: "Delete context entry | Comp AI API" + og:description: "Permanently removes a context entry from the organization. This action cannot be undone." x-speakeasy-mcp: - name: "get-tasks" - post: - description: "Create a compliance task for evidence collection, remediation, review, or recurring control work inside an organization." - operationId: "TasksController_createTask_v1" + name: "delete-context" + /v1/devices: + get: + description: "List managed employee devices with endpoint compliance status, ownership, and security check results for workforce controls." + operationId: "DevicesController_getAllDevices_v1" parameters: [] - requestBody: - required: true - content: - application/json: - schema: - type: "object" - properties: - title: - type: "string" - example: "Implement access controls" - description: - type: "string" - example: "Set up role-based access controls for the platform" - assigneeId: - type: "string" - nullable: true - example: "mem_abc123" - frequency: - type: "string" - enum: - - "daily" - - "weekly" - - "monthly" - - "quarterly" - - "yearly" - nullable: true - example: "monthly" - department: - type: "string" - nullable: true - example: "it" - maxLength: 64 - description: "Built-in values: none, admin, gov, hr, it, itsm, qms. Custom department names are also accepted." - controlIds: - type: "array" - items: + responses: + "200": + description: "Devices retrieved successfully" + content: + application/json: + schema: + type: "object" + properties: + data: + type: "array" + items: + $ref: "#/components/schemas/DeviceResponseDto" + count: + type: "number" + description: "Total number of devices" + example: 25 + authType: + type: "string" + enum: + - "api-key" + - "session" + description: "How the request was authenticated" + authenticatedUser: + type: "object" + properties: + id: + type: "string" + description: "User ID" + example: "usr_abc123def456" + email: + type: "string" + description: "User email" + example: "user@company.com" + "401": + description: "Unauthorized - Invalid authentication or insufficient permissions" + content: + application/json: + schema: + type: "object" + properties: + message: type: "string" - example: - - "ctrl_abc123" - taskTemplateId: - type: "string" - nullable: true - example: "tmpl_abc123" - vendorId: - type: "string" - nullable: true - example: "vnd_abc123" - description: "Vendor ID to connect this task to" - required: - - "title" - - "description" - responses: - "201": - description: "Task created successfully" + example: "Invalid or expired API key" + "404": + description: "Organization not found" content: application/json: schema: - $ref: "#/components/schemas/TaskResponseDto" - "400": - description: "Invalid request body" + type: "object" + properties: + message: + type: "string" + example: "Organization with ID org_abc123def456 not found" + "500": + description: "Internal server error - FleetDM integration issue" + content: + application/json: + schema: + type: "object" + properties: + message: + type: "string" + example: "Organization does not have FleetDM configured" security: - apikey: [] - summary: "Create compliance task" + summary: "List managed devices" tags: - - "Tasks" + - "Devices" x-mint: metadata: - title: "Create compliance task | Comp AI API" - sidebarTitle: "Create compliance task" - description: "Create a compliance task for evidence collection, remediation, review, or recurring control work inside an organization." - og:title: "Create compliance task | Comp AI API" - og:description: "Create a compliance task for evidence collection, remediation, review, or recurring control work inside an organization." + title: "List managed devices | Comp AI API" + sidebarTitle: "List managed devices" + description: "List managed employee devices with endpoint compliance status, ownership, and security check results for workforce controls." + og:title: "List managed devices | Comp AI API" + og:description: "List managed employee devices with endpoint compliance status, ownership, and security check results for workforce controls." x-speakeasy-mcp: - name: "create-task" - /v1/tasks/templates: + name: "get-all-devices" + /v1/devices/member/{memberId}: get: - description: "Get task templates in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." - operationId: "TasksController_getTaskTemplates_v1" + description: "Returns all devices assigned to a specific member within the authenticated organization. Devices are fetched from FleetDM using the member's dedicated fleetDmLabelId." + operationId: "DevicesController_getDevicesByMember_v1" parameters: - - name: "frameworkId" - required: false - in: "query" - description: "Filter templates by framework ID" + - name: "memberId" + required: true + in: "path" + description: "Member ID to get devices for" schema: + example: "mem_abc123def456" type: "string" responses: "200": - description: "" - security: - - apikey: [] - summary: "Get task templates" - tags: - - "Tasks" - x-mint: - metadata: - title: "Get task templates | Comp AI API" - sidebarTitle: "Get task templates" - description: "Get task templates in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." - og:title: "Get task templates | Comp AI API" - og:description: "Get task templates in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." - x-speakeasy-mcp: - name: "get-task-templates" - /v1/tasks/bulk: - patch: - description: "Update status for multiple tasks in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." - operationId: "TasksController_updateTasksStatus_v1" - parameters: [] - requestBody: - required: true - content: - application/json: - schema: - type: "object" - properties: - taskIds: - type: "array" - items: + description: "Member devices retrieved successfully" + content: + application/json: + schema: + $ref: "#/components/schemas/DevicesByMemberResponseDto" + "401": + description: "Unauthorized - Invalid authentication or insufficient permissions" + content: + application/json: + schema: + type: "object" + properties: + message: type: "string" - example: - - "tsk_abc123" - - "tsk_def456" - status: - type: "string" - enum: - - "todo" - - "in_progress" - - "in_review" - - "done" - - "not_relevant" - - "failed" - example: "in_progress" - reviewDate: - type: "string" - format: "date-time" - example: "2025-01-01T00:00:00.000Z" - description: "Optional review date to set on all tasks" - notRelevantJustification: - type: "string" - example: "This control is out of scope for our SOC 2 audit." - description: "Required justification when marking evidence tasks as not_relevant" - required: - - "taskIds" - - "status" - responses: - "200": - description: "Tasks updated successfully" + example: "Unauthorized" + "404": + description: "Organization or member not found" content: application/json: schema: type: "object" properties: - updatedCount: - type: "number" - example: 2 - "400": - description: "Invalid request body" + message: + type: "string" + example: "Member with ID mem_abc123def456 not found in organization org_abc123def456" + "500": + description: "Internal server error - FleetDM integration issue" security: - apikey: [] - summary: "Update status for multiple tasks" + summary: "Get devices by member ID" tags: - - "Tasks" + - "Devices" x-mint: metadata: - title: "Update status for multiple tasks | Comp AI API" - sidebarTitle: "Update status for multiple tasks" - description: "Update status for multiple tasks in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity." - og:title: "Update status for multiple tasks | Comp AI API" - og:description: "Update status for multiple tasks in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity." + title: "Get devices by member ID | Comp AI API" + sidebarTitle: "Get devices by member ID" + description: "Returns all devices assigned to a specific member within the authenticated organization. Devices are fetched from FleetDM using the member's dedicated." + og:title: "Get devices by member ID | Comp AI API" + og:description: "Returns all devices assigned to a specific member within the authenticated organization. Devices are fetched from FleetDM using the member's dedicated." x-speakeasy-mcp: - name: "update-tasks-status" + name: "get-devices-by-member" + /v1/devices/{id}: delete: - description: "Delete multiple tasks in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." - operationId: "TasksController_deleteTasks_v1" - parameters: [] - requestBody: - required: true - content: - application/json: - schema: - type: "object" - properties: - taskIds: - type: "array" - items: - type: "string" - example: - - "tsk_abc123" - - "tsk_def456" - required: - - "taskIds" + description: "Delete device in Comp AI. Read and manage employee device inventory and Fleet compliance data used for endpoint security controls." + operationId: "DevicesController_deleteDevice_v1" + parameters: + - name: "id" + required: true + in: "path" + description: "Device ID to delete" + schema: + example: "dev_abc123def456" + type: "string" + responses: + "204": + description: "Device deleted successfully" + "403": + description: "Forbidden - only organization owners can delete devices" + "404": + description: "Organization or device not found" + security: + - apikey: [] + summary: "Delete device" + tags: + - "Devices" + x-mint: + metadata: + title: "Delete device | Comp AI API" + sidebarTitle: "Delete device" + description: "Delete device in Comp AI. Read and manage employee device inventory and Fleet compliance data used for endpoint security controls." + og:title: "Delete device | Comp AI API" + og:description: "Delete device in Comp AI. Read and manage employee device inventory and Fleet compliance data used for endpoint security controls." + x-speakeasy-mcp: + name: "delete-device" + /v1/policies: + get: + description: "Lists active compliance policies by default. Use includeArchived=true to include archived rows and excludeContent=true when you only need policy metadata." + operationId: "PoliciesController_getAllPolicies_v1" + parameters: + - name: "X-Organization-Id" + in: "header" + description: "Organization ID (required for session auth, optional for API key auth)" + required: false + schema: + type: "string" + - name: "excludeContent" + required: false + in: "query" + description: "When true, omits `content` and `draftContent` from each policy in the response. Use this when listing policies to find one by name/ID — fetch the full content via GET /v1/policies/{id} after." + schema: + type: "boolean" + - name: "includeArchived" + required: false + in: "query" + description: "When true, includes user-archived and framework-sync-archived policies in the response. Defaults to false." + schema: + type: "boolean" responses: "200": - description: "Tasks deleted successfully" + description: "Policies retrieved successfully" content: application/json: schema: type: "object" properties: - deletedCount: - type: "number" - example: 2 - "400": - description: "Invalid request body" - security: - - apikey: [] - summary: "Delete multiple tasks" - tags: - - "Tasks" - x-mint: - metadata: - title: "Delete multiple tasks | Comp AI API" - sidebarTitle: "Delete multiple tasks" - description: "Delete multiple tasks in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." - og:title: "Delete multiple tasks | Comp AI API" - og:description: "Delete multiple tasks in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." - x-speakeasy-mcp: - name: "delete-tasks" - /v1/tasks/bulk/assignee: - patch: - description: "Update assignee for multiple tasks in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." - operationId: "TasksController_updateTasksAssignee_v1" - parameters: [] - requestBody: - required: true - content: - application/json: - schema: - type: "object" - properties: - taskIds: - type: "array" - items: + data: + type: "array" + items: + $ref: "#/components/schemas/PolicyResponseDto" + description: "Array of policies" + authType: type: "string" - example: - - "tsk_abc123" - - "tsk_def456" - assigneeId: - type: "string" - nullable: true - example: "mem_abc123" - description: "Assignee member ID, or null to unassign" - required: - - "taskIds" - responses: - "200": - description: "Tasks updated successfully" + enum: + - "api-key" + - "session" + description: "How the request was authenticated" + authenticatedUser: + type: "object" + description: "Authenticated user information (only present for session auth)" + properties: + id: + type: "string" + description: "User ID" + example: "usr_abc123def456" + email: + type: "string" + description: "User email" + example: "user@company.com" + required: + - "data" + - "authType" + example: + data: + - id: "pol_abc123def456" + name: "Data Privacy Policy" + description: "This policy outlines how we handle and protect personal data" + status: "draft" + content: + - type: "paragraph" + attrs: + textAlign: null + content: + - type: "text" + text: "This policy outlines our commitment to protecting personal data." + frequency: "yearly" + department: "IT" + isRequiredToSign: true + signedBy: [] + reviewDate: "2024-12-31T00:00:00.000Z" + isArchived: false + archivedAt: null + createdAt: "2024-01-01T00:00:00.000Z" + updatedAt: "2024-01-15T00:00:00.000Z" + lastArchivedAt: null + lastPublishedAt: "2024-01-10T00:00:00.000Z" + organizationId: "org_abc123def456" + assigneeId: "usr_abc123def456" + approverId: "usr_xyz789abc123" + policyTemplateId: null + authType: "session" + authenticatedUser: + id: "usr_abc123def456" + email: "user@company.com" + "401": + description: "Unauthorized - Invalid authentication or insufficient permissions" content: application/json: schema: type: "object" properties: - updatedCount: - type: "number" - example: 2 - "400": - description: "Invalid request body" + message: + type: "string" + example: "Unauthorized" security: - apikey: [] - summary: "Update assignee for multiple tasks" + summary: "List compliance policies" tags: - - "Tasks" - x-mint: - metadata: - title: "Update assignee for multiple tasks | Comp AI API" - sidebarTitle: "Update assignee for multiple tasks" - description: "Update assignee for multiple tasks in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity." - og:title: "Update assignee for multiple tasks | Comp AI API" - og:description: "Update assignee for multiple tasks in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity." + - "Policies" x-speakeasy-mcp: - name: "update-tasks-assignee" - /v1/tasks/reorder: - patch: - description: "Reorder tasks in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." - operationId: "TasksController_reorderTasks_v1" - parameters: [] - requestBody: - required: true - content: - application/json: - schema: - type: "object" - properties: - updates: - type: "array" - items: - type: "object" - properties: - id: - type: "string" - order: - type: "number" - status: - type: "string" - enum: - - "todo" - - "in_progress" - - "in_review" - - "done" - - "not_relevant" - - "failed" - required: - - "id" - - "order" - - "status" - required: - - "updates" - responses: - "200": - description: "Tasks reordered successfully" - "400": - description: "Invalid request body" - security: - - apikey: [] - summary: "Reorder tasks" - tags: - - "Tasks" + name: "list-policies" x-mint: metadata: - title: "Reorder tasks | Comp AI API" - sidebarTitle: "Reorder tasks" - description: "Reorder tasks in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." - og:title: "Reorder tasks | Comp AI API" - og:description: "Reorder tasks in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." - x-speakeasy-mcp: - name: "reorder-tasks" - /v1/tasks/bulk/submit-for-review: + title: "List compliance policies | Comp AI API" + sidebarTitle: "List compliance policies" + description: "Lists active compliance policies by default. Use includeArchived=true to include archived rows and excludeContent=true when you only need policy metadata." + og:title: "List compliance policies | Comp AI API" + og:description: "Lists active compliance policies by default. Use includeArchived=true to include archived rows and excludeContent=true when you only need policy metadata." + x-codeSamples: + - lang: "bash" + label: "List policies" + source: "curl --request GET --url \"https://api.trycomp.ai/v1/policies\" --header \"X-API-Key: $COMP_AI_API_KEY\"" + - lang: "bash" + label: "List policies (lightweight, no content)" + source: "curl --request GET --url \"https://api.trycomp.ai/v1/policies?excludeContent=true\" --header \"X-API-Key: $COMP_AI_API_KEY\"" + - lang: "bash" + label: "List policies including archived" + source: "curl --request GET --url \"https://api.trycomp.ai/v1/policies?includeArchived=true\" --header \"X-API-Key: $COMP_AI_API_KEY\"" post: - description: "Bulk submit tasks for review in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." - operationId: "TasksController_bulkSubmitForReview_v1" - parameters: [] + description: "Create a policy record that can be reviewed, versioned, published, linked to controls, and used as source evidence for questionnaires." + operationId: "PoliciesController_createPolicy_v1" + parameters: + - name: "X-Organization-Id" + in: "header" + description: "Organization ID (required for session auth, optional for API key auth)" + required: false + schema: + type: "string" requestBody: required: true + description: "Policy creation data" content: application/json: schema: - type: "object" - properties: - taskIds: - type: "array" - items: - type: "string" - example: - - "tsk_abc123" - - "tsk_def456" - approverId: - type: "string" - example: "mem_abc123" - description: "Member ID of the approver" - required: - - "taskIds" - - "approverId" + $ref: "#/components/schemas/CreatePolicyDto" responses: - "200": - description: "Tasks submitted for review" + "201": + description: "Policy created successfully" + content: + application/json: + schema: + $ref: "#/components/schemas/PolicyResponseDto" + example: + id: "pol_abc123def456" + name: "Data Privacy Policy" + description: "This policy outlines how we handle and protect personal data" + status: "draft" + content: + - type: "paragraph" + content: + - type: "text" + text: "Policy content here" + frequency: "yearly" + department: "it" + isRequiredToSign: true + signedBy: [] + reviewDate: "2024-12-31T00:00:00.000Z" + isArchived: false + createdAt: "2024-01-01T00:00:00.000Z" + updatedAt: "2024-01-15T00:00:00.000Z" + organizationId: "org_abc123def456" + assigneeId: "usr_abc123def456" + approverId: "usr_xyz789abc123" "400": - description: "Invalid request" + description: "Bad Request - Invalid policy data" + content: + application/json: + schema: + type: "object" + properties: + message: + type: "string" + example: "Invalid policy content format" + "401": + description: "Unauthorized - Invalid authentication or insufficient permissions" + content: + application/json: + schema: + type: "object" + properties: + message: + type: "string" + example: "Unauthorized" security: - apikey: [] - summary: "Bulk submit tasks for review" + summary: "Create compliance policy" tags: - - "Tasks" + - "Policies" x-mint: metadata: - title: "Bulk submit tasks for review | Comp AI API" - sidebarTitle: "Bulk submit tasks for review" - description: "Bulk submit tasks for review in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity." - og:title: "Bulk submit tasks for review | Comp AI API" - og:description: "Bulk submit tasks for review in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity." + title: "Create compliance policy | Comp AI API" + sidebarTitle: "Create compliance policy" + description: "Create a policy record that can be reviewed, versioned, published, linked to controls, and used as source evidence for questionnaires." + og:title: "Create compliance policy | Comp AI API" + og:description: "Create a policy record that can be reviewed, versioned, published, linked to controls, and used as source evidence for questionnaires." x-speakeasy-mcp: - name: "bulk-submit-for-review" - /v1/tasks/options: - get: - operationId: "TasksController_getTaskOptions_v1" - parameters: [] + name: "create-policy" + /v1/policies/publish-all: + post: + operationId: "PoliciesController_publishAllPolicies_v1" + parameters: + - name: "X-Organization-Id" + in: "header" + description: "Organization ID (required for session auth, optional for API key auth)" + required: false + schema: + type: "string" responses: - "200": + "201": description: "" security: - apikey: [] - summary: "Get page options for tasks overview" + summary: "Publish all draft policies" tags: - - "Tasks" - description: "Get page options for tasks overview in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." + - "Policies" + description: "Publish draft policies in bulk so approved policy content can power Trust Center sharing, questionnaire answers, and audit evidence." x-mint: metadata: - title: "Get page options for tasks overview | Comp AI API" - sidebarTitle: "Get page options for tasks overview" - description: "Get page options for tasks overview in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links." - og:title: "Get page options for tasks overview | Comp AI API" - og:description: "Get page options for tasks overview in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links." + title: "Publish all draft policies | Comp AI API" + sidebarTitle: "Publish all draft policies" + description: "Publish draft policies in bulk so approved policy content can power Trust Center sharing, questionnaire answers, and audit evidence." + og:title: "Publish all draft policies | Comp AI API" + og:description: "Publish draft policies in bulk so approved policy content can power Trust Center sharing, questionnaire answers, and audit evidence." x-speakeasy-mcp: - name: "get-task-options" - /v1/tasks/{taskId}: + name: "publish-all-policies" + /v1/policies/download-all: get: - description: "Get task by ID in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." - operationId: "TasksController_getTask_v1" + description: "Generate a single PDF bundle of published compliance policies for auditors, customer security reviews, and Trust Center workflows." + operationId: "PoliciesController_downloadAllPolicies_v1" parameters: - - name: "taskId" - required: true - in: "path" - description: "Unique task identifier" + - name: "X-Organization-Id" + in: "header" + description: "Organization ID (required for session auth, optional for API key auth)" + required: false schema: - example: "tsk_abc123def456" type: "string" responses: "200": - description: "Task retrieved successfully" - content: - application/json: - schema: - $ref: "#/components/schemas/TaskResponseDto" - example: - id: "tsk_abc123def456" - title: "Implement user authentication" - description: "Add OAuth 2.0 authentication to the platform" - status: "in_progress" - createdAt: "2024-01-15T10:30:00Z" - updatedAt: "2024-01-15T10:30:00Z" - "403": - description: "Forbidden - Not assigned to this task" + description: "Signed URL for PDF bundle returned" "404": - description: "Task not found" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "string" - example: "Task with ID tsk_abc123def456 not found" + description: "No published policies found" security: - apikey: [] - summary: "Get task by ID" + summary: "Download all published policies" tags: - - "Tasks" + - "Policies" x-mint: metadata: - title: "Get task by ID | Comp AI API" - sidebarTitle: "Get task by ID" - description: "Get task by ID in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." - og:title: "Get task by ID | Comp AI API" - og:description: "Get task by ID in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." + title: "Download all published policies | Comp AI API" + sidebarTitle: "Download all published policies" + description: "Generate a single PDF bundle of published compliance policies for auditors, customer security reviews, and Trust Center workflows." + og:title: "Download all published policies | Comp AI API" + og:description: "Generate a single PDF bundle of published compliance policies for auditors, customer security reviews, and Trust Center workflows." x-speakeasy-mcp: - name: "get-task" - patch: - description: "Update a task in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." - operationId: "TasksController_updateTask_v1" + name: "download-all-policies" + /v1/policies/{id}/controls: + get: + operationId: "PoliciesController_getPolicyControls_v1" parameters: - - name: "taskId" + - name: "X-Organization-Id" + in: "header" + description: "Organization ID (required for session auth, optional for API key auth)" + required: false + schema: + type: "string" + - name: "id" required: true in: "path" - description: "Unique task identifier" + description: "Policy ID" schema: - example: "tsk_abc123def456" + example: "pol_abc123def456" type: "string" - requestBody: - required: true - content: - application/json: - schema: - type: "object" - properties: - title: - type: "string" - example: "Review access controls" - description: "Task title" - description: - type: "string" - example: "Review and update access control policies" - description: "Task description" - status: - type: "string" - enum: - - "todo" - - "in_progress" - - "in_review" - - "done" - - "not_relevant" - - "failed" - example: "in_progress" - assigneeId: - type: "string" - nullable: true - example: "mem_abc123" - description: "Assignee member ID, or null to unassign" - approverId: - type: "string" - nullable: true - example: "mem_abc123" - description: "Approver member ID, or null to unassign" - frequency: - type: "string" - enum: - - "daily" - - "weekly" - - "monthly" - - "quarterly" - - "yearly" - example: "monthly" - integrationScheduleFrequency: - type: "string" - enum: - - "daily" - - "weekly" - - "monthly" - - "quarterly" - - "yearly" - example: "daily" - description: "Cadence for running the integration check attached to this task" - department: - type: "string" - example: "it" - maxLength: 64 - description: "Built-in values: none, admin, gov, hr, it, itsm, qms. Custom department names are also accepted." - reviewDate: - type: "string" - format: "date-time" - example: "2025-01-01T00:00:00.000Z" - notRelevantJustification: - type: "string" - example: "This control is out of scope for our SOC 2 audit." - description: "Required justification when marking evidence tasks as not_relevant" responses: "200": - description: "Task updated successfully" - content: - application/json: - schema: - $ref: "#/components/schemas/TaskResponseDto" - "400": - description: "Invalid request body or task not found" - "404": - description: "Task not found" + description: "" security: - apikey: [] - summary: "Update a task" + summary: "Get mapped and all controls for a policy" tags: - - "Tasks" + - "Policies" + description: "Get mapped and all controls for a policy in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting and approval workflows." x-mint: metadata: - title: "Update a task | Comp AI API" - sidebarTitle: "Update a task" - description: "Update a task in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." - og:title: "Update a task | Comp AI API" - og:description: "Update a task in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." + title: "Get mapped and all controls for a policy | Comp AI API" + sidebarTitle: "Get mapped and all controls for a policy" + description: "Get mapped and all controls for a policy in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting." + og:title: "Get mapped and all controls for a policy | Comp AI API" + og:description: "Get mapped and all controls for a policy in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting." x-speakeasy-mcp: - name: "update-task" - delete: - description: "Delete a task in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." - operationId: "TasksController_deleteTask_v1" + name: "get-policy-controls" + post: + operationId: "PoliciesController_addPolicyControls_v1" parameters: - - name: "taskId" + - name: "X-Organization-Id" + in: "header" + description: "Organization ID (required for session auth, optional for API key auth)" + required: false + schema: + type: "string" + - name: "id" required: true in: "path" - description: "Unique task identifier" + description: "Policy ID" schema: - example: "tsk_abc123def456" + example: "pol_abc123def456" type: "string" responses: - "200": - description: "Task deleted successfully" - content: - application/json: - schema: - type: "object" - properties: - success: - type: "boolean" - example: true - message: - type: "string" - example: "Task deleted successfully" - "404": - description: "Task not found" + "201": + description: "" security: - apikey: [] - summary: "Delete a task" + summary: "Map controls to a policy" tags: - - "Tasks" + - "Policies" + description: "Map controls to a policy in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting and approval workflows." x-mint: metadata: - title: "Delete a task | Comp AI API" - sidebarTitle: "Delete a task" - description: "Delete a task in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." - og:title: "Delete a task | Comp AI API" - og:description: "Delete a task in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." + title: "Map controls to a policy | Comp AI API" + sidebarTitle: "Map controls to a policy" + description: "Map controls to a policy in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting and approval workflows." + og:title: "Map controls to a policy | Comp AI API" + og:description: "Map controls to a policy in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting and approval workflows." x-speakeasy-mcp: - name: "delete-task" - /v1/tasks/{taskId}/policies: + name: "add-policy-controls" + /v1/policies/{id}/evidence-tasks: get: - operationId: "TasksController_getTaskPolicies_v1" + operationId: "PoliciesController_getPolicyEvidenceTasks_v1" parameters: - - name: "taskId" + - name: "X-Organization-Id" + in: "header" + description: "Organization ID (required for session auth, optional for API key auth)" + required: false + schema: + type: "string" + - name: "id" required: true in: "path" - description: "Unique task identifier" + description: "Policy ID" schema: - example: "tsk_abc123def456" + example: "pol_abc123def456" type: "string" responses: "200": description: "" security: - apikey: [] - summary: "Get policies that reference a task via shared controls" + summary: "Get tasks that serve as evidence for a policy, grouped by control" tags: - - "Tasks" - description: "Get policies that reference a task via shared controls in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." + - "Policies" + description: "Get tasks that serve as evidence for a policy, grouped by control in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting and approval workflows." x-mint: metadata: - title: "Get policies that reference a task via shared | Comp AI API" - sidebarTitle: "Get policies that reference a task via shared controls" - description: "Get policies that reference a task via shared controls in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy." - og:title: "Get policies that reference a task via shared | Comp AI API" - og:description: "Get policies that reference a task via shared controls in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy." + title: "Get tasks that serve as evidence for a | Comp AI API" + sidebarTitle: "Get tasks that serve as evidence for a policy, grouped by control" + description: "Get tasks that serve as evidence for a policy, grouped by control in Comp AI. Create, version, publish, export, map, and improve compliance policies." + og:title: "Get tasks that serve as evidence for a | Comp AI API" + og:description: "Get tasks that serve as evidence for a policy, grouped by control in Comp AI. Create, version, publish, export, map, and improve compliance policies." x-speakeasy-mcp: - name: "get-task-policies" - /v1/tasks/{taskId}/activity: - get: - description: "Get task activity in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." - operationId: "TasksController_getTaskActivity_v1" + name: "get-policy-evidence-tasks" + /v1/policies/{id}/regenerate: + post: + operationId: "PoliciesController_regeneratePolicy_v1" parameters: - - name: "taskId" - required: true - in: "path" - description: "Unique task identifier" - schema: - example: "tsk_abc123def456" - type: "string" - - name: "skip" - required: true - in: "query" + - name: "X-Organization-Id" + in: "header" + description: "Organization ID (required for session auth, optional for API key auth)" + required: false schema: type: "string" - - name: "take" + - name: "id" required: true - in: "query" + in: "path" + description: "Policy ID" schema: + example: "pol_abc123def456" type: "string" responses: - "200": - description: "Activity retrieved successfully" - "400": - description: "Task not found" + "201": + description: "" security: - apikey: [] - summary: "Get task activity" + summary: "Regenerate policy with AI" tags: - - "Tasks" + - "Policies" + description: "Regenerate policy content using Comp AI while keeping the result reviewable before it is published or used as compliance evidence." x-mint: metadata: - title: "Get task activity | Comp AI API" - sidebarTitle: "Get task activity" - description: "Get task activity in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." - og:title: "Get task activity | Comp AI API" - og:description: "Get task activity in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." + title: "Regenerate policy with AI | Comp AI API" + sidebarTitle: "Regenerate policy with AI" + description: "Regenerate policy content using Comp AI while keeping the result reviewable before it is published or used as compliance evidence." + og:title: "Regenerate policy with AI | Comp AI API" + og:description: "Regenerate policy content using Comp AI while keeping the result reviewable before it is published or used as compliance evidence." x-speakeasy-mcp: - name: "get-task-activity" - /v1/tasks/{taskId}/regenerate: - post: - description: "Regenerate task from template in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." - operationId: "TasksController_regenerateTask_v1" + name: "regenerate-policy" + /v1/policies/{id}/pdf/signed-url: + get: + operationId: "PoliciesController_getPdfSignedUrl_v1" parameters: - - name: "taskId" + - name: "X-Organization-Id" + in: "header" + description: "Organization ID (required for session auth, optional for API key auth)" + required: false + schema: + type: "string" + - name: "id" required: true in: "path" - description: "Unique task identifier" + description: "Policy ID" + schema: + example: "pol_abc123def456" + type: "string" + - name: "versionId" + required: false + in: "query" schema: - example: "tsk_abc123def456" type: "string" responses: "200": - description: "Task regenerated successfully" - "400": - description: "Task has no associated template" - "404": - description: "Task not found" + description: "" security: - apikey: [] - summary: "Regenerate task from template" + summary: "Get a signed URL for the policy PDF" tags: - - "Tasks" + - "Policies" + description: "Get a signed URL for the policy PDF in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting and approval workflows." x-mint: metadata: - title: "Regenerate task from template | Comp AI API" - sidebarTitle: "Regenerate task from template" - description: "Regenerate task from template in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity." - og:title: "Regenerate task from template | Comp AI API" - og:description: "Regenerate task from template in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity." + title: "Get a signed URL for the policy PDF | Comp AI API" + sidebarTitle: "Get a signed URL for the policy PDF" + description: "Get a signed URL for the policy PDF in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting." + og:title: "Get a signed URL for the policy PDF | Comp AI API" + og:description: "Get a signed URL for the policy PDF in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting." x-speakeasy-mcp: - name: "regenerate-task" - /v1/tasks/{taskId}/submit-for-review: + name: "get-pdf-signed-url" + /v1/policies/{id}/pdf: post: - description: "Submit task for review in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." - operationId: "TasksController_submitForReview_v1" + description: "Uploads a PDF via multipart `file` or base64 `fileData` JSON. Defaults to the latest draft if no `versionId`; 400 if no draft is available. UI-only — AI clients should use the presigned `/pdf/upload-url` + `/pdf/confirm` flow." + operationId: "PoliciesController_uploadPolicyPdf_v1" parameters: - - name: "taskId" + - name: "X-Organization-Id" + in: "header" + description: "Organization ID (required for session auth, optional for API key auth)" + required: false + schema: + type: "string" + - name: "id" required: true in: "path" - description: "Unique task identifier" + description: "Policy ID" schema: - example: "tsk_abc123def456" + example: "pol_abc123def456" type: "string" requestBody: required: true content: + multipart/form-data: + schema: + oneOf: + - description: "Multipart file upload (recommended)" + type: "object" + properties: + file: + type: "string" + format: "binary" + versionId: + type: "string" + description: "Target version ID. If omitted, uploads to the latest draft version." + required: + - "file" + - description: "JSON with base64-encoded file data" + type: "object" + properties: + fileName: + type: "string" + fileType: + type: "string" + fileData: + type: "string" + description: "Base64-encoded file content" + versionId: + type: "string" + description: "Target version ID. If omitted, uploads to the latest draft version." + required: + - "fileName" + - "fileType" + - "fileData" application/json: schema: - type: "object" - properties: - approverId: - type: "string" - example: "mem_abc123" - description: "Member ID of the approver" - required: - - "approverId" + oneOf: + - description: "Multipart file upload (recommended)" + type: "object" + properties: + file: + type: "string" + format: "binary" + versionId: + type: "string" + description: "Target version ID. If omitted, uploads to the latest draft version." + required: + - "file" + - description: "JSON with base64-encoded file data" + type: "object" + properties: + fileName: + type: "string" + fileType: + type: "string" + fileData: + type: "string" + description: "Base64-encoded file content" + versionId: + type: "string" + description: "Target version ID. If omitted, uploads to the latest draft version." + required: + - "fileName" + - "fileType" + - "fileData" responses: - "200": - description: "Task submitted for review" - "400": - description: "Invalid request" + "201": + description: "" security: - apikey: [] - summary: "Submit task for review" + summary: "Upload a PDF to a policy version (UI-only)" tags: - - "Tasks" + - "Policies" + x-speakeasy-mcp: + disabled: true x-mint: metadata: - title: "Submit task for review | Comp AI API" - sidebarTitle: "Submit task for review" - description: "Submit task for review in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." - og:title: "Submit task for review | Comp AI API" - og:description: "Submit task for review in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." - x-speakeasy-mcp: - name: "submit-for-review" - /v1/tasks/{taskId}/approve: - post: - description: "Approve a task that is in review. Only the assigned approver can approve. Moves status to done and creates an audit comment." - operationId: "TasksController_approveTask_v1" + title: "Upload a PDF to a policy version (UI-only) | Comp AI API" + sidebarTitle: "Upload a PDF to a policy version (UI-only)" + description: "Uploads a PDF via multipart `file` or base64 `fileData` JSON. Defaults to the latest draft if no `versionId`; 400 if no draft is available. UI-only — AI." + og:title: "Upload a PDF to a policy version (UI-only) | Comp AI API" + og:description: "Uploads a PDF via multipart `file` or base64 `fileData` JSON. Defaults to the latest draft if no `versionId`; 400 if no draft is available. UI-only — AI." + delete: + description: "Deletes the PDF from a specific policy version. If no versionId is provided, deletes from the latest draft version. Cannot delete PDFs from published or pending-approval versions." + operationId: "PoliciesController_deletePolicyPdf_v1" parameters: - - name: "taskId" + - name: "X-Organization-Id" + in: "header" + description: "Organization ID (required for session auth, optional for API key auth)" + required: false + schema: + type: "string" + - name: "id" required: true in: "path" - description: "Unique task identifier" + description: "Policy ID" + schema: + example: "pol_abc123def456" + type: "string" + - name: "versionId" + required: false + in: "query" + description: "Target version ID. If omitted, targets the latest draft version." schema: - example: "tsk_abc123def456" type: "string" responses: "200": - description: "Task approved successfully" - "400": - description: "Task is not in review" - "403": - description: "Not the assigned approver" + description: "" security: - apikey: [] - summary: "Approve a task" + summary: "Delete a policy version PDF" tags: - - "Tasks" + - "Policies" x-mint: metadata: - title: "Approve a task | Comp AI API" - sidebarTitle: "Approve a task" - description: "Approve a task that is in review. Only the assigned approver can approve. Moves status to done and creates an audit comment." - og:title: "Approve a task | Comp AI API" - og:description: "Approve a task that is in review. Only the assigned approver can approve. Moves status to done and creates an audit comment." + title: "Delete a policy version PDF | Comp AI API" + sidebarTitle: "Delete a policy version PDF" + description: "Deletes the PDF from a specific policy version. If no versionId is provided, deletes from the latest draft version. Cannot delete PDFs from published." + og:title: "Delete a policy version PDF | Comp AI API" + og:description: "Deletes the PDF from a specific policy version. If no versionId is provided, deletes from the latest draft version. Cannot delete PDFs from published." x-speakeasy-mcp: - name: "approve-task" - /v1/tasks/{taskId}/reject: + name: "delete-policy-pdf" + /v1/policies/{id}/pdf/upload-url: post: - description: "Reject a task that is in review. Only the assigned approver can reject. Reverts status to the previous status and creates an audit comment." - operationId: "TasksController_rejectTask_v1" + description: "Generates a presigned S3 URL for uploading a policy PDF directly to storage. Use this when attaching a PDF to a compliance policy — the file bytes are uploaded straight to S3 without passing through the API. Requires the policy ID; if you only know the policy name, look it up first via the list-compliance-policies tool. After uploading the file to the returned URL, finalize the attachment by calling confirm-policy-pdf-uploaded with the same s3Key." + operationId: "PoliciesController_requestPolicyPdfUploadUrl_v1" parameters: - - name: "taskId" - required: true - in: "path" - description: "Unique task identifier" + - name: "X-Organization-Id" + in: "header" + description: "Organization ID (required for session auth, optional for API key auth)" + required: false schema: - example: "tsk_abc123def456" type: "string" - responses: - "200": - description: "Task rejected successfully" - "400": - description: "Task is not in review" - "403": - description: "Not the assigned approver" - security: - - apikey: [] - summary: "Reject a task review" - tags: - - "Tasks" - x-mint: - metadata: - title: "Reject a task review | Comp AI API" - sidebarTitle: "Reject a task review" - description: "Reject a task that is in review. Only the assigned approver can reject. Reverts status to the previous status and creates an audit comment." - og:title: "Reject a task review | Comp AI API" - og:description: "Reject a task that is in review. Only the assigned approver can reject. Reverts status to the previous status and creates an audit comment." - x-speakeasy-mcp: - name: "reject-task" - /v1/tasks/{taskId}/attachments: - get: - description: "Get task attachments in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." - operationId: "TasksController_getTaskAttachments_v1" - parameters: - - name: "taskId" + - name: "id" required: true in: "path" - description: "Unique task identifier" + description: "Policy ID" schema: - example: "tsk_abc123def456" + example: "pol_abc123def456" type: "string" + requestBody: + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/RequestPolicyPdfUploadUrlDto" responses: - "200": - description: "Attachments retrieved successfully" - content: - application/json: - schema: - type: "array" - items: - $ref: "#/components/schemas/AttachmentResponseDto" - example: - - id: "att_abc123def456" - name: "evidence.pdf" - type: "application/pdf" - size: 123456 - downloadUrl: "https://bucket.s3.amazonaws.com/path/to/file.pdf?signature=..." - createdAt: "2024-01-15T10:30:00Z" - "401": - description: "Unauthorized - Invalid authentication" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "string" - example: "Unauthorized" - "404": - description: "Task not found" + "201": + description: "" content: application/json: schema: - type: "object" - properties: - message: - type: "string" - example: "Task with ID tsk_abc123def456 not found" + $ref: "#/components/schemas/PolicyPdfUploadUrlResponseDto" security: - apikey: [] - summary: "Get task attachments" + summary: "Request a presigned URL to upload a policy PDF" tags: - - "Tasks" + - "Policies" + x-speakeasy-mcp: + name: "request-policy-pdf-upload-url" x-mint: metadata: - title: "Get task attachments | Comp AI API" - sidebarTitle: "Get task attachments" - description: "Get task attachments in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." - og:title: "Get task attachments | Comp AI API" - og:description: "Get task attachments in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." - x-speakeasy-mcp: - name: "get-task-attachments" + title: "Request a presigned URL to upload a policy PDF | Comp AI API" + sidebarTitle: "Request a presigned URL to upload a policy PDF" + description: "Generates a presigned S3 URL for uploading a policy PDF directly to storage. Use this when attaching a PDF to a compliance policy — the file bytes are." + og:title: "Request a presigned URL to upload a policy PDF | Comp AI API" + og:description: "Generates a presigned S3 URL for uploading a policy PDF directly to storage. Use this when attaching a PDF to a compliance policy — the file bytes are." + /v1/policies/{id}/pdf/confirm: post: - description: "Upload an evidence attachment to a task so auditors and reviewers can trace completion back to source documentation." - operationId: "TasksController_uploadTaskAttachment_v1" + description: "Links an uploaded PDF to a compliance policy after the file has been PUT to a presigned S3 URL. Call this after request-policy-pdf-upload-url returned an s3Key and you successfully uploaded the file bytes to that URL. The endpoint verifies the file exists in S3 before linking it to the policy or version." + operationId: "PoliciesController_confirmPolicyPdfUploaded_v1" parameters: - - name: "taskId" + - name: "X-Organization-Id" + in: "header" + description: "Organization ID (required for session auth, optional for API key auth)" + required: false + schema: + type: "string" + - name: "id" required: true in: "path" - description: "Unique task identifier" + description: "Policy ID" schema: - example: "tsk_abc123def456" + example: "pol_abc123def456" type: "string" requestBody: required: true content: application/json: schema: - $ref: "#/components/schemas/UploadAttachmentDto" + $ref: "#/components/schemas/ConfirmPolicyPdfUploadedDto" responses: "201": - description: "Attachment uploaded successfully" - content: - application/json: - schema: - $ref: "#/components/schemas/AttachmentResponseDto" - example: - id: "att_abc123def456" - entityId: "tsk_abc123def456" - entityType: "task" - fileName: "evidence.pdf" - fileType: "application/pdf" - fileSize: 123456 - createdAt: "2024-01-01T00:00:00Z" - createdBy: "usr_abc123def456" - "400": - description: "Invalid file data or file too large" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "string" - example: "File exceeds maximum allowed size" - "401": - description: "Unauthorized - Invalid authentication" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "string" - example: "Unauthorized" - "404": - description: "Task not found" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "string" - example: "Task with ID tsk_abc123def456 not found" + description: "" + security: + - apikey: [] + summary: "Confirm a policy PDF upload completed" + tags: + - "Policies" + x-speakeasy-mcp: + name: "confirm-policy-pdf-uploaded" + x-mint: + metadata: + title: "Confirm a policy PDF upload completed | Comp AI API" + sidebarTitle: "Confirm a policy PDF upload completed" + description: "Links an uploaded PDF to a compliance policy after the file has been PUT to a presigned S3 URL. Call this after request-policy-pdf-upload-url returned an." + og:title: "Confirm a policy PDF upload completed | Comp AI API" + og:description: "Links an uploaded PDF to a compliance policy after the file has been PUT to a presigned S3 URL. Call this after request-policy-pdf-upload-url returned an." + /v1/policies/{id}/pdf-url: + get: + operationId: "PoliciesController_getPdfUrl_v1" + parameters: + - name: "X-Organization-Id" + in: "header" + description: "Organization ID (required for session auth, optional for API key auth)" + required: false + schema: + type: "string" + - name: "id" + required: true + in: "path" + description: "Policy ID" + schema: + example: "pol_abc123def456" + type: "string" + - name: "versionId" + required: false + in: "query" + schema: + type: "string" + responses: + "200": + description: "" security: - apikey: [] - summary: "Upload task evidence" + summary: "Get signed URL for policy PDF (alternate path)" tags: - - "Tasks" + - "Policies" + description: "Get signed URL for policy PDF (alternate path) in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting and approval workflows." x-mint: metadata: - title: "Upload task evidence | Comp AI API" - sidebarTitle: "Upload task evidence" - description: "Upload an evidence attachment to a task so auditors and reviewers can trace completion back to source documentation." - og:title: "Upload task evidence | Comp AI API" - og:description: "Upload an evidence attachment to a task so auditors and reviewers can trace completion back to source documentation." + title: "Get signed URL for policy PDF (alternate path) | Comp AI API" + sidebarTitle: "Get signed URL for policy PDF (alternate path)" + description: "Get signed URL for policy PDF (alternate path) in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting." + og:title: "Get signed URL for policy PDF (alternate path) | Comp AI API" + og:description: "Get signed URL for policy PDF (alternate path) in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting." x-speakeasy-mcp: - name: "upload-task-attachment" - /v1/tasks/{taskId}/attachments/{attachmentId}/download: - get: - description: "Generate a signed download URL for an attachment on a compliance task so reviewers can access uploaded evidence." - operationId: "TasksController_getTaskAttachmentDownloadUrl_v1" + name: "get-pdf-url" + /v1/policies/{id}/controls/{controlId}: + delete: + operationId: "PoliciesController_removePolicyControl_v1" parameters: - - name: "taskId" + - name: "X-Organization-Id" + in: "header" + description: "Organization ID (required for session auth, optional for API key auth)" + required: false + schema: + type: "string" + - name: "id" required: true in: "path" - description: "Unique task identifier" + description: "Policy ID" schema: - example: "tsk_abc123def456" + example: "pol_abc123def456" type: "string" - - name: "attachmentId" + - name: "controlId" required: true in: "path" - description: "Unique attachment identifier" schema: - example: "att_abc123def456" type: "string" responses: "200": - description: "Download URL generated successfully" - content: - application/json: - schema: - type: "object" - properties: - downloadUrl: - type: "string" - description: "Signed URL for downloading the file" - example: "https://bucket.s3.amazonaws.com/path/to/file.pdf?signature=..." - expiresIn: - type: "number" - description: "URL expiration time in seconds" - example: 900 - "401": - description: "Unauthorized - Invalid authentication" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "string" - example: "Unauthorized" - "404": - description: "Task or attachment not found" - content: - application/json: - schema: - type: "object" - properties: - message: - type: "string" - example: "Task or attachment not found" + description: "" security: - apikey: [] - summary: "Get task attachment download URL" + summary: "Remove a control mapping from a policy" tags: - - "Tasks" + - "Policies" + description: "Remove a control mapping from a policy in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting and approval workflows." x-mint: metadata: - title: "Get task attachment download URL | Comp AI API" - sidebarTitle: "Get task attachment download URL" - description: "Generate a signed download URL for an attachment on a compliance task so reviewers can access uploaded evidence." - og:title: "Get task attachment download URL | Comp AI API" - og:description: "Generate a signed download URL for an attachment on a compliance task so reviewers can access uploaded evidence." + title: "Remove a control mapping from a policy | Comp AI API" + sidebarTitle: "Remove a control mapping from a policy" + description: "Remove a control mapping from a policy in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting." + og:title: "Remove a control mapping from a policy | Comp AI API" + og:description: "Remove a control mapping from a policy in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting." x-speakeasy-mcp: - name: "get-task-attachment-download-url" - /v1/tasks/{taskId}/attachments/{attachmentId}: - delete: - description: "Delete task attachment in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." - operationId: "TasksController_deleteTaskAttachment_v1" + name: "remove-policy-control" + /v1/policies/{id}: + get: + description: "Retrieve a single compliance policy by its ID, including current content, draft content, review status, framework links, and audit metadata. Use this to read or inspect one policy in detail. If you only have a policy name, find its ID first by listing compliance policies." + operationId: "PoliciesController_getPolicy_v1" parameters: - - name: "taskId" - required: true - in: "path" - description: "Unique task identifier" + - name: "X-Organization-Id" + in: "header" + description: "Organization ID (required for session auth, optional for API key auth)" + required: false schema: - example: "tsk_abc123def456" type: "string" - - name: "attachmentId" + - name: "id" required: true in: "path" - description: "Unique attachment identifier" + description: "Policy ID" schema: - example: "att_abc123def456" + example: "pol_abc123def456" type: "string" responses: "200": - description: "Attachment deleted successfully" + description: "Policy retrieved successfully" content: application/json: schema: - type: "object" - properties: - success: - type: "boolean" - example: true - deletedAttachmentId: - type: "string" - example: "att_abc123def456" - message: - type: "string" - example: "Attachment deleted successfully" + $ref: "#/components/schemas/PolicyResponseDto" + example: + id: "pol_abc123def456" + name: "Data Privacy Policy" + status: "draft" + content: + - type: "paragraph" + content: + - type: "text" + text: "..." + isRequiredToSign: true + signedBy: [] + createdAt: "2024-01-01T00:00:00.000Z" + updatedAt: "2024-01-15T00:00:00.000Z" + organizationId: "org_abc123def456" "401": - description: "Unauthorized - Invalid authentication" + description: "Unauthorized - Invalid authentication or insufficient permissions" content: application/json: schema: @@ -8008,7 +7355,7 @@ paths: type: "string" example: "Unauthorized" "404": - description: "Task or attachment not found" + description: "Policy not found" content: application/json: schema: @@ -8016,83 +7363,78 @@ paths: properties: message: type: "string" - example: "Task or attachment not found" + example: "Policy with ID pol_abc123def456 not found" security: - apikey: [] - summary: "Delete task attachment" + summary: "Get compliance policy" tags: - - "Tasks" + - "Policies" + x-speakeasy-mcp: + name: "get-policy" x-mint: metadata: - title: "Delete task attachment | Comp AI API" - sidebarTitle: "Delete task attachment" - description: "Delete task attachment in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." - og:title: "Delete task attachment | Comp AI API" - og:description: "Delete task attachment in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." - x-speakeasy-mcp: - name: "delete-task-attachment" - /v1/tasks/{taskId}/automations: - get: - description: "Get all automations for a task in Comp AI. Create, version, run, and inspect automated evidence collection workflows attached to compliance tasks." - operationId: "AutomationsController_getTaskAutomations_v1" + title: "Get compliance policy | Comp AI API" + sidebarTitle: "Get compliance policy" + description: "Retrieve a single compliance policy by its ID, including current content, draft content, review status, framework links, and audit metadata. Use this." + og:title: "Get compliance policy | Comp AI API" + og:description: "Retrieve a single compliance policy by its ID, including current content, draft content, review status, framework links, and audit metadata. Use this." + patch: + description: "Update compliance policy details or content while keeping policy workflows connected to controls, tasks, and approvals." + operationId: "PoliciesController_updatePolicy_v1" parameters: - - name: "taskId" - required: true - in: "path" - description: "Unique task identifier" + - name: "X-Organization-Id" + in: "header" + description: "Organization ID (required for session auth, optional for API key auth)" + required: false schema: - example: "tsk_abc123def456" type: "string" - responses: - "200": - description: "Automations retrieved successfully" - security: - - apikey: [] - summary: "Get all automations for a task" - tags: - - "Task Automations" - x-mint: - metadata: - title: "Get all automations for a task | Comp AI API" - sidebarTitle: "Get all automations for a task" - description: "Get all automations for a task in Comp AI. Create, version, run, and inspect automated evidence collection workflows attached to compliance tasks." - og:title: "Get all automations for a task | Comp AI API" - og:description: "Get all automations for a task in Comp AI. Create, version, run, and inspect automated evidence collection workflows attached to compliance tasks." - x-speakeasy-mcp: - name: "get-task-automations" - post: - description: "Create an automated evidence workflow attached to a task so Comp AI can collect recurring proof from connected systems." - operationId: "AutomationsController_createAutomation_v1" - parameters: - - name: "taskId" + - name: "id" required: true in: "path" - description: "Unique task identifier" + description: "Policy ID" schema: - example: "tsk_abc123def456" + example: "pol_abc123def456" type: "string" + requestBody: + required: true + description: "Policy update data" + content: + application/json: + schema: + $ref: "#/components/schemas/UpdatePolicyDto" responses: - "201": - description: "Automation created successfully" + "200": + description: "Policy updated successfully" content: application/json: schema: - type: "object" - properties: - success: - type: "boolean" - example: true - automation: - type: "object" - properties: - id: - type: "string" - example: "auto_abc123def456" - name: - type: "string" - example: "Task Name - Evidence Collection" + $ref: "#/components/schemas/PolicyResponseDto" + example: + id: "pol_abc123def456" + name: "Data Privacy Policy" + description: "This policy outlines how we handle and protect personal data" + status: "published" + content: + - type: "heading" + attrs: + level: 2 + content: + - type: "text" + text: "Purpose" + frequency: "yearly" + department: "it" + isRequiredToSign: true + signedBy: + - "usr_123" + reviewDate: "2024-12-31T00:00:00.000Z" + isArchived: false + createdAt: "2024-01-01T00:00:00.000Z" + updatedAt: "2024-01-15T00:00:00.000Z" + organizationId: "org_abc123def456" + assigneeId: "usr_abc123def456" + approverId: "usr_xyz789abc123" "400": - description: "Bad request - Invalid task ID or organization ID" + description: "Bad Request - Invalid update data" content: application/json: schema: @@ -8100,9 +7442,9 @@ paths: properties: message: type: "string" - example: "Invalid task ID or organization ID" + example: "Validation failed" "401": - description: "Unauthorized - Invalid authentication" + description: "Unauthorized - Invalid authentication or insufficient permissions" content: application/json: schema: @@ -8112,7 +7454,7 @@ paths: type: "string" example: "Unauthorized" "404": - description: "Task not found" + description: "Policy not found" content: application/json: schema: @@ -8120,85 +7462,41 @@ paths: properties: message: type: "string" - example: "Task not found" - security: - - apikey: [] - summary: "Create evidence automation" - tags: - - "Task Automations" - x-mint: - metadata: - title: "Create evidence automation | Comp AI API" - sidebarTitle: "Create evidence automation" - description: "Create an automated evidence workflow attached to a task so Comp AI can collect recurring proof from connected systems." - og:title: "Create evidence automation | Comp AI API" - og:description: "Create an automated evidence workflow attached to a task so Comp AI can collect recurring proof from connected systems." - x-speakeasy-mcp: - name: "create-automation" - disabled: true - /v1/tasks/{taskId}/automations/{automationId}: - get: - description: "Get automation details in Comp AI. Create, version, run, and inspect automated evidence collection workflows attached to compliance tasks." - operationId: "AutomationsController_getAutomation_v1" - parameters: - - name: "taskId" - required: true - in: "path" - description: "Unique task identifier" - schema: - example: "tsk_abc123def456" - type: "string" - - name: "automationId" - required: true - in: "path" - description: "Unique automation identifier" - schema: - example: "auto_abc123def456" - type: "string" - responses: - "200": - description: "Automation details retrieved successfully" + example: "Policy with ID pol_abc123def456 not found" security: - apikey: [] - summary: "Get automation details" + summary: "Update compliance policy" tags: - - "Task Automations" + - "Policies" x-mint: metadata: - title: "Get automation details | Comp AI API" - sidebarTitle: "Get automation details" - description: "Get automation details in Comp AI. Create, version, run, and inspect automated evidence collection workflows attached to compliance tasks." - og:title: "Get automation details | Comp AI API" - og:description: "Get automation details in Comp AI. Create, version, run, and inspect automated evidence collection workflows attached to compliance tasks." + title: "Update compliance policy | Comp AI API" + sidebarTitle: "Update compliance policy" + description: "Update compliance policy details or content while keeping policy workflows connected to controls, tasks, and approvals." + og:title: "Update compliance policy | Comp AI API" + og:description: "Update compliance policy details or content while keeping policy workflows connected to controls, tasks, and approvals." x-speakeasy-mcp: - name: "get-automation" - patch: - description: "Update an existing automation in Comp AI. Create, version, run, and inspect automated evidence collection workflows attached to compliance tasks." - operationId: "AutomationsController_updateAutomation_v1" + name: "update-policy" + delete: + description: "Delete a compliance policy that is no longer part of the organization evidence library or control program." + operationId: "PoliciesController_deletePolicy_v1" parameters: - - name: "taskId" - required: true - in: "path" - description: "Unique task identifier" + - name: "X-Organization-Id" + in: "header" + description: "Organization ID (required for session auth, optional for API key auth)" + required: false schema: - example: "tsk_abc123def456" type: "string" - - name: "automationId" + - name: "id" required: true in: "path" - description: "Unique automation identifier" + description: "Policy ID" schema: - example: "auto_abc123def456" + example: "pol_abc123def456" type: "string" - requestBody: - required: true - content: - application/json: - schema: - $ref: "#/components/schemas/UpdateAutomationDto" responses: "200": - description: "Automation updated successfully" + description: "Policy deleted successfully" content: application/json: schema: @@ -8206,31 +7504,27 @@ paths: properties: success: type: "boolean" + description: "Indicates successful deletion" example: true - automation: + deletedPolicy: type: "object" properties: id: type: "string" - example: "auto_abc123def456" + description: "The deleted policy ID" + example: "pol_abc123def456" name: type: "string" - example: "Updated Automation Name" - description: - type: "string" - example: "Updated description" - "400": - description: "Bad request - Invalid automation ID or data" - content: - application/json: - schema: - type: "object" - properties: - message: + description: "The deleted policy name" + example: "Data Privacy Policy" + authType: type: "string" - example: "Invalid automation data" + enum: + - "api-key" + - "session" + description: "How the request was authenticated" "401": - description: "Unauthorized - Invalid authentication" + description: "Unauthorized - Invalid authentication or insufficient permissions" content: application/json: schema: @@ -8240,7 +7534,7 @@ paths: type: "string" example: "Unauthorized" "404": - description: "Automation not found" + description: "Policy not found" content: application/json: schema: @@ -8248,557 +7542,539 @@ paths: properties: message: type: "string" - example: "Automation not found" - security: - - apikey: [] - summary: "Update an existing automation" - tags: - - "Task Automations" - x-mint: - metadata: - title: "Update an existing automation | Comp AI API" - sidebarTitle: "Update an existing automation" - description: "Update an existing automation in Comp AI. Create, version, run, and inspect automated evidence collection workflows attached to compliance tasks." - og:title: "Update an existing automation | Comp AI API" - og:description: "Update an existing automation in Comp AI. Create, version, run, and inspect automated evidence collection workflows attached to compliance tasks." - x-speakeasy-mcp: - name: "update-automation" - delete: - description: "Delete an automation in Comp AI. Create, version, run, and inspect automated evidence collection workflows attached to compliance tasks." - operationId: "AutomationsController_deleteAutomation_v1" - parameters: - - name: "taskId" - required: true - in: "path" - description: "Unique task identifier" - schema: - example: "tsk_abc123def456" - type: "string" - - name: "automationId" - required: true - in: "path" - description: "Unique automation identifier" - schema: - example: "auto_abc123def456" - type: "string" - responses: - "200": - description: "Automation deleted successfully" - security: - - apikey: [] - summary: "Delete an automation" - tags: - - "Task Automations" - x-mint: - metadata: - title: "Delete an automation | Comp AI API" - sidebarTitle: "Delete an automation" - description: "Delete an automation in Comp AI. Create, version, run, and inspect automated evidence collection workflows attached to compliance tasks." - og:title: "Delete an automation | Comp AI API" - og:description: "Delete an automation in Comp AI. Create, version, run, and inspect automated evidence collection workflows attached to compliance tasks." - x-speakeasy-mcp: - name: "delete-automation" - /v1/tasks/{taskId}/automations/{automationId}/runs: - get: - description: "Get all runs for a specific automation in Comp AI. Create, version, run, and inspect automated evidence collection workflows attached to compliance tasks." - operationId: "AutomationsController_getAutomationRuns_v1" - parameters: - - name: "taskId" - required: true - in: "path" - description: "Task ID" - schema: - type: "string" - - name: "automationId" - required: true - in: "path" - description: "Automation ID" - schema: - type: "string" - responses: - "200": - description: "Runs retrieved successfully" + example: "Policy with ID pol_abc123def456 not found" security: - apikey: [] - summary: "Get all runs for a specific automation" + summary: "Delete compliance policy" tags: - - "Task Automations" + - "Policies" x-mint: metadata: - title: "Get all runs for a specific automation | Comp AI API" - sidebarTitle: "Get all runs for a specific automation" - description: "Get all runs for a specific automation in Comp AI. Create, version, run, and inspect automated evidence collection workflows attached to compliance tasks." - og:title: "Get all runs for a specific automation | Comp AI API" - og:description: "Get all runs for a specific automation in Comp AI. Create, version, run, and inspect automated evidence collection workflows attached to compliance tasks." + title: "Delete compliance policy | Comp AI API" + sidebarTitle: "Delete compliance policy" + description: "Delete a compliance policy that is no longer part of the organization evidence library or control program." + og:title: "Delete compliance policy | Comp AI API" + og:description: "Delete a compliance policy that is no longer part of the organization evidence library or control program." x-speakeasy-mcp: - name: "get-automation-runs" - /v1/tasks/{taskId}/automations/{automationId}/versions: + name: "delete-policy" + /v1/policies/{id}/versions: get: - description: "Get all versions for an automation in Comp AI. Create, version, run, and inspect automated evidence collection workflows attached to compliance tasks." - operationId: "AutomationsController_getAutomationVersions_v1" + description: "Get policy versions in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting and approval workflows." + operationId: "PoliciesController_getPolicyVersions_v1" parameters: - - name: "taskId" - required: true - in: "path" - description: "Task ID" - schema: - type: "string" - - name: "automationId" - required: true - in: "path" - description: "Automation ID" - schema: - type: "string" - - name: "limit" - required: true - in: "query" + - name: "X-Organization-Id" + in: "header" + description: "Organization ID (required for session auth, optional for API key auth)" + required: false schema: type: "string" - - name: "offset" + - name: "id" required: true - in: "query" + in: "path" + description: "Policy ID" schema: type: "string" + example: "pol_abc123def456" responses: "200": - description: "Versions retrieved successfully" + description: "Policy versions retrieved successfully" content: application/json: schema: type: "object" properties: - success: - type: "boolean" versions: type: "array" items: type: "object" - properties: - id: - type: "string" - version: - type: "number" - scriptKey: - type: "string" - changelog: - type: "string" - nullable: true - publishedBy: - type: "string" - nullable: true - createdAt: - type: "string" - format: "date-time" + currentVersionId: + type: "string" + nullable: true + pendingVersionId: + type: "string" + nullable: true + "401": + description: "Unauthorized" + content: + application/json: + schema: + type: "object" + properties: + message: + type: "string" + example: "Unauthorized" + "404": + description: "Resource not found" + content: + application/json: + schema: + type: "object" + properties: + message: + type: "string" + example: "Resource not found" security: - apikey: [] - summary: "Get all versions for an automation" + summary: "Get policy versions" tags: - - "Task Automations" + - "Policies" + x-speakeasy-mcp: + name: "list-policy-versions" x-mint: metadata: - title: "Get all versions for an automation | Comp AI API" - sidebarTitle: "Get all versions for an automation" - description: "Get all versions for an automation in Comp AI. Create, version, run, and inspect automated evidence collection workflows attached to compliance tasks." - og:title: "Get all versions for an automation | Comp AI API" - og:description: "Get all versions for an automation in Comp AI. Create, version, run, and inspect automated evidence collection workflows attached to compliance tasks." - x-speakeasy-mcp: - name: "get-automation-versions" + title: "Get policy versions | Comp AI API" + sidebarTitle: "Get policy versions" + description: "Get policy versions in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting and approval workflows." + og:title: "Get policy versions | Comp AI API" + og:description: "Get policy versions in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting and approval workflows." post: - operationId: "AutomationsController_createVersion_v1" + description: "Creates a new draft version of a policy, cloned from the current published version (or a specified source version). Use this when you need to make any change to a published policy — content edits, PDF attachments, anything. Published." + operationId: "PoliciesController_createPolicyVersion_v1" parameters: - - name: "taskId" - required: true - in: "path" - description: "Task ID" + - name: "X-Organization-Id" + in: "header" + description: "Organization ID (required for session auth, optional for API key auth)" + required: false schema: type: "string" - - name: "automationId" + - name: "id" required: true in: "path" - description: "Automation ID" + description: "Policy ID" schema: type: "string" + example: "pol_abc123def456" requestBody: required: true + description: "Create a new policy version draft" content: application/json: schema: $ref: "#/components/schemas/CreateVersionDto" responses: "201": - description: "" + description: "Policy version created" + content: + application/json: + schema: + type: "object" + properties: + versionId: + type: "string" + version: + type: "number" + "400": + description: "Invalid request" + content: + application/json: + schema: + type: "object" + properties: + message: + type: "string" + example: "Invalid request" + "401": + description: "Unauthorized" + content: + application/json: + schema: + type: "object" + properties: + message: + type: "string" + example: "Unauthorized" + "404": + description: "Resource not found" + content: + application/json: + schema: + type: "object" + properties: + message: + type: "string" + example: "Resource not found" security: - apikey: [] - summary: "Create a published version record for an automation" + summary: "Create policy version" tags: - - "Task Automations" - description: "Create a published version record for an automation in Comp AI. Create, version, run, and inspect automated evidence collection workflows attached to compliance tasks." + - "Policies" + x-speakeasy-mcp: + name: "create-policy-version" x-mint: metadata: - title: "Create a published version record for an | Comp AI API" - sidebarTitle: "Create a published version record for an automation" - description: "Create a published version record for an automation in Comp AI. Create, version, run, and inspect automated evidence collection workflows attached." - og:title: "Create a published version record for an | Comp AI API" - og:description: "Create a published version record for an automation in Comp AI. Create, version, run, and inspect automated evidence collection workflows attached." - x-speakeasy-mcp: - name: "create-version" - disabled: true - /v1/tasks/{taskId}/automations/runs: + title: "Create policy version | Comp AI API" + sidebarTitle: "Create policy version" + description: "Creates a new draft version of a policy, cloned from the current published version (or a specified source version). Use this when you need to make any." + og:title: "Create policy version | Comp AI API" + og:description: "Creates a new draft version of a policy, cloned from the current published version (or a specified source version). Use this when you need to make any." + /v1/policies/{id}/versions/{versionId}: get: - description: "Get all automation runs for a task in Comp AI. Create, version, run, and inspect automated evidence collection workflows attached to compliance tasks." - operationId: "AutomationsController_getTaskAutomationRuns_v1" + description: "Get policy version by ID in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting and approval workflows." + operationId: "PoliciesController_getPolicyVersionById_v1" parameters: - - name: "taskId" + - name: "X-Organization-Id" + in: "header" + description: "Organization ID (required for session auth, optional for API key auth)" + required: false + schema: + type: "string" + - name: "id" required: true in: "path" - description: "Task ID" + description: "Policy ID" schema: - example: "tsk_abc123def456" type: "string" - responses: - "200": - description: "Automation runs retrieved successfully" - content: - application/json: - schema: - type: "array" - items: - type: "object" - properties: - id: - type: "string" - example: "ear_abc123def456" - status: - type: "string" - enum: - - "PENDING" - - "RUNNING" - - "COMPLETED" - - "FAILED" - trigger: - type: "string" - enum: - - "MANUAL" - - "SCHEDULED" - - "EVENT" - createdAt: - type: "string" - format: "date-time" - completedAt: - type: "string" - format: "date-time" - nullable: true - error: - type: "object" - nullable: true - security: - - apikey: [] - summary: "Get all automation runs for a task" - tags: - - "Task Automations" - x-mint: - metadata: - title: "Get all automation runs for a task | Comp AI API" - sidebarTitle: "Get all automation runs for a task" - description: "Get all automation runs for a task in Comp AI. Create, version, run, and inspect automated evidence collection workflows attached to compliance tasks." - og:title: "Get all automation runs for a task | Comp AI API" - og:description: "Get all automation runs for a task in Comp AI. Create, version, run, and inspect automated evidence collection workflows attached to compliance tasks." - x-speakeasy-mcp: - name: "get-task-automation-runs" - /v1/tasks/{taskId}/evidence: - get: - description: "Get task evidence summary in Comp AI. Export task evidence, automation evidence, and reviewer-ready evidence bundles as PDF or ZIP files." - operationId: "EvidenceExportController_getTaskEvidenceSummary_v1" - parameters: - - name: "taskId" + example: "pol_abc123def456" + - name: "versionId" required: true in: "path" - description: "Unique task identifier" + description: "Policy version ID" schema: - example: "tsk_abc123def456" type: "string" + example: "pv_abc123def456" responses: "200": - description: "Evidence summary retrieved successfully" + description: "Policy version retrieved successfully" + content: + application/json: + schema: + type: "object" + properties: + version: + type: "object" + currentVersionId: + type: "string" + nullable: true + pendingVersionId: + type: "string" + nullable: true + "401": + description: "Unauthorized" + content: + application/json: + schema: + type: "object" + properties: + message: + type: "string" + example: "Unauthorized" "404": - description: "Task not found" + description: "Resource not found" + content: + application/json: + schema: + type: "object" + properties: + message: + type: "string" + example: "Resource not found" security: - apikey: [] - summary: "Get task evidence summary" + summary: "Get policy version by ID" tags: - - "Evidence Export" + - "Policies" + x-speakeasy-mcp: + name: "get-policy-version" x-mint: metadata: - title: "Get task evidence summary | Comp AI API" - sidebarTitle: "Get task evidence summary" - description: "Get task evidence summary in Comp AI. Export task evidence, automation evidence, and reviewer-ready evidence bundles as PDF or ZIP files." - og:title: "Get task evidence summary | Comp AI API" - og:description: "Get task evidence summary in Comp AI. Export task evidence, automation evidence, and reviewer-ready evidence bundles as PDF or ZIP files." - x-speakeasy-mcp: - name: "get-task-evidence-summary" - /v1/tasks/{taskId}/evidence/automation/{automationId}/pdf: - get: - description: "Export automation evidence as PDF in Comp AI. Export task evidence, automation evidence, and reviewer-ready evidence bundles as PDF or ZIP files." - operationId: "EvidenceExportController_exportAutomationPDF_v1" + title: "Get policy version by ID | Comp AI API" + sidebarTitle: "Get policy version by ID" + description: "Get policy version by ID in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting and approval workflows." + og:title: "Get policy version by ID | Comp AI API" + og:description: "Get policy version by ID in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting and approval workflows." + patch: + description: "Update version content in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting and approval workflows." + operationId: "PoliciesController_updateVersionContent_v1" parameters: - - name: "taskId" - required: true - in: "path" - description: "Unique task identifier" + - name: "X-Organization-Id" + in: "header" + description: "Organization ID (required for session auth, optional for API key auth)" + required: false schema: type: "string" - - name: "automationId" + - name: "id" required: true in: "path" - description: "Unique automation identifier (checkId for app automations)" + description: "Policy ID" schema: type: "string" - responses: - "200": - description: "PDF file generated successfully" - content: - application/pdf: {} - "404": - description: "Task or automation not found" - security: - - apikey: [] - summary: "Export automation evidence as PDF" - tags: - - "Evidence Export" - x-mint: - metadata: - title: "Export automation evidence as PDF | Comp AI API" - sidebarTitle: "Export automation evidence as PDF" - description: "Export automation evidence as PDF in Comp AI. Export task evidence, automation evidence, and reviewer-ready evidence bundles as PDF or ZIP files." - og:title: "Export automation evidence as PDF | Comp AI API" - og:description: "Export automation evidence as PDF in Comp AI. Export task evidence, automation evidence, and reviewer-ready evidence bundles as PDF or ZIP files." - x-speakeasy-mcp: - name: "export-automation-pdf" - /v1/tasks/{taskId}/evidence/export: - get: - description: "Download a ZIP package containing task evidence and automation results for auditor review or customer security requests." - operationId: "EvidenceExportController_exportTaskEvidenceZip_v1" - parameters: - - name: "taskId" + example: "pol_abc123def456" + - name: "versionId" required: true in: "path" - description: "Unique task identifier" + description: "Policy version ID" schema: type: "string" - - name: "includeJson" - required: false - in: "query" - description: "Include raw JSON files alongside PDFs" - schema: - type: "boolean" + example: "pv_abc123def456" + requestBody: + required: true + description: "Update content for a policy version" + content: + application/json: + schema: + $ref: "#/components/schemas/UpdateVersionContentDto" responses: "200": - description: "ZIP file generated successfully" + description: "Version content updated" content: - application/zip: {} + application/json: + schema: + type: "object" + properties: + versionId: + type: "string" + "400": + description: "Invalid request" + content: + application/json: + schema: + type: "object" + properties: + message: + type: "string" + example: "Invalid request" + "401": + description: "Unauthorized" + content: + application/json: + schema: + type: "object" + properties: + message: + type: "string" + example: "Unauthorized" "404": - description: "Task not found" + description: "Resource not found" + content: + application/json: + schema: + type: "object" + properties: + message: + type: "string" + example: "Resource not found" security: - apikey: [] - summary: "Export task evidence as ZIP" + summary: "Update version content" tags: - - "Evidence Export" + - "Policies" + x-speakeasy-mcp: + name: "update-policy-version-content" x-mint: metadata: - title: "Export task evidence as ZIP | Comp AI API" - sidebarTitle: "Export task evidence as ZIP" - description: "Download a ZIP package containing task evidence and automation results for auditor review or customer security requests." - og:title: "Export task evidence as ZIP | Comp AI API" - og:description: "Download a ZIP package containing task evidence and automation results for auditor review or customer security requests." - x-speakeasy-mcp: - name: "export-task-evidence-zip" - /v1/evidence-export/all: - post: - description: "Trigger bulk evidence export (Auditor only) in Comp AI. Export all organization evidence for an auditor review package." - operationId: "AuditorEvidenceExportController_exportAllEvidence_v1" + title: "Update version content | Comp AI API" + sidebarTitle: "Update version content" + description: "Update version content in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting and approval workflows." + og:title: "Update version content | Comp AI API" + og:description: "Update version content in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting and approval workflows." + delete: + description: "Delete policy version in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting and approval workflows." + operationId: "PoliciesController_deletePolicyVersion_v1" parameters: - - name: "includeJson" + - name: "X-Organization-Id" + in: "header" + description: "Organization ID (required for session auth, optional for API key auth)" required: false - in: "query" - description: "Include raw JSON files alongside PDFs" schema: - type: "boolean" - responses: - "201": - description: "Export job started" - security: - - apikey: [] - summary: "Trigger bulk evidence export (Auditor only)" - tags: - - "Evidence Export (Auditor)" - x-mint: - metadata: - title: "Trigger bulk evidence export (Auditor only) | Comp AI API" - sidebarTitle: "Trigger bulk evidence export (Auditor only)" - description: "Trigger bulk evidence export (Auditor only) in Comp AI. Export all organization evidence for an auditor review package." - og:title: "Trigger bulk evidence export (Auditor only) | Comp AI API" - og:description: "Trigger bulk evidence export (Auditor only) in Comp AI. Export all organization evidence for an auditor review package." - x-speakeasy-mcp: - name: "export-all-evidence" - /v1/comments: - get: - description: "Get comments for an entity in Comp AI. Create and manage collaboration comments on compliance entities such as tasks, policies, risks, vendors, and findings." - operationId: "CommentsController_getComments_v1" - parameters: - - name: "entityId" + type: "string" + - name: "id" required: true - in: "query" - description: "ID of the entity to get comments for" + in: "path" + description: "Policy ID" schema: - example: "tsk_abc123def456" type: "string" - - name: "entityType" + example: "pol_abc123def456" + - name: "versionId" required: true - in: "query" - description: "Type of entity" + in: "path" + description: "Policy version ID" schema: - enum: - - "task" - - "vendor" - - "risk" - - "policy" - - "finding" type: "string" + example: "pv_abc123def456" responses: "200": - description: "Comments retrieved successfully" + description: "Version deleted" content: application/json: schema: - type: "array" - items: - $ref: "#/components/schemas/CommentResponseDto" - security: - - apikey: [] - summary: "Get comments for an entity" - tags: - - "Comments" - x-mint: - metadata: - title: "Get comments for an entity | Comp AI API" - sidebarTitle: "Get comments for an entity" - description: "Get comments for an entity in Comp AI. Create and manage collaboration comments on compliance entities such as tasks, policies, risks, vendors, and findings." - og:title: "Get comments for an entity | Comp AI API" - og:description: "Get comments for an entity in Comp AI. Create and manage collaboration comments on compliance entities such as tasks, policies, risks, vendors, and findings." - x-speakeasy-mcp: - name: "get-comments" - post: - description: "Create a new comment in Comp AI. Create and manage collaboration comments on compliance entities such as tasks, policies, risks, vendors, and findings." - operationId: "CommentsController_createComment_v1" - parameters: [] - requestBody: - required: true - content: - application/json: - schema: - $ref: "#/components/schemas/CreateCommentDto" - responses: - "201": - description: "Comment created successfully" + type: "object" + properties: + deletedVersion: + type: "number" + "400": + description: "Invalid request" + content: + application/json: + schema: + type: "object" + properties: + message: + type: "string" + example: "Invalid request" + "401": + description: "Unauthorized" + content: + application/json: + schema: + type: "object" + properties: + message: + type: "string" + example: "Unauthorized" + "404": + description: "Resource not found" content: application/json: schema: - $ref: "#/components/schemas/CommentResponseDto" + type: "object" + properties: + message: + type: "string" + example: "Resource not found" security: - apikey: [] - summary: "Create a new comment" + summary: "Delete policy version" tags: - - "Comments" + - "Policies" x-mint: metadata: - title: "Create a new comment | Comp AI API" - sidebarTitle: "Create a new comment" - description: "Create a new comment in Comp AI. Create and manage collaboration comments on compliance entities such as tasks, policies, risks, vendors, and findings." - og:title: "Create a new comment | Comp AI API" - og:description: "Create a new comment in Comp AI. Create and manage collaboration comments on compliance entities such as tasks, policies, risks, vendors, and findings." + title: "Delete policy version | Comp AI API" + sidebarTitle: "Delete policy version" + description: "Delete policy version in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting and approval workflows." + og:title: "Delete policy version | Comp AI API" + og:description: "Delete policy version in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting and approval workflows." x-speakeasy-mcp: - name: "create-comment" - /v1/comments/{commentId}: - put: - description: "Update a comment in Comp AI. Create and manage collaboration comments on compliance entities such as tasks, policies, risks, vendors, and findings." - operationId: "CommentsController_updateComment_v1" + name: "delete-policy-version" + /v1/policies/{id}/versions/publish: + post: + description: "Publishes a draft policy version, making it the active/current version of the policy. Pass the versionId of the draft you want to publish — for example one created via create-policy-version and then edited." + operationId: "PoliciesController_publishPolicyVersion_v1" parameters: - - name: "commentId" + - name: "X-Organization-Id" + in: "header" + description: "Organization ID (required for session auth, optional for API key auth)" + required: false + schema: + type: "string" + - name: "id" required: true in: "path" - description: "Unique comment identifier" + description: "Policy ID" schema: - example: "cmt_abc123def456" type: "string" + example: "pol_abc123def456" requestBody: required: true + description: "Publish a new policy version" content: application/json: schema: - $ref: "#/components/schemas/UpdateCommentDto" + $ref: "#/components/schemas/PublishVersionDto" responses: "200": - description: "Comment updated successfully" + description: "Version published" content: application/json: schema: - $ref: "#/components/schemas/CommentResponseDto" + type: "object" + properties: + versionId: + type: "string" + version: + type: "number" + "400": + description: "Invalid request" + content: + application/json: + schema: + type: "object" + properties: + message: + type: "string" + example: "Invalid request" + "401": + description: "Unauthorized" + content: + application/json: + schema: + type: "object" + properties: + message: + type: "string" + example: "Unauthorized" + "404": + description: "Resource not found" + content: + application/json: + schema: + type: "object" + properties: + message: + type: "string" + example: "Resource not found" security: - apikey: [] - summary: "Update a comment" + summary: "Publish policy version" tags: - - "Comments" + - "Policies" + x-speakeasy-mcp: + name: "publish-policy-version" x-mint: metadata: - title: "Update a comment | Comp AI API" - sidebarTitle: "Update a comment" - description: "Update a comment in Comp AI. Create and manage collaboration comments on compliance entities such as tasks, policies, risks, vendors, and findings." - og:title: "Update a comment | Comp AI API" - og:description: "Update a comment in Comp AI. Create and manage collaboration comments on compliance entities such as tasks, policies, risks, vendors, and findings." - x-speakeasy-mcp: - name: "update-comment" - delete: - description: "Delete a comment in Comp AI. Create and manage collaboration comments on compliance entities such as tasks, policies, risks, vendors, and findings." - operationId: "CommentsController_deleteComment_v1" + title: "Publish policy version | Comp AI API" + sidebarTitle: "Publish policy version" + description: "Publishes a draft policy version, making it the active/current version of the policy. Pass the versionId of the draft you want to publish — for example one." + og:title: "Publish policy version | Comp AI API" + og:description: "Publishes a draft policy version, making it the active/current version of the policy. Pass the versionId of the draft you want to publish — for example one." + /v1/policies/{id}/versions/{versionId}/activate: + post: + description: "Set active policy version in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting and approval workflows." + operationId: "PoliciesController_setActivePolicyVersion_v1" parameters: - - name: "commentId" + - name: "X-Organization-Id" + in: "header" + description: "Organization ID (required for session auth, optional for API key auth)" + required: false + schema: + type: "string" + - name: "id" required: true in: "path" - description: "Unique comment identifier" + description: "Policy ID" schema: - example: "cmt_abc123def456" type: "string" - requestBody: - required: true - description: "Delete comment request body" - content: - application/json: - schema: - type: "object" - properties: - userId: - type: "string" - description: "User ID of the comment author (required for API key auth, ignored for JWT auth)" - example: "usr_abc123def456" + example: "pol_abc123def456" + - name: "versionId" + required: true + in: "path" + description: "Policy version ID" + schema: + type: "string" + example: "pv_abc123def456" responses: "200": - description: "Comment deleted successfully" + description: "Active version updated" content: application/json: schema: type: "object" properties: - success: - type: "boolean" - example: true - deletedCommentId: + versionId: type: "string" - example: "cmt_abc123def456" + version: + type: "number" + "400": + description: "Invalid request" + content: + application/json: + schema: + type: "object" + properties: message: type: "string" - example: "Comment deleted successfully" + example: "Invalid request" "401": - description: "Unauthorized - Invalid authentication" + description: "Unauthorized" content: application/json: schema: @@ -8808,7 +8084,7 @@ paths: type: "string" example: "Unauthorized" "404": - description: "Comment not found" + description: "Resource not found" content: application/json: schema: @@ -8816,2058 +8092,2424 @@ paths: properties: message: type: "string" - example: "Comment with ID cmt_abc123def456 not found" + example: "Resource not found" security: - apikey: [] - summary: "Delete a comment" + summary: "Set active policy version" tags: - - "Comments" + - "Policies" x-mint: metadata: - title: "Delete a comment | Comp AI API" - sidebarTitle: "Delete a comment" - description: "Delete a comment in Comp AI. Create and manage collaboration comments on compliance entities such as tasks, policies, risks, vendors, and findings." - og:title: "Delete a comment | Comp AI API" - og:description: "Delete a comment in Comp AI. Create and manage collaboration comments on compliance entities such as tasks, policies, risks, vendors, and findings." + title: "Set active policy version | Comp AI API" + sidebarTitle: "Set active policy version" + description: "Set active policy version in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting and approval workflows." + og:title: "Set active policy version | Comp AI API" + og:description: "Set active policy version in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting and approval workflows." x-speakeasy-mcp: - name: "delete-comment" - /v1/trust-portal/settings: - get: - operationId: "TrustPortalController_getSettings_v1" - parameters: [] + name: "set-active-policy-version" + /v1/policies/{id}/versions/{versionId}/submit-for-approval: + post: + description: "Submit version for approval in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting and approval workflows." + operationId: "PoliciesController_submitVersionForApproval_v1" + parameters: + - name: "X-Organization-Id" + in: "header" + description: "Organization ID (required for session auth, optional for API key auth)" + required: false + schema: + type: "string" + - name: "id" + required: true + in: "path" + description: "Policy ID" + schema: + type: "string" + example: "pol_abc123def456" + - name: "versionId" + required: true + in: "path" + description: "Policy version ID" + schema: + type: "string" + example: "pv_abc123def456" + requestBody: + required: true + description: "Submit a policy version for approval" + content: + application/json: + schema: + $ref: "#/components/schemas/SubmitForApprovalDto" responses: "200": - description: "Trust portal settings retrieved successfully" + description: "Version submitted for approval" + content: + application/json: + schema: + type: "object" + properties: + versionId: + type: "string" + version: + type: "number" + "400": + description: "Invalid request" + content: + application/json: + schema: + type: "object" + properties: + message: + type: "string" + example: "Invalid request" + "401": + description: "Unauthorized" + content: + application/json: + schema: + type: "object" + properties: + message: + type: "string" + example: "Unauthorized" + "404": + description: "Resource not found" + content: + application/json: + schema: + type: "object" + properties: + message: + type: "string" + example: "Resource not found" security: - apikey: [] - summary: "Get Trust Center settings" + summary: "Submit version for approval" tags: - - "Trust Portal" - description: "Retrieve Trust Center settings used to configure public status, custom domains, framework visibility, resources, FAQs, and access rules." + - "Policies" + x-speakeasy-mcp: + name: "submit-policy-version-for-approval" x-mint: metadata: - title: "Get Trust Center settings | Comp AI API" - sidebarTitle: "Get Trust Center settings" - description: "Retrieve Trust Center settings used to configure public status, custom domains, framework visibility, resources, FAQs, and access rules." - og:title: "Get Trust Center settings | Comp AI API" - og:description: "Retrieve Trust Center settings used to configure public status, custom domains, framework visibility, resources, FAQs, and access rules." - x-speakeasy-mcp: - name: "get-settings" - /v1/trust-portal/favicon: + title: "Submit version for approval | Comp AI API" + sidebarTitle: "Submit version for approval" + description: "Submit version for approval in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting and approval." + og:title: "Submit version for approval | Comp AI API" + og:description: "Submit version for approval in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting and approval." + /v1/policies/{id}/accept-changes: post: - operationId: "TrustPortalController_uploadFavicon_v1" - parameters: [] + operationId: "PoliciesController_acceptPolicyChanges_v1" + parameters: + - name: "X-Organization-Id" + in: "header" + description: "Organization ID (required for session auth, optional for API key auth)" + required: false + schema: + type: "string" + - name: "id" + required: true + in: "path" + description: "Policy ID" + schema: + example: "pol_abc123def456" + type: "string" responses: "201": - description: "Favicon uploaded successfully" + description: "" security: - apikey: [] - summary: "Upload a favicon for the trust portal" + summary: "Accept pending policy changes and publish the version" tags: - - "Trust Portal" - description: "Upload a favicon for the trust portal in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures." + - "Policies" + x-speakeasy-mcp: + name: "accept-policy-changes" + description: "Accept pending policy changes and publish the version in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting and approval workflows." x-mint: metadata: - title: "Upload a favicon for the trust portal | Comp AI API" - sidebarTitle: "Upload a favicon for the trust portal" - description: "Upload a favicon for the trust portal in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents." - og:title: "Upload a favicon for the trust portal | Comp AI API" - og:description: "Upload a favicon for the trust portal in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents." - x-speakeasy-mcp: - name: "upload-favicon" - delete: - operationId: "TrustPortalController_removeFavicon_v1" - parameters: [] + title: "Accept pending policy changes and publish the | Comp AI API" + sidebarTitle: "Accept pending policy changes and publish the version" + description: "Accept pending policy changes and publish the version in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted." + og:title: "Accept pending policy changes and publish the | Comp AI API" + og:description: "Accept pending policy changes and publish the version in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted." + /v1/policies/{id}/deny-changes: + post: + operationId: "PoliciesController_denyPolicyChanges_v1" + parameters: + - name: "X-Organization-Id" + in: "header" + description: "Organization ID (required for session auth, optional for API key auth)" + required: false + schema: + type: "string" + - name: "id" + required: true + in: "path" + description: "Policy ID" + schema: + example: "pol_abc123def456" + type: "string" responses: - "200": - description: "Favicon removed successfully" + "201": + description: "" security: - apikey: [] - summary: "Remove the trust portal favicon" + summary: "Deny pending policy changes" tags: - - "Trust Portal" - description: "Remove the trust portal favicon in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures." + - "Policies" + description: "Deny pending policy changes in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting and approval workflows." x-mint: metadata: - title: "Remove the trust portal favicon | Comp AI API" - sidebarTitle: "Remove the trust portal favicon" - description: "Remove the trust portal favicon in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links." - og:title: "Remove the trust portal favicon | Comp AI API" - og:description: "Remove the trust portal favicon in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links." + title: "Deny pending policy changes | Comp AI API" + sidebarTitle: "Deny pending policy changes" + description: "Deny pending policy changes in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting and approval." + og:title: "Deny pending policy changes | Comp AI API" + og:description: "Deny pending policy changes in Comp AI. Create, version, publish, export, map, and improve compliance policies with AI-assisted drafting and approval." x-speakeasy-mcp: - name: "remove-favicon" - /v1/trust-portal/domain/status: - get: - description: "Get domain verification status in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures." - operationId: "TrustPortalController_getDomainStatus_v1" + name: "deny-policy-changes" + /v1/policies/{id}/ai-chat: + post: + description: "Ask policy-specific questions and request draft improvements while preserving human review before policy changes are applied." + operationId: "PoliciesController_aiChatPolicy_v1" parameters: - - name: "domain" + - name: "X-Organization-Id" + in: "header" + description: "Organization ID (required for session auth, optional for API key auth)" + required: false + schema: + type: "string" + - name: "id" required: true - in: "query" - description: "The domain name to check status for" + in: "path" + description: "Policy ID" schema: - example: "portal.example.com" + example: "pol_abc123def456" type: "string" + requestBody: + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/AISuggestPolicyRequestDto" responses: "200": - description: "Domain status retrieved successfully" + description: "Streaming AI response" content: - application/json: + text/event-stream: schema: - $ref: "#/components/schemas/DomainStatusResponseDto" + type: "string" "401": - description: "Unauthorized - Invalid or missing authentication" - "500": - description: "Failed to retrieve domain status from Vercel" + description: "Unauthorized" + "404": + description: "Policy not found" security: - apikey: [] - summary: "Get domain verification status" + summary: "Chat with AI about a policy" tags: - - "Trust Portal" + - "Policies" x-mint: metadata: - title: "Get domain verification status | Comp AI API" - sidebarTitle: "Get domain verification status" - description: "Get domain verification status in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links." - og:title: "Get domain verification status | Comp AI API" - og:description: "Get domain verification status in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links." + title: "Chat with AI about a policy | Comp AI API" + sidebarTitle: "Chat with AI about a policy" + description: "Ask policy-specific questions and request draft improvements while preserving human review before policy changes are applied." + og:title: "Chat with AI about a policy | Comp AI API" + og:description: "Ask policy-specific questions and request draft improvements while preserving human review before policy changes are applied." x-speakeasy-mcp: - name: "get-domain-status" - /v1/trust-portal/compliance-resources/upload: + name: "ai-chat-policy" + /v1/device-agent/exchange-code: post: - description: "Upload or replace a compliance certificate PDF such as SOC 2, ISO 27001, HIPAA, or GDPR evidence for Trust Center sharing." - operationId: "TrustPortalController_uploadComplianceResource_v1" + operationId: "DeviceAgentController_exchangeCode_v1" parameters: [] requestBody: required: true content: application/json: schema: - $ref: "#/components/schemas/UploadComplianceResourceDto" + $ref: "#/components/schemas/ExchangeCodeDto" responses: "201": - description: "Compliance certificate uploaded successfully" - content: - application/json: - schema: - $ref: "#/components/schemas/ComplianceResourceResponseDto" - "400": - description: "Framework not compliant, PDF validation failed, or organization mismatch" - security: - - apikey: [] - summary: "Upload compliance certificate" + description: "" + summary: "Exchange an auth code for device credentials" tags: - - "Trust Portal" + - "Device Agent" + description: "Exchange an auth code for device credentials in Comp AI. Register employee devices, submit device compliance check-ins, download agent builds, and manage endpoint security status." x-mint: metadata: - title: "Upload compliance certificate | Comp AI API" - sidebarTitle: "Upload compliance certificate" - description: "Upload or replace a compliance certificate PDF such as SOC 2, ISO 27001, HIPAA, or GDPR evidence for Trust Center sharing." - og:title: "Upload compliance certificate | Comp AI API" - og:description: "Upload or replace a compliance certificate PDF such as SOC 2, ISO 27001, HIPAA, or GDPR evidence for Trust Center sharing." + title: "Exchange an auth code for device credentials | Comp AI API" + sidebarTitle: "Exchange an auth code for device credentials" + description: "Exchange an auth code for device credentials in Comp AI. Register employee devices, submit device compliance check-ins, download agent builds, and manage." + og:title: "Exchange an auth code for device credentials | Comp AI API" + og:description: "Exchange an auth code for device credentials in Comp AI. Register employee devices, submit device compliance check-ins, download agent builds, and manage." x-speakeasy-mcp: - name: "upload-compliance-resource" - /v1/trust-portal/compliance-resources/signed-url: - post: - operationId: "TrustPortalController_getComplianceResourceUrl_v1" - parameters: [] - requestBody: - required: true - content: - application/json: - schema: - $ref: "#/components/schemas/ComplianceResourceSignedUrlDto" + name: "exchange-code" + /v1/device-agent/updates/{filename}: + get: + operationId: "DeviceAgentController_getUpdateFile_v1" + parameters: + - name: "filename" + required: true + in: "path" + schema: + type: "string" responses: "200": - description: "Signed URL generated successfully" - content: - application/json: - schema: - $ref: "#/components/schemas/ComplianceResourceUrlResponseDto" - security: - - apikey: [] - summary: "Generate a temporary signed URL for a compliance certificate" + description: "" + summary: "Download a device-agent update" tags: - - "Trust Portal" - description: "Generate a temporary signed URL for a compliance certificate in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures." + - "Device Agent" + description: "Download a device-agent update in Comp AI. Register employee devices, submit device compliance check-ins, download agent builds, and manage endpoint security status." x-mint: metadata: - title: "Generate a temporary signed URL for a | Comp AI API" - sidebarTitle: "Generate a temporary signed URL for a compliance certificate" - description: "Generate a temporary signed URL for a compliance certificate in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance." - og:title: "Generate a temporary signed URL for a | Comp AI API" - og:description: "Generate a temporary signed URL for a compliance certificate in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance." + title: "Download a device-agent update | Comp AI API" + sidebarTitle: "Download a device-agent update" + description: "Download a device-agent update in Comp AI. Register employee devices, submit device compliance check-ins, download agent builds, and manage endpoint." + og:title: "Download a device-agent update | Comp AI API" + og:description: "Download a device-agent update in Comp AI. Register employee devices, submit device compliance check-ins, download agent builds, and manage endpoint." x-speakeasy-mcp: - name: "get-compliance-resource-url" - /v1/trust-portal/compliance-resources/list: - post: - operationId: "TrustPortalController_listComplianceResources_v1" - parameters: [] - requestBody: - required: true - content: - application/json: - schema: - $ref: "#/components/schemas/ListComplianceResourcesDto" + name: "get-update-file" + head: + operationId: "DeviceAgentController_headUpdateFile_v1" + parameters: + - name: "filename" + required: true + in: "path" + schema: + type: "string" responses: "200": - description: "Compliance certificates retrieved successfully" - content: - application/json: - schema: - type: "array" - items: - $ref: "#/components/schemas/ComplianceResourceResponseDto" - security: - - apikey: [] - summary: "List uploaded compliance certificates for the organization" + description: "" + summary: "Check a device-agent update's metadata" tags: - - "Trust Portal" - description: "List uploaded compliance certificates for the organization in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures." + - "Device Agent" + description: "Check a device-agent update's metadata in Comp AI. Register employee devices, submit device compliance check-ins, download agent builds, and manage endpoint security status." x-mint: metadata: - title: "List uploaded compliance certificates for the | Comp AI API" - sidebarTitle: "List uploaded compliance certificates for the organization" - description: "List uploaded compliance certificates for the organization in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance." - og:title: "List uploaded compliance certificates for the | Comp AI API" - og:description: "List uploaded compliance certificates for the organization in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance." + title: "Check a device-agent update's metadata | Comp AI API" + sidebarTitle: "Check a device-agent update's metadata" + description: "Check a device-agent update's metadata in Comp AI. Register employee devices, submit device compliance check-ins, download agent builds, and manage endpoint." + og:title: "Check a device-agent update's metadata | Comp AI API" + og:description: "Check a device-agent update's metadata in Comp AI. Register employee devices, submit device compliance check-ins, download agent builds, and manage endpoint." x-speakeasy-mcp: - name: "list-compliance-resources" - /v1/trust-portal/documents/upload: + name: "head-update-file" + /v1/device-agent/auth-code: post: - description: "Upload an additional trust portal document in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures." - operationId: "TrustPortalController_uploadTrustDocument_v1" + operationId: "DeviceAgentController_generateAuthCode_v1" parameters: [] requestBody: required: true content: application/json: schema: - $ref: "#/components/schemas/UploadTrustDocumentDto" + $ref: "#/components/schemas/AuthCodeDto" responses: "201": - description: "Document uploaded successfully" - content: - application/json: - schema: - $ref: "#/components/schemas/TrustDocumentResponseDto" - security: - - apikey: [] - summary: "Upload an additional trust portal document" + description: "" + summary: "Create a device-agent auth code" tags: - - "Trust Portal" + - "Device Agent" + description: "Create a device-agent auth code in Comp AI. Register employee devices, submit device compliance check-ins, download agent builds, and manage endpoint security status." x-mint: metadata: - title: "Upload an additional trust portal document | Comp AI API" - sidebarTitle: "Upload an additional trust portal document" - description: "Upload an additional trust portal document in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources." - og:title: "Upload an additional trust portal document | Comp AI API" - og:description: "Upload an additional trust portal document in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources." + title: "Create a device-agent auth code | Comp AI API" + sidebarTitle: "Create a device-agent auth code" + description: "Create a device-agent auth code in Comp AI. Register employee devices, submit device compliance check-ins, download agent builds, and manage endpoint." + og:title: "Create a device-agent auth code | Comp AI API" + og:description: "Create a device-agent auth code in Comp AI. Register employee devices, submit device compliance check-ins, download agent builds, and manage endpoint." x-speakeasy-mcp: - name: "upload-trust-document" - /v1/trust-portal/documents/list: - post: - operationId: "TrustPortalController_listTrustDocuments_v1" + name: "generate-auth-code" + /v1/device-agent/my-organizations: + get: + operationId: "DeviceAgentController_getMyOrganizations_v1" parameters: [] - requestBody: - required: true - content: - application/json: - schema: - $ref: "#/components/schemas/ListComplianceResourcesDto" responses: "200": - description: "Documents retrieved successfully" - content: - application/json: - schema: - type: "array" - items: - $ref: "#/components/schemas/TrustDocumentResponseDto" - security: - - apikey: [] - summary: "List additional trust portal documents for the organization" + description: "" + summary: "List organizations for the current device" tags: - - "Trust Portal" - description: "List additional trust portal documents for the organization in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures." + - "Device Agent" + description: "List organizations for the current device in Comp AI. Register employee devices, submit device compliance check-ins, download agent builds, and manage endpoint security status." x-mint: metadata: - title: "List additional trust portal documents for | Comp AI API" - sidebarTitle: "List additional trust portal documents for the organization" - description: "List additional trust portal documents for the organization in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance." - og:title: "List additional trust portal documents for | Comp AI API" - og:description: "List additional trust portal documents for the organization in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance." + title: "List organizations for the current device | Comp AI API" + sidebarTitle: "List organizations for the current device" + description: "List organizations for the current device in Comp AI. Register employee devices, submit device compliance check-ins, download agent builds, and manage." + og:title: "List organizations for the current device | Comp AI API" + og:description: "List organizations for the current device in Comp AI. Register employee devices, submit device compliance check-ins, download agent builds, and manage." x-speakeasy-mcp: - name: "list-trust-documents" - /v1/trust-portal/documents/{documentId}/download: + name: "get-my-organizations" + /v1/device-agent/register: post: - operationId: "TrustPortalController_getTrustDocumentUrl_v1" - parameters: - - name: "documentId" - required: true - in: "path" - schema: - type: "string" + operationId: "DeviceAgentController_registerDevice_v1" + parameters: [] requestBody: required: true content: application/json: schema: - $ref: "#/components/schemas/TrustDocumentSignedUrlDto" + $ref: "#/components/schemas/RegisterDeviceDto" responses: - "200": - description: "Signed URL generated successfully" - content: - application/json: - schema: - $ref: "#/components/schemas/TrustDocumentUrlResponseDto" - security: - - apikey: [] - summary: "Generate a temporary signed URL for a trust portal document" + "201": + description: "" + summary: "Register device agent" tags: - - "Trust Portal" - description: "Generate a temporary signed URL for a trust portal document in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures." + - "Device Agent" + description: "Register a Comp AI Device Agent installation so employee endpoint checks can report into compliance tasks and device inventory." x-mint: metadata: - title: "Generate a temporary signed URL for a trust | Comp AI API" - sidebarTitle: "Generate a temporary signed URL for a trust portal document" - description: "Generate a temporary signed URL for a trust portal document in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance." - og:title: "Generate a temporary signed URL for a trust | Comp AI API" - og:description: "Generate a temporary signed URL for a trust portal document in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance." + title: "Register device agent | Comp AI API" + sidebarTitle: "Register device agent" + description: "Register a Comp AI Device Agent installation so employee endpoint checks can report into compliance tasks and device inventory." + og:title: "Register device agent | Comp AI API" + og:description: "Register a Comp AI Device Agent installation so employee endpoint checks can report into compliance tasks and device inventory." x-speakeasy-mcp: - name: "get-trust-document-url" - /v1/trust-portal/documents/{documentId}/delete: + name: "register-device" + /v1/device-agent/check-in: post: - operationId: "TrustPortalController_deleteTrustDocument_v1" - parameters: - - name: "documentId" - required: true - in: "path" - schema: - type: "string" + operationId: "DeviceAgentController_checkIn_v1" + parameters: [] requestBody: required: true content: application/json: schema: - $ref: "#/components/schemas/DeleteTrustDocumentDto" + $ref: "#/components/schemas/CheckInDto" responses: - "200": - description: "Document deleted successfully" - content: - application/json: - schema: - type: "object" - properties: - success: - type: "boolean" - security: - - apikey: [] - summary: "Delete (deactivate) a trust portal document" + "201": + description: "" + summary: "Submit device compliance check-in" tags: - - "Trust Portal" - description: "Delete (deactivate) a trust portal document in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures." + - "Device Agent" + description: "Submit device security check results for encryption, antivirus, password policy, screen lock, and other endpoint controls." x-mint: metadata: - title: "Delete (deactivate) a trust portal document | Comp AI API" - sidebarTitle: "Delete (deactivate) a trust portal document" - description: "Delete (deactivate) a trust portal document in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources." - og:title: "Delete (deactivate) a trust portal document | Comp AI API" - og:description: "Delete (deactivate) a trust portal document in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources." + title: "Submit device compliance check-in | Comp AI API" + sidebarTitle: "Submit device compliance check-in" + description: "Submit device security check results for encryption, antivirus, password policy, screen lock, and other endpoint controls." + og:title: "Submit device compliance check-in | Comp AI API" + og:description: "Submit device security check results for encryption, antivirus, password policy, screen lock, and other endpoint controls." x-speakeasy-mcp: - name: "delete-trust-document" - /v1/trust-portal/settings/toggle: - put: - operationId: "TrustPortalController_togglePortal_v1" - parameters: [] + name: "check-in" + /v1/device-agent/status: + get: + operationId: "DeviceAgentController_getDeviceStatus_v1" + parameters: + - name: "deviceId" + required: true + in: "query" + schema: + type: "string" + - name: "organizationId" + required: true + in: "query" + schema: + type: "string" responses: "200": description: "" - security: - - apikey: [] - summary: "Enable or disable the trust portal" + summary: "Get device-agent status" tags: - - "Trust Portal" - description: "Enable or disable the trust portal in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures." + - "Device Agent" + description: "Get device-agent status in Comp AI. Register employee devices, submit device compliance check-ins, download agent builds, and manage endpoint security status." x-mint: metadata: - title: "Enable or disable the trust portal | Comp AI API" - sidebarTitle: "Enable or disable the trust portal" - description: "Enable or disable the trust portal in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents." - og:title: "Enable or disable the trust portal | Comp AI API" - og:description: "Enable or disable the trust portal in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents." + title: "Get device-agent status | Comp AI API" + sidebarTitle: "Get device-agent status" + description: "Get device-agent status in Comp AI. Register employee devices, submit device compliance check-ins, download agent builds, and manage endpoint security status." + og:title: "Get device-agent status | Comp AI API" + og:description: "Get device-agent status in Comp AI. Register employee devices, submit device compliance check-ins, download agent builds, and manage endpoint security status." x-speakeasy-mcp: - name: "toggle-portal" - /v1/trust-portal/settings/custom-domain: - post: - operationId: "TrustPortalController_addCustomDomain_v1" + name: "get-device-status" + /v1/device-agent/mac: + get: + description: "Downloads the Comp AI Device Agent installer for macOS as a DMG file. The agent helps monitor device compliance and security policies." + operationId: "DeviceAgentController_downloadMacAgent_v1" parameters: [] responses: - "201": - description: "" + default: + description: "Internal server error\n\nmacOS agent file not found in S3\n\nUnauthorized - Invalid or missing authentication\n\nmacOS agent DMG file download" + content: + application/x-apple-diskimage: + schema: + type: "string" + format: "binary" + example: "Binary DMG file content" + headers: + Content-Disposition: + description: "Indicates file should be downloaded with specific filename" + schema: + type: "string" + example: "attachment; filename=\"Comp AI Agent-1.0.0-arm64.dmg\"" + Content-Type: + description: "MIME type for macOS disk image" + schema: + type: "string" + example: "application/x-apple-diskimage" security: - apikey: [] - summary: "Add or update a custom domain for the trust portal" + summary: "Download macOS Device Agent" tags: - - "Trust Portal" - description: "Add or update a custom domain for the trust portal in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures." + - "Device Agent" x-mint: metadata: - title: "Add or update a custom domain for the trust | Comp AI API" - sidebarTitle: "Add or update a custom domain for the trust portal" - description: "Add or update a custom domain for the trust portal in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources." - og:title: "Add or update a custom domain for the trust | Comp AI API" - og:description: "Add or update a custom domain for the trust portal in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources." + title: "Download macOS Device Agent | Comp AI API" + sidebarTitle: "Download macOS Device Agent" + description: "Downloads the Comp AI Device Agent installer for macOS as a DMG file. The agent helps monitor device compliance and security policies." + og:title: "Download macOS Device Agent | Comp AI API" + og:description: "Downloads the Comp AI Device Agent installer for macOS as a DMG file. The agent helps monitor device compliance and security policies." x-speakeasy-mcp: - name: "add-custom-domain" - /v1/trust-portal/settings/check-dns: - post: - operationId: "TrustPortalController_checkDnsRecords_v1" + name: "download-mac-agent" + /v1/device-agent/windows: + get: + description: "Downloads a ZIP package containing the Comp AI Device Agent installer for Windows, along with setup scripts and instructions. The package includes an MSI installer, setup batch script customized for the organization and user, and a README." + operationId: "DeviceAgentController_downloadWindowsAgent_v1" parameters: [] responses: - "201": - description: "" + default: + description: "Internal server error\n\nWindows agent file not found in S3\n\nUnauthorized - Invalid or missing authentication\n\nWindows agent ZIP file download containing MSI installer and setup scripts" + content: + application/zip: + schema: + type: "string" + format: "binary" + example: "Binary ZIP file content" + headers: + Content-Disposition: + description: "Indicates file should be downloaded with specific filename" + schema: + type: "string" + example: "attachment; filename=\"compai-device-agent-windows.zip\"" + Content-Type: + description: "MIME type for ZIP archive" + schema: + type: "string" + example: "application/zip" security: - apikey: [] - summary: "Check DNS records for a custom domain" + summary: "Download Windows Device Agent ZIP" tags: - - "Trust Portal" - description: "Check DNS records for a custom domain in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures." + - "Device Agent" x-mint: metadata: - title: "Check DNS records for a custom domain | Comp AI API" - sidebarTitle: "Check DNS records for a custom domain" - description: "Check DNS records for a custom domain in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents." - og:title: "Check DNS records for a custom domain | Comp AI API" - og:description: "Check DNS records for a custom domain in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents." + title: "Download Windows Device Agent ZIP | Comp AI API" + sidebarTitle: "Download Windows Device Agent ZIP" + description: "Downloads a ZIP package containing the Comp AI Device Agent installer for Windows, along with setup scripts and instructions. The package includes an MSI." + og:title: "Download Windows Device Agent ZIP | Comp AI API" + og:description: "Downloads a ZIP package containing the Comp AI Device Agent installer for Windows, along with setup scripts and instructions. The package includes an MSI." x-speakeasy-mcp: - name: "check-dns-records" - /v1/trust-portal/settings/faqs: - put: - operationId: "TrustPortalController_updateFaqs_v1" - parameters: [] + name: "download-windows-agent" + /v1/device-agent/sessions/{deviceId}: + delete: + operationId: "DeviceAgentController_revokeAgentAccess_v1" + parameters: + - name: "deviceId" + required: true + in: "path" + schema: + type: "string" responses: - "200": + "204": description: "" - security: - - apikey: [] - summary: "Update trust portal FAQs" + summary: "Revoke a device agent session" tags: - - "Trust Portal" - description: "Update trust portal FAQs in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures." + - "Device Agent" + description: "Revoke a device agent session in Comp AI. Register employee devices, submit device compliance check-ins, download agent builds, and manage endpoint security status." x-mint: metadata: - title: "Update trust portal FAQs | Comp AI API" - sidebarTitle: "Update trust portal FAQs" - description: "Update trust portal FAQs in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links." - og:title: "Update trust portal FAQs | Comp AI API" - og:description: "Update trust portal FAQs in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links." + title: "Revoke a device agent session | Comp AI API" + sidebarTitle: "Revoke a device agent session" + description: "Revoke a device agent session in Comp AI. Register employee devices, submit device compliance check-ins, download agent builds, and manage endpoint security." + og:title: "Revoke a device agent session | Comp AI API" + og:description: "Revoke a device agent session in Comp AI. Register employee devices, submit device compliance check-ins, download agent builds, and manage endpoint security." x-speakeasy-mcp: - name: "update-faqs" - /v1/trust-portal/settings/allowed-domains: - put: - operationId: "TrustPortalController_updateAllowedDomains_v1" - parameters: [] + name: "revoke-agent-access" + /v1/tasks: + get: + description: "List compliance tasks with assignments and status so teams can track audit readiness, evidence work, and control implementation." + operationId: "TasksController_getTasks_v1" + parameters: + - name: "includeRelations" + required: false + in: "query" + description: "Include controls and automations with runs" + schema: + type: "string" responses: "200": - description: "" + description: "Tasks retrieved successfully" + content: + application/json: + schema: + type: "array" + items: + $ref: "#/components/schemas/TaskResponseDto" + example: + - id: "tsk_abc123def456" + title: "Implement user authentication" + description: "Add OAuth 2.0 authentication to the platform" + status: "in_progress" + createdAt: "2024-01-15T10:30:00Z" + updatedAt: "2024-01-15T10:30:00Z" + "401": + description: "Unauthorized - Invalid authentication" + content: + application/json: + schema: + type: "object" + properties: + message: + type: "string" + example: "Unauthorized" security: - apikey: [] - summary: "Update allowed domains for the trust portal" + summary: "List compliance tasks" tags: - - "Trust Portal" - description: "Update allowed domains for the trust portal in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures." + - "Tasks" x-mint: metadata: - title: "Update allowed domains for the trust portal | Comp AI API" - sidebarTitle: "Update allowed domains for the trust portal" - description: "Update allowed domains for the trust portal in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources." - og:title: "Update allowed domains for the trust portal | Comp AI API" - og:description: "Update allowed domains for the trust portal in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources." + title: "List compliance tasks | Comp AI API" + sidebarTitle: "List compliance tasks" + description: "List compliance tasks with assignments and status so teams can track audit readiness, evidence work, and control implementation." + og:title: "List compliance tasks | Comp AI API" + og:description: "List compliance tasks with assignments and status so teams can track audit readiness, evidence work, and control implementation." + x-codeSamples: + - lang: "bash" + label: "List tasks" + source: "curl --request GET --url \"https://api.trycomp.ai/v1/tasks\" --header \"X-API-Key: $COMP_AI_API_KEY\"" x-speakeasy-mcp: - name: "update-allowed-domains" - /v1/trust-portal/settings/allowed-emails: - put: - operationId: "TrustPortalController_updateAllowedEmails_v1" + name: "get-tasks" + post: + description: "Create a compliance task for evidence collection, remediation, review, or recurring control work inside an organization." + operationId: "TasksController_createTask_v1" parameters: [] requestBody: required: true content: application/json: schema: - $ref: "#/components/schemas/UpdateAllowedEmailsDto" - responses: - "200": - description: "" - security: - - apikey: [] - summary: "Update allowed emails for the trust portal" - tags: - - "Trust Portal" - description: "Update allowed emails for the trust portal in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures." - x-mint: - metadata: - title: "Update allowed emails for the trust portal | Comp AI API" - sidebarTitle: "Update allowed emails for the trust portal" - description: "Update allowed emails for the trust portal in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources." - og:title: "Update allowed emails for the trust portal | Comp AI API" - og:description: "Update allowed emails for the trust portal in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources." - x-speakeasy-mcp: - name: "update-allowed-emails" - /v1/trust-portal/settings/frameworks: - put: - operationId: "TrustPortalController_updateFrameworks_v1" - parameters: [] + type: "object" + properties: + title: + type: "string" + example: "Implement access controls" + description: + type: "string" + example: "Set up role-based access controls for the platform" + assigneeId: + type: "string" + nullable: true + example: "mem_abc123" + frequency: + type: "string" + enum: + - "daily" + - "weekly" + - "monthly" + - "quarterly" + - "yearly" + nullable: true + example: "monthly" + department: + type: "string" + nullable: true + example: "it" + maxLength: 64 + description: "Built-in values: none, admin, gov, hr, it, itsm, qms. Custom department names are also accepted." + controlIds: + type: "array" + items: + type: "string" + example: + - "ctrl_abc123" + taskTemplateId: + type: "string" + nullable: true + example: "tmpl_abc123" + vendorId: + type: "string" + nullable: true + example: "vnd_abc123" + description: "Vendor ID to connect this task to" + required: + - "title" + - "description" responses: - "200": - description: "" + "201": + description: "Task created successfully" + content: + application/json: + schema: + $ref: "#/components/schemas/TaskResponseDto" + "400": + description: "Invalid request body" security: - apikey: [] - summary: "Update trust portal framework settings" + summary: "Create compliance task" tags: - - "Trust Portal" - description: "Update trust portal framework settings in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures." + - "Tasks" x-mint: - metadata: - title: "Update trust portal framework settings | Comp AI API" - sidebarTitle: "Update trust portal framework settings" - description: "Update trust portal framework settings in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents." - og:title: "Update trust portal framework settings | Comp AI API" - og:description: "Update trust portal framework settings in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents." + metadata: + title: "Create compliance task | Comp AI API" + sidebarTitle: "Create compliance task" + description: "Create a compliance task for evidence collection, remediation, review, or recurring control work inside an organization." + og:title: "Create compliance task | Comp AI API" + og:description: "Create a compliance task for evidence collection, remediation, review, or recurring control work inside an organization." x-speakeasy-mcp: - name: "update-frameworks" - /v1/trust-portal/custom-frameworks: + name: "create-task" + /v1/tasks/templates: get: - operationId: "TrustPortalController_listCustomFrameworks_v1" - parameters: [] + description: "Get task templates in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." + operationId: "TasksController_getTaskTemplates_v1" + parameters: + - name: "frameworkId" + required: false + in: "query" + description: "Filter templates by framework ID" + schema: + type: "string" responses: "200": description: "" security: - apikey: [] - summary: "List org-authored custom frameworks with their trust portal selection" + summary: "Get task templates" tags: - - "Trust Portal" - description: "List org-authored custom frameworks with their trust portal selection in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures." + - "Tasks" x-mint: metadata: - title: "List org-authored custom frameworks with | Comp AI API" - sidebarTitle: "List org-authored custom frameworks with their trust portal selection" - description: "List org-authored custom frameworks with their trust portal selection in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs." - og:title: "List org-authored custom frameworks with | Comp AI API" - og:description: "List org-authored custom frameworks with their trust portal selection in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs." + title: "Get task templates | Comp AI API" + sidebarTitle: "Get task templates" + description: "Get task templates in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." + og:title: "Get task templates | Comp AI API" + og:description: "Get task templates in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." x-speakeasy-mcp: - name: "list-custom-frameworks" - put: - operationId: "TrustPortalController_updateCustomFramework_v1" + name: "get-task-templates" + /v1/tasks/bulk: + patch: + description: "Update status for multiple tasks in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." + operationId: "TasksController_updateTasksStatus_v1" parameters: [] requestBody: required: true - description: "At least one of `enabled` or `status` must be provided." content: application/json: schema: type: "object" - required: - - "customFrameworkId" - anyOf: - - required: - - "enabled" - - required: - - "status" properties: - customFrameworkId: - type: "string" - minLength: 1 - enabled: - type: "boolean" + taskIds: + type: "array" + items: + type: "string" + example: + - "tsk_abc123" + - "tsk_def456" status: type: "string" enum: - - "started" + - "todo" - "in_progress" - - "compliant" + - "in_review" + - "done" + - "not_relevant" + - "failed" + example: "in_progress" + reviewDate: + type: "string" + format: "date-time" + example: "2025-01-01T00:00:00.000Z" + description: "Optional review date to set on all tasks" + notRelevantJustification: + type: "string" + example: "This control is out of scope for our SOC 2 audit." + description: "Required justification when marking evidence tasks as not_relevant" + required: + - "taskIds" + - "status" responses: "200": - description: "" + description: "Tasks updated successfully" + content: + application/json: + schema: + type: "object" + properties: + updatedCount: + type: "number" + example: 2 + "400": + description: "Invalid request body" security: - apikey: [] - summary: "Enable/disable a custom framework on the trust portal and set its status" + summary: "Update status for multiple tasks" tags: - - "Trust Portal" - description: "Enable/disable a custom framework on the trust portal and set its status in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures." + - "Tasks" x-mint: metadata: - title: "Enable/disable a custom framework on the | Comp AI API" - sidebarTitle: "Enable/disable a custom framework on the trust portal and set its status" - description: "Enable/disable a custom framework on the trust portal and set its status in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs." - og:title: "Enable/disable a custom framework on the | Comp AI API" - og:description: "Enable/disable a custom framework on the trust portal and set its status in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs." + title: "Update status for multiple tasks | Comp AI API" + sidebarTitle: "Update status for multiple tasks" + description: "Update status for multiple tasks in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity." + og:title: "Update status for multiple tasks | Comp AI API" + og:description: "Update status for multiple tasks in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity." x-speakeasy-mcp: - name: "update-custom-framework" - /v1/trust-portal/custom-frameworks/badge: - post: - description: "Stores a PNG/JPEG/WebP badge (max 256KB) in the organization assets bucket. Does not change the framework's portal visibility." - operationId: "TrustPortalController_uploadCustomFrameworkBadge_v1" + name: "update-tasks-status" + delete: + description: "Delete multiple tasks in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." + operationId: "TasksController_deleteTasks_v1" parameters: [] requestBody: required: true content: application/json: schema: - $ref: "#/components/schemas/UploadCustomFrameworkBadgeDto" + type: "object" + properties: + taskIds: + type: "array" + items: + type: "string" + example: + - "tsk_abc123" + - "tsk_def456" + required: + - "taskIds" responses: - "201": - description: "Badge uploaded successfully" + "200": + description: "Tasks deleted successfully" content: application/json: schema: - $ref: "#/components/schemas/CustomFrameworkBadgeResponseDto" - security: - - apikey: [] - summary: "Upload or replace a custom framework's Trust Portal badge image" - tags: - - "Trust Portal" - x-mint: - metadata: - title: "Upload or replace a custom framework's Trust | Comp AI API" - sidebarTitle: "Upload or replace a custom framework's Trust Portal badge image" - description: "Stores a PNG/JPEG/WebP badge (max 256KB) in the organization assets bucket. Does not change the framework's portal visibility." - og:title: "Upload or replace a custom framework's Trust | Comp AI API" - og:description: "Stores a PNG/JPEG/WebP badge (max 256KB) in the organization assets bucket. Does not change the framework's portal visibility." - x-speakeasy-mcp: - name: "upload-custom-framework-badge" - delete: - operationId: "TrustPortalController_removeCustomFrameworkBadge_v1" - parameters: - - name: "customFrameworkId" - required: true - in: "query" - description: "Org-authored custom framework ID whose badge to remove" - schema: - example: "cfrm_6914cd0e16e4c7dccbb54426" - type: "string" - responses: - "200": - description: "" + type: "object" + properties: + deletedCount: + type: "number" + example: 2 + "400": + description: "Invalid request body" security: - apikey: [] - summary: "Remove a custom framework's Trust Portal badge image" + summary: "Delete multiple tasks" tags: - - "Trust Portal" - description: "Remove a custom framework's Trust Portal badge image in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures." + - "Tasks" x-mint: metadata: - title: "Remove a custom framework's Trust Portal | Comp AI API" - sidebarTitle: "Remove a custom framework's Trust Portal badge image" - description: "Remove a custom framework's Trust Portal badge image in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance." - og:title: "Remove a custom framework's Trust Portal | Comp AI API" - og:description: "Remove a custom framework's Trust Portal badge image in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance." + title: "Delete multiple tasks | Comp AI API" + sidebarTitle: "Delete multiple tasks" + description: "Delete multiple tasks in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." + og:title: "Delete multiple tasks | Comp AI API" + og:description: "Delete multiple tasks in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." x-speakeasy-mcp: - name: "remove-custom-framework-badge" - /v1/trust-portal/overview: - post: - operationId: "TrustPortalController_updateOverview_v1" + name: "delete-tasks" + /v1/tasks/bulk/assignee: + patch: + description: "Update assignee for multiple tasks in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." + operationId: "TasksController_updateTasksAssignee_v1" parameters: [] + requestBody: + required: true + content: + application/json: + schema: + type: "object" + properties: + taskIds: + type: "array" + items: + type: "string" + example: + - "tsk_abc123" + - "tsk_def456" + assigneeId: + type: "string" + nullable: true + example: "mem_abc123" + description: "Assignee member ID, or null to unassign" + required: + - "taskIds" responses: "200": - description: "Overview updated successfully" + description: "Tasks updated successfully" + content: + application/json: + schema: + type: "object" + properties: + updatedCount: + type: "number" + example: 2 + "400": + description: "Invalid request body" security: - apikey: [] - summary: "Update Trust Center overview" + summary: "Update assignee for multiple tasks" tags: - - "Trust Portal" - description: "Update the public Trust Center overview content that explains security posture and compliance status to prospects and customers." + - "Tasks" x-mint: metadata: - title: "Update Trust Center overview | Comp AI API" - sidebarTitle: "Update Trust Center overview" - description: "Update the public Trust Center overview content that explains security posture and compliance status to prospects and customers." - og:title: "Update Trust Center overview | Comp AI API" - og:description: "Update the public Trust Center overview content that explains security posture and compliance status to prospects and customers." + title: "Update assignee for multiple tasks | Comp AI API" + sidebarTitle: "Update assignee for multiple tasks" + description: "Update assignee for multiple tasks in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity." + og:title: "Update assignee for multiple tasks | Comp AI API" + og:description: "Update assignee for multiple tasks in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity." x-speakeasy-mcp: - name: "update-overview" - get: - operationId: "TrustPortalController_getOverview_v1" - parameters: - - name: "organizationId" - required: true - in: "query" - schema: - type: "string" + name: "update-tasks-assignee" + /v1/tasks/reorder: + patch: + description: "Reorder tasks in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." + operationId: "TasksController_reorderTasks_v1" + parameters: [] + requestBody: + required: true + content: + application/json: + schema: + type: "object" + properties: + updates: + type: "array" + items: + type: "object" + properties: + id: + type: "string" + order: + type: "number" + status: + type: "string" + enum: + - "todo" + - "in_progress" + - "in_review" + - "done" + - "not_relevant" + - "failed" + required: + - "id" + - "order" + - "status" + required: + - "updates" responses: "200": - description: "" + description: "Tasks reordered successfully" + "400": + description: "Invalid request body" security: - apikey: [] - summary: "Get trust portal overview" + summary: "Reorder tasks" tags: - - "Trust Portal" - description: "Get trust portal overview in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures." + - "Tasks" x-mint: metadata: - title: "Get trust portal overview | Comp AI API" - sidebarTitle: "Get trust portal overview" - description: "Get trust portal overview in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links." - og:title: "Get trust portal overview | Comp AI API" - og:description: "Get trust portal overview in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links." + title: "Reorder tasks | Comp AI API" + sidebarTitle: "Reorder tasks" + description: "Reorder tasks in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." + og:title: "Reorder tasks | Comp AI API" + og:description: "Reorder tasks in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." x-speakeasy-mcp: - name: "get-overview" - /v1/trust-portal/custom-links: + name: "reorder-tasks" + /v1/tasks/bulk/submit-for-review: post: - operationId: "TrustPortalController_createCustomLink_v1" + description: "Bulk submit tasks for review in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." + operationId: "TasksController_bulkSubmitForReview_v1" parameters: [] + requestBody: + required: true + content: + application/json: + schema: + type: "object" + properties: + taskIds: + type: "array" + items: + type: "string" + example: + - "tsk_abc123" + - "tsk_def456" + approverId: + type: "string" + example: "mem_abc123" + description: "Member ID of the approver" + required: + - "taskIds" + - "approverId" responses: - "201": - description: "Custom link created successfully" + "200": + description: "Tasks submitted for review" + "400": + description: "Invalid request" security: - apikey: [] - summary: "Create a custom link for trust portal" + summary: "Bulk submit tasks for review" tags: - - "Trust Portal" - description: "Create a custom link for trust portal in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures." + - "Tasks" x-mint: metadata: - title: "Create a custom link for trust portal | Comp AI API" - sidebarTitle: "Create a custom link for trust portal" - description: "Create a custom link for trust portal in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents." - og:title: "Create a custom link for trust portal | Comp AI API" - og:description: "Create a custom link for trust portal in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents." + title: "Bulk submit tasks for review | Comp AI API" + sidebarTitle: "Bulk submit tasks for review" + description: "Bulk submit tasks for review in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity." + og:title: "Bulk submit tasks for review | Comp AI API" + og:description: "Bulk submit tasks for review in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity." x-speakeasy-mcp: - name: "create-custom-link" + name: "bulk-submit-for-review" + /v1/tasks/options: get: - operationId: "TrustPortalController_listCustomLinks_v1" - parameters: - - name: "organizationId" - required: true - in: "query" - schema: - type: "string" + operationId: "TasksController_getTaskOptions_v1" + parameters: [] responses: "200": description: "" security: - apikey: [] - summary: "List custom links for trust portal" + summary: "Get page options for tasks overview" tags: - - "Trust Portal" - description: "List custom links for trust portal in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures." + - "Tasks" + description: "Get page options for tasks overview in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." x-mint: metadata: - title: "List custom links for trust portal | Comp AI API" - sidebarTitle: "List custom links for trust portal" - description: "List custom links for trust portal in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents." - og:title: "List custom links for trust portal | Comp AI API" - og:description: "List custom links for trust portal in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents." + title: "Get page options for tasks overview | Comp AI API" + sidebarTitle: "Get page options for tasks overview" + description: "Get page options for tasks overview in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links." + og:title: "Get page options for tasks overview | Comp AI API" + og:description: "Get page options for tasks overview in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links." x-speakeasy-mcp: - name: "list-custom-links" - /v1/trust-portal/custom-links/{linkId}: - post: - operationId: "TrustPortalController_updateCustomLink_v1" + name: "get-task-options" + /v1/tasks/{taskId}: + get: + description: "Get task by ID in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." + operationId: "TasksController_getTask_v1" parameters: - - name: "linkId" + - name: "taskId" required: true in: "path" + description: "Unique task identifier" schema: + example: "tsk_abc123def456" type: "string" responses: "200": - description: "Custom link updated successfully" + description: "Task retrieved successfully" + content: + application/json: + schema: + $ref: "#/components/schemas/TaskResponseDto" + example: + id: "tsk_abc123def456" + title: "Implement user authentication" + description: "Add OAuth 2.0 authentication to the platform" + status: "in_progress" + createdAt: "2024-01-15T10:30:00Z" + updatedAt: "2024-01-15T10:30:00Z" + "403": + description: "Forbidden - Not assigned to this task" + "404": + description: "Task not found" + content: + application/json: + schema: + type: "object" + properties: + message: + type: "string" + example: "Task with ID tsk_abc123def456 not found" security: - apikey: [] - summary: "Update a custom link" + summary: "Get task by ID" tags: - - "Trust Portal" - description: "Update a custom link in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures." + - "Tasks" x-mint: metadata: - title: "Update a custom link | Comp AI API" - sidebarTitle: "Update a custom link" - description: "Update a custom link in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor." - og:title: "Update a custom link | Comp AI API" - og:description: "Update a custom link in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor." + title: "Get task by ID | Comp AI API" + sidebarTitle: "Get task by ID" + description: "Get task by ID in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." + og:title: "Get task by ID | Comp AI API" + og:description: "Get task by ID in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." x-speakeasy-mcp: - name: "update-custom-link" - /v1/trust-portal/custom-links/{linkId}/delete: - post: - operationId: "TrustPortalController_deleteCustomLink_v1" + name: "get-task" + patch: + description: "Update a task in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." + operationId: "TasksController_updateTask_v1" parameters: - - name: "linkId" + - name: "taskId" required: true in: "path" + description: "Unique task identifier" schema: + example: "tsk_abc123def456" type: "string" + requestBody: + required: true + content: + application/json: + schema: + type: "object" + properties: + title: + type: "string" + example: "Review access controls" + description: "Task title" + description: + type: "string" + example: "Review and update access control policies" + description: "Task description" + status: + type: "string" + enum: + - "todo" + - "in_progress" + - "in_review" + - "done" + - "not_relevant" + - "failed" + example: "in_progress" + assigneeId: + type: "string" + nullable: true + example: "mem_abc123" + description: "Assignee member ID, or null to unassign" + approverId: + type: "string" + nullable: true + example: "mem_abc123" + description: "Approver member ID, or null to unassign" + frequency: + type: "string" + enum: + - "daily" + - "weekly" + - "monthly" + - "quarterly" + - "yearly" + example: "monthly" + integrationScheduleFrequency: + type: "string" + enum: + - "daily" + - "weekly" + - "monthly" + - "quarterly" + - "yearly" + example: "daily" + description: "Cadence for running the integration check attached to this task" + department: + type: "string" + example: "it" + maxLength: 64 + description: "Built-in values: none, admin, gov, hr, it, itsm, qms. Custom department names are also accepted." + reviewDate: + type: "string" + format: "date-time" + example: "2025-01-01T00:00:00.000Z" + notRelevantJustification: + type: "string" + example: "This control is out of scope for our SOC 2 audit." + description: "Required justification when marking evidence tasks as not_relevant" responses: "200": - description: "Custom link deleted successfully" - security: - - apikey: [] - summary: "Delete a custom link" - tags: - - "Trust Portal" - description: "Delete a custom link in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures." - x-mint: - metadata: - title: "Delete a custom link | Comp AI API" - sidebarTitle: "Delete a custom link" - description: "Delete a custom link in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor." - og:title: "Delete a custom link | Comp AI API" - og:description: "Delete a custom link in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor." - x-speakeasy-mcp: - name: "delete-custom-link" - /v1/trust-portal/custom-links/reorder: - post: - operationId: "TrustPortalController_reorderCustomLinks_v1" - parameters: [] - responses: - "200": - description: "Custom links reordered successfully" + description: "Task updated successfully" + content: + application/json: + schema: + $ref: "#/components/schemas/TaskResponseDto" + "400": + description: "Invalid request body or task not found" + "404": + description: "Task not found" security: - apikey: [] - summary: "Reorder custom links" + summary: "Update a task" tags: - - "Trust Portal" - description: "Reorder custom links in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures." + - "Tasks" x-mint: metadata: - title: "Reorder custom links | Comp AI API" - sidebarTitle: "Reorder custom links" - description: "Reorder custom links in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor." - og:title: "Reorder custom links | Comp AI API" - og:description: "Reorder custom links in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor." + title: "Update a task | Comp AI API" + sidebarTitle: "Update a task" + description: "Update a task in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." + og:title: "Update a task | Comp AI API" + og:description: "Update a task in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." x-speakeasy-mcp: - name: "reorder-custom-links" - /v1/trust-portal/vendors/{vendorId}/trust-settings: - post: - operationId: "TrustPortalController_updateVendorTrustSettings_v1" + name: "update-task" + delete: + description: "Delete a task in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." + operationId: "TasksController_deleteTask_v1" parameters: - - name: "vendorId" + - name: "taskId" required: true in: "path" + description: "Unique task identifier" schema: + example: "tsk_abc123def456" type: "string" responses: "200": - description: "Vendor settings updated successfully" + description: "Task deleted successfully" + content: + application/json: + schema: + type: "object" + properties: + success: + type: "boolean" + example: true + message: + type: "string" + example: "Task deleted successfully" + "404": + description: "Task not found" security: - apikey: [] - summary: "Update vendor trust portal settings" + summary: "Delete a task" tags: - - "Trust Portal" - description: "Update vendor trust portal settings in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures." + - "Tasks" x-mint: metadata: - title: "Update vendor trust portal settings | Comp AI API" - sidebarTitle: "Update vendor trust portal settings" - description: "Update vendor trust portal settings in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents." - og:title: "Update vendor trust portal settings | Comp AI API" - og:description: "Update vendor trust portal settings in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents." + title: "Delete a task | Comp AI API" + sidebarTitle: "Delete a task" + description: "Delete a task in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." + og:title: "Delete a task | Comp AI API" + og:description: "Delete a task in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." x-speakeasy-mcp: - name: "update-vendor-trust-settings" - /v1/trust-portal/vendors: + name: "delete-task" + /v1/tasks/{taskId}/policies: get: - operationId: "TrustPortalController_listVendors_v1" + operationId: "TasksController_getTaskPolicies_v1" parameters: - - name: "all" - required: false - in: "query" - description: "When true, returns all org vendors with sync" + - name: "taskId" + required: true + in: "path" + description: "Unique task identifier" schema: + example: "tsk_abc123def456" type: "string" responses: "200": description: "" security: - apikey: [] - summary: "List vendors configured for trust portal" + summary: "Get policies that reference a task via shared controls" tags: - - "Trust Portal" - description: "List vendors configured for trust portal in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures." + - "Tasks" + description: "Get policies that reference a task via shared controls in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." x-mint: metadata: - title: "List vendors configured for trust portal | Comp AI API" - sidebarTitle: "List vendors configured for trust portal" - description: "List vendors configured for trust portal in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents." - og:title: "List vendors configured for trust portal | Comp AI API" - og:description: "List vendors configured for trust portal in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents." + title: "Get policies that reference a task via shared | Comp AI API" + sidebarTitle: "Get policies that reference a task via shared controls" + description: "Get policies that reference a task via shared controls in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy." + og:title: "Get policies that reference a task via shared | Comp AI API" + og:description: "Get policies that reference a task via shared controls in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy." x-speakeasy-mcp: - name: "list-vendors" - /v1/trust-access/{friendlyUrl}/requests: - post: - description: "Submit a Trust Center access request with requester details, company context, and review reason for administrator approval." - operationId: "TrustAccessController_createAccessRequest_v1" + name: "get-task-policies" + /v1/tasks/{taskId}/activity: + get: + description: "Get task activity in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." + operationId: "TasksController_getTaskActivity_v1" parameters: - - name: "friendlyUrl" + - name: "taskId" required: true in: "path" - description: "Trust Portal friendly URL or Organization ID" + description: "Unique task identifier" schema: + example: "tsk_abc123def456" type: "string" - requestBody: - required: true - content: - application/json: - schema: - $ref: "#/components/schemas/CreateAccessRequestDto" - responses: - "201": - description: "Access request created and sent for review" - summary: "Submit Trust Access request" - tags: - - "Trust Access" - x-mint: - metadata: - title: "Submit Trust Access request | Comp AI API" - sidebarTitle: "Submit Trust Access request" - description: "Submit a Trust Center access request with requester details, company context, and review reason for administrator approval." - og:title: "Submit Trust Access request | Comp AI API" - og:description: "Submit a Trust Center access request with requester details, company context, and review reason for administrator approval." - x-speakeasy-mcp: - name: "create-access-request" - /v1/trust-access/admin/requests: - get: - description: "List pending and completed Trust Center access requests so teams can review customer security inquiries through the API." - operationId: "TrustAccessController_listAccessRequests_v1" - parameters: - - name: "status" - required: false + - name: "skip" + required: true in: "query" schema: type: "string" - enum: - - "under_review" - - "approved" - - "denied" - - "canceled" - responses: - "200": - description: "Access requests retrieved" - security: - - apikey: [] - summary: "List Trust Access requests" - tags: - - "Trust Access" - x-mint: - metadata: - title: "List Trust Access requests | Comp AI API" - sidebarTitle: "List Trust Access requests" - description: "List pending and completed Trust Center access requests so teams can review customer security inquiries through the API." - og:title: "List Trust Access requests | Comp AI API" - og:description: "List pending and completed Trust Center access requests so teams can review customer security inquiries through the API." - x-speakeasy-mcp: - name: "list-access-requests" - /v1/trust-access/admin/requests/{id}: - get: - description: "Retrieve one Trust Center access request with requester context, status, review metadata, and audit details." - operationId: "TrustAccessController_getAccessRequest_v1" - parameters: - - name: "id" + - name: "take" required: true - in: "path" + in: "query" schema: type: "string" responses: "200": - description: "Request details returned" + description: "Activity retrieved successfully" + "400": + description: "Task not found" security: - apikey: [] - summary: "Get Trust Access request" + summary: "Get task activity" tags: - - "Trust Access" + - "Tasks" x-mint: metadata: - title: "Get Trust Access request | Comp AI API" - sidebarTitle: "Get Trust Access request" - description: "Retrieve one Trust Center access request with requester context, status, review metadata, and audit details." - og:title: "Get Trust Access request | Comp AI API" - og:description: "Retrieve one Trust Center access request with requester context, status, review metadata, and audit details." + title: "Get task activity | Comp AI API" + sidebarTitle: "Get task activity" + description: "Get task activity in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." + og:title: "Get task activity | Comp AI API" + og:description: "Get task activity in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." x-speakeasy-mcp: - name: "get-access-request" - /v1/trust-access/admin/requests/{id}/approve: + name: "get-task-activity" + /v1/tasks/{taskId}/regenerate: post: - description: "Approve a Trust Center access request, configure the grant window, and start the NDA or access email workflow." - operationId: "TrustAccessController_approveRequest_v1" + description: "Regenerate task from template in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." + operationId: "TasksController_regenerateTask_v1" parameters: - - name: "id" + - name: "taskId" required: true in: "path" + description: "Unique task identifier" schema: + example: "tsk_abc123def456" type: "string" - requestBody: - required: true - content: - application/json: - schema: - $ref: "#/components/schemas/ApproveAccessRequestDto" responses: "200": - description: "Request approved successfully" + description: "Task regenerated successfully" + "400": + description: "Task has no associated template" + "404": + description: "Task not found" security: - apikey: [] - summary: "Approve Trust Access request" + summary: "Regenerate task from template" tags: - - "Trust Access" + - "Tasks" x-mint: metadata: - title: "Approve Trust Access request | Comp AI API" - sidebarTitle: "Approve Trust Access request" - description: "Approve a Trust Center access request, configure the grant window, and start the NDA or access email workflow." - og:title: "Approve Trust Access request | Comp AI API" - og:description: "Approve a Trust Center access request, configure the grant window, and start the NDA or access email workflow." + title: "Regenerate task from template | Comp AI API" + sidebarTitle: "Regenerate task from template" + description: "Regenerate task from template in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity." + og:title: "Regenerate task from template | Comp AI API" + og:description: "Regenerate task from template in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity." x-speakeasy-mcp: - name: "approve-request" - /v1/trust-access/admin/requests/{id}/deny: + name: "regenerate-task" + /v1/tasks/{taskId}/submit-for-review: post: - description: "Reject a Trust Center access request with a review reason so customer security access decisions stay auditable." - operationId: "TrustAccessController_denyRequest_v1" + description: "Submit task for review in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." + operationId: "TasksController_submitForReview_v1" parameters: - - name: "id" + - name: "taskId" required: true in: "path" + description: "Unique task identifier" schema: + example: "tsk_abc123def456" type: "string" requestBody: required: true content: application/json: schema: - $ref: "#/components/schemas/DenyAccessRequestDto" - responses: - "200": - description: "Request denied" - security: - - apikey: [] - summary: "Deny Trust Access request" - tags: - - "Trust Access" - x-mint: - metadata: - title: "Deny Trust Access request | Comp AI API" - sidebarTitle: "Deny Trust Access request" - description: "Reject a Trust Center access request with a review reason so customer security access decisions stay auditable." - og:title: "Deny Trust Access request | Comp AI API" - og:description: "Reject a Trust Center access request with a review reason so customer security access decisions stay auditable." - x-speakeasy-mcp: - name: "deny-request" - /v1/trust-access/admin/grants: - get: - description: "List active, expired, and revoked Trust Access grants for customer security reviews and shared compliance resources." - operationId: "TrustAccessController_listGrants_v1" - parameters: [] + type: "object" + properties: + approverId: + type: "string" + example: "mem_abc123" + description: "Member ID of the approver" + required: + - "approverId" responses: "200": - description: "Grants retrieved" + description: "Task submitted for review" + "400": + description: "Invalid request" security: - apikey: [] - summary: "List Trust Access grants" + summary: "Submit task for review" tags: - - "Trust Access" + - "Tasks" x-mint: metadata: - title: "List Trust Access grants | Comp AI API" - sidebarTitle: "List Trust Access grants" - description: "List active, expired, and revoked Trust Access grants for customer security reviews and shared compliance resources." - og:title: "List Trust Access grants | Comp AI API" - og:description: "List active, expired, and revoked Trust Access grants for customer security reviews and shared compliance resources." + title: "Submit task for review | Comp AI API" + sidebarTitle: "Submit task for review" + description: "Submit task for review in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." + og:title: "Submit task for review | Comp AI API" + og:description: "Submit task for review in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." x-speakeasy-mcp: - name: "list-grants" - /v1/trust-access/admin/grants/{id}/revoke: + name: "submit-for-review" + /v1/tasks/{taskId}/approve: post: - description: "Immediately revoke a Trust Access grant when a customer review ends or shared compliance access should be removed." - operationId: "TrustAccessController_revokeGrant_v1" + description: "Approve a task that is in review. Only the assigned approver can approve. Moves status to done and creates an audit comment." + operationId: "TasksController_approveTask_v1" parameters: - - name: "id" + - name: "taskId" required: true in: "path" + description: "Unique task identifier" schema: + example: "tsk_abc123def456" type: "string" - requestBody: - required: true - content: - application/json: - schema: - $ref: "#/components/schemas/RevokeGrantDto" responses: "200": - description: "Grant revoked" + description: "Task approved successfully" + "400": + description: "Task is not in review" + "403": + description: "Not the assigned approver" security: - apikey: [] - summary: "Revoke Trust Access grant" + summary: "Approve a task" tags: - - "Trust Access" + - "Tasks" x-mint: metadata: - title: "Revoke Trust Access grant | Comp AI API" - sidebarTitle: "Revoke Trust Access grant" - description: "Immediately revoke a Trust Access grant when a customer review ends or shared compliance access should be removed." - og:title: "Revoke Trust Access grant | Comp AI API" - og:description: "Immediately revoke a Trust Access grant when a customer review ends or shared compliance access should be removed." + title: "Approve a task | Comp AI API" + sidebarTitle: "Approve a task" + description: "Approve a task that is in review. Only the assigned approver can approve. Moves status to done and creates an audit comment." + og:title: "Approve a task | Comp AI API" + og:description: "Approve a task that is in review. Only the assigned approver can approve. Moves status to done and creates an audit comment." x-speakeasy-mcp: - name: "revoke-grant" - /v1/trust-access/admin/grants/{id}/resend-access-email: + name: "approve-task" + /v1/tasks/{taskId}/reject: post: - description: "Resend the access email for an active Trust Access grant so approved reviewers can reopen shared resources." - operationId: "TrustAccessController_resendAccessEmail_v1" + description: "Reject a task that is in review. Only the assigned approver can reject. Reverts status to the previous status and creates an audit comment." + operationId: "TasksController_rejectTask_v1" parameters: - - name: "id" + - name: "taskId" required: true in: "path" + description: "Unique task identifier" schema: + example: "tsk_abc123def456" type: "string" responses: "200": - description: "Access email resent" + description: "Task rejected successfully" + "400": + description: "Task is not in review" + "403": + description: "Not the assigned approver" security: - apikey: [] - summary: "Resend Trust Access email" + summary: "Reject a task review" tags: - - "Trust Access" + - "Tasks" x-mint: metadata: - title: "Resend Trust Access email | Comp AI API" - sidebarTitle: "Resend Trust Access email" - description: "Resend the access email for an active Trust Access grant so approved reviewers can reopen shared resources." - og:title: "Resend Trust Access email | Comp AI API" - og:description: "Resend the access email for an active Trust Access grant so approved reviewers can reopen shared resources." + title: "Reject a task review | Comp AI API" + sidebarTitle: "Reject a task review" + description: "Reject a task that is in review. Only the assigned approver can reject. Reverts status to the previous status and creates an audit comment." + og:title: "Reject a task review | Comp AI API" + og:description: "Reject a task that is in review. Only the assigned approver can reject. Reverts status to the previous status and creates an audit comment." x-speakeasy-mcp: - name: "resend-access-email" - /v1/trust-access/admin/requests/{id}/resend-nda: - post: - description: "Resend an NDA signing email for a Trust Access request that still requires reviewer signature." - operationId: "TrustAccessController_resendNda_v1" + name: "reject-task" + /v1/tasks/{taskId}/attachments: + get: + description: "Get task attachments in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." + operationId: "TasksController_getTaskAttachments_v1" parameters: - - name: "id" + - name: "taskId" required: true in: "path" + description: "Unique task identifier" schema: + example: "tsk_abc123def456" type: "string" responses: "200": - description: "NDA email resent" + description: "Attachments retrieved successfully" + content: + application/json: + schema: + type: "array" + items: + $ref: "#/components/schemas/AttachmentResponseDto" + example: + - id: "att_abc123def456" + name: "evidence.pdf" + type: "application/pdf" + size: 123456 + downloadUrl: "https://bucket.s3.amazonaws.com/path/to/file.pdf?signature=..." + createdAt: "2024-01-15T10:30:00Z" + "401": + description: "Unauthorized - Invalid authentication" + content: + application/json: + schema: + type: "object" + properties: + message: + type: "string" + example: "Unauthorized" + "404": + description: "Task not found" + content: + application/json: + schema: + type: "object" + properties: + message: + type: "string" + example: "Task with ID tsk_abc123def456 not found" security: - apikey: [] - summary: "Resend Trust Access NDA" + summary: "Get task attachments" tags: - - "Trust Access" + - "Tasks" x-mint: metadata: - title: "Resend Trust Access NDA | Comp AI API" - sidebarTitle: "Resend Trust Access NDA" - description: "Resend an NDA signing email for a Trust Access request that still requires reviewer signature." - og:title: "Resend Trust Access NDA | Comp AI API" - og:description: "Resend an NDA signing email for a Trust Access request that still requires reviewer signature." + title: "Get task attachments | Comp AI API" + sidebarTitle: "Get task attachments" + description: "Get task attachments in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." + og:title: "Get task attachments | Comp AI API" + og:description: "Get task attachments in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." x-speakeasy-mcp: - name: "resend-nda" - /v1/trust-access/admin/requests/{id}/preview-nda: + name: "get-task-attachments" post: - description: "Generate a preview NDA PDF for a Trust Access request before the reviewer signs and receives access." - operationId: "TrustAccessController_previewNda_v1" + description: "Upload an evidence attachment to a task so auditors and reviewers can trace completion back to source documentation." + operationId: "TasksController_uploadTaskAttachment_v1" parameters: - - name: "id" + - name: "taskId" required: true in: "path" + description: "Unique task identifier" schema: + example: "tsk_abc123def456" type: "string" + requestBody: + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/UploadAttachmentDto" responses: - "200": - description: "Preview NDA generated" + "201": + description: "Attachment uploaded successfully" + content: + application/json: + schema: + $ref: "#/components/schemas/AttachmentResponseDto" + example: + id: "att_abc123def456" + entityId: "tsk_abc123def456" + entityType: "task" + fileName: "evidence.pdf" + fileType: "application/pdf" + fileSize: 123456 + createdAt: "2024-01-01T00:00:00Z" + createdBy: "usr_abc123def456" + "400": + description: "Invalid file data or file too large" + content: + application/json: + schema: + type: "object" + properties: + message: + type: "string" + example: "File exceeds maximum allowed size" + "401": + description: "Unauthorized - Invalid authentication" + content: + application/json: + schema: + type: "object" + properties: + message: + type: "string" + example: "Unauthorized" + "404": + description: "Task not found" + content: + application/json: + schema: + type: "object" + properties: + message: + type: "string" + example: "Task with ID tsk_abc123def456 not found" security: - apikey: [] - summary: "Preview Trust Access NDA" + summary: "Upload task evidence" tags: - - "Trust Access" + - "Tasks" x-mint: metadata: - title: "Preview Trust Access NDA | Comp AI API" - sidebarTitle: "Preview Trust Access NDA" - description: "Generate a preview NDA PDF for a Trust Access request before the reviewer signs and receives access." - og:title: "Preview Trust Access NDA | Comp AI API" - og:description: "Generate a preview NDA PDF for a Trust Access request before the reviewer signs and receives access." + title: "Upload task evidence | Comp AI API" + sidebarTitle: "Upload task evidence" + description: "Upload an evidence attachment to a task so auditors and reviewers can trace completion back to source documentation." + og:title: "Upload task evidence | Comp AI API" + og:description: "Upload an evidence attachment to a task so auditors and reviewers can trace completion back to source documentation." x-speakeasy-mcp: - name: "preview-nda" - /v1/trust-access/{friendlyUrl}/reclaim: - post: - description: "Request a fresh Trust Access link for a reviewer who already has an active grant on a published Trust Center." - operationId: "TrustAccessController_reclaimAccess_v1" + name: "upload-task-attachment" + /v1/tasks/{taskId}/attachments/{attachmentId}/download: + get: + description: "Generate a signed download URL for an attachment on a compliance task so reviewers can access uploaded evidence." + operationId: "TasksController_getTaskAttachmentDownloadUrl_v1" parameters: - - name: "friendlyUrl" + - name: "taskId" required: true in: "path" - description: "Trust Portal friendly URL or Organization ID" - schema: - type: "string" - - name: "query" - required: false - in: "query" - description: "Query parameter to append to the access link (e.g., security-questionnaire)" + description: "Unique task identifier" schema: - example: "security-questionnaire" + example: "tsk_abc123def456" type: "string" - requestBody: - required: true - content: - application/json: - schema: - $ref: "#/components/schemas/ReclaimAccessDto" - responses: - "200": - description: "Access link sent to email" - summary: "Reclaim Trust Access link" - tags: - - "Trust Access" - x-mint: - metadata: - title: "Reclaim Trust Access link | Comp AI API" - sidebarTitle: "Reclaim Trust Access link" - description: "Request a fresh Trust Access link for a reviewer who already has an active grant on a published Trust Center." - og:title: "Reclaim Trust Access link | Comp AI API" - og:description: "Request a fresh Trust Access link for a reviewer who already has an active grant on a published Trust Center." - x-speakeasy-mcp: - name: "reclaim-access" - /v1/trust-access/{friendlyUrl}/faqs: - get: - description: "Retrieve published Trust Center FAQs for an organization so public trust pages can show customer security answers." - operationId: "TrustAccessController_getFaqs_v1" - parameters: - - name: "friendlyUrl" + - name: "attachmentId" required: true in: "path" - description: "Trust Portal friendly URL or Organization ID" + description: "Unique attachment identifier" schema: + example: "att_abc123def456" type: "string" responses: "200": - description: "FAQs retrieved successfully" + description: "Download URL generated successfully" content: application/json: schema: type: "object" properties: - faqs: - type: "array" - items: - type: "object" - properties: - id: - type: "string" - question: - type: "string" - answer: - type: "string" - order: - type: "number" - nullable: true + downloadUrl: + type: "string" + description: "Signed URL for downloading the file" + example: "https://bucket.s3.amazonaws.com/path/to/file.pdf?signature=..." + expiresIn: + type: "number" + description: "URL expiration time in seconds" + example: 900 + "401": + description: "Unauthorized - Invalid authentication" + content: + application/json: + schema: + type: "object" + properties: + message: + type: "string" + example: "Unauthorized" "404": - description: "Trust site not found or not published" - summary: "Get Trust Center FAQs" + description: "Task or attachment not found" + content: + application/json: + schema: + type: "object" + properties: + message: + type: "string" + example: "Task or attachment not found" + security: + - apikey: [] + summary: "Get task attachment download URL" tags: - - "Trust Access" + - "Tasks" x-mint: metadata: - title: "Get Trust Center FAQs | Comp AI API" - sidebarTitle: "Get Trust Center FAQs" - description: "Retrieve published Trust Center FAQs for an organization so public trust pages can show customer security answers." - og:title: "Get Trust Center FAQs | Comp AI API" - og:description: "Retrieve published Trust Center FAQs for an organization so public trust pages can show customer security answers." + title: "Get task attachment download URL | Comp AI API" + sidebarTitle: "Get task attachment download URL" + description: "Generate a signed download URL for an attachment on a compliance task so reviewers can access uploaded evidence." + og:title: "Get task attachment download URL | Comp AI API" + og:description: "Generate a signed download URL for an attachment on a compliance task so reviewers can access uploaded evidence." x-speakeasy-mcp: - name: "get-faqs" - /v1/trust-access/{friendlyUrl}/overview: - get: - description: "Retrieve the published Trust Center overview for an organization, including public security posture messaging." - operationId: "TrustAccessController_getPublicOverview_v1" + name: "get-task-attachment-download-url" + /v1/tasks/{taskId}/attachments/{attachmentId}: + delete: + description: "Delete task attachment in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." + operationId: "TasksController_deleteTaskAttachment_v1" parameters: - - name: "friendlyUrl" + - name: "taskId" required: true in: "path" - description: "Trust Portal friendly URL or Organization ID" + description: "Unique task identifier" schema: + example: "tsk_abc123def456" + type: "string" + - name: "attachmentId" + required: true + in: "path" + description: "Unique attachment identifier" + schema: + example: "att_abc123def456" type: "string" responses: "200": - description: "Overview retrieved successfully" - summary: "Get Trust Center overview" + description: "Attachment deleted successfully" + content: + application/json: + schema: + type: "object" + properties: + success: + type: "boolean" + example: true + deletedAttachmentId: + type: "string" + example: "att_abc123def456" + message: + type: "string" + example: "Attachment deleted successfully" + "401": + description: "Unauthorized - Invalid authentication" + content: + application/json: + schema: + type: "object" + properties: + message: + type: "string" + example: "Unauthorized" + "404": + description: "Task or attachment not found" + content: + application/json: + schema: + type: "object" + properties: + message: + type: "string" + example: "Task or attachment not found" + security: + - apikey: [] + summary: "Delete task attachment" tags: - - "Trust Access" + - "Tasks" x-mint: metadata: - title: "Get Trust Center overview | Comp AI API" - sidebarTitle: "Get Trust Center overview" - description: "Retrieve the published Trust Center overview for an organization, including public security posture messaging." - og:title: "Get Trust Center overview | Comp AI API" - og:description: "Retrieve the published Trust Center overview for an organization, including public security posture messaging." + title: "Delete task attachment | Comp AI API" + sidebarTitle: "Delete task attachment" + description: "Delete task attachment in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." + og:title: "Delete task attachment | Comp AI API" + og:description: "Delete task attachment in Comp AI. Manage compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history." x-speakeasy-mcp: - name: "get-public-overview" - /v1/trust-access/{friendlyUrl}/custom-links: + name: "delete-task-attachment" + /v1/tasks/{taskId}/automations: get: - description: "List published custom links shown on an organization Trust Center for customer security and compliance reviews." - operationId: "TrustAccessController_getPublicCustomLinks_v1" + description: "Get all automations for a task in Comp AI. Create, version, run, and inspect automated evidence collection workflows attached to compliance tasks." + operationId: "AutomationsController_getTaskAutomations_v1" parameters: - - name: "friendlyUrl" + - name: "taskId" required: true in: "path" - description: "Trust Portal friendly URL or Organization ID" + description: "Unique task identifier" schema: + example: "tsk_abc123def456" type: "string" responses: "200": - description: "Custom links retrieved successfully" - summary: "List Trust Center custom links" + description: "Automations retrieved successfully" + security: + - apikey: [] + summary: "Get all automations for a task" tags: - - "Trust Access" + - "Task Automations" x-mint: metadata: - title: "List Trust Center custom links | Comp AI API" - sidebarTitle: "List Trust Center custom links" - description: "List published custom links shown on an organization Trust Center for customer security and compliance reviews." - og:title: "List Trust Center custom links | Comp AI API" - og:description: "List published custom links shown on an organization Trust Center for customer security and compliance reviews." + title: "Get all automations for a task | Comp AI API" + sidebarTitle: "Get all automations for a task" + description: "Get all automations for a task in Comp AI. Create, version, run, and inspect automated evidence collection workflows attached to compliance tasks." + og:title: "Get all automations for a task | Comp AI API" + og:description: "Get all automations for a task in Comp AI. Create, version, run, and inspect automated evidence collection workflows attached to compliance tasks." x-speakeasy-mcp: - name: "get-public-custom-links" - /v1/trust-access/{friendlyUrl}/favicon: - get: - description: "Retrieve the favicon URL used by a published Trust Center so embedded or mirrored experiences can match branding." - operationId: "TrustAccessController_getPublicFavicon_v1" + name: "get-task-automations" + post: + description: "Create an automated evidence workflow attached to a task so Comp AI can collect recurring proof from connected systems." + operationId: "AutomationsController_createAutomation_v1" parameters: - - name: "friendlyUrl" + - name: "taskId" required: true in: "path" - description: "Trust Portal friendly URL or Organization ID" + description: "Unique task identifier" schema: + example: "tsk_abc123def456" type: "string" responses: - "200": - description: "Favicon URL retrieved successfully" + "201": + description: "Automation created successfully" + content: + application/json: + schema: + type: "object" + properties: + success: + type: "boolean" + example: true + automation: + type: "object" + properties: + id: + type: "string" + example: "auto_abc123def456" + name: + type: "string" + example: "Task Name - Evidence Collection" + "400": + description: "Bad request - Invalid task ID or organization ID" content: application/json: schema: type: "object" properties: - faviconUrl: + message: type: "string" - nullable: true - description: "Signed URL to the favicon, or null if not set" - summary: "Get Trust Center favicon" + example: "Invalid task ID or organization ID" + "401": + description: "Unauthorized - Invalid authentication" + content: + application/json: + schema: + type: "object" + properties: + message: + type: "string" + example: "Unauthorized" + "404": + description: "Task not found" + content: + application/json: + schema: + type: "object" + properties: + message: + type: "string" + example: "Task not found" + security: + - apikey: [] + summary: "Create evidence automation" tags: - - "Trust Access" + - "Task Automations" x-mint: metadata: - title: "Get Trust Center favicon | Comp AI API" - sidebarTitle: "Get Trust Center favicon" - description: "Retrieve the favicon URL used by a published Trust Center so embedded or mirrored experiences can match branding." - og:title: "Get Trust Center favicon | Comp AI API" - og:description: "Retrieve the favicon URL used by a published Trust Center so embedded or mirrored experiences can match branding." + title: "Create evidence automation | Comp AI API" + sidebarTitle: "Create evidence automation" + description: "Create an automated evidence workflow attached to a task so Comp AI can collect recurring proof from connected systems." + og:title: "Create evidence automation | Comp AI API" + og:description: "Create an automated evidence workflow attached to a task so Comp AI can collect recurring proof from connected systems." x-speakeasy-mcp: - name: "get-public-favicon" - /v1/trust-access/{friendlyUrl}/vendors: + name: "create-automation" + disabled: true + /v1/tasks/{taskId}/automations/{automationId}: get: - description: "List published vendors and subprocessors for an organization Trust Center so reviewers can inspect third-party posture." - operationId: "TrustAccessController_getPublicVendors_v1" + description: "Get automation details in Comp AI. Create, version, run, and inspect automated evidence collection workflows attached to compliance tasks." + operationId: "AutomationsController_getAutomation_v1" parameters: - - name: "friendlyUrl" + - name: "taskId" required: true in: "path" - description: "Trust Portal friendly URL or Organization ID" + description: "Unique task identifier" schema: + example: "tsk_abc123def456" type: "string" - responses: - "200": - description: "Vendors retrieved successfully" - summary: "List Trust Center vendors" - tags: - - "Trust Access" - x-mint: - metadata: - title: "List Trust Center vendors | Comp AI API" - sidebarTitle: "List Trust Center vendors" - description: "List published vendors and subprocessors for an organization Trust Center so reviewers can inspect third-party posture." - og:title: "List Trust Center vendors | Comp AI API" - og:description: "List published vendors and subprocessors for an organization Trust Center so reviewers can inspect third-party posture." - x-speakeasy-mcp: - name: "get-public-vendors" - /v1/trust-access/{friendlyUrl}/custom-frameworks: - get: - description: "Get org-authored custom frameworks shown on a trust portal in Comp AI. Manage external Trust Center access requests, NDA signing, grants, tokenized document downloads, public FAQs, and reviewer access." - operationId: "TrustAccessController_getPublicCustomFrameworks_v1" - parameters: - - name: "friendlyUrl" + - name: "automationId" required: true in: "path" - description: "Trust Portal friendly URL or Organization ID" + description: "Unique automation identifier" schema: + example: "auto_abc123def456" type: "string" responses: "200": - description: "Custom frameworks retrieved successfully" - summary: "Get org-authored custom frameworks shown on a trust portal" + description: "Automation details retrieved successfully" + security: + - apikey: [] + summary: "Get automation details" tags: - - "Trust Access" + - "Task Automations" x-mint: metadata: - title: "Get org-authored custom frameworks shown on a | Comp AI API" - sidebarTitle: "Get org-authored custom frameworks shown on a trust portal" - description: "Get org-authored custom frameworks shown on a trust portal in Comp AI. Manage external Trust Center access requests, NDA signing, grants, tokenized document." - og:title: "Get org-authored custom frameworks shown on a | Comp AI API" - og:description: "Get org-authored custom frameworks shown on a trust portal in Comp AI. Manage external Trust Center access requests, NDA signing, grants, tokenized document." + title: "Get automation details | Comp AI API" + sidebarTitle: "Get automation details" + description: "Get automation details in Comp AI. Create, version, run, and inspect automated evidence collection workflows attached to compliance tasks." + og:title: "Get automation details | Comp AI API" + og:description: "Get automation details in Comp AI. Create, version, run, and inspect automated evidence collection workflows attached to compliance tasks." x-speakeasy-mcp: - name: "get-public-custom-frameworks" - /v1/findings: - get: - operationId: "FindingsController_listFindings_v1" + name: "get-automation" + patch: + description: "Update an existing automation in Comp AI. Create, version, run, and inspect automated evidence collection workflows attached to compliance tasks." + operationId: "AutomationsController_updateAutomation_v1" parameters: - - name: "status" - required: false - in: "query" - schema: - enum: - - "open" - - "ready_for_review" - - "needs_revision" - - "closed" - type: "string" - - name: "severity" - required: false - in: "query" - schema: - enum: - - "low" - - "medium" - - "high" - - "critical" - type: "string" - - name: "area" - required: false - in: "query" - schema: - enum: - - "people" - - "documents" - - "compliance" - - "risks" - - "vendors" - - "policies" - - "other" - type: "string" - name: "taskId" - required: false - in: "query" - schema: - type: "string" - - name: "evidenceSubmissionId" - required: false - in: "query" - schema: - type: "string" - - name: "evidenceFormType" - required: false - in: "query" - schema: - enum: - - "board-meeting" - - "it-leadership-meeting" - - "risk-committee-meeting" - - "meeting" - - "access-request" - - "whistleblower-report" - - "penetration-test" - - "rbac-matrix" - - "infrastructure-inventory" - - "employee-performance-evaluation" - - "network-diagram" - - "tabletop-exercise" - - "account-types" - type: "string" - - name: "policyId" - required: false - in: "query" - schema: - type: "string" - - name: "vendorId" - required: false - in: "query" + required: true + in: "path" + description: "Unique task identifier" schema: + example: "tsk_abc123def456" type: "string" - - name: "riskId" - required: false - in: "query" + - name: "automationId" + required: true + in: "path" + description: "Unique automation identifier" schema: + example: "auto_abc123def456" type: "string" - - name: "memberId" - required: false - in: "query" + requestBody: + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/UpdateAutomationDto" + responses: + "200": + description: "Automation updated successfully" + content: + application/json: + schema: + type: "object" + properties: + success: + type: "boolean" + example: true + automation: + type: "object" + properties: + id: + type: "string" + example: "auto_abc123def456" + name: + type: "string" + example: "Updated Automation Name" + description: + type: "string" + example: "Updated description" + "400": + description: "Bad request - Invalid automation ID or data" + content: + application/json: + schema: + type: "object" + properties: + message: + type: "string" + example: "Invalid automation data" + "401": + description: "Unauthorized - Invalid authentication" + content: + application/json: + schema: + type: "object" + properties: + message: + type: "string" + example: "Unauthorized" + "404": + description: "Automation not found" + content: + application/json: + schema: + type: "object" + properties: + message: + type: "string" + example: "Automation not found" + security: + - apikey: [] + summary: "Update an existing automation" + tags: + - "Task Automations" + x-mint: + metadata: + title: "Update an existing automation | Comp AI API" + sidebarTitle: "Update an existing automation" + description: "Update an existing automation in Comp AI. Create, version, run, and inspect automated evidence collection workflows attached to compliance tasks." + og:title: "Update an existing automation | Comp AI API" + og:description: "Update an existing automation in Comp AI. Create, version, run, and inspect automated evidence collection workflows attached to compliance tasks." + x-speakeasy-mcp: + name: "update-automation" + delete: + description: "Delete an automation in Comp AI. Create, version, run, and inspect automated evidence collection workflows attached to compliance tasks." + operationId: "AutomationsController_deleteAutomation_v1" + parameters: + - name: "taskId" + required: true + in: "path" + description: "Unique task identifier" schema: + example: "tsk_abc123def456" type: "string" - - name: "deviceId" - required: false - in: "query" + - name: "automationId" + required: true + in: "path" + description: "Unique automation identifier" schema: + example: "auto_abc123def456" type: "string" responses: "200": - description: "" + description: "Automation deleted successfully" security: - apikey: [] - summary: "List audit findings" + summary: "Delete an automation" tags: - - "Findings" - description: "List audit findings with status, severity, owner, history, and remediation context for compliance review workflows." + - "Task Automations" x-mint: metadata: - title: "List audit findings | Comp AI API" - sidebarTitle: "List audit findings" - description: "List audit findings with status, severity, owner, history, and remediation context for compliance review workflows." - og:title: "List audit findings | Comp AI API" - og:description: "List audit findings with status, severity, owner, history, and remediation context for compliance review workflows." + title: "Delete an automation | Comp AI API" + sidebarTitle: "Delete an automation" + description: "Delete an automation in Comp AI. Create, version, run, and inspect automated evidence collection workflows attached to compliance tasks." + og:title: "Delete an automation | Comp AI API" + og:description: "Delete an automation in Comp AI. Create, version, run, and inspect automated evidence collection workflows attached to compliance tasks." x-speakeasy-mcp: - name: "list-findings" - post: - operationId: "FindingsController_createFinding_v1" - parameters: [] - requestBody: - required: true - content: - application/json: - schema: - $ref: "#/components/schemas/CreateFindingDto" + name: "delete-automation" + /v1/tasks/{taskId}/automations/{automationId}/runs: + get: + description: "Get all runs for a specific automation in Comp AI. Create, version, run, and inspect automated evidence collection workflows attached to compliance tasks." + operationId: "AutomationsController_getAutomationRuns_v1" + parameters: + - name: "taskId" + required: true + in: "path" + description: "Task ID" + schema: + type: "string" + - name: "automationId" + required: true + in: "path" + description: "Automation ID" + schema: + type: "string" responses: - "201": - description: "" + "200": + description: "Runs retrieved successfully" security: - apikey: [] - summary: "Create audit finding" + summary: "Get all runs for a specific automation" tags: - - "Findings" - description: "Create an audit finding so teams can track issue ownership, remediation activity, severity, and supporting evidence." + - "Task Automations" x-mint: metadata: - title: "Create audit finding | Comp AI API" - sidebarTitle: "Create audit finding" - description: "Create an audit finding so teams can track issue ownership, remediation activity, severity, and supporting evidence." - og:title: "Create audit finding | Comp AI API" - og:description: "Create an audit finding so teams can track issue ownership, remediation activity, severity, and supporting evidence." + title: "Get all runs for a specific automation | Comp AI API" + sidebarTitle: "Get all runs for a specific automation" + description: "Get all runs for a specific automation in Comp AI. Create, version, run, and inspect automated evidence collection workflows attached to compliance tasks." + og:title: "Get all runs for a specific automation | Comp AI API" + og:description: "Get all runs for a specific automation in Comp AI. Create, version, run, and inspect automated evidence collection workflows attached to compliance tasks." x-speakeasy-mcp: - name: "create-finding" - /v1/findings/organization: + name: "get-automation-runs" + /v1/tasks/{taskId}/automations/{automationId}/versions: get: - operationId: "FindingsController_getOrganizationFindings_v1" + description: "Get all versions for an automation in Comp AI. Create, version, run, and inspect automated evidence collection workflows attached to compliance tasks." + operationId: "AutomationsController_getAutomationVersions_v1" parameters: - - name: "status" - required: false + - name: "taskId" + required: true + in: "path" + description: "Task ID" + schema: + type: "string" + - name: "automationId" + required: true + in: "path" + description: "Automation ID" + schema: + type: "string" + - name: "limit" + required: true + in: "query" + schema: + type: "string" + - name: "offset" + required: true in: "query" schema: - enum: - - "open" - - "ready_for_review" - - "needs_revision" - - "closed" type: "string" responses: "200": - description: "" + description: "Versions retrieved successfully" + content: + application/json: + schema: + type: "object" + properties: + success: + type: "boolean" + versions: + type: "array" + items: + type: "object" + properties: + id: + type: "string" + version: + type: "number" + scriptKey: + type: "string" + changelog: + type: "string" + nullable: true + publishedBy: + type: "string" + nullable: true + createdAt: + type: "string" + format: "date-time" security: - apikey: [] - summary: "List all findings for the organization" + summary: "Get all versions for an automation" tags: - - "Findings" - description: "List all findings for the organization in Comp AI. Create, review, update, and track audit findings, remediation activity, and finding history for an organization." + - "Task Automations" x-mint: metadata: - title: "List all findings for the organization | Comp AI API" - sidebarTitle: "List all findings for the organization" - description: "List all findings for the organization in Comp AI. Create, review, update, and track audit findings, remediation activity, and finding history for an." - og:title: "List all findings for the organization | Comp AI API" - og:description: "List all findings for the organization in Comp AI. Create, review, update, and track audit findings, remediation activity, and finding history for an." + title: "Get all versions for an automation | Comp AI API" + sidebarTitle: "Get all versions for an automation" + description: "Get all versions for an automation in Comp AI. Create, version, run, and inspect automated evidence collection workflows attached to compliance tasks." + og:title: "Get all versions for an automation | Comp AI API" + og:description: "Get all versions for an automation in Comp AI. Create, version, run, and inspect automated evidence collection workflows attached to compliance tasks." x-speakeasy-mcp: - name: "get-organization-findings" - /v1/findings/{id}: - get: - operationId: "FindingsController_getFindingById_v1" + name: "get-automation-versions" + post: + operationId: "AutomationsController_createVersion_v1" parameters: - - name: "id" + - name: "taskId" required: true in: "path" - description: "Finding ID" + description: "Task ID" schema: type: "string" + - name: "automationId" + required: true + in: "path" + description: "Automation ID" + schema: + type: "string" + requestBody: + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/CreateVersionDto" responses: - "200": + "201": description: "" security: - apikey: [] - summary: "Get finding by ID" + summary: "Create a published version record for an automation" tags: - - "Findings" - description: "Get finding by ID in Comp AI. Create, review, update, and track audit findings, remediation activity, and finding history for an organization." + - "Task Automations" + description: "Create a published version record for an automation in Comp AI. Create, version, run, and inspect automated evidence collection workflows attached to compliance tasks." x-mint: metadata: - title: "Get finding by ID | Comp AI API" - sidebarTitle: "Get finding by ID" - description: "Get finding by ID in Comp AI. Create, review, update, and track audit findings, remediation activity, and finding history for an organization." - og:title: "Get finding by ID | Comp AI API" - og:description: "Get finding by ID in Comp AI. Create, review, update, and track audit findings, remediation activity, and finding history for an organization." + title: "Create a published version record for an | Comp AI API" + sidebarTitle: "Create a published version record for an automation" + description: "Create a published version record for an automation in Comp AI. Create, version, run, and inspect automated evidence collection workflows attached." + og:title: "Create a published version record for an | Comp AI API" + og:description: "Create a published version record for an automation in Comp AI. Create, version, run, and inspect automated evidence collection workflows attached." x-speakeasy-mcp: - name: "get-finding-by-id" - patch: - operationId: "FindingsController_updateFinding_v1" + name: "create-version" + disabled: true + /v1/tasks/{taskId}/automations/runs: + get: + description: "Get all automation runs for a task in Comp AI. Create, version, run, and inspect automated evidence collection workflows attached to compliance tasks." + operationId: "AutomationsController_getTaskAutomationRuns_v1" parameters: - - name: "id" + - name: "taskId" required: true in: "path" - description: "Finding ID" + description: "Task ID" schema: + example: "tsk_abc123def456" type: "string" - requestBody: - required: true - content: - application/json: - schema: - $ref: "#/components/schemas/UpdateFindingDto" responses: "200": - description: "" + description: "Automation runs retrieved successfully" + content: + application/json: + schema: + type: "array" + items: + type: "object" + properties: + id: + type: "string" + example: "ear_abc123def456" + status: + type: "string" + enum: + - "PENDING" + - "RUNNING" + - "COMPLETED" + - "FAILED" + trigger: + type: "string" + enum: + - "MANUAL" + - "SCHEDULED" + - "EVENT" + createdAt: + type: "string" + format: "date-time" + completedAt: + type: "string" + format: "date-time" + nullable: true + error: + type: "object" + nullable: true security: - apikey: [] - summary: "Update a finding (status transition rules apply)" + summary: "Get all automation runs for a task" tags: - - "Findings" - description: "Update a finding (status transition rules apply) in Comp AI. Create, review, update, and track audit findings, remediation activity, and finding history for an organization." + - "Task Automations" x-mint: metadata: - title: "Update a finding (status transition rules | Comp AI API" - sidebarTitle: "Update a finding (status transition rules apply)" - description: "Update a finding (status transition rules apply) in Comp AI. Create, review, update, and track audit findings, remediation activity, and finding history." - og:title: "Update a finding (status transition rules | Comp AI API" - og:description: "Update a finding (status transition rules apply) in Comp AI. Create, review, update, and track audit findings, remediation activity, and finding history." + title: "Get all automation runs for a task | Comp AI API" + sidebarTitle: "Get all automation runs for a task" + description: "Get all automation runs for a task in Comp AI. Create, version, run, and inspect automated evidence collection workflows attached to compliance tasks." + og:title: "Get all automation runs for a task | Comp AI API" + og:description: "Get all automation runs for a task in Comp AI. Create, version, run, and inspect automated evidence collection workflows attached to compliance tasks." x-speakeasy-mcp: - name: "update-finding" - delete: - operationId: "FindingsController_deleteFinding_v1" + name: "get-task-automation-runs" + /v1/tasks/{taskId}/evidence: + get: + description: "Get task evidence summary in Comp AI. Export task evidence, automation evidence, and reviewer-ready evidence bundles as PDF or ZIP files." + operationId: "EvidenceExportController_getTaskEvidenceSummary_v1" parameters: - - name: "id" + - name: "taskId" required: true in: "path" - description: "Finding ID" + description: "Unique task identifier" schema: + example: "tsk_abc123def456" type: "string" responses: "200": - description: "" + description: "Evidence summary retrieved successfully" + "404": + description: "Task not found" security: - apikey: [] - summary: "Delete a finding (auditor or platform admin only)" + summary: "Get task evidence summary" tags: - - "Findings" - description: "Delete a finding (auditor or platform admin only) in Comp AI. Create, review, update, and track audit findings, remediation activity, and finding history for an organization." + - "Evidence Export" x-mint: metadata: - title: "Delete a finding (auditor or platform admin | Comp AI API" - sidebarTitle: "Delete a finding (auditor or platform admin only)" - description: "Delete a finding (auditor or platform admin only) in Comp AI. Create, review, update, and track audit findings, remediation activity, and finding history." - og:title: "Delete a finding (auditor or platform admin | Comp AI API" - og:description: "Delete a finding (auditor or platform admin only) in Comp AI. Create, review, update, and track audit findings, remediation activity, and finding history." + title: "Get task evidence summary | Comp AI API" + sidebarTitle: "Get task evidence summary" + description: "Get task evidence summary in Comp AI. Export task evidence, automation evidence, and reviewer-ready evidence bundles as PDF or ZIP files." + og:title: "Get task evidence summary | Comp AI API" + og:description: "Get task evidence summary in Comp AI. Export task evidence, automation evidence, and reviewer-ready evidence bundles as PDF or ZIP files." x-speakeasy-mcp: - name: "delete-finding" - /v1/findings/{id}/history: + name: "get-task-evidence-summary" + /v1/tasks/{taskId}/evidence/automation/{automationId}/pdf: get: - operationId: "FindingsController_getFindingHistory_v1" + description: "Export automation evidence as PDF in Comp AI. Export task evidence, automation evidence, and reviewer-ready evidence bundles as PDF or ZIP files." + operationId: "EvidenceExportController_exportAutomationPDF_v1" parameters: - - name: "id" + - name: "taskId" required: true in: "path" - description: "Finding ID" + description: "Unique task identifier" + schema: + type: "string" + - name: "automationId" + required: true + in: "path" + description: "Unique automation identifier (checkId for app automations)" schema: type: "string" responses: "200": - description: "" - security: - - apikey: [] - summary: "Get activity history for a finding" - tags: - - "Findings" - description: "Get activity history for a finding in Comp AI. Create, review, update, and track audit findings, remediation activity, and finding history for an organization." - x-mint: - metadata: - title: "Get activity history for a finding | Comp AI API" - sidebarTitle: "Get activity history for a finding" - description: "Get activity history for a finding in Comp AI. Create, review, update, and track audit findings, remediation activity, and finding history for an." - og:title: "Get activity history for a finding | Comp AI API" - og:description: "Get activity history for a finding in Comp AI. Create, review, update, and track audit findings, remediation activity, and finding history for an." - x-speakeasy-mcp: - name: "get-finding-history" - /v1/roles: - post: - description: "Create a custom role in Comp AI. Create custom roles and resolve permission sets for organization-level access control." - operationId: "RolesController_createRole_v1" - parameters: [] - requestBody: - required: true - content: - application/json: - schema: - $ref: "#/components/schemas/CreateRoleDto" - responses: - "201": - description: "Role created successfully" + description: "PDF file generated successfully" content: - application/json: - schema: - type: "object" - properties: - id: - type: "string" - example: "rol_abc123" - name: - type: "string" - example: "compliance-lead" - permissions: - type: "object" - additionalProperties: - type: "array" - items: - type: "string" - isBuiltIn: - type: "boolean" - example: false - createdAt: - type: "string" - format: "date-time" - updatedAt: - type: "string" - format: "date-time" - "400": - description: "Invalid role data or role already exists" - "401": - description: "Unauthorized" - "403": - description: "Forbidden - cannot grant permissions you do not have" + application/pdf: {} + "404": + description: "Task or automation not found" security: - apikey: [] - summary: "Create a custom role" + summary: "Export automation evidence as PDF" tags: - - "Roles" + - "Evidence Export" x-mint: metadata: - title: "Create a custom role | Comp AI API" - sidebarTitle: "Create a custom role" - description: "Create a custom role in Comp AI. Create custom roles and resolve permission sets for organization-level access control." - og:title: "Create a custom role | Comp AI API" - og:description: "Create a custom role in Comp AI. Create custom roles and resolve permission sets for organization-level access control." + title: "Export automation evidence as PDF | Comp AI API" + sidebarTitle: "Export automation evidence as PDF" + description: "Export automation evidence as PDF in Comp AI. Export task evidence, automation evidence, and reviewer-ready evidence bundles as PDF or ZIP files." + og:title: "Export automation evidence as PDF | Comp AI API" + og:description: "Export automation evidence as PDF in Comp AI. Export task evidence, automation evidence, and reviewer-ready evidence bundles as PDF or ZIP files." x-speakeasy-mcp: - name: "create-role" + name: "export-automation-pdf" + /v1/tasks/{taskId}/evidence/export: get: - description: "List all roles in Comp AI. Create custom roles and resolve permission sets for organization-level access control." - operationId: "RolesController_listRoles_v1" - parameters: [] + description: "Download a ZIP package containing task evidence and automation results for auditor review or customer security requests." + operationId: "EvidenceExportController_exportTaskEvidenceZip_v1" + parameters: + - name: "taskId" + required: true + in: "path" + description: "Unique task identifier" + schema: + type: "string" + - name: "includeJson" + required: false + in: "query" + description: "Include raw JSON files alongside PDFs" + schema: + type: "boolean" responses: "200": - description: "List of roles" + description: "ZIP file generated successfully" content: - application/json: - schema: - type: "object" - properties: - builtInRoles: - type: "array" - items: - type: "object" - properties: - name: - type: "string" - isBuiltIn: - type: "boolean" - description: - type: "string" - customRoles: - type: "array" - items: - type: "object" - properties: - id: - type: "string" - name: - type: "string" - permissions: - type: "object" - isBuiltIn: - type: "boolean" - createdAt: - type: "string" - format: "date-time" - updatedAt: - type: "string" - format: "date-time" - "401": - description: "Unauthorized" + application/zip: {} + "404": + description: "Task not found" security: - apikey: [] - summary: "List all roles" + summary: "Export task evidence as ZIP" tags: - - "Roles" + - "Evidence Export" x-mint: metadata: - title: "List all roles | Comp AI API" - sidebarTitle: "List all roles" - description: "List all roles in Comp AI. Create custom roles and resolve permission sets for organization-level access control." - og:title: "List all roles | Comp AI API" - og:description: "List all roles in Comp AI. Create custom roles and resolve permission sets for organization-level access control." + title: "Export task evidence as ZIP | Comp AI API" + sidebarTitle: "Export task evidence as ZIP" + description: "Download a ZIP package containing task evidence and automation results for auditor review or customer security requests." + og:title: "Export task evidence as ZIP | Comp AI API" + og:description: "Download a ZIP package containing task evidence and automation results for auditor review or customer security requests." x-speakeasy-mcp: - name: "list-roles" - /v1/roles/permissions: - get: - description: "Returns the merged permissions for the given custom role names. Used by the frontend to resolve effective permissions for users with custom roles." - operationId: "RolesController_getPermissionsForRoles_v1" + name: "export-task-evidence-zip" + /v1/evidence-export/all: + post: + description: "Trigger bulk evidence export (Auditor only) in Comp AI. Export all organization evidence for an auditor review package." + operationId: "AuditorEvidenceExportController_exportAllEvidence_v1" parameters: - - name: "roles" - required: true + - name: "includeJson" + required: false in: "query" + description: "Include raw JSON files alongside PDFs" schema: - type: "string" + type: "boolean" responses: - "200": - description: "Merged permissions for the requested roles" - content: - application/json: - schema: - type: "object" - properties: - permissions: - type: "object" - additionalProperties: - type: "array" - items: - type: "string" - "401": - description: "Unauthorized" + "201": + description: "Export job started" security: - apikey: [] - summary: "Resolve permissions for custom roles" + summary: "Trigger bulk evidence export (Auditor only)" tags: - - "Roles" + - "Evidence Export (Auditor)" x-mint: metadata: - title: "Resolve permissions for custom roles | Comp AI API" - sidebarTitle: "Resolve permissions for custom roles" - description: "Returns the merged permissions for the given custom role names. Used by the frontend to resolve effective permissions for users with custom roles." - og:title: "Resolve permissions for custom roles | Comp AI API" - og:description: "Returns the merged permissions for the given custom role names. Used by the frontend to resolve effective permissions for users with custom roles." + title: "Trigger bulk evidence export (Auditor only) | Comp AI API" + sidebarTitle: "Trigger bulk evidence export (Auditor only)" + description: "Trigger bulk evidence export (Auditor only) in Comp AI. Export all organization evidence for an auditor review package." + og:title: "Trigger bulk evidence export (Auditor only) | Comp AI API" + og:description: "Trigger bulk evidence export (Auditor only) in Comp AI. Export all organization evidence for an auditor review package." x-speakeasy-mcp: - name: "get-permissions-for-roles" - /v1/roles/built-in/{name}/obligations: + name: "export-all-evidence" + /v1/comments: get: - description: "Returns the effective obligations for a built-in role (owner, admin, auditor, employee, contractor) — DB override if present, else the hardcoded default." - operationId: "RolesController_getBuiltInObligations_v1" + description: "Get comments for an entity in Comp AI. Create and manage collaboration comments on compliance entities such as tasks, policies, risks, vendors, and findings." + operationId: "CommentsController_getComments_v1" parameters: - - name: "name" + - name: "entityId" required: true - in: "path" - description: "Built-in role name" + in: "query" + description: "ID of the entity to get comments for" schema: - example: "owner" + example: "tsk_abc123def456" + type: "string" + - name: "entityType" + required: true + in: "query" + description: "Type of entity" + schema: + enum: + - "task" + - "vendor" + - "risk" + - "policy" + - "finding" type: "string" responses: "200": - description: "Effective obligations for the built-in role" + description: "Comments retrieved successfully" content: application/json: schema: - type: "object" - properties: - name: - type: "string" - obligations: - type: "object" - properties: - compliance: - type: "boolean" + type: "array" + items: + $ref: "#/components/schemas/CommentResponseDto" security: - apikey: [] - summary: "Get obligations for a built-in role" + summary: "Get comments for an entity" tags: - - "Roles" + - "Comments" x-mint: metadata: - title: "Get obligations for a built-in role | Comp AI API" - sidebarTitle: "Get obligations for a built-in role" - description: "Returns the effective obligations for a built-in role (owner, admin, auditor, employee, contractor) — DB override if present, else the hardcoded default." - og:title: "Get obligations for a built-in role | Comp AI API" - og:description: "Returns the effective obligations for a built-in role (owner, admin, auditor, employee, contractor) — DB override if present, else the hardcoded default." + title: "Get comments for an entity | Comp AI API" + sidebarTitle: "Get comments for an entity" + description: "Get comments for an entity in Comp AI. Create and manage collaboration comments on compliance entities such as tasks, policies, risks, vendors, and findings." + og:title: "Get comments for an entity | Comp AI API" + og:description: "Get comments for an entity in Comp AI. Create and manage collaboration comments on compliance entities such as tasks, policies, risks, vendors, and findings." x-speakeasy-mcp: - name: "get-built-in-obligations" - patch: - description: "Override the obligations for a built-in role (e.g., turn off the compliance obligation for owners). Permissions stay sourced from the hardcoded defaults." - operationId: "RolesController_updateBuiltInObligations_v1" - parameters: - - name: "name" - required: true - in: "path" - description: "Built-in role name" - schema: - example: "owner" - type: "string" + name: "get-comments" + post: + description: "Create a new comment in Comp AI. Create and manage collaboration comments on compliance entities such as tasks, policies, risks, vendors, and findings." + operationId: "CommentsController_createComment_v1" + parameters: [] requestBody: required: true content: application/json: schema: - $ref: "#/components/schemas/UpdateBuiltInObligationsDto" - responses: - "200": - description: "Obligations updated" - content: - application/json: - schema: - type: "object" - properties: - name: - type: "string" - obligations: - type: "object" - properties: - compliance: - type: "boolean" - "400": - description: "Not a built-in role" - security: - - apikey: [] - summary: "Update obligations for a built-in role" - tags: - - "Roles" - x-mint: - metadata: - title: "Update obligations for a built-in role | Comp AI API" - sidebarTitle: "Update obligations for a built-in role" - description: "Override the obligations for a built-in role (e.g., turn off the compliance obligation for owners). Permissions stay sourced from the hardcoded defaults." - og:title: "Update obligations for a built-in role | Comp AI API" - og:description: "Override the obligations for a built-in role (e.g., turn off the compliance obligation for owners). Permissions stay sourced from the hardcoded defaults." - x-speakeasy-mcp: - name: "update-built-in-obligations" - /v1/roles/{roleId}: - get: - description: "Get a role by ID in Comp AI. Create custom roles and resolve permission sets for organization-level access control." - operationId: "RolesController_getRole_v1" - parameters: - - name: "roleId" - required: true - in: "path" - description: "Role ID" - schema: - example: "rol_abc123" - type: "string" + $ref: "#/components/schemas/CreateCommentDto" responses: - "200": - description: "Role details" + "201": + description: "Comment created successfully" content: application/json: schema: - type: "object" - properties: - id: - type: "string" - name: - type: "string" - permissions: - type: "object" - isBuiltIn: - type: "boolean" - createdAt: - type: "string" - format: "date-time" - updatedAt: - type: "string" - format: "date-time" - "401": - description: "Unauthorized" - "404": - description: "Role not found" + $ref: "#/components/schemas/CommentResponseDto" security: - apikey: [] - summary: "Get a role by ID" + summary: "Create a new comment" tags: - - "Roles" + - "Comments" x-mint: metadata: - title: "Get a role by ID | Comp AI API" - sidebarTitle: "Get a role by ID" - description: "Get a role by ID in Comp AI. Create custom roles and resolve permission sets for organization-level access control." - og:title: "Get a role by ID | Comp AI API" - og:description: "Get a role by ID in Comp AI. Create custom roles and resolve permission sets for organization-level access control." + title: "Create a new comment | Comp AI API" + sidebarTitle: "Create a new comment" + description: "Create a new comment in Comp AI. Create and manage collaboration comments on compliance entities such as tasks, policies, risks, vendors, and findings." + og:title: "Create a new comment | Comp AI API" + og:description: "Create a new comment in Comp AI. Create and manage collaboration comments on compliance entities such as tasks, policies, risks, vendors, and findings." x-speakeasy-mcp: - name: "get-role" - patch: - description: "Update a custom role in Comp AI. Create custom roles and resolve permission sets for organization-level access control." - operationId: "RolesController_updateRole_v1" + name: "create-comment" + /v1/comments/{commentId}: + put: + description: "Update a comment in Comp AI. Create and manage collaboration comments on compliance entities such as tasks, policies, risks, vendors, and findings." + operationId: "CommentsController_updateComment_v1" parameters: - - name: "roleId" + - name: "commentId" required: true in: "path" - description: "Role ID" + description: "Unique comment identifier" schema: - example: "rol_abc123" + example: "cmt_abc123def456" type: "string" requestBody: required: true content: application/json: schema: - $ref: "#/components/schemas/UpdateRoleDto" + $ref: "#/components/schemas/UpdateCommentDto" responses: "200": - description: "Role updated successfully" + description: "Comment updated successfully" content: application/json: schema: - type: "object" - properties: - id: - type: "string" - name: - type: "string" - permissions: - type: "object" - isBuiltIn: - type: "boolean" - createdAt: - type: "string" - format: "date-time" - updatedAt: - type: "string" - format: "date-time" - "400": - description: "Invalid role data" - "401": - description: "Unauthorized" - "403": - description: "Forbidden - cannot grant permissions you do not have" - "404": - description: "Role not found" + $ref: "#/components/schemas/CommentResponseDto" security: - apikey: [] - summary: "Update a custom role" + summary: "Update a comment" tags: - - "Roles" + - "Comments" x-mint: metadata: - title: "Update a custom role | Comp AI API" - sidebarTitle: "Update a custom role" - description: "Update a custom role in Comp AI. Create custom roles and resolve permission sets for organization-level access control." - og:title: "Update a custom role | Comp AI API" - og:description: "Update a custom role in Comp AI. Create custom roles and resolve permission sets for organization-level access control." + title: "Update a comment | Comp AI API" + sidebarTitle: "Update a comment" + description: "Update a comment in Comp AI. Create and manage collaboration comments on compliance entities such as tasks, policies, risks, vendors, and findings." + og:title: "Update a comment | Comp AI API" + og:description: "Update a comment in Comp AI. Create and manage collaboration comments on compliance entities such as tasks, policies, risks, vendors, and findings." x-speakeasy-mcp: - name: "update-role" + name: "update-comment" delete: - description: "Delete a custom role in Comp AI. Create custom roles and resolve permission sets for organization-level access control." - operationId: "RolesController_deleteRole_v1" + description: "Delete a comment in Comp AI. Create and manage collaboration comments on compliance entities such as tasks, policies, risks, vendors, and findings." + operationId: "CommentsController_deleteComment_v1" parameters: - - name: "roleId" + - name: "commentId" required: true in: "path" - description: "Role ID" + description: "Unique comment identifier" schema: - example: "rol_abc123" + example: "cmt_abc123def456" type: "string" + requestBody: + required: true + description: "Delete comment request body" + content: + application/json: + schema: + type: "object" + properties: + userId: + type: "string" + description: "User ID of the comment author (required for API key auth, ignored for JWT auth)" + example: "usr_abc123def456" responses: "200": - description: "Role deleted successfully" + description: "Comment deleted successfully" content: application/json: schema: @@ -10875,1176 +10517,1212 @@ paths: properties: success: type: "boolean" + example: true + deletedCommentId: + type: "string" + example: "cmt_abc123def456" message: type: "string" - "400": - description: "Cannot delete - members assigned to role" + example: "Comment deleted successfully" "401": - description: "Unauthorized" + description: "Unauthorized - Invalid authentication" + content: + application/json: + schema: + type: "object" + properties: + message: + type: "string" + example: "Unauthorized" "404": - description: "Role not found" + description: "Comment not found" + content: + application/json: + schema: + type: "object" + properties: + message: + type: "string" + example: "Comment with ID cmt_abc123def456 not found" security: - apikey: [] - summary: "Delete a custom role" + summary: "Delete a comment" tags: - - "Roles" + - "Comments" x-mint: metadata: - title: "Delete a custom role | Comp AI API" - sidebarTitle: "Delete a custom role" - description: "Delete a custom role in Comp AI. Create custom roles and resolve permission sets for organization-level access control." - og:title: "Delete a custom role | Comp AI API" - og:description: "Delete a custom role in Comp AI. Create custom roles and resolve permission sets for organization-level access control." + title: "Delete a comment | Comp AI API" + sidebarTitle: "Delete a comment" + description: "Delete a comment in Comp AI. Create and manage collaboration comments on compliance entities such as tasks, policies, risks, vendors, and findings." + og:title: "Delete a comment | Comp AI API" + og:description: "Delete a comment in Comp AI. Create and manage collaboration comments on compliance entities such as tasks, policies, risks, vendors, and findings." x-speakeasy-mcp: - name: "delete-role" - /v1/questionnaire: + name: "delete-comment" + /v1/trust-portal/settings: get: - operationId: "QuestionnaireController_findAll_v1" + operationId: "TrustPortalController_getSettings_v1" parameters: [] responses: "200": - description: "List of questionnaires" + description: "Trust portal settings retrieved successfully" security: - apikey: [] - summary: "List security questionnaires" + summary: "Get Trust Center settings" tags: - - "Questionnaire" - description: "List saved security questionnaires for an organization so teams can track customer reviews, answer status, and response history." + - "Trust Portal" + description: "Retrieve Trust Center settings used to configure public status, custom domains, framework visibility, resources, FAQs, and access rules." x-mint: - href: "/api-reference/questionnaire/list-questionnaires" metadata: - title: "List security questionnaires | Comp AI API" - sidebarTitle: "List security questionnaires" - description: "List saved security questionnaires for an organization so teams can track customer reviews, answer status, and response history." - og:title: "List security questionnaires | Comp AI API" - og:description: "List saved security questionnaires for an organization so teams can track customer reviews, answer status, and response history." + title: "Get Trust Center settings | Comp AI API" + sidebarTitle: "Get Trust Center settings" + description: "Retrieve Trust Center settings used to configure public status, custom domains, framework visibility, resources, FAQs, and access rules." + og:title: "Get Trust Center settings | Comp AI API" + og:description: "Retrieve Trust Center settings used to configure public status, custom domains, framework visibility, resources, FAQs, and access rules." x-speakeasy-mcp: - name: "questionnaire-find-all" - /v1/questionnaire/{id}: - get: - operationId: "QuestionnaireController_findById_v1" - parameters: - - name: "id" - required: true - in: "path" - schema: - type: "string" + name: "get-settings" + /v1/trust-portal/favicon: + post: + operationId: "TrustPortalController_uploadFavicon_v1" + parameters: [] responses: - "200": - description: "Questionnaire details" + "201": + description: "Favicon uploaded successfully" security: - apikey: [] - summary: "Get security questionnaire details" + summary: "Upload a favicon for the trust portal" tags: - - "Questionnaire" - description: "Retrieve one saved security questionnaire, including extracted questions, generated answers, and review context for the requesting client." + - "Trust Portal" + description: "Upload a favicon for the trust portal in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures." x-mint: - href: "/api-reference/questionnaire/get-a-questionnaire-by-id" metadata: - title: "Get security questionnaire details | Comp AI API" - sidebarTitle: "Get security questionnaire details" - description: "Retrieve one saved security questionnaire, including extracted questions, generated answers, and review context for the requesting client." - og:title: "Get security questionnaire details | Comp AI API" - og:description: "Retrieve one saved security questionnaire, including extracted questions, generated answers, and review context for the requesting client." + title: "Upload a favicon for the trust portal | Comp AI API" + sidebarTitle: "Upload a favicon for the trust portal" + description: "Upload a favicon for the trust portal in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents." + og:title: "Upload a favicon for the trust portal | Comp AI API" + og:description: "Upload a favicon for the trust portal in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents." x-speakeasy-mcp: - name: "find-by-id" + name: "upload-favicon" delete: - operationId: "QuestionnaireController_deleteById_v1" - parameters: - - name: "id" - required: true - in: "path" - schema: - type: "string" + operationId: "TrustPortalController_removeFavicon_v1" + parameters: [] responses: "200": - description: "Questionnaire deleted" + description: "Favicon removed successfully" security: - apikey: [] - summary: "Delete a security questionnaire" + summary: "Remove the trust portal favicon" tags: - - "Questionnaire" - description: "Delete a saved security questionnaire when a customer review or vendor assessment no longer needs to be retained." + - "Trust Portal" + description: "Remove the trust portal favicon in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures." x-mint: - href: "/api-reference/questionnaire/delete-a-questionnaire" metadata: - title: "Delete a security questionnaire | Comp AI API" - sidebarTitle: "Delete a security questionnaire" - description: "Delete a saved security questionnaire when a customer review or vendor assessment no longer needs to be retained." - og:title: "Delete a security questionnaire | Comp AI API" - og:description: "Delete a saved security questionnaire when a customer review or vendor assessment no longer needs to be retained." + title: "Remove the trust portal favicon | Comp AI API" + sidebarTitle: "Remove the trust portal favicon" + description: "Remove the trust portal favicon in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links." + og:title: "Remove the trust portal favicon | Comp AI API" + og:description: "Remove the trust portal favicon in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links." x-speakeasy-mcp: - name: "delete-by-id" - /v1/questionnaire/{id}/auto-answer: - post: - description: "Starts background answer generation for an already-parsed questionnaire and returns a run handle immediately. Poll GET /v1/questionnaire/:id until answeredQuestions equals totalQuestions, then read the answers from its questions." - operationId: "QuestionnaireController_triggerAutoAnswer_v1" + name: "remove-favicon" + /v1/trust-portal/domain/status: + get: + description: "Get domain verification status in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures." + operationId: "TrustPortalController_getDomainStatus_v1" parameters: - - name: "id" + - name: "domain" required: true - in: "path" + in: "query" + description: "The domain name to check status for" schema: + example: "portal.example.com" type: "string" responses: "200": - description: "" + description: "Domain status retrieved successfully" content: application/json: schema: - $ref: "#/components/schemas/TriggerAutoAnswerResponseDto" + $ref: "#/components/schemas/DomainStatusResponseDto" + "401": + description: "Unauthorized - Invalid or missing authentication" + "500": + description: "Failed to retrieve domain status from Vercel" security: - apikey: [] - summary: "Generate answers for a questionnaire" + summary: "Get domain verification status" tags: - - "Questionnaire" - x-speakeasy-mcp: - name: "generate-questionnaire-answers" + - "Trust Portal" x-mint: metadata: - title: "Generate answers for a questionnaire | Comp AI API" - sidebarTitle: "Generate answers for a questionnaire" - description: "Starts background answer generation for an already-parsed questionnaire and returns a run handle immediately. Poll GET /v1/questionnaire/:id until." - og:title: "Generate answers for a questionnaire | Comp AI API" - og:description: "Starts background answer generation for an already-parsed questionnaire and returns a run handle immediately. Poll GET /v1/questionnaire/:id until." - /v1/questionnaire/parse: + title: "Get domain verification status | Comp AI API" + sidebarTitle: "Get domain verification status" + description: "Get domain verification status in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links." + og:title: "Get domain verification status | Comp AI API" + og:description: "Get domain verification status in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links." + x-speakeasy-mcp: + name: "get-domain-status" + /v1/trust-portal/compliance-resources/upload: post: - operationId: "QuestionnaireController_parseQuestionnaire_v1" + description: "Upload or replace a compliance certificate PDF such as SOC 2, ISO 27001, HIPAA, or GDPR evidence for Trust Center sharing." + operationId: "TrustPortalController_uploadComplianceResource_v1" parameters: [] requestBody: required: true content: application/json: schema: - $ref: "#/components/schemas/ParseQuestionnaireDto" + $ref: "#/components/schemas/UploadComplianceResourceDto" responses: - "200": - description: "Parsed questionnaire content" + "201": + description: "Compliance certificate uploaded successfully" content: application/json: schema: - type: "object" + $ref: "#/components/schemas/ComplianceResourceResponseDto" + "400": + description: "Framework not compliant, PDF validation failed, or organization mismatch" security: - apikey: [] - summary: "Parse questionnaire content" + summary: "Upload compliance certificate" tags: - - "Questionnaire" - description: "Parse questionnaire content from a submitted payload so teams can extract security questions before generating or reviewing answers." + - "Trust Portal" x-mint: - href: "/api-reference/questionnaire/parse-an-uploaded-questionnaire-file" metadata: - title: "Parse questionnaire content | Comp AI API" - sidebarTitle: "Parse questionnaire content" - description: "Parse questionnaire content from a submitted payload so teams can extract security questions before generating or reviewing answers." - og:title: "Parse questionnaire content | Comp AI API" - og:description: "Parse questionnaire content from a submitted payload so teams can extract security questions before generating or reviewing answers." + title: "Upload compliance certificate | Comp AI API" + sidebarTitle: "Upload compliance certificate" + description: "Upload or replace a compliance certificate PDF such as SOC 2, ISO 27001, HIPAA, or GDPR evidence for Trust Center sharing." + og:title: "Upload compliance certificate | Comp AI API" + og:description: "Upload or replace a compliance certificate PDF such as SOC 2, ISO 27001, HIPAA, or GDPR evidence for Trust Center sharing." x-speakeasy-mcp: - name: "parse-questionnaire" - /v1/questionnaire/answer-single: + name: "upload-compliance-resource" + /v1/trust-portal/compliance-resources/signed-url: post: - operationId: "QuestionnaireController_answerSingleQuestion_v1" + operationId: "TrustPortalController_getComplianceResourceUrl_v1" parameters: [] requestBody: required: true content: application/json: schema: - $ref: "#/components/schemas/AnswerSingleQuestionDto" + $ref: "#/components/schemas/ComplianceResourceSignedUrlDto" responses: "200": - description: "Generated single answer result" - content: - application/json: - schema: - type: "object" - properties: - success: - type: "boolean" - data: - type: "object" - properties: - questionIndex: - type: "number" - question: - type: "string" - answer: - type: "string" - nullable: true - sources: - type: "array" - items: - type: "object" - error: - type: "string" - nullable: true + description: "Signed URL generated successfully" + content: + application/json: + schema: + $ref: "#/components/schemas/ComplianceResourceUrlResponseDto" security: - apikey: [] - summary: "Answer one questionnaire question" + summary: "Generate a temporary signed URL for a compliance certificate" tags: - - "Questionnaire" - description: "Generate an answer for one security questionnaire item using the organization evidence library and return source references for review." + - "Trust Portal" + description: "Generate a temporary signed URL for a compliance certificate in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures." x-mint: - href: "/api-reference/questionnaire/answer-a-single-questionnaire-question" metadata: - title: "Answer one questionnaire question | Comp AI API" - sidebarTitle: "Answer one questionnaire question" - description: "Generate an answer for one security questionnaire item using the organization evidence library and return source references for review." - og:title: "Answer one questionnaire question | Comp AI API" - og:description: "Generate an answer for one security questionnaire item using the organization evidence library and return source references for review." + title: "Generate a temporary signed URL for a | Comp AI API" + sidebarTitle: "Generate a temporary signed URL for a compliance certificate" + description: "Generate a temporary signed URL for a compliance certificate in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance." + og:title: "Generate a temporary signed URL for a | Comp AI API" + og:description: "Generate a temporary signed URL for a compliance certificate in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance." x-speakeasy-mcp: - name: "answer-single-question" - /v1/questionnaire/save-answer: + name: "get-compliance-resource-url" + /v1/trust-portal/compliance-resources/list: post: - operationId: "QuestionnaireController_saveAnswer_v1" + operationId: "TrustPortalController_listComplianceResources_v1" parameters: [] requestBody: required: true content: application/json: schema: - $ref: "#/components/schemas/SaveAnswerDto" + $ref: "#/components/schemas/ListComplianceResourcesDto" responses: "200": - description: "Save manual or generated answer" + description: "Compliance certificates retrieved successfully" content: application/json: schema: - type: "object" - properties: - success: - type: "boolean" - error: - type: "string" - nullable: true + type: "array" + items: + $ref: "#/components/schemas/ComplianceResourceResponseDto" security: - apikey: [] - summary: "Save questionnaire answer" + summary: "List uploaded compliance certificates for the organization" tags: - - "Questionnaire" - description: "Save a manual or AI-generated security questionnaire answer for later review, export, and audit tracking." + - "Trust Portal" + description: "List uploaded compliance certificates for the organization in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures." x-mint: - href: "/api-reference/questionnaire/save-a-questionnaire-answer" metadata: - title: "Save questionnaire answer | Comp AI API" - sidebarTitle: "Save questionnaire answer" - description: "Save a manual or AI-generated security questionnaire answer for later review, export, and audit tracking." - og:title: "Save questionnaire answer | Comp AI API" - og:description: "Save a manual or AI-generated security questionnaire answer for later review, export, and audit tracking." + title: "List uploaded compliance certificates for the | Comp AI API" + sidebarTitle: "List uploaded compliance certificates for the organization" + description: "List uploaded compliance certificates for the organization in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance." + og:title: "List uploaded compliance certificates for the | Comp AI API" + og:description: "List uploaded compliance certificates for the organization in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance." x-speakeasy-mcp: - name: "save-answer" - /v1/questionnaire/delete-answer: + name: "list-compliance-resources" + /v1/trust-portal/documents/upload: post: - operationId: "QuestionnaireController_deleteAnswer_v1" + description: "Upload an additional trust portal document in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures." + operationId: "TrustPortalController_uploadTrustDocument_v1" parameters: [] requestBody: required: true content: application/json: schema: - $ref: "#/components/schemas/DeleteAnswerDto" + $ref: "#/components/schemas/UploadTrustDocumentDto" responses: - "200": - description: "Delete questionnaire answer" + "201": + description: "Document uploaded successfully" content: application/json: schema: - type: "object" - properties: - success: - type: "boolean" - error: - type: "string" - nullable: true + $ref: "#/components/schemas/TrustDocumentResponseDto" security: - apikey: [] - summary: "Delete questionnaire answer" + summary: "Upload an additional trust portal document" tags: - - "Questionnaire" - description: "Delete a stored questionnaire answer when it should be removed from the active response set." + - "Trust Portal" x-mint: - href: "/api-reference/questionnaire/delete-a-questionnaire-answer" metadata: - title: "Delete questionnaire answer | Comp AI API" - sidebarTitle: "Delete questionnaire answer" - description: "Delete a stored questionnaire answer when it should be removed from the active response set." - og:title: "Delete questionnaire answer | Comp AI API" - og:description: "Delete a stored questionnaire answer when it should be removed from the active response set." + title: "Upload an additional trust portal document | Comp AI API" + sidebarTitle: "Upload an additional trust portal document" + description: "Upload an additional trust portal document in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources." + og:title: "Upload an additional trust portal document | Comp AI API" + og:description: "Upload an additional trust portal document in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources." x-speakeasy-mcp: - name: "delete-answer" - /v1/questionnaire/export: + name: "upload-trust-document" + /v1/trust-portal/documents/list: post: - operationId: "QuestionnaireController_exportById_v1" + operationId: "TrustPortalController_listTrustDocuments_v1" parameters: [] requestBody: required: true content: application/json: schema: - $ref: "#/components/schemas/ExportByIdDto" + $ref: "#/components/schemas/ListComplianceResourcesDto" responses: "200": - description: "Export questionnaire by ID to specified format" + description: "Documents retrieved successfully" + content: + application/json: + schema: + type: "array" + items: + $ref: "#/components/schemas/TrustDocumentResponseDto" security: - apikey: [] - summary: "Export a security questionnaire" + summary: "List additional trust portal documents for the organization" tags: - - "Questionnaire" - description: "Export a saved security questionnaire response package as PDF, CSV, or XLSX for customer and vendor security reviews." + - "Trust Portal" + description: "List additional trust portal documents for the organization in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures." x-mint: - href: "/api-reference/questionnaire/export-a-questionnaire" metadata: - title: "Export a security questionnaire | Comp AI API" - sidebarTitle: "Export a security questionnaire" - description: "Export a saved security questionnaire response package as PDF, CSV, or XLSX for customer and vendor security reviews." - og:title: "Export a security questionnaire | Comp AI API" - og:description: "Export a saved security questionnaire response package as PDF, CSV, or XLSX for customer and vendor security reviews." + title: "List additional trust portal documents for | Comp AI API" + sidebarTitle: "List additional trust portal documents for the organization" + description: "List additional trust portal documents for the organization in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance." + og:title: "List additional trust portal documents for | Comp AI API" + og:description: "List additional trust portal documents for the organization in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance." x-speakeasy-mcp: - name: "export-by-id" - /v1/questionnaire/upload-and-parse: + name: "list-trust-documents" + /v1/trust-portal/documents/{documentId}/download: post: - operationId: "QuestionnaireController_uploadAndParse_v1" - parameters: [] + operationId: "TrustPortalController_getTrustDocumentUrl_v1" + parameters: + - name: "documentId" + required: true + in: "path" + schema: + type: "string" requestBody: required: true content: application/json: schema: - $ref: "#/components/schemas/UploadAndParseDto" + $ref: "#/components/schemas/TrustDocumentSignedUrlDto" responses: "200": - description: "Upload file and trigger async parsing. Returns runId for realtime tracking." + description: "Signed URL generated successfully" content: application/json: schema: - type: "object" - properties: - runId: - type: "string" - publicAccessToken: - type: "string" + $ref: "#/components/schemas/TrustDocumentUrlResponseDto" security: - apikey: [] - summary: "Start questionnaire parsing" + summary: "Generate a temporary signed URL for a trust portal document" tags: - - "Questionnaire" - description: "Upload a questionnaire payload and start asynchronous parsing, returning a run ID for real-time progress tracking." + - "Trust Portal" + description: "Generate a temporary signed URL for a trust portal document in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures." x-mint: - href: "/api-reference/questionnaire/upload-and-parse-a-questionnaire-file" metadata: - title: "Start questionnaire parsing | Comp AI API" - sidebarTitle: "Start questionnaire parsing" - description: "Upload a questionnaire payload and start asynchronous parsing, returning a run ID for real-time progress tracking." - og:title: "Start questionnaire parsing | Comp AI API" - og:description: "Upload a questionnaire payload and start asynchronous parsing, returning a run ID for real-time progress tracking." + title: "Generate a temporary signed URL for a trust | Comp AI API" + sidebarTitle: "Generate a temporary signed URL for a trust portal document" + description: "Generate a temporary signed URL for a trust portal document in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance." + og:title: "Generate a temporary signed URL for a trust | Comp AI API" + og:description: "Generate a temporary signed URL for a trust portal document in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance." x-speakeasy-mcp: - name: "upload-and-parse" - /v1/questionnaire/upload-and-parse/upload: + name: "get-trust-document-url" + /v1/trust-portal/documents/{documentId}/delete: post: - operationId: "QuestionnaireController_uploadAndParseUpload_v1" - parameters: [] + operationId: "TrustPortalController_deleteTrustDocument_v1" + parameters: + - name: "documentId" + required: true + in: "path" + schema: + type: "string" requestBody: required: true content: - multipart/form-data: + application/json: schema: - type: "object" - properties: - file: - type: "string" - format: "binary" - description: "Questionnaire file (PDF, image, XLSX, CSV, TXT)" - organizationId: - type: "string" - description: "Organization ID" - source: - type: "string" - enum: - - "internal" - - "external" - default: "internal" - description: "Source of the upload" - required: - - "file" - - "organizationId" + $ref: "#/components/schemas/DeleteTrustDocumentDto" responses: "200": - description: "Upload file, parse questions (no answers), save to DB, return questionnaireId" + description: "Document deleted successfully" content: application/json: schema: type: "object" properties: - questionnaireId: - type: "string" - totalQuestions: - type: "number" + success: + type: "boolean" + security: + - apikey: [] + summary: "Delete (deactivate) a trust portal document" + tags: + - "Trust Portal" + description: "Delete (deactivate) a trust portal document in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures." + x-mint: + metadata: + title: "Delete (deactivate) a trust portal document | Comp AI API" + sidebarTitle: "Delete (deactivate) a trust portal document" + description: "Delete (deactivate) a trust portal document in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources." + og:title: "Delete (deactivate) a trust portal document | Comp AI API" + og:description: "Delete (deactivate) a trust portal document in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources." + x-speakeasy-mcp: + name: "delete-trust-document" + /v1/trust-portal/settings/toggle: + put: + operationId: "TrustPortalController_togglePortal_v1" + parameters: [] + responses: + "200": + description: "" + security: + - apikey: [] + summary: "Enable or disable the trust portal" + tags: + - "Trust Portal" + description: "Enable or disable the trust portal in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures." + x-mint: + metadata: + title: "Enable or disable the trust portal | Comp AI API" + sidebarTitle: "Enable or disable the trust portal" + description: "Enable or disable the trust portal in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents." + og:title: "Enable or disable the trust portal | Comp AI API" + og:description: "Enable or disable the trust portal in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents." + x-speakeasy-mcp: + name: "toggle-portal" + /v1/trust-portal/settings/custom-domain: + post: + operationId: "TrustPortalController_addCustomDomain_v1" + parameters: [] + responses: + "201": + description: "" security: - apikey: [] - summary: "Upload and parse questionnaire file" + summary: "Add or update a custom domain for the trust portal" tags: - - "Questionnaire" - description: "Upload a security questionnaire file, extract questions, save the parsed questionnaire, and return its identifier and question count." + - "Trust Portal" + description: "Add or update a custom domain for the trust portal in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures." x-mint: - href: "/api-reference/questionnaire/upload-a-questionnaire-file-and-parse-its-questions" metadata: - title: "Upload and parse questionnaire file | Comp AI API" - sidebarTitle: "Upload and parse questionnaire file" - description: "Upload a security questionnaire file, extract questions, save the parsed questionnaire, and return its identifier and question count." - og:title: "Upload and parse questionnaire file | Comp AI API" - og:description: "Upload a security questionnaire file, extract questions, save the parsed questionnaire, and return its identifier and question count." + title: "Add or update a custom domain for the trust | Comp AI API" + sidebarTitle: "Add or update a custom domain for the trust portal" + description: "Add or update a custom domain for the trust portal in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources." + og:title: "Add or update a custom domain for the trust | Comp AI API" + og:description: "Add or update a custom domain for the trust portal in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources." x-speakeasy-mcp: - name: "upload-and-parse-upload" - disabled: true - /v1/questionnaire/parse/upload: + name: "add-custom-domain" + /v1/trust-portal/settings/check-dns: post: - operationId: "QuestionnaireController_parseQuestionnaireUpload_v1" + operationId: "TrustPortalController_checkDnsRecords_v1" parameters: [] - requestBody: - required: true - content: - multipart/form-data: - schema: - type: "object" - properties: - file: - type: "string" - format: "binary" - description: "Questionnaire file (PDF, image, XLSX, CSV, TXT)" - organizationId: - type: "string" - description: "Organization to use for generating answers" - format: - type: "string" - enum: - - "pdf" - - "csv" - - "xlsx" - default: "xlsx" - description: "Output format (defaults to XLSX)" - source: - type: "string" - enum: - - "internal" - - "external" - default: "internal" - description: "Indicates if the request originated from our UI (internal) or trust portal (external)." - required: - - "file" - - "organizationId" responses: "201": description: "" security: - apikey: [] - summary: "Auto-answer uploaded questionnaire" + summary: "Check DNS records for a custom domain" tags: - - "Questionnaire" - description: "Upload a questionnaire file and generate answer exports from approved organization evidence in PDF, CSV, or XLSX format." + - "Trust Portal" + description: "Check DNS records for a custom domain in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures." x-mint: - href: "/api-reference/questionnaire/upload-a-questionnaire-file-and-auto-answer-with-export" metadata: - title: "Auto-answer uploaded questionnaire | Comp AI API" - sidebarTitle: "Auto-answer uploaded questionnaire" - description: "Upload a questionnaire file and generate answer exports from approved organization evidence in PDF, CSV, or XLSX format." - og:title: "Auto-answer uploaded questionnaire | Comp AI API" - og:description: "Upload a questionnaire file and generate answer exports from approved organization evidence in PDF, CSV, or XLSX format." + title: "Check DNS records for a custom domain | Comp AI API" + sidebarTitle: "Check DNS records for a custom domain" + description: "Check DNS records for a custom domain in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents." + og:title: "Check DNS records for a custom domain | Comp AI API" + og:description: "Check DNS records for a custom domain in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents." x-speakeasy-mcp: - name: "parse-questionnaire-upload" - disabled: true - /v1/questionnaire/answers/export: - post: - operationId: "QuestionnaireController_autoAnswerAndExport_v1" + name: "check-dns-records" + /v1/trust-portal/settings/faqs: + put: + operationId: "TrustPortalController_updateFaqs_v1" parameters: [] - requestBody: - required: true - content: - application/json: - schema: - $ref: "#/components/schemas/ExportQuestionnaireDto" responses: - "201": + "200": description: "" security: - apikey: [] - summary: "Export generated questionnaire answers" + summary: "Update trust portal FAQs" tags: - - "Questionnaire" - description: "Generate and export questionnaire answers from a submitted payload using approved organization evidence." + - "Trust Portal" + description: "Update trust portal FAQs in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures." x-mint: - href: "/api-reference/questionnaire/export-questionnaire-answers" metadata: - title: "Export generated questionnaire answers | Comp AI API" - sidebarTitle: "Export generated questionnaire answers" - description: "Generate and export questionnaire answers from a submitted payload using approved organization evidence." - og:title: "Export generated questionnaire answers | Comp AI API" - og:description: "Generate and export questionnaire answers from a submitted payload using approved organization evidence." + title: "Update trust portal FAQs | Comp AI API" + sidebarTitle: "Update trust portal FAQs" + description: "Update trust portal FAQs in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links." + og:title: "Update trust portal FAQs | Comp AI API" + og:description: "Update trust portal FAQs in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links." x-speakeasy-mcp: - name: "auto-answer-and-export" - disabled: true - /v1/questionnaire/answers/export/upload: - post: - operationId: "QuestionnaireController_autoAnswerAndExportUpload_v1" + name: "update-faqs" + /v1/trust-portal/settings/allowed-domains: + put: + operationId: "TrustPortalController_updateAllowedDomains_v1" parameters: [] - requestBody: - required: true - content: - multipart/form-data: - schema: - type: "object" - properties: - file: - type: "string" - format: "binary" - description: "Questionnaire file (PDF, image, XLSX, CSV, TXT)" - organizationId: - type: "string" - description: "Organization to use for answer generation" - format: - type: "string" - enum: - - "pdf" - - "csv" - - "xlsx" - default: "xlsx" - description: "Output format (defaults to XLSX)" - required: - - "file" - - "organizationId" responses: - "201": + "200": description: "" security: - apikey: [] - summary: "Upload and export generated answers" + summary: "Update allowed domains for the trust portal" tags: - - "Questionnaire" - description: "Upload a questionnaire file and return generated answer exports in PDF, CSV, or XLSX format." + - "Trust Portal" + description: "Update allowed domains for the trust portal in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures." x-mint: - href: "/api-reference/questionnaire/upload-a-questionnaire-file-and-export-auto-generated-answers" metadata: - title: "Upload and export generated answers | Comp AI API" - sidebarTitle: "Upload and export generated answers" - description: "Upload a questionnaire file and return generated answer exports in PDF, CSV, or XLSX format." - og:title: "Upload and export generated answers | Comp AI API" - og:description: "Upload a questionnaire file and return generated answer exports in PDF, CSV, or XLSX format." + title: "Update allowed domains for the trust portal | Comp AI API" + sidebarTitle: "Update allowed domains for the trust portal" + description: "Update allowed domains for the trust portal in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources." + og:title: "Update allowed domains for the trust portal | Comp AI API" + og:description: "Update allowed domains for the trust portal in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources." x-speakeasy-mcp: - name: "auto-answer-and-export-upload" - disabled: true - /v1/questionnaire/auto-answer: - post: - operationId: "QuestionnaireController_autoAnswer_v1" + name: "update-allowed-domains" + /v1/trust-portal/settings/allowed-emails: + put: + operationId: "TrustPortalController_updateAllowedEmails_v1" parameters: [] requestBody: required: true content: application/json: schema: - $ref: "#/components/schemas/AutoAnswerDto" + $ref: "#/components/schemas/UpdateAllowedEmailsDto" responses: - "201": + "200": description: "" security: - apikey: [] - summary: "Stream generated questionnaire answers" + summary: "Update allowed emails for the trust portal" tags: - - "Questionnaire" - description: "Stream generated questionnaire answers over server-sent events so clients can show progress while answers are produced." + - "Trust Portal" + description: "Update allowed emails for the trust portal in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures." x-mint: - href: "/api-reference/questionnaire/auto-answer-a-questionnaire" metadata: - title: "Stream generated questionnaire answers | Comp AI API" - sidebarTitle: "Stream generated questionnaire answers" - description: "Stream generated questionnaire answers over server-sent events so clients can show progress while answers are produced." - og:title: "Stream generated questionnaire answers | Comp AI API" - og:description: "Stream generated questionnaire answers over server-sent events so clients can show progress while answers are produced." + title: "Update allowed emails for the trust portal | Comp AI API" + sidebarTitle: "Update allowed emails for the trust portal" + description: "Update allowed emails for the trust portal in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources." + og:title: "Update allowed emails for the trust portal | Comp AI API" + og:description: "Update allowed emails for the trust portal in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources." x-speakeasy-mcp: - name: "auto-answer" - disabled: true - /v1/knowledge-base/documents: - get: - operationId: "KnowledgeBaseController_listDocuments_v1" + name: "update-allowed-emails" + /v1/trust-portal/settings/frameworks: + put: + operationId: "TrustPortalController_updateFrameworks_v1" parameters: [] responses: "200": - description: "List of knowledge base documents" + description: "" security: - apikey: [] - summary: "List knowledge base documents" + summary: "Update trust portal framework settings" tags: - - "Knowledge Base" - description: "List uploaded knowledge base documents that Comp AI can use as approved source material for answers, policies, and reviews." + - "Trust Portal" + description: "Update trust portal framework settings in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures." x-mint: metadata: - title: "List knowledge base documents | Comp AI API" - sidebarTitle: "List knowledge base documents" - description: "List uploaded knowledge base documents that Comp AI can use as approved source material for answers, policies, and reviews." - og:title: "List knowledge base documents | Comp AI API" - og:description: "List uploaded knowledge base documents that Comp AI can use as approved source material for answers, policies, and reviews." + title: "Update trust portal framework settings | Comp AI API" + sidebarTitle: "Update trust portal framework settings" + description: "Update trust portal framework settings in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents." + og:title: "Update trust portal framework settings | Comp AI API" + og:description: "Update trust portal framework settings in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents." x-speakeasy-mcp: - name: "list-documents" - /v1/knowledge-base/manual-answers: - get: - operationId: "KnowledgeBaseController_listManualAnswers_v1" + name: "update-frameworks" + /v1/trust-portal/settings/security-questionnaire: + put: + operationId: "TrustPortalController_updateSecurityQuestionnaire_v1" parameters: [] + requestBody: + required: true + content: + application/json: + schema: + type: "object" + required: + - "enabled" + properties: + enabled: + type: "boolean" + description: "When false, the Security Questionnaire is hidden from the public trust portal." responses: "200": - description: "List of manual answers" + description: "" security: - apikey: [] - summary: "List all manual answers for an organization" + summary: "Show or hide the Security Questionnaire on the public trust portal" tags: - - "Knowledge Base" - description: "List all manual answers for an organization in Comp AI. Upload source documents, process them for retrieval, and manage reusable manual answers that power questionnaires and AI policy workflows." + - "Trust Portal" + description: "Show or hide the Security Questionnaire on the public trust portal in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures." x-mint: metadata: - title: "List all manual answers for an organization | Comp AI API" - sidebarTitle: "List all manual answers for an organization" - description: "List all manual answers for an organization in Comp AI. Upload source documents, process them for retrieval, and manage reusable manual answers that power." - og:title: "List all manual answers for an organization | Comp AI API" - og:description: "List all manual answers for an organization in Comp AI. Upload source documents, process them for retrieval, and manage reusable manual answers that power." + title: "Show or hide the Security Questionnaire on | Comp AI API" + sidebarTitle: "Show or hide the Security Questionnaire on the public trust portal" + description: "Show or hide the Security Questionnaire on the public trust portal in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs." + og:title: "Show or hide the Security Questionnaire on | Comp AI API" + og:description: "Show or hide the Security Questionnaire on the public trust portal in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs." + x-speakeasy-mcp: + name: "update-security-questionnaire" + /v1/trust-portal/custom-frameworks: + get: + operationId: "TrustPortalController_listCustomFrameworks_v1" + parameters: [] + responses: + "200": + description: "" + security: + - apikey: [] + summary: "List org-authored custom frameworks with their trust portal selection" + tags: + - "Trust Portal" + description: "List org-authored custom frameworks with their trust portal selection in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures." + x-mint: + metadata: + title: "List org-authored custom frameworks with | Comp AI API" + sidebarTitle: "List org-authored custom frameworks with their trust portal selection" + description: "List org-authored custom frameworks with their trust portal selection in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs." + og:title: "List org-authored custom frameworks with | Comp AI API" + og:description: "List org-authored custom frameworks with their trust portal selection in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs." x-speakeasy-mcp: - name: "list-manual-answers" - post: - operationId: "KnowledgeBaseController_saveManualAnswer_v1" + name: "list-custom-frameworks" + put: + operationId: "TrustPortalController_updateCustomFramework_v1" parameters: [] requestBody: required: true + description: "At least one of `enabled` or `status` must be provided." content: application/json: schema: - $ref: "#/components/schemas/SaveManualAnswerDto" + type: "object" + required: + - "customFrameworkId" + anyOf: + - required: + - "enabled" + - required: + - "status" + properties: + customFrameworkId: + type: "string" + minLength: 1 + enabled: + type: "boolean" + status: + type: "string" + enum: + - "started" + - "in_progress" + - "compliant" responses: "200": - description: "Manual answer saved" + description: "" security: - apikey: [] - summary: "Save reusable manual answer" + summary: "Enable/disable a custom framework on the trust portal and set its status" tags: - - "Knowledge Base" - description: "Save or update a reusable manual answer for security questionnaires that need approved, consistent response language." + - "Trust Portal" + description: "Enable/disable a custom framework on the trust portal and set its status in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures." x-mint: metadata: - title: "Save reusable manual answer | Comp AI API" - sidebarTitle: "Save reusable manual answer" - description: "Save or update a reusable manual answer for security questionnaires that need approved, consistent response language." - og:title: "Save reusable manual answer | Comp AI API" - og:description: "Save or update a reusable manual answer for security questionnaires that need approved, consistent response language." + title: "Enable/disable a custom framework on the | Comp AI API" + sidebarTitle: "Enable/disable a custom framework on the trust portal and set its status" + description: "Enable/disable a custom framework on the trust portal and set its status in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs." + og:title: "Enable/disable a custom framework on the | Comp AI API" + og:description: "Enable/disable a custom framework on the trust portal and set its status in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs." x-speakeasy-mcp: - name: "save-manual-answer" - /v1/knowledge-base/documents/upload: + name: "update-custom-framework" + /v1/trust-portal/custom-frameworks/badge: post: - operationId: "KnowledgeBaseController_uploadDocument_v1" + description: "Stores a PNG/JPEG/WebP badge (max 256KB) in the organization assets bucket. Does not change the framework's portal visibility." + operationId: "TrustPortalController_uploadCustomFrameworkBadge_v1" parameters: [] requestBody: required: true content: application/json: schema: - $ref: "#/components/schemas/UploadDocumentDto" + $ref: "#/components/schemas/UploadCustomFrameworkBadgeDto" responses: - "200": - description: "Document uploaded successfully" + "201": + description: "Badge uploaded successfully" + content: + application/json: + schema: + $ref: "#/components/schemas/CustomFrameworkBadgeResponseDto" security: - apikey: [] - summary: "Upload knowledge base document" + summary: "Upload or replace a custom framework's Trust Portal badge image" tags: - - "Knowledge Base" - description: "Upload supporting documentation so Comp AI can process approved source material for questionnaire answers and policy workflows." + - "Trust Portal" x-mint: metadata: - title: "Upload knowledge base document | Comp AI API" - sidebarTitle: "Upload knowledge base document" - description: "Upload supporting documentation so Comp AI can process approved source material for questionnaire answers and policy workflows." - og:title: "Upload knowledge base document | Comp AI API" - og:description: "Upload supporting documentation so Comp AI can process approved source material for questionnaire answers and policy workflows." + title: "Upload or replace a custom framework's Trust | Comp AI API" + sidebarTitle: "Upload or replace a custom framework's Trust Portal badge image" + description: "Stores a PNG/JPEG/WebP badge (max 256KB) in the organization assets bucket. Does not change the framework's portal visibility." + og:title: "Upload or replace a custom framework's Trust | Comp AI API" + og:description: "Stores a PNG/JPEG/WebP badge (max 256KB) in the organization assets bucket. Does not change the framework's portal visibility." x-speakeasy-mcp: - name: "upload-document" - /v1/knowledge-base/documents/{documentId}/download: - post: - operationId: "KnowledgeBaseController_getDownloadUrl_v1" + name: "upload-custom-framework-badge" + delete: + operationId: "TrustPortalController_removeCustomFrameworkBadge_v1" parameters: - - name: "documentId" + - name: "customFrameworkId" required: true - in: "path" + in: "query" + description: "Org-authored custom framework ID whose badge to remove" schema: + example: "cfrm_6914cd0e16e4c7dccbb54426" type: "string" responses: "200": - description: "Signed download URL generated" + description: "" security: - apikey: [] - summary: "Get a signed download URL for a document" + summary: "Remove a custom framework's Trust Portal badge image" tags: - - "Knowledge Base" - description: "Get a signed download URL for a document in Comp AI. Upload source documents, process them for retrieval, and manage reusable manual answers that power questionnaires and AI policy workflows." + - "Trust Portal" + description: "Remove a custom framework's Trust Portal badge image in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures." x-mint: metadata: - title: "Get a signed download URL for a document | Comp AI API" - sidebarTitle: "Get a signed download URL for a document" - description: "Get a signed download URL for a document in Comp AI. Upload source documents, process them for retrieval, and manage reusable manual answers that power." - og:title: "Get a signed download URL for a document | Comp AI API" - og:description: "Get a signed download URL for a document in Comp AI. Upload source documents, process them for retrieval, and manage reusable manual answers that power." + title: "Remove a custom framework's Trust Portal | Comp AI API" + sidebarTitle: "Remove a custom framework's Trust Portal badge image" + description: "Remove a custom framework's Trust Portal badge image in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance." + og:title: "Remove a custom framework's Trust Portal | Comp AI API" + og:description: "Remove a custom framework's Trust Portal badge image in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance." x-speakeasy-mcp: - name: "get-download-url" - /v1/knowledge-base/documents/{documentId}/view: + name: "remove-custom-framework-badge" + /v1/trust-portal/overview: post: - operationId: "KnowledgeBaseController_getViewUrl_v1" - parameters: - - name: "documentId" - required: true - in: "path" - schema: - type: "string" + operationId: "TrustPortalController_updateOverview_v1" + parameters: [] responses: "200": - description: "Signed view URL generated" + description: "Overview updated successfully" security: - apikey: [] - summary: "Get a signed view URL for a document" + summary: "Update Trust Center overview" tags: - - "Knowledge Base" - description: "Get a signed view URL for a document in Comp AI. Upload source documents, process them for retrieval, and manage reusable manual answers that power questionnaires and AI policy workflows." + - "Trust Portal" + description: "Update the public Trust Center overview content that explains security posture and compliance status to prospects and customers." x-mint: metadata: - title: "Get a signed view URL for a document | Comp AI API" - sidebarTitle: "Get a signed view URL for a document" - description: "Get a signed view URL for a document in Comp AI. Upload source documents, process them for retrieval, and manage reusable manual answers that power." - og:title: "Get a signed view URL for a document | Comp AI API" - og:description: "Get a signed view URL for a document in Comp AI. Upload source documents, process them for retrieval, and manage reusable manual answers that power." + title: "Update Trust Center overview | Comp AI API" + sidebarTitle: "Update Trust Center overview" + description: "Update the public Trust Center overview content that explains security posture and compliance status to prospects and customers." + og:title: "Update Trust Center overview | Comp AI API" + og:description: "Update the public Trust Center overview content that explains security posture and compliance status to prospects and customers." x-speakeasy-mcp: - name: "get-view-url" - /v1/knowledge-base/documents/{documentId}/delete: - post: - operationId: "KnowledgeBaseController_deleteDocument_v1" + name: "update-overview" + get: + operationId: "TrustPortalController_getOverview_v1" parameters: - - name: "documentId" + - name: "organizationId" required: true - in: "path" + in: "query" schema: type: "string" responses: "200": - description: "Document deleted successfully" + description: "" security: - apikey: [] - summary: "Delete a knowledge base document" + summary: "Get trust portal overview" tags: - - "Knowledge Base" - description: "Delete a knowledge base document in Comp AI. Upload source documents, process them for retrieval, and manage reusable manual answers that power questionnaires and AI policy workflows." + - "Trust Portal" + description: "Get trust portal overview in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures." x-mint: metadata: - title: "Delete a knowledge base document | Comp AI API" - sidebarTitle: "Delete a knowledge base document" - description: "Delete a knowledge base document in Comp AI. Upload source documents, process them for retrieval, and manage reusable manual answers that power." - og:title: "Delete a knowledge base document | Comp AI API" - og:description: "Delete a knowledge base document in Comp AI. Upload source documents, process them for retrieval, and manage reusable manual answers that power." + title: "Get trust portal overview | Comp AI API" + sidebarTitle: "Get trust portal overview" + description: "Get trust portal overview in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links." + og:title: "Get trust portal overview | Comp AI API" + og:description: "Get trust portal overview in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links." x-speakeasy-mcp: - name: "delete-document" - /v1/knowledge-base/documents/process: + name: "get-overview" + /v1/trust-portal/custom-links: post: - operationId: "KnowledgeBaseController_processDocuments_v1" + operationId: "TrustPortalController_createCustomLink_v1" parameters: [] - requestBody: - required: true - content: - application/json: - schema: - $ref: "#/components/schemas/ProcessDocumentsDto" + responses: + "201": + description: "Custom link created successfully" + security: + - apikey: [] + summary: "Create a custom link for trust portal" + tags: + - "Trust Portal" + description: "Create a custom link for trust portal in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures." + x-mint: + metadata: + title: "Create a custom link for trust portal | Comp AI API" + sidebarTitle: "Create a custom link for trust portal" + description: "Create a custom link for trust portal in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents." + og:title: "Create a custom link for trust portal | Comp AI API" + og:description: "Create a custom link for trust portal in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents." + x-speakeasy-mcp: + name: "create-custom-link" + get: + operationId: "TrustPortalController_listCustomLinks_v1" + parameters: + - name: "organizationId" + required: true + in: "query" + schema: + type: "string" responses: "200": - description: "Document processing triggered" + description: "" security: - apikey: [] - summary: "Process knowledge base documents" + summary: "List custom links for trust portal" tags: - - "Knowledge Base" - description: "Start document processing so uploaded knowledge base files become searchable source material for AI-assisted compliance workflows." + - "Trust Portal" + description: "List custom links for trust portal in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures." x-mint: metadata: - title: "Process knowledge base documents | Comp AI API" - sidebarTitle: "Process knowledge base documents" - description: "Start document processing so uploaded knowledge base files become searchable source material for AI-assisted compliance workflows." - og:title: "Process knowledge base documents | Comp AI API" - og:description: "Start document processing so uploaded knowledge base files become searchable source material for AI-assisted compliance workflows." + title: "List custom links for trust portal | Comp AI API" + sidebarTitle: "List custom links for trust portal" + description: "List custom links for trust portal in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents." + og:title: "List custom links for trust portal | Comp AI API" + og:description: "List custom links for trust portal in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents." x-speakeasy-mcp: - name: "process-documents" - /v1/knowledge-base/runs/{runId}/token: + name: "list-custom-links" + /v1/trust-portal/custom-links/{linkId}: post: - operationId: "KnowledgeBaseController_createRunToken_v1" + operationId: "TrustPortalController_updateCustomLink_v1" parameters: - - name: "runId" + - name: "linkId" required: true in: "path" schema: type: "string" responses: "200": - description: "Public access token created" + description: "Custom link updated successfully" security: - apikey: [] - summary: "Create a public access token for a run" + summary: "Update a custom link" tags: - - "Knowledge Base" - description: "Create a public access token for a run in Comp AI. Upload source documents, process them for retrieval, and manage reusable manual answers that power questionnaires and AI policy workflows." - x-mint: - metadata: - title: "Create a public access token for a run | Comp AI API" - sidebarTitle: "Create a public access token for a run" - description: "Create a public access token for a run in Comp AI. Upload source documents, process them for retrieval, and manage reusable manual answers that power." - og:title: "Create a public access token for a run | Comp AI API" - og:description: "Create a public access token for a run in Comp AI. Upload source documents, process them for retrieval, and manage reusable manual answers that power." + - "Trust Portal" + description: "Update a custom link in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures." + x-mint: + metadata: + title: "Update a custom link | Comp AI API" + sidebarTitle: "Update a custom link" + description: "Update a custom link in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor." + og:title: "Update a custom link | Comp AI API" + og:description: "Update a custom link in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor." x-speakeasy-mcp: - name: "create-run-token" - /v1/knowledge-base/manual-answers/{manualAnswerId}/delete: + name: "update-custom-link" + /v1/trust-portal/custom-links/{linkId}/delete: post: - operationId: "KnowledgeBaseController_deleteManualAnswer_v1" + operationId: "TrustPortalController_deleteCustomLink_v1" parameters: - - name: "manualAnswerId" + - name: "linkId" required: true in: "path" schema: type: "string" - requestBody: - required: true - content: - application/json: - schema: - $ref: "#/components/schemas/DeleteManualAnswerDto" responses: "200": - description: "Manual answer deleted" + description: "Custom link deleted successfully" security: - apikey: [] - summary: "Delete a manual answer" + summary: "Delete a custom link" tags: - - "Knowledge Base" - description: "Delete a manual answer in Comp AI. Upload source documents, process them for retrieval, and manage reusable manual answers that power questionnaires and AI policy workflows." + - "Trust Portal" + description: "Delete a custom link in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures." x-mint: metadata: - title: "Delete a manual answer | Comp AI API" - sidebarTitle: "Delete a manual answer" - description: "Delete a manual answer in Comp AI. Upload source documents, process them for retrieval, and manage reusable manual answers that power questionnaires and AI." - og:title: "Delete a manual answer | Comp AI API" - og:description: "Delete a manual answer in Comp AI. Upload source documents, process them for retrieval, and manage reusable manual answers that power questionnaires and AI." + title: "Delete a custom link | Comp AI API" + sidebarTitle: "Delete a custom link" + description: "Delete a custom link in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor." + og:title: "Delete a custom link | Comp AI API" + og:description: "Delete a custom link in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor." x-speakeasy-mcp: - name: "delete-manual-answer" - /v1/knowledge-base/manual-answers/delete-all: + name: "delete-custom-link" + /v1/trust-portal/custom-links/reorder: post: - operationId: "KnowledgeBaseController_deleteAllManualAnswers_v1" + operationId: "TrustPortalController_reorderCustomLinks_v1" parameters: [] - requestBody: - required: true - content: - application/json: - schema: - $ref: "#/components/schemas/DeleteAllManualAnswersDto" responses: "200": - description: "All manual answers deleted" + description: "Custom links reordered successfully" security: - apikey: [] - summary: "Delete all manual answers for an organization" + summary: "Reorder custom links" tags: - - "Knowledge Base" - description: "Delete all manual answers for an organization in Comp AI. Upload source documents, process them for retrieval, and manage reusable manual answers that power questionnaires and AI policy workflows." + - "Trust Portal" + description: "Reorder custom links in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures." x-mint: metadata: - title: "Delete all manual answers for an organization | Comp AI API" - sidebarTitle: "Delete all manual answers for an organization" - description: "Delete all manual answers for an organization in Comp AI. Upload source documents, process them for retrieval, and manage reusable manual answers that power." - og:title: "Delete all manual answers for an organization | Comp AI API" - og:description: "Delete all manual answers for an organization in Comp AI. Upload source documents, process them for retrieval, and manage reusable manual answers that power." + title: "Reorder custom links | Comp AI API" + sidebarTitle: "Reorder custom links" + description: "Reorder custom links in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor." + og:title: "Reorder custom links | Comp AI API" + og:description: "Reorder custom links in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor." x-speakeasy-mcp: - name: "delete-all-manual-answers" - /v1/soa/save-answer: + name: "reorder-custom-links" + /v1/trust-portal/vendors/{vendorId}/trust-settings: post: - operationId: "SOAController_saveAnswer_v1" - parameters: [] - requestBody: - required: true - content: - application/json: - schema: - $ref: "#/components/schemas/SaveSOAAnswerDto" + operationId: "TrustPortalController_updateVendorTrustSettings_v1" + parameters: + - name: "vendorId" + required: true + in: "path" + schema: + type: "string" responses: "200": - description: "Answer saved successfully" - content: - application/json: - schema: - type: "object" - properties: - success: - type: "boolean" + description: "Vendor settings updated successfully" security: - apikey: [] - summary: "Save a SOA answer" + summary: "Update vendor trust portal settings" tags: - - "SOA" - description: "Save a SOA answer in Comp AI. Create, auto-fill, review, approve, and export ISO 27001 Statement of Applicability documents." + - "Trust Portal" + description: "Update vendor trust portal settings in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures." x-mint: metadata: - title: "Save a SOA answer | Comp AI API" - sidebarTitle: "Save a SOA answer" - description: "Save a SOA answer in Comp AI. Create, auto-fill, review, approve, and export ISO 27001 Statement of Applicability documents." - og:title: "Save a SOA answer | Comp AI API" - og:description: "Save a SOA answer in Comp AI. Create, auto-fill, review, approve, and export ISO 27001 Statement of Applicability documents." + title: "Update vendor trust portal settings | Comp AI API" + sidebarTitle: "Update vendor trust portal settings" + description: "Update vendor trust portal settings in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents." + og:title: "Update vendor trust portal settings | Comp AI API" + og:description: "Update vendor trust portal settings in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents." x-speakeasy-mcp: - name: "soa-save-answer" - /v1/soa/auto-fill: - post: - description: "Auto-fill a Statement of Applicability draft using organization context and framework mappings for ISO 27001 review." - operationId: "SOAController_autoFill_v1" - parameters: [] - requestBody: - required: true - content: - application/json: - schema: - $ref: "#/components/schemas/AutoFillSOADto" + name: "update-vendor-trust-settings" + /v1/trust-portal/vendors: + get: + operationId: "TrustPortalController_listVendors_v1" + parameters: + - name: "all" + required: false + in: "query" + description: "When true, returns all org vendors with sync" + schema: + type: "string" responses: - "201": + "200": description: "" security: - apikey: [] - summary: "Auto-fill ISO 27001 SOA" + summary: "List vendors configured for trust portal" tags: - - "SOA" + - "Trust Portal" + description: "List vendors configured for trust portal in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures." x-mint: metadata: - title: "Auto-fill ISO 27001 SOA | Comp AI API" - sidebarTitle: "Auto-fill ISO 27001 SOA" - description: "Auto-fill a Statement of Applicability draft using organization context and framework mappings for ISO 27001 review." - og:title: "Auto-fill ISO 27001 SOA | Comp AI API" - og:description: "Auto-fill a Statement of Applicability draft using organization context and framework mappings for ISO 27001 review." + title: "List vendors configured for trust portal | Comp AI API" + sidebarTitle: "List vendors configured for trust portal" + description: "List vendors configured for trust portal in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents." + og:title: "List vendors configured for trust portal | Comp AI API" + og:description: "List vendors configured for trust portal in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents." x-speakeasy-mcp: - name: "auto-fill" - /v1/soa/create-document: + name: "list-vendors" + /v1/trust-access/{friendlyUrl}/requests: post: - operationId: "SOAController_createDocument_v1" - parameters: [] + description: "Submit a Trust Center access request with requester details, company context, and review reason for administrator approval." + operationId: "TrustAccessController_createAccessRequest_v1" + parameters: + - name: "friendlyUrl" + required: true + in: "path" + description: "Trust Portal friendly URL or Organization ID" + schema: + type: "string" requestBody: required: true content: application/json: schema: - $ref: "#/components/schemas/CreateSOADocumentDto" + $ref: "#/components/schemas/CreateAccessRequestDto" + responses: + "201": + description: "Access request created and sent for review" + summary: "Submit Trust Access request" + tags: + - "Trust Access" + x-mint: + metadata: + title: "Submit Trust Access request | Comp AI API" + sidebarTitle: "Submit Trust Access request" + description: "Submit a Trust Center access request with requester details, company context, and review reason for administrator approval." + og:title: "Submit Trust Access request | Comp AI API" + og:description: "Submit a Trust Center access request with requester details, company context, and review reason for administrator approval." + x-speakeasy-mcp: + name: "create-access-request" + /v1/trust-access/admin/requests: + get: + description: "List pending and completed Trust Center access requests so teams can review customer security inquiries through the API." + operationId: "TrustAccessController_listAccessRequests_v1" + parameters: + - name: "status" + required: false + in: "query" + schema: + type: "string" + enum: + - "under_review" + - "approved" + - "denied" + - "canceled" responses: "200": - description: "Document created successfully" + description: "Access requests retrieved" security: - apikey: [] - summary: "Create a new SOA document" + summary: "List Trust Access requests" tags: - - "SOA" - description: "Create a new SOA document in Comp AI. Create, auto-fill, review, approve, and export ISO 27001 Statement of Applicability documents." + - "Trust Access" x-mint: metadata: - title: "Create a new SOA document | Comp AI API" - sidebarTitle: "Create a new SOA document" - description: "Create a new SOA document in Comp AI. Create, auto-fill, review, approve, and export ISO 27001 Statement of Applicability documents." - og:title: "Create a new SOA document | Comp AI API" - og:description: "Create a new SOA document in Comp AI. Create, auto-fill, review, approve, and export ISO 27001 Statement of Applicability documents." + title: "List Trust Access requests | Comp AI API" + sidebarTitle: "List Trust Access requests" + description: "List pending and completed Trust Center access requests so teams can review customer security inquiries through the API." + og:title: "List Trust Access requests | Comp AI API" + og:description: "List pending and completed Trust Center access requests so teams can review customer security inquiries through the API." x-speakeasy-mcp: - name: "create-document" - /v1/soa/ensure-setup: - post: - operationId: "SOAController_ensureSetup_v1" - parameters: [] - requestBody: - required: true - content: - application/json: - schema: - $ref: "#/components/schemas/EnsureSOASetupDto" + name: "list-access-requests" + /v1/trust-access/admin/requests/{id}: + get: + description: "Retrieve one Trust Center access request with requester context, status, review metadata, and audit details." + operationId: "TrustAccessController_getAccessRequest_v1" + parameters: + - name: "id" + required: true + in: "path" + schema: + type: "string" responses: "200": - description: "Setup ensured" + description: "Request details returned" security: - apikey: [] - summary: "Ensure SOA configuration and document exist" + summary: "Get Trust Access request" tags: - - "SOA" - description: "Ensure SOA configuration and document exist in Comp AI. Create, auto-fill, review, approve, and export ISO 27001 Statement of Applicability documents." + - "Trust Access" x-mint: metadata: - title: "Ensure SOA configuration and document exist | Comp AI API" - sidebarTitle: "Ensure SOA configuration and document exist" - description: "Ensure SOA configuration and document exist in Comp AI. Create, auto-fill, review, approve, and export ISO 27001 Statement of Applicability documents." - og:title: "Ensure SOA configuration and document exist | Comp AI API" - og:description: "Ensure SOA configuration and document exist in Comp AI. Create, auto-fill, review, approve, and export ISO 27001 Statement of Applicability documents." + title: "Get Trust Access request | Comp AI API" + sidebarTitle: "Get Trust Access request" + description: "Retrieve one Trust Center access request with requester context, status, review metadata, and audit details." + og:title: "Get Trust Access request | Comp AI API" + og:description: "Retrieve one Trust Center access request with requester context, status, review metadata, and audit details." x-speakeasy-mcp: - name: "ensure-setup" - /v1/soa/get-setup: + name: "get-access-request" + /v1/trust-access/admin/requests/{id}/approve: post: - operationId: "SOAController_getSetup_v1" - parameters: [] + description: "Approve a Trust Center access request, configure the grant window, and start the NDA or access email workflow." + operationId: "TrustAccessController_approveRequest_v1" + parameters: + - name: "id" + required: true + in: "path" + schema: + type: "string" requestBody: required: true content: application/json: schema: - $ref: "#/components/schemas/EnsureSOASetupDto" + $ref: "#/components/schemas/ApproveAccessRequestDto" responses: "200": - description: "Setup returned (configuration/document may be null)" + description: "Request approved successfully" security: - apikey: [] - summary: "Read SOA configuration and document without creating either" + summary: "Approve Trust Access request" tags: - - "SOA" - description: "Read SOA configuration and document without creating either in Comp AI. Create, auto-fill, review, approve, and export ISO 27001 Statement of Applicability documents." + - "Trust Access" x-mint: metadata: - title: "Read SOA configuration and document without | Comp AI API" - sidebarTitle: "Read SOA configuration and document without creating either" - description: "Read SOA configuration and document without creating either in Comp AI. Create, auto-fill, review, approve, and export ISO 27001 Statement of Applicability." - og:title: "Read SOA configuration and document without | Comp AI API" - og:description: "Read SOA configuration and document without creating either in Comp AI. Create, auto-fill, review, approve, and export ISO 27001 Statement of Applicability." + title: "Approve Trust Access request | Comp AI API" + sidebarTitle: "Approve Trust Access request" + description: "Approve a Trust Center access request, configure the grant window, and start the NDA or access email workflow." + og:title: "Approve Trust Access request | Comp AI API" + og:description: "Approve a Trust Center access request, configure the grant window, and start the NDA or access email workflow." x-speakeasy-mcp: - name: "get-setup" - /v1/soa/approve: + name: "approve-request" + /v1/trust-access/admin/requests/{id}/deny: post: - operationId: "SOAController_approveDocument_v1" - parameters: [] + description: "Reject a Trust Center access request with a review reason so customer security access decisions stay auditable." + operationId: "TrustAccessController_denyRequest_v1" + parameters: + - name: "id" + required: true + in: "path" + schema: + type: "string" requestBody: required: true content: application/json: schema: - $ref: "#/components/schemas/ApproveSOADocumentDto" + $ref: "#/components/schemas/DenyAccessRequestDto" responses: "200": - description: "Document approved successfully" + description: "Request denied" security: - apikey: [] - summary: "Approve a SOA document" + summary: "Deny Trust Access request" tags: - - "SOA" - description: "Approve a SOA document in Comp AI. Create, auto-fill, review, approve, and export ISO 27001 Statement of Applicability documents." + - "Trust Access" x-mint: metadata: - title: "Approve a SOA document | Comp AI API" - sidebarTitle: "Approve a SOA document" - description: "Approve a SOA document in Comp AI. Create, auto-fill, review, approve, and export ISO 27001 Statement of Applicability documents." - og:title: "Approve a SOA document | Comp AI API" - og:description: "Approve a SOA document in Comp AI. Create, auto-fill, review, approve, and export ISO 27001 Statement of Applicability documents." + title: "Deny Trust Access request | Comp AI API" + sidebarTitle: "Deny Trust Access request" + description: "Reject a Trust Center access request with a review reason so customer security access decisions stay auditable." + og:title: "Deny Trust Access request | Comp AI API" + og:description: "Reject a Trust Center access request with a review reason so customer security access decisions stay auditable." x-speakeasy-mcp: - name: "approve-document" - /v1/soa/decline: - post: - operationId: "SOAController_declineDocument_v1" + name: "deny-request" + /v1/trust-access/admin/grants: + get: + description: "List active, expired, and revoked Trust Access grants for customer security reviews and shared compliance resources." + operationId: "TrustAccessController_listGrants_v1" parameters: [] - requestBody: - required: true - content: - application/json: - schema: - $ref: "#/components/schemas/DeclineSOADocumentDto" responses: "200": - description: "Document declined successfully" + description: "Grants retrieved" security: - apikey: [] - summary: "Decline a SOA document" + summary: "List Trust Access grants" tags: - - "SOA" - description: "Decline a SOA document in Comp AI. Create, auto-fill, review, approve, and export ISO 27001 Statement of Applicability documents." + - "Trust Access" x-mint: metadata: - title: "Decline a SOA document | Comp AI API" - sidebarTitle: "Decline a SOA document" - description: "Decline a SOA document in Comp AI. Create, auto-fill, review, approve, and export ISO 27001 Statement of Applicability documents." - og:title: "Decline a SOA document | Comp AI API" - og:description: "Decline a SOA document in Comp AI. Create, auto-fill, review, approve, and export ISO 27001 Statement of Applicability documents." + title: "List Trust Access grants | Comp AI API" + sidebarTitle: "List Trust Access grants" + description: "List active, expired, and revoked Trust Access grants for customer security reviews and shared compliance resources." + og:title: "List Trust Access grants | Comp AI API" + og:description: "List active, expired, and revoked Trust Access grants for customer security reviews and shared compliance resources." x-speakeasy-mcp: - name: "decline-document" - /v1/soa/submit-for-approval: + name: "list-grants" + /v1/trust-access/admin/grants/{id}/revoke: post: - operationId: "SOAController_submitForApproval_v1" - parameters: [] + description: "Immediately revoke a Trust Access grant when a customer review ends or shared compliance access should be removed." + operationId: "TrustAccessController_revokeGrant_v1" + parameters: + - name: "id" + required: true + in: "path" + schema: + type: "string" requestBody: required: true content: application/json: schema: - $ref: "#/components/schemas/SubmitSOAForApprovalDto" + $ref: "#/components/schemas/RevokeGrantDto" responses: "200": - description: "Document submitted for approval successfully" + description: "Grant revoked" security: - apikey: [] - summary: "Submit SOA document for approval" + summary: "Revoke Trust Access grant" tags: - - "SOA" - description: "Submit SOA document for approval in Comp AI. Create, auto-fill, review, approve, and export ISO 27001 Statement of Applicability documents." + - "Trust Access" x-mint: metadata: - title: "Submit SOA document for approval | Comp AI API" - sidebarTitle: "Submit SOA document for approval" - description: "Submit SOA document for approval in Comp AI. Create, auto-fill, review, approve, and export ISO 27001 Statement of Applicability documents." - og:title: "Submit SOA document for approval | Comp AI API" - og:description: "Submit SOA document for approval in Comp AI. Create, auto-fill, review, approve, and export ISO 27001 Statement of Applicability documents." + title: "Revoke Trust Access grant | Comp AI API" + sidebarTitle: "Revoke Trust Access grant" + description: "Immediately revoke a Trust Access grant when a customer review ends or shared compliance access should be removed." + og:title: "Revoke Trust Access grant | Comp AI API" + og:description: "Immediately revoke a Trust Access grant when a customer review ends or shared compliance access should be removed." x-speakeasy-mcp: - name: "submit-for-approval" - /v1/soa/export: + name: "revoke-grant" + /v1/trust-access/admin/grants/{id}/resend-access-email: post: - operationId: "SOAController_exportDocument_v1" - parameters: [] - requestBody: - required: true - content: - application/json: - schema: - $ref: "#/components/schemas/ExportSOADocumentDto" + description: "Resend the access email for an active Trust Access grant so approved reviewers can reopen shared resources." + operationId: "TrustAccessController_resendAccessEmail_v1" + parameters: + - name: "id" + required: true + in: "path" + schema: + type: "string" responses: "200": - description: "Export SOA document to PDF" + description: "Access email resent" security: - apikey: [] - summary: "Export ISO 27001 SOA" + summary: "Resend Trust Access email" tags: - - "SOA" - description: "Export the approved Statement of Applicability document for ISO 27001 auditors, customer reviews, and internal records." + - "Trust Access" x-mint: metadata: - title: "Export ISO 27001 SOA | Comp AI API" - sidebarTitle: "Export ISO 27001 SOA" - description: "Export the approved Statement of Applicability document for ISO 27001 auditors, customer reviews, and internal records." - og:title: "Export ISO 27001 SOA | Comp AI API" - og:description: "Export the approved Statement of Applicability document for ISO 27001 auditors, customer reviews, and internal records." + title: "Resend Trust Access email | Comp AI API" + sidebarTitle: "Resend Trust Access email" + description: "Resend the access email for an active Trust Access grant so approved reviewers can reopen shared resources." + og:title: "Resend Trust Access email | Comp AI API" + og:description: "Resend the access email for an active Trust Access grant so approved reviewers can reopen shared resources." x-speakeasy-mcp: - name: "export-document" - /v1/isms/ensure-setup: + name: "resend-access-email" + /v1/trust-access/admin/requests/{id}/resend-nda: post: - operationId: "IsmsController_ensureSetup_v1" - parameters: [] - requestBody: - required: true - content: - application/json: - schema: - $ref: "#/components/schemas/EnsureIsmsSetupDto" + description: "Resend an NDA signing email for a Trust Access request that still requires reviewer signature." + operationId: "TrustAccessController_resendNda_v1" + parameters: + - name: "id" + required: true + in: "path" + schema: + type: "string" responses: "200": - description: "Setup ensured" + description: "NDA email resent" security: - apikey: [] - summary: "Ensure ISMS foundational documents exist" + summary: "Resend Trust Access NDA" tags: - - "ISMS" - description: "Ensure ISMS foundational documents exist in Comp AI." + - "Trust Access" x-mint: metadata: - title: "Ensure ISMS foundational documents exist | Comp AI API" - sidebarTitle: "Ensure ISMS foundational documents exist" - description: "Ensure ISMS foundational documents exist in Comp AI." - og:title: "Ensure ISMS foundational documents exist | Comp AI API" - og:description: "Ensure ISMS foundational documents exist in Comp AI." + title: "Resend Trust Access NDA | Comp AI API" + sidebarTitle: "Resend Trust Access NDA" + description: "Resend an NDA signing email for a Trust Access request that still requires reviewer signature." + og:title: "Resend Trust Access NDA | Comp AI API" + og:description: "Resend an NDA signing email for a Trust Access request that still requires reviewer signature." x-speakeasy-mcp: - name: "isms-ensure-setup" - /v1/isms/documents/{id}: - get: - operationId: "IsmsController_getDocument_v1" + name: "resend-nda" + /v1/trust-access/admin/requests/{id}/preview-nda: + post: + description: "Generate a preview NDA PDF for a Trust Access request before the reviewer signs and receives access." + operationId: "TrustAccessController_previewNda_v1" parameters: - name: "id" required: true @@ -12053,790 +11731,1019 @@ paths: type: "string" responses: "200": - description: "ISMS document" + description: "Preview NDA generated" security: - apikey: [] - summary: "Get an ISMS document with its latest version" + summary: "Preview Trust Access NDA" tags: - - "ISMS" - description: "Get an ISMS document with its latest version in Comp AI." + - "Trust Access" x-mint: metadata: - title: "Get an ISMS document with its latest version | Comp AI API" - sidebarTitle: "Get an ISMS document with its latest version" - description: "Get an ISMS document with its latest version in Comp AI." - og:title: "Get an ISMS document with its latest version | Comp AI API" - og:description: "Get an ISMS document with its latest version in Comp AI." + title: "Preview Trust Access NDA | Comp AI API" + sidebarTitle: "Preview Trust Access NDA" + description: "Generate a preview NDA PDF for a Trust Access request before the reviewer signs and receives access." + og:title: "Preview Trust Access NDA | Comp AI API" + og:description: "Generate a preview NDA PDF for a Trust Access request before the reviewer signs and receives access." x-speakeasy-mcp: - name: "get-document" - /v1/isms/documents/{id}/controls: + name: "preview-nda" + /v1/trust-access/{friendlyUrl}/reclaim: post: - operationId: "IsmsController_addControls_v1" + description: "Request a fresh Trust Access link for a reviewer who already has an active grant on a published Trust Center." + operationId: "TrustAccessController_reclaimAccess_v1" parameters: - - name: "id" + - name: "friendlyUrl" required: true in: "path" + description: "Trust Portal friendly URL or Organization ID" + schema: + type: "string" + - name: "query" + required: false + in: "query" + description: "Query parameter to append to the access link (e.g., security-questionnaire)" schema: + example: "security-questionnaire" type: "string" requestBody: required: true content: application/json: schema: - $ref: "#/components/schemas/LinkIsmsControlsDto" - responses: - "200": - description: "Controls linked" - security: - - apikey: [] - summary: "Map organization controls to an ISMS document" + $ref: "#/components/schemas/ReclaimAccessDto" + responses: + "200": + description: "Access link sent to email" + summary: "Reclaim Trust Access link" tags: - - "ISMS" - description: "Map organization controls to an ISMS document in Comp AI." + - "Trust Access" x-mint: metadata: - title: "Map organization controls to an ISMS document | Comp AI API" - sidebarTitle: "Map organization controls to an ISMS document" - description: "Map organization controls to an ISMS document in Comp AI." - og:title: "Map organization controls to an ISMS document | Comp AI API" - og:description: "Map organization controls to an ISMS document in Comp AI." + title: "Reclaim Trust Access link | Comp AI API" + sidebarTitle: "Reclaim Trust Access link" + description: "Request a fresh Trust Access link for a reviewer who already has an active grant on a published Trust Center." + og:title: "Reclaim Trust Access link | Comp AI API" + og:description: "Request a fresh Trust Access link for a reviewer who already has an active grant on a published Trust Center." x-speakeasy-mcp: - name: "add-controls" - /v1/isms/documents/{id}/controls/{controlId}: - delete: - operationId: "IsmsController_removeControl_v1" + name: "reclaim-access" + /v1/trust-access/{friendlyUrl}/faqs: + get: + description: "Retrieve published Trust Center FAQs for an organization so public trust pages can show customer security answers." + operationId: "TrustAccessController_getFaqs_v1" parameters: - - name: "id" - required: true - in: "path" - schema: - type: "string" - - name: "controlId" + - name: "friendlyUrl" required: true in: "path" + description: "Trust Portal friendly URL or Organization ID" schema: type: "string" responses: "200": - description: "Control unlinked" - security: - - apikey: [] - summary: "Remove a control mapping from an ISMS document" + description: "FAQs retrieved successfully" + content: + application/json: + schema: + type: "object" + properties: + faqs: + type: "array" + items: + type: "object" + properties: + id: + type: "string" + question: + type: "string" + answer: + type: "string" + order: + type: "number" + nullable: true + "404": + description: "Trust site not found or not published" + summary: "Get Trust Center FAQs" tags: - - "ISMS" - description: "Remove a control mapping from an ISMS document in Comp AI." + - "Trust Access" x-mint: metadata: - title: "Remove a control mapping from an ISMS document | Comp AI API" - sidebarTitle: "Remove a control mapping from an ISMS document" - description: "Remove a control mapping from an ISMS document in Comp AI." - og:title: "Remove a control mapping from an ISMS document | Comp AI API" - og:description: "Remove a control mapping from an ISMS document in Comp AI." + title: "Get Trust Center FAQs | Comp AI API" + sidebarTitle: "Get Trust Center FAQs" + description: "Retrieve published Trust Center FAQs for an organization so public trust pages can show customer security answers." + og:title: "Get Trust Center FAQs | Comp AI API" + og:description: "Retrieve published Trust Center FAQs for an organization so public trust pages can show customer security answers." x-speakeasy-mcp: - name: "remove-control" - /v1/isms/documents/{id}/generate: - post: - operationId: "IsmsController_generate_v1" + name: "get-faqs" + /v1/trust-access/{friendlyUrl}/overview: + get: + description: "Retrieve the published Trust Center overview for an organization, including public security posture messaging." + operationId: "TrustAccessController_getPublicOverview_v1" parameters: - - name: "id" + - name: "friendlyUrl" required: true in: "path" + description: "Trust Portal friendly URL or Organization ID" schema: type: "string" responses: "200": - description: "Document with derived issues" - security: - - apikey: [] - summary: "Derive Context-of-the-Organization issues" + description: "Overview retrieved successfully" + summary: "Get Trust Center overview" tags: - - "ISMS" - description: "Derive Context-of-the-Organization issues in Comp AI." + - "Trust Access" x-mint: metadata: - title: "Derive Context-of-the-Organization issues | Comp AI API" - sidebarTitle: "Derive Context-of-the-Organization issues" - description: "Derive Context-of-the-Organization issues in Comp AI." - og:title: "Derive Context-of-the-Organization issues | Comp AI API" - og:description: "Derive Context-of-the-Organization issues in Comp AI." + title: "Get Trust Center overview | Comp AI API" + sidebarTitle: "Get Trust Center overview" + description: "Retrieve the published Trust Center overview for an organization, including public security posture messaging." + og:title: "Get Trust Center overview | Comp AI API" + og:description: "Retrieve the published Trust Center overview for an organization, including public security posture messaging." x-speakeasy-mcp: - name: "generate" - /v1/isms/documents/{id}/submit-for-approval: - post: - operationId: "IsmsController_submitForApproval_v1" + name: "get-public-overview" + /v1/trust-access/{friendlyUrl}/security-questionnaire: + get: + description: "Whether the org offers the AI-assisted Security Questionnaire on its public trust portal. Defaults to enabled when the portal can't be resolved." + operationId: "TrustAccessController_getPublicSecurityQuestionnaire_v1" parameters: - - name: "id" + - name: "friendlyUrl" required: true in: "path" + description: "Trust Portal friendly URL or Organization ID" schema: type: "string" - requestBody: - required: true - content: - application/json: - schema: - $ref: "#/components/schemas/SubmitIsmsForApprovalDto" responses: "200": - description: "Document submitted for approval" - security: - - apikey: [] - summary: "Submit an ISMS document for approval" + description: "Security Questionnaire visibility retrieved successfully" + content: + application/json: + schema: + type: "object" + properties: + enabled: + type: "boolean" + summary: "Get Security Questionnaire visibility for a trust portal" tags: - - "ISMS" - description: "Submit an ISMS document for approval in Comp AI." + - "Trust Access" x-mint: metadata: - title: "Submit an ISMS document for approval | Comp AI API" - sidebarTitle: "Submit an ISMS document for approval" - description: "Submit an ISMS document for approval in Comp AI." - og:title: "Submit an ISMS document for approval | Comp AI API" - og:description: "Submit an ISMS document for approval in Comp AI." + title: "Get Security Questionnaire visibility for a | Comp AI API" + sidebarTitle: "Get Security Questionnaire visibility for a trust portal" + description: "Whether the org offers the AI-assisted Security Questionnaire on its public trust portal. Defaults to enabled when the portal can't be resolved." + og:title: "Get Security Questionnaire visibility for a | Comp AI API" + og:description: "Whether the org offers the AI-assisted Security Questionnaire on its public trust portal. Defaults to enabled when the portal can't be resolved." x-speakeasy-mcp: - name: "isms-submit-for-approval" - /v1/isms/documents/{id}/approve: - post: - operationId: "IsmsController_approve_v1" + name: "get-public-security-questionnaire" + /v1/trust-access/{friendlyUrl}/custom-links: + get: + description: "List published custom links shown on an organization Trust Center for customer security and compliance reviews." + operationId: "TrustAccessController_getPublicCustomLinks_v1" parameters: - - name: "id" + - name: "friendlyUrl" required: true in: "path" + description: "Trust Portal friendly URL or Organization ID" schema: type: "string" responses: "200": - description: "Document approved" - security: - - apikey: [] - summary: "Approve an ISMS document" + description: "Custom links retrieved successfully" + summary: "List Trust Center custom links" tags: - - "ISMS" - description: "Approve an ISMS document in Comp AI." + - "Trust Access" x-mint: metadata: - title: "Approve an ISMS document | Comp AI API" - sidebarTitle: "Approve an ISMS document" - description: "Approve an ISMS document in Comp AI." - og:title: "Approve an ISMS document | Comp AI API" - og:description: "Approve an ISMS document in Comp AI." + title: "List Trust Center custom links | Comp AI API" + sidebarTitle: "List Trust Center custom links" + description: "List published custom links shown on an organization Trust Center for customer security and compliance reviews." + og:title: "List Trust Center custom links | Comp AI API" + og:description: "List published custom links shown on an organization Trust Center for customer security and compliance reviews." x-speakeasy-mcp: - name: "approve" - /v1/isms/documents/{id}/decline: - post: - operationId: "IsmsController_decline_v1" + name: "get-public-custom-links" + /v1/trust-access/{friendlyUrl}/favicon: + get: + description: "Retrieve the favicon URL used by a published Trust Center so embedded or mirrored experiences can match branding." + operationId: "TrustAccessController_getPublicFavicon_v1" parameters: - - name: "id" + - name: "friendlyUrl" required: true in: "path" + description: "Trust Portal friendly URL or Organization ID" schema: type: "string" responses: "200": - description: "Document declined" - security: - - apikey: [] - summary: "Decline an ISMS document" + description: "Favicon URL retrieved successfully" + content: + application/json: + schema: + type: "object" + properties: + faviconUrl: + type: "string" + nullable: true + description: "Signed URL to the favicon, or null if not set" + summary: "Get Trust Center favicon" tags: - - "ISMS" - description: "Decline an ISMS document in Comp AI." + - "Trust Access" x-mint: metadata: - title: "Decline an ISMS document | Comp AI API" - sidebarTitle: "Decline an ISMS document" - description: "Decline an ISMS document in Comp AI." - og:title: "Decline an ISMS document | Comp AI API" - og:description: "Decline an ISMS document in Comp AI." + title: "Get Trust Center favicon | Comp AI API" + sidebarTitle: "Get Trust Center favicon" + description: "Retrieve the favicon URL used by a published Trust Center so embedded or mirrored experiences can match branding." + og:title: "Get Trust Center favicon | Comp AI API" + og:description: "Retrieve the favicon URL used by a published Trust Center so embedded or mirrored experiences can match branding." x-speakeasy-mcp: - name: "decline" - /v1/isms/documents/{id}/drift: + name: "get-public-favicon" + /v1/trust-access/{friendlyUrl}/vendors: get: - operationId: "IsmsController_drift_v1" + description: "List published vendors and subprocessors for an organization Trust Center so reviewers can inspect third-party posture." + operationId: "TrustAccessController_getPublicVendors_v1" parameters: - - name: "id" + - name: "friendlyUrl" required: true in: "path" + description: "Trust Portal friendly URL or Organization ID" schema: type: "string" responses: "200": - description: "Drift status" - security: - - apikey: [] - summary: "Detect drift against the approved snapshot" + description: "Vendors retrieved successfully" + summary: "List Trust Center vendors" tags: - - "ISMS" - description: "Detect drift against the approved snapshot in Comp AI." + - "Trust Access" x-mint: metadata: - title: "Detect drift against the approved snapshot | Comp AI API" - sidebarTitle: "Detect drift against the approved snapshot" - description: "Detect drift against the approved snapshot in Comp AI." - og:title: "Detect drift against the approved snapshot | Comp AI API" - og:description: "Detect drift against the approved snapshot in Comp AI." + title: "List Trust Center vendors | Comp AI API" + sidebarTitle: "List Trust Center vendors" + description: "List published vendors and subprocessors for an organization Trust Center so reviewers can inspect third-party posture." + og:title: "List Trust Center vendors | Comp AI API" + og:description: "List published vendors and subprocessors for an organization Trust Center so reviewers can inspect third-party posture." x-speakeasy-mcp: - name: "drift" - /v1/isms/documents/{id}/export: - post: - operationId: "IsmsController_exportDocument_v1" + name: "get-public-vendors" + /v1/trust-access/{friendlyUrl}/custom-frameworks: + get: + description: "Get org-authored custom frameworks shown on a trust portal in Comp AI. Manage external Trust Center access requests, NDA signing, grants, tokenized document downloads, public FAQs, and reviewer access." + operationId: "TrustAccessController_getPublicCustomFrameworks_v1" parameters: - - name: "id" + - name: "friendlyUrl" required: true in: "path" + description: "Trust Portal friendly URL or Organization ID" schema: type: "string" - requestBody: - required: true - content: - application/json: - schema: - $ref: "#/components/schemas/ExportIsmsDocumentDto" responses: "200": - description: "Rendered document" - security: - - apikey: [] - summary: "Export an ISMS document as PDF or DOCX" + description: "Custom frameworks retrieved successfully" + summary: "Get org-authored custom frameworks shown on a trust portal" tags: - - "ISMS" - description: "Export an ISMS document as PDF or DOCX in Comp AI." + - "Trust Access" x-mint: metadata: - title: "Export an ISMS document as PDF or DOCX | Comp AI API" - sidebarTitle: "Export an ISMS document as PDF or DOCX" - description: "Export an ISMS document as PDF or DOCX in Comp AI." - og:title: "Export an ISMS document as PDF or DOCX | Comp AI API" - og:description: "Export an ISMS document as PDF or DOCX in Comp AI." + title: "Get org-authored custom frameworks shown on a | Comp AI API" + sidebarTitle: "Get org-authored custom frameworks shown on a trust portal" + description: "Get org-authored custom frameworks shown on a trust portal in Comp AI. Manage external Trust Center access requests, NDA signing, grants, tokenized document." + og:title: "Get org-authored custom frameworks shown on a | Comp AI API" + og:description: "Get org-authored custom frameworks shown on a trust portal in Comp AI. Manage external Trust Center access requests, NDA signing, grants, tokenized document." x-speakeasy-mcp: - name: "isms-export-document" - /v1/isms/documents/{id}/registers/{register}: - post: - operationId: "IsmsRegistersController_createRow_v1" + name: "get-public-custom-frameworks" + /v1/findings: + get: + operationId: "FindingsController_listFindings_v1" parameters: - - name: "id" - required: true - in: "path" + - name: "status" + required: false + in: "query" schema: + enum: + - "open" + - "ready_for_review" + - "needs_revision" + - "closed" type: "string" - - name: "register" - required: true - in: "path" + - name: "severity" + required: false + in: "query" + schema: + enum: + - "low" + - "medium" + - "high" + - "critical" + type: "string" + - name: "area" + required: false + in: "query" + schema: + enum: + - "people" + - "documents" + - "compliance" + - "risks" + - "vendors" + - "policies" + - "other" + type: "string" + - name: "taskId" + required: false + in: "query" + schema: + type: "string" + - name: "evidenceSubmissionId" + required: false + in: "query" + schema: + type: "string" + - name: "evidenceFormType" + required: false + in: "query" + schema: + enum: + - "board-meeting" + - "it-leadership-meeting" + - "risk-committee-meeting" + - "meeting" + - "access-request" + - "whistleblower-report" + - "penetration-test" + - "rbac-matrix" + - "infrastructure-inventory" + - "employee-performance-evaluation" + - "network-diagram" + - "tabletop-exercise" + - "account-types" + type: "string" + - name: "policyId" + required: false + in: "query" + schema: + type: "string" + - name: "vendorId" + required: false + in: "query" + schema: + type: "string" + - name: "riskId" + required: false + in: "query" + schema: + type: "string" + - name: "memberId" + required: false + in: "query" + schema: + type: "string" + - name: "deviceId" + required: false + in: "query" schema: type: "string" - requestBody: - required: true - description: "Register row fields (per-register; validated at runtime by zod)" - content: - application/json: - schema: - type: "object" - properties: - kind: - type: "string" - enum: - - "internal" - - "external" - category: - type: "string" - description: - type: "string" - effect: - type: "string" - name: - type: "string" - needsExpectations: - type: "string" - interestedPartyId: - type: "string" - partyName: - type: "string" - requirement: - type: "string" - treatment: - type: "string" - objective: - type: "string" - target: - type: "string" - ownerMemberId: - type: "string" - cadence: - type: "string" - plan: - type: "string" - measurementMethod: - type: "string" - status: - type: "string" - enum: - - "not_started" - - "on_track" - - "at_risk" - - "met" - position: - type: "integer" - minimum: 0 responses: "200": - description: "Register row created" + description: "" security: - apikey: [] - summary: "Create a row in an ISMS register" + summary: "List audit findings" tags: - - "ISMS" - description: "Create a row in an ISMS register in Comp AI." + - "Findings" + description: "List audit findings with status, severity, owner, history, and remediation context for compliance review workflows." x-mint: metadata: - title: "Create a row in an ISMS register | Comp AI API" - sidebarTitle: "Create a row in an ISMS register" - description: "Create a row in an ISMS register in Comp AI." - og:title: "Create a row in an ISMS register | Comp AI API" - og:description: "Create a row in an ISMS register in Comp AI." - x-speakeasy-mcp: - name: "create-row" - /v1/isms/registers/{register}/{rowId}: - patch: - operationId: "IsmsRegistersController_updateRow_v1" - parameters: - - name: "register" - required: true - in: "path" - schema: - type: "string" - - name: "rowId" - required: true - in: "path" - schema: - type: "string" - requestBody: - required: true - description: "Register row fields (per-register; validated at runtime by zod)" - content: - application/json: - schema: - type: "object" - properties: - kind: - type: "string" - enum: - - "internal" - - "external" - category: - type: "string" - description: - type: "string" - effect: - type: "string" - name: - type: "string" - needsExpectations: - type: "string" - interestedPartyId: - type: "string" - partyName: - type: "string" - requirement: - type: "string" - treatment: - type: "string" - objective: - type: "string" - target: - type: "string" - ownerMemberId: - type: "string" - cadence: - type: "string" - plan: - type: "string" - measurementMethod: - type: "string" - status: - type: "string" - enum: - - "not_started" - - "on_track" - - "at_risk" - - "met" - position: - type: "integer" - minimum: 0 + title: "List audit findings | Comp AI API" + sidebarTitle: "List audit findings" + description: "List audit findings with status, severity, owner, history, and remediation context for compliance review workflows." + og:title: "List audit findings | Comp AI API" + og:description: "List audit findings with status, severity, owner, history, and remediation context for compliance review workflows." + x-speakeasy-mcp: + name: "list-findings" + post: + operationId: "FindingsController_createFinding_v1" + parameters: [] + requestBody: + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/CreateFindingDto" responses: - "200": - description: "Register row updated" + "201": + description: "" security: - apikey: [] - summary: "Update a row in an ISMS register" + summary: "Create audit finding" tags: - - "ISMS" - description: "Update a row in an ISMS register in Comp AI." + - "Findings" + description: "Create an audit finding so teams can track issue ownership, remediation activity, severity, and supporting evidence." x-mint: metadata: - title: "Update a row in an ISMS register | Comp AI API" - sidebarTitle: "Update a row in an ISMS register" - description: "Update a row in an ISMS register in Comp AI." - og:title: "Update a row in an ISMS register | Comp AI API" - og:description: "Update a row in an ISMS register in Comp AI." + title: "Create audit finding | Comp AI API" + sidebarTitle: "Create audit finding" + description: "Create an audit finding so teams can track issue ownership, remediation activity, severity, and supporting evidence." + og:title: "Create audit finding | Comp AI API" + og:description: "Create an audit finding so teams can track issue ownership, remediation activity, severity, and supporting evidence." x-speakeasy-mcp: - name: "update-row" - delete: - operationId: "IsmsRegistersController_deleteRow_v1" + name: "create-finding" + /v1/findings/organization: + get: + operationId: "FindingsController_getOrganizationFindings_v1" parameters: - - name: "register" - required: true - in: "path" + - name: "status" + required: false + in: "query" schema: + enum: + - "open" + - "ready_for_review" + - "needs_revision" + - "closed" type: "string" - - name: "rowId" + responses: + "200": + description: "" + security: + - apikey: [] + summary: "List all findings for the organization" + tags: + - "Findings" + description: "List all findings for the organization in Comp AI. Create, review, update, and track audit findings, remediation activity, and finding history for an organization." + x-mint: + metadata: + title: "List all findings for the organization | Comp AI API" + sidebarTitle: "List all findings for the organization" + description: "List all findings for the organization in Comp AI. Create, review, update, and track audit findings, remediation activity, and finding history for an." + og:title: "List all findings for the organization | Comp AI API" + og:description: "List all findings for the organization in Comp AI. Create, review, update, and track audit findings, remediation activity, and finding history for an." + x-speakeasy-mcp: + name: "get-organization-findings" + /v1/findings/{id}: + get: + operationId: "FindingsController_getFindingById_v1" + parameters: + - name: "id" required: true in: "path" + description: "Finding ID" schema: type: "string" responses: "200": - description: "Register row deleted" + description: "" security: - apikey: [] - summary: "Delete a row in an ISMS register" + summary: "Get finding by ID" tags: - - "ISMS" - description: "Delete a row in an ISMS register in Comp AI." + - "Findings" + description: "Get finding by ID in Comp AI. Create, review, update, and track audit findings, remediation activity, and finding history for an organization." x-mint: metadata: - title: "Delete a row in an ISMS register | Comp AI API" - sidebarTitle: "Delete a row in an ISMS register" - description: "Delete a row in an ISMS register in Comp AI." - og:title: "Delete a row in an ISMS register | Comp AI API" - og:description: "Delete a row in an ISMS register in Comp AI." + title: "Get finding by ID | Comp AI API" + sidebarTitle: "Get finding by ID" + description: "Get finding by ID in Comp AI. Create, review, update, and track audit findings, remediation activity, and finding history for an organization." + og:title: "Get finding by ID | Comp AI API" + og:description: "Get finding by ID in Comp AI. Create, review, update, and track audit findings, remediation activity, and finding history for an organization." x-speakeasy-mcp: - name: "delete-row" - /v1/isms/documents/{id}/narrative: - post: - operationId: "IsmsRegistersController_saveNarrative_v1" + name: "get-finding-by-id" + patch: + operationId: "FindingsController_updateFinding_v1" parameters: - name: "id" required: true in: "path" + description: "Finding ID" schema: type: "string" requestBody: required: true - description: "Singleton document narrative payload" content: application/json: schema: - type: "object" - properties: - narrative: - type: "object" - description: "Per-type narrative object (e.g. ISMS scope or leadership commitment), validated at runtime by zod" - additionalProperties: true - required: - - "narrative" + $ref: "#/components/schemas/UpdateFindingDto" responses: "200": - description: "Narrative saved" + description: "" security: - apikey: [] - summary: "Save a singleton document narrative" + summary: "Update a finding (status transition rules apply)" tags: - - "ISMS" - description: "Save a singleton document narrative in Comp AI." + - "Findings" + description: "Update a finding (status transition rules apply) in Comp AI. Create, review, update, and track audit findings, remediation activity, and finding history for an organization." x-mint: metadata: - title: "Save a singleton document narrative | Comp AI API" - sidebarTitle: "Save a singleton document narrative" - description: "Save a singleton document narrative in Comp AI." - og:title: "Save a singleton document narrative | Comp AI API" - og:description: "Save a singleton document narrative in Comp AI." + title: "Update a finding (status transition rules | Comp AI API" + sidebarTitle: "Update a finding (status transition rules apply)" + description: "Update a finding (status transition rules apply) in Comp AI. Create, review, update, and track audit findings, remediation activity, and finding history." + og:title: "Update a finding (status transition rules | Comp AI API" + og:description: "Update a finding (status transition rules apply) in Comp AI. Create, review, update, and track audit findings, remediation activity, and finding history." x-speakeasy-mcp: - name: "save-narrative" - /v1/isms/profile: + name: "update-finding" + delete: + operationId: "FindingsController_deleteFinding_v1" + parameters: + - name: "id" + required: true + in: "path" + description: "Finding ID" + schema: + type: "string" + responses: + "200": + description: "" + security: + - apikey: [] + summary: "Delete a finding (auditor or platform admin only)" + tags: + - "Findings" + description: "Delete a finding (auditor or platform admin only) in Comp AI. Create, review, update, and track audit findings, remediation activity, and finding history for an organization." + x-mint: + metadata: + title: "Delete a finding (auditor or platform admin | Comp AI API" + sidebarTitle: "Delete a finding (auditor or platform admin only)" + description: "Delete a finding (auditor or platform admin only) in Comp AI. Create, review, update, and track audit findings, remediation activity, and finding history." + og:title: "Delete a finding (auditor or platform admin | Comp AI API" + og:description: "Delete a finding (auditor or platform admin only) in Comp AI. Create, review, update, and track audit findings, remediation activity, and finding history." + x-speakeasy-mcp: + name: "delete-finding" + /v1/findings/{id}/history: get: - operationId: "IsmsProfileController_getProfile_v1" + operationId: "FindingsController_getFindingHistory_v1" parameters: - - name: "frameworkId" + - name: "id" required: true - in: "query" + in: "path" + description: "Finding ID" schema: type: "string" responses: "200": - description: "Wizard profile, defaults and member options" + description: "" security: - apikey: [] - summary: "Get the ISMS wizard profile, defaults and members" + summary: "Get activity history for a finding" tags: - - "ISMS" - description: "Get the ISMS wizard profile, defaults and members in Comp AI." + - "Findings" + description: "Get activity history for a finding in Comp AI. Create, review, update, and track audit findings, remediation activity, and finding history for an organization." x-mint: metadata: - title: "Get the ISMS wizard profile, defaults and | Comp AI API" - sidebarTitle: "Get the ISMS wizard profile, defaults and members" - description: "Get the ISMS wizard profile, defaults and members in Comp AI." - og:title: "Get the ISMS wizard profile, defaults and | Comp AI API" - og:description: "Get the ISMS wizard profile, defaults and members in Comp AI." + title: "Get activity history for a finding | Comp AI API" + sidebarTitle: "Get activity history for a finding" + description: "Get activity history for a finding in Comp AI. Create, review, update, and track audit findings, remediation activity, and finding history for an." + og:title: "Get activity history for a finding | Comp AI API" + og:description: "Get activity history for a finding in Comp AI. Create, review, update, and track audit findings, remediation activity, and finding history for an." x-speakeasy-mcp: - name: "get-profile" + name: "get-finding-history" + /v1/roles: post: - operationId: "IsmsProfileController_saveProfile_v1" + description: "Create a custom role in Comp AI. Create custom roles and resolve permission sets for organization-level access control." + operationId: "RolesController_createRole_v1" parameters: [] requestBody: required: true - description: "Partial ISMS wizard answers (validated at runtime by zod)" content: application/json: schema: - type: "object" - properties: - frameworkId: - type: "string" - answers: - type: "object" - description: "Deeply-partial wizard answers (any subset of the wizard steps)" - additionalProperties: true - complete: - type: "boolean" - description: "Whether the wizard is being finalized" - required: - - "frameworkId" - - "answers" + $ref: "#/components/schemas/CreateRoleDto" + responses: + "201": + description: "Role created successfully" + content: + application/json: + schema: + type: "object" + properties: + id: + type: "string" + example: "rol_abc123" + name: + type: "string" + example: "compliance-lead" + permissions: + type: "object" + additionalProperties: + type: "array" + items: + type: "string" + isBuiltIn: + type: "boolean" + example: false + createdAt: + type: "string" + format: "date-time" + updatedAt: + type: "string" + format: "date-time" + "400": + description: "Invalid role data or role already exists" + "401": + description: "Unauthorized" + "403": + description: "Forbidden - cannot grant permissions you do not have" + security: + - apikey: [] + summary: "Create a custom role" + tags: + - "Roles" + x-mint: + metadata: + title: "Create a custom role | Comp AI API" + sidebarTitle: "Create a custom role" + description: "Create a custom role in Comp AI. Create custom roles and resolve permission sets for organization-level access control." + og:title: "Create a custom role | Comp AI API" + og:description: "Create a custom role in Comp AI. Create custom roles and resolve permission sets for organization-level access control." + x-speakeasy-mcp: + name: "create-role" + get: + description: "List all roles in Comp AI. Create custom roles and resolve permission sets for organization-level access control." + operationId: "RolesController_listRoles_v1" + parameters: [] responses: "200": - description: "Saved profile" + description: "List of roles" + content: + application/json: + schema: + type: "object" + properties: + builtInRoles: + type: "array" + items: + type: "object" + properties: + name: + type: "string" + isBuiltIn: + type: "boolean" + description: + type: "string" + customRoles: + type: "array" + items: + type: "object" + properties: + id: + type: "string" + name: + type: "string" + permissions: + type: "object" + isBuiltIn: + type: "boolean" + createdAt: + type: "string" + format: "date-time" + updatedAt: + type: "string" + format: "date-time" + "401": + description: "Unauthorized" security: - apikey: [] - summary: "Save (partial) ISMS wizard answers" + summary: "List all roles" tags: - - "ISMS" - description: "Save (partial) ISMS wizard answers in Comp AI." + - "Roles" x-mint: metadata: - title: "Save (partial) ISMS wizard answers | Comp AI API" - sidebarTitle: "Save (partial) ISMS wizard answers" - description: "Save (partial) ISMS wizard answers in Comp AI." - og:title: "Save (partial) ISMS wizard answers | Comp AI API" - og:description: "Save (partial) ISMS wizard answers in Comp AI." + title: "List all roles | Comp AI API" + sidebarTitle: "List all roles" + description: "List all roles in Comp AI. Create custom roles and resolve permission sets for organization-level access control." + og:title: "List all roles | Comp AI API" + og:description: "List all roles in Comp AI. Create custom roles and resolve permission sets for organization-level access control." x-speakeasy-mcp: - name: "save-profile" - /v1/isms/generate-all: - post: - operationId: "IsmsProfileController_generateAll_v1" - parameters: [] - requestBody: - required: true - content: - application/json: - schema: - $ref: "#/components/schemas/GenerateAllDto" + name: "list-roles" + /v1/roles/permissions: + get: + description: "Returns the merged permissions for the given custom role names. Used by the frontend to resolve effective permissions for users with custom roles." + operationId: "RolesController_getPermissionsForRoles_v1" + parameters: + - name: "roles" + required: true + in: "query" + schema: + type: "string" responses: "200": - description: "Regenerated ISMS documents" + description: "Merged permissions for the requested roles" + content: + application/json: + schema: + type: "object" + properties: + permissions: + type: "object" + additionalProperties: + type: "array" + items: + type: "string" + "401": + description: "Unauthorized" security: - apikey: [] - summary: "Ensure and regenerate all ISMS documents" + summary: "Resolve permissions for custom roles" tags: - - "ISMS" - description: "Ensure and regenerate all ISMS documents in Comp AI." + - "Roles" x-mint: metadata: - title: "Ensure and regenerate all ISMS documents | Comp AI API" - sidebarTitle: "Ensure and regenerate all ISMS documents" - description: "Ensure and regenerate all ISMS documents in Comp AI." - og:title: "Ensure and regenerate all ISMS documents | Comp AI API" - og:description: "Ensure and regenerate all ISMS documents in Comp AI." + title: "Resolve permissions for custom roles | Comp AI API" + sidebarTitle: "Resolve permissions for custom roles" + description: "Returns the merged permissions for the given custom role names. Used by the frontend to resolve effective permissions for users with custom roles." + og:title: "Resolve permissions for custom roles | Comp AI API" + og:description: "Returns the merged permissions for the given custom role names. Used by the frontend to resolve effective permissions for users with custom roles." x-speakeasy-mcp: - name: "generate-all" - /v1/integrations/connections/providers: + name: "get-permissions-for-roles" + /v1/roles/built-in/{name}/obligations: get: - operationId: "ConnectionsController_listProviders_v1" + description: "Returns the effective obligations for a built-in role (owner, admin, auditor, employee, contractor) — DB override if present, else the hardcoded default." + operationId: "RolesController_getBuiltInObligations_v1" parameters: - - name: "activeOnly" + - name: "name" required: true - in: "query" + in: "path" + description: "Built-in role name" schema: + example: "owner" type: "string" responses: "200": - description: "" + description: "Effective obligations for the built-in role" + content: + application/json: + schema: + type: "object" + properties: + name: + type: "string" + obligations: + type: "object" + properties: + compliance: + type: "boolean" security: - apikey: [] - summary: "List integration providers" + summary: "Get obligations for a built-in role" tags: - - "Integrations" - description: "List available integration providers that can connect to the organization for automated evidence collection and compliance checks." + - "Roles" x-mint: metadata: - title: "List integration providers | Comp AI API" - sidebarTitle: "List integration providers" - description: "List available integration providers that can connect to the organization for automated evidence collection and compliance checks." - og:title: "List integration providers | Comp AI API" - og:description: "List available integration providers that can connect to the organization for automated evidence collection and compliance checks." + title: "Get obligations for a built-in role | Comp AI API" + sidebarTitle: "Get obligations for a built-in role" + description: "Returns the effective obligations for a built-in role (owner, admin, auditor, employee, contractor) — DB override if present, else the hardcoded default." + og:title: "Get obligations for a built-in role | Comp AI API" + og:description: "Returns the effective obligations for a built-in role (owner, admin, auditor, employee, contractor) — DB override if present, else the hardcoded default." x-speakeasy-mcp: - name: "list-providers" - /v1/integrations/connections/providers/{slug}: - get: - operationId: "ConnectionsController_getProvider_v1" + name: "get-built-in-obligations" + patch: + description: "Override the obligations for a built-in role (e.g., turn off the compliance obligation for owners). Permissions stay sourced from the hardcoded defaults." + operationId: "RolesController_updateBuiltInObligations_v1" parameters: - - name: "slug" + - name: "name" required: true in: "path" + description: "Built-in role name" schema: + example: "owner" type: "string" + requestBody: + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/UpdateBuiltInObligationsDto" responses: "200": - description: "" + description: "Obligations updated" + content: + application/json: + schema: + type: "object" + properties: + name: + type: "string" + obligations: + type: "object" + properties: + compliance: + type: "boolean" + "400": + description: "Not a built-in role" security: - apikey: [] - summary: "Get an integration provider by slug" + summary: "Update obligations for a built-in role" tags: - - "Integrations" - description: "Get an integration provider by slug in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + - "Roles" x-mint: metadata: - title: "Get an integration provider by slug | Comp AI API" - sidebarTitle: "Get an integration provider by slug" - description: "Get an integration provider by slug in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." - og:title: "Get an integration provider by slug | Comp AI API" - og:description: "Get an integration provider by slug in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." + title: "Update obligations for a built-in role | Comp AI API" + sidebarTitle: "Update obligations for a built-in role" + description: "Override the obligations for a built-in role (e.g., turn off the compliance obligation for owners). Permissions stay sourced from the hardcoded defaults." + og:title: "Update obligations for a built-in role | Comp AI API" + og:description: "Override the obligations for a built-in role (e.g., turn off the compliance obligation for owners). Permissions stay sourced from the hardcoded defaults." x-speakeasy-mcp: - name: "get-provider" - /v1/integrations/connections: + name: "update-built-in-obligations" + /v1/roles/{roleId}: get: - operationId: "ConnectionsController_listConnections_v1" - parameters: [] + description: "Get a role by ID in Comp AI. Create custom roles and resolve permission sets for organization-level access control." + operationId: "RolesController_getRole_v1" + parameters: + - name: "roleId" + required: true + in: "path" + description: "Role ID" + schema: + example: "rol_abc123" + type: "string" responses: "200": - description: "" + description: "Role details" + content: + application/json: + schema: + type: "object" + properties: + id: + type: "string" + name: + type: "string" + permissions: + type: "object" + isBuiltIn: + type: "boolean" + createdAt: + type: "string" + format: "date-time" + updatedAt: + type: "string" + format: "date-time" + "401": + description: "Unauthorized" + "404": + description: "Role not found" security: - apikey: [] - summary: "List integration connections" + summary: "Get a role by ID" tags: - - "Integrations" - description: "List integration connections in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + - "Roles" x-mint: metadata: - title: "List integration connections | Comp AI API" - sidebarTitle: "List integration connections" - description: "List integration connections in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect." - og:title: "List integration connections | Comp AI API" - og:description: "List integration connections in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect." + title: "Get a role by ID | Comp AI API" + sidebarTitle: "Get a role by ID" + description: "Get a role by ID in Comp AI. Create custom roles and resolve permission sets for organization-level access control." + og:title: "Get a role by ID | Comp AI API" + og:description: "Get a role by ID in Comp AI. Create custom roles and resolve permission sets for organization-level access control." x-speakeasy-mcp: - name: "list-connections" - post: - operationId: "ConnectionsController_createConnection_v1" - parameters: [] + name: "get-role" + patch: + description: "Update a custom role in Comp AI. Create custom roles and resolve permission sets for organization-level access control." + operationId: "RolesController_updateRole_v1" + parameters: + - name: "roleId" + required: true + in: "path" + description: "Role ID" + schema: + example: "rol_abc123" + type: "string" requestBody: required: true content: application/json: schema: - $ref: "#/components/schemas/CreateConnectionDto" + $ref: "#/components/schemas/UpdateRoleDto" responses: - "201": - description: "" + "200": + description: "Role updated successfully" + content: + application/json: + schema: + type: "object" + properties: + id: + type: "string" + name: + type: "string" + permissions: + type: "object" + isBuiltIn: + type: "boolean" + createdAt: + type: "string" + format: "date-time" + updatedAt: + type: "string" + format: "date-time" + "400": + description: "Invalid role data" + "401": + description: "Unauthorized" + "403": + description: "Forbidden - cannot grant permissions you do not have" + "404": + description: "Role not found" security: - apikey: [] - summary: "Create integration connection" + summary: "Update a custom role" tags: - - "Integrations" - description: "Create an integration connection so Comp AI can collect evidence, run checks, or sync data from a connected provider." + - "Roles" x-mint: metadata: - title: "Create integration connection | Comp AI API" - sidebarTitle: "Create integration connection" - description: "Create an integration connection so Comp AI can collect evidence, run checks, or sync data from a connected provider." - og:title: "Create integration connection | Comp AI API" - og:description: "Create an integration connection so Comp AI can collect evidence, run checks, or sync data from a connected provider." + title: "Update a custom role | Comp AI API" + sidebarTitle: "Update a custom role" + description: "Update a custom role in Comp AI. Create custom roles and resolve permission sets for organization-level access control." + og:title: "Update a custom role | Comp AI API" + og:description: "Update a custom role in Comp AI. Create custom roles and resolve permission sets for organization-level access control." x-speakeasy-mcp: - name: "create-connection" - /v1/integrations/connections/{id}: - get: - operationId: "ConnectionsController_getConnection_v1" + name: "update-role" + delete: + description: "Delete a custom role in Comp AI. Create custom roles and resolve permission sets for organization-level access control." + operationId: "RolesController_deleteRole_v1" parameters: - - name: "id" + - name: "roleId" required: true in: "path" + description: "Role ID" schema: + example: "rol_abc123" type: "string" responses: "200": - description: "" + description: "Role deleted successfully" + content: + application/json: + schema: + type: "object" + properties: + success: + type: "boolean" + message: + type: "string" + "400": + description: "Cannot delete - members assigned to role" + "401": + description: "Unauthorized" + "404": + description: "Role not found" security: - apikey: [] - summary: "Get an integration connection by ID" + summary: "Delete a custom role" tags: - - "Integrations" - description: "Get an integration connection by ID in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + - "Roles" x-mint: metadata: - title: "Get an integration connection by ID | Comp AI API" - sidebarTitle: "Get an integration connection by ID" - description: "Get an integration connection by ID in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." - og:title: "Get an integration connection by ID | Comp AI API" - og:description: "Get an integration connection by ID in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." + title: "Delete a custom role | Comp AI API" + sidebarTitle: "Delete a custom role" + description: "Delete a custom role in Comp AI. Create custom roles and resolve permission sets for organization-level access control." + og:title: "Delete a custom role | Comp AI API" + og:description: "Delete a custom role in Comp AI. Create custom roles and resolve permission sets for organization-level access control." x-speakeasy-mcp: - name: "get-connection" - delete: - operationId: "ConnectionsController_deleteConnection_v1" - parameters: - - name: "id" - required: true - in: "path" - schema: - type: "string" + name: "delete-role" + /v1/questionnaire: + get: + operationId: "QuestionnaireController_findAll_v1" + parameters: [] responses: "200": - description: "" + description: "List of questionnaires" security: - apikey: [] - summary: "Delete an integration connection" + summary: "List security questionnaires" tags: - - "Integrations" - description: "Delete an integration connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + - "Questionnaire" + description: "List saved security questionnaires for an organization so teams can track customer reviews, answer status, and response history." x-mint: + href: "/api-reference/questionnaire/list-questionnaires" metadata: - title: "Delete an integration connection | Comp AI API" - sidebarTitle: "Delete an integration connection" - description: "Delete an integration connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." - og:title: "Delete an integration connection | Comp AI API" - og:description: "Delete an integration connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." + title: "List security questionnaires | Comp AI API" + sidebarTitle: "List security questionnaires" + description: "List saved security questionnaires for an organization so teams can track customer reviews, answer status, and response history." + og:title: "List security questionnaires | Comp AI API" + og:description: "List saved security questionnaires for an organization so teams can track customer reviews, answer status, and response history." x-speakeasy-mcp: - name: "delete-connection" - patch: - operationId: "ConnectionsController_updateConnection_v1" + name: "questionnaire-find-all" + /v1/questionnaire/{id}: + get: + operationId: "QuestionnaireController_findById_v1" parameters: - name: "id" required: true in: "path" schema: type: "string" - requestBody: - required: true - content: - application/json: - schema: - $ref: "#/components/schemas/UpdateConnectionDto" responses: "200": - description: "" + description: "Questionnaire details" security: - apikey: [] - summary: "Update an integration connection" + summary: "Get security questionnaire details" tags: - - "Integrations" - description: "Update an integration connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + - "Questionnaire" + description: "Retrieve one saved security questionnaire, including extracted questions, generated answers, and review context for the requesting client." x-mint: + href: "/api-reference/questionnaire/get-a-questionnaire-by-id" metadata: - title: "Update an integration connection | Comp AI API" - sidebarTitle: "Update an integration connection" - description: "Update an integration connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." - og:title: "Update an integration connection | Comp AI API" - og:description: "Update an integration connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." + title: "Get security questionnaire details | Comp AI API" + sidebarTitle: "Get security questionnaire details" + description: "Retrieve one saved security questionnaire, including extracted questions, generated answers, and review context for the requesting client." + og:title: "Get security questionnaire details | Comp AI API" + og:description: "Retrieve one saved security questionnaire, including extracted questions, generated answers, and review context for the requesting client." x-speakeasy-mcp: - name: "update-connection" - /v1/integrations/connections/{id}/test: - post: - operationId: "ConnectionsController_testConnection_v1" + name: "find-by-id" + delete: + operationId: "QuestionnaireController_deleteById_v1" parameters: - name: "id" required: true @@ -12844,26 +12751,28 @@ paths: schema: type: "string" responses: - "201": - description: "" + "200": + description: "Questionnaire deleted" security: - apikey: [] - summary: "Test an integration connection" + summary: "Delete a security questionnaire" tags: - - "Integrations" - description: "Test an integration connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + - "Questionnaire" + description: "Delete a saved security questionnaire when a customer review or vendor assessment no longer needs to be retained." x-mint: + href: "/api-reference/questionnaire/delete-a-questionnaire" metadata: - title: "Test an integration connection | Comp AI API" - sidebarTitle: "Test an integration connection" - description: "Test an integration connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." - og:title: "Test an integration connection | Comp AI API" - og:description: "Test an integration connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." + title: "Delete a security questionnaire | Comp AI API" + sidebarTitle: "Delete a security questionnaire" + description: "Delete a saved security questionnaire when a customer review or vendor assessment no longer needs to be retained." + og:title: "Delete a security questionnaire | Comp AI API" + og:description: "Delete a saved security questionnaire when a customer review or vendor assessment no longer needs to be retained." x-speakeasy-mcp: - name: "test-connection" - /v1/integrations/connections/{id}/pause: + name: "delete-by-id" + /v1/questionnaire/{id}/auto-answer: post: - operationId: "ConnectionsController_pauseConnection_v1" + description: "Starts background answer generation for an already-parsed questionnaire and returns a run handle immediately. Poll GET /v1/questionnaire/:id until answeredQuestions equals totalQuestions, then read the answers from its questions." + operationId: "QuestionnaireController_triggerAutoAnswer_v1" parameters: - name: "id" required: true @@ -12871,959 +12780,1094 @@ paths: schema: type: "string" responses: - "201": + "200": description: "" + content: + application/json: + schema: + $ref: "#/components/schemas/TriggerAutoAnswerResponseDto" security: - apikey: [] - summary: "Pause an integration connection" + summary: "Generate answers for a questionnaire" tags: - - "Integrations" - description: "Pause an integration connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + - "Questionnaire" + x-speakeasy-mcp: + name: "generate-questionnaire-answers" x-mint: metadata: - title: "Pause an integration connection | Comp AI API" - sidebarTitle: "Pause an integration connection" - description: "Pause an integration connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." - og:title: "Pause an integration connection | Comp AI API" - og:description: "Pause an integration connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." - x-speakeasy-mcp: - name: "pause-connection" - /v1/integrations/connections/{id}/resume: + title: "Generate answers for a questionnaire | Comp AI API" + sidebarTitle: "Generate answers for a questionnaire" + description: "Starts background answer generation for an already-parsed questionnaire and returns a run handle immediately. Poll GET /v1/questionnaire/:id until." + og:title: "Generate answers for a questionnaire | Comp AI API" + og:description: "Starts background answer generation for an already-parsed questionnaire and returns a run handle immediately. Poll GET /v1/questionnaire/:id until." + /v1/questionnaire/parse: post: - operationId: "ConnectionsController_resumeConnection_v1" - parameters: - - name: "id" - required: true - in: "path" - schema: - type: "string" + operationId: "QuestionnaireController_parseQuestionnaire_v1" + parameters: [] + requestBody: + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/ParseQuestionnaireDto" responses: - "201": - description: "" + "200": + description: "Parsed questionnaire content" + content: + application/json: + schema: + type: "object" security: - apikey: [] - summary: "Resume an integration connection" + summary: "Parse questionnaire content" tags: - - "Integrations" - description: "Resume an integration connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + - "Questionnaire" + description: "Parse questionnaire content from a submitted payload so teams can extract security questions before generating or reviewing answers." x-mint: + href: "/api-reference/questionnaire/parse-an-uploaded-questionnaire-file" metadata: - title: "Resume an integration connection | Comp AI API" - sidebarTitle: "Resume an integration connection" - description: "Resume an integration connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." - og:title: "Resume an integration connection | Comp AI API" - og:description: "Resume an integration connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." + title: "Parse questionnaire content | Comp AI API" + sidebarTitle: "Parse questionnaire content" + description: "Parse questionnaire content from a submitted payload so teams can extract security questions before generating or reviewing answers." + og:title: "Parse questionnaire content | Comp AI API" + og:description: "Parse questionnaire content from a submitted payload so teams can extract security questions before generating or reviewing answers." x-speakeasy-mcp: - name: "resume-connection" - /v1/integrations/connections/{id}/disconnect: + name: "parse-questionnaire" + /v1/questionnaire/answer-single: post: - operationId: "ConnectionsController_disconnectConnection_v1" - parameters: - - name: "id" - required: true - in: "path" - schema: - type: "string" + operationId: "QuestionnaireController_answerSingleQuestion_v1" + parameters: [] + requestBody: + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/AnswerSingleQuestionDto" responses: - "201": - description: "" + "200": + description: "Generated single answer result" + content: + application/json: + schema: + type: "object" + properties: + success: + type: "boolean" + data: + type: "object" + properties: + questionIndex: + type: "number" + question: + type: "string" + answer: + type: "string" + nullable: true + sources: + type: "array" + items: + type: "object" + error: + type: "string" + nullable: true security: - apikey: [] - summary: "Disconnect an integration" + summary: "Answer one questionnaire question" tags: - - "Integrations" - description: "Disconnect an integration in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + - "Questionnaire" + description: "Generate an answer for one security questionnaire item using the organization evidence library and return source references for review." x-mint: + href: "/api-reference/questionnaire/answer-a-single-questionnaire-question" metadata: - title: "Disconnect an integration | Comp AI API" - sidebarTitle: "Disconnect an integration" - description: "Disconnect an integration in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect." - og:title: "Disconnect an integration | Comp AI API" - og:description: "Disconnect an integration in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect." + title: "Answer one questionnaire question | Comp AI API" + sidebarTitle: "Answer one questionnaire question" + description: "Generate an answer for one security questionnaire item using the organization evidence library and return source references for review." + og:title: "Answer one questionnaire question | Comp AI API" + og:description: "Generate an answer for one security questionnaire item using the organization evidence library and return source references for review." x-speakeasy-mcp: - name: "disconnect-connection" - /v1/integrations/connections/{id}/services: - put: - operationId: "ConnectionsController_updateConnectionServices_v1" - parameters: - - name: "id" - required: true - in: "path" - schema: - type: "string" + name: "answer-single-question" + /v1/questionnaire/save-answer: + post: + operationId: "QuestionnaireController_saveAnswer_v1" + parameters: [] requestBody: required: true content: application/json: schema: - $ref: "#/components/schemas/UpdateConnectionServicesDto" + $ref: "#/components/schemas/SaveAnswerDto" responses: "200": - description: "" + description: "Save manual or generated answer" + content: + application/json: + schema: + type: "object" + properties: + success: + type: "boolean" + error: + type: "string" + nullable: true security: - apikey: [] - summary: "Set services enabled on a connection" + summary: "Save questionnaire answer" tags: - - "Integrations" - description: "Set services enabled on a connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + - "Questionnaire" + description: "Save a manual or AI-generated security questionnaire answer for later review, export, and audit tracking." x-mint: + href: "/api-reference/questionnaire/save-a-questionnaire-answer" metadata: - title: "Set services enabled on a connection | Comp AI API" - sidebarTitle: "Set services enabled on a connection" - description: "Set services enabled on a connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." - og:title: "Set services enabled on a connection | Comp AI API" - og:description: "Set services enabled on a connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." + title: "Save questionnaire answer | Comp AI API" + sidebarTitle: "Save questionnaire answer" + description: "Save a manual or AI-generated security questionnaire answer for later review, export, and audit tracking." + og:title: "Save questionnaire answer | Comp AI API" + og:description: "Save a manual or AI-generated security questionnaire answer for later review, export, and audit tracking." x-speakeasy-mcp: - name: "update-connection-services" - get: - operationId: "ServicesController_getConnectionServices_v1" - parameters: - - name: "id" - required: true - in: "path" - schema: - type: "string" + name: "save-answer" + /v1/questionnaire/delete-answer: + post: + operationId: "QuestionnaireController_deleteAnswer_v1" + parameters: [] + requestBody: + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/DeleteAnswerDto" responses: "200": - description: "" + description: "Delete questionnaire answer" + content: + application/json: + schema: + type: "object" + properties: + success: + type: "boolean" + error: + type: "string" + nullable: true security: - apikey: [] - summary: "List services enabled on a connection" + summary: "Delete questionnaire answer" tags: - - "Integrations" - description: "List services enabled on a connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + - "Questionnaire" + description: "Delete a stored questionnaire answer when it should be removed from the active response set." x-mint: + href: "/api-reference/questionnaire/delete-a-questionnaire-answer" metadata: - title: "List services enabled on a connection | Comp AI API" - sidebarTitle: "List services enabled on a connection" - description: "List services enabled on a connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." - og:title: "List services enabled on a connection | Comp AI API" - og:description: "List services enabled on a connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." + title: "Delete questionnaire answer | Comp AI API" + sidebarTitle: "Delete questionnaire answer" + description: "Delete a stored questionnaire answer when it should be removed from the active response set." + og:title: "Delete questionnaire answer | Comp AI API" + og:description: "Delete a stored questionnaire answer when it should be removed from the active response set." x-speakeasy-mcp: - name: "get-connection-services" - /v1/integrations/checks/providers/{providerSlug}: - get: - operationId: "ChecksController_listProviderChecks_v1" - parameters: - - name: "providerSlug" - required: true - in: "path" - schema: - type: "string" + name: "delete-answer" + /v1/questionnaire/export: + post: + operationId: "QuestionnaireController_exportById_v1" + parameters: [] + requestBody: + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/ExportByIdDto" responses: "200": - description: "" + description: "Export questionnaire by ID to specified format" security: - apikey: [] - summary: "List check definitions for a provider" + summary: "Export a security questionnaire" tags: - - "Integrations" - description: "List check definitions for a provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + - "Questionnaire" + description: "Export a saved security questionnaire response package as PDF, CSV, or XLSX for customer and vendor security reviews." x-mint: + href: "/api-reference/questionnaire/export-a-questionnaire" metadata: - title: "List check definitions for a provider | Comp AI API" - sidebarTitle: "List check definitions for a provider" - description: "List check definitions for a provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." - og:title: "List check definitions for a provider | Comp AI API" - og:description: "List check definitions for a provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." + title: "Export a security questionnaire | Comp AI API" + sidebarTitle: "Export a security questionnaire" + description: "Export a saved security questionnaire response package as PDF, CSV, or XLSX for customer and vendor security reviews." + og:title: "Export a security questionnaire | Comp AI API" + og:description: "Export a saved security questionnaire response package as PDF, CSV, or XLSX for customer and vendor security reviews." x-speakeasy-mcp: - name: "list-provider-checks" - /v1/integrations/checks/connections/{connectionId}: - get: - operationId: "ChecksController_listConnectionChecks_v1" - parameters: - - name: "connectionId" - required: true - in: "path" - schema: - type: "string" + name: "export-by-id" + /v1/questionnaire/upload-and-parse: + post: + operationId: "QuestionnaireController_uploadAndParse_v1" + parameters: [] + requestBody: + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/UploadAndParseDto" responses: "200": - description: "" + description: "Upload file and trigger async parsing. Returns runId for realtime tracking." + content: + application/json: + schema: + type: "object" + properties: + runId: + type: "string" + publicAccessToken: + type: "string" security: - apikey: [] - summary: "List checks for a connection" + summary: "Start questionnaire parsing" tags: - - "Integrations" - description: "List checks for a connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + - "Questionnaire" + description: "Upload a questionnaire payload and start asynchronous parsing, returning a run ID for real-time progress tracking." x-mint: + href: "/api-reference/questionnaire/upload-and-parse-a-questionnaire-file" metadata: - title: "List checks for a connection | Comp AI API" - sidebarTitle: "List checks for a connection" - description: "List checks for a connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect." - og:title: "List checks for a connection | Comp AI API" - og:description: "List checks for a connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect." + title: "Start questionnaire parsing | Comp AI API" + sidebarTitle: "Start questionnaire parsing" + description: "Upload a questionnaire payload and start asynchronous parsing, returning a run ID for real-time progress tracking." + og:title: "Start questionnaire parsing | Comp AI API" + og:description: "Upload a questionnaire payload and start asynchronous parsing, returning a run ID for real-time progress tracking." x-speakeasy-mcp: - name: "list-connection-checks" - /v1/integrations/checks/connections/{connectionId}/run: + name: "upload-and-parse" + /v1/questionnaire/upload-and-parse/upload: post: - operationId: "ChecksController_runConnectionChecks_v1" - parameters: - - name: "connectionId" - required: true - in: "path" - schema: - type: "string" + operationId: "QuestionnaireController_uploadAndParseUpload_v1" + parameters: [] requestBody: required: true content: - application/json: + multipart/form-data: schema: - $ref: "#/components/schemas/RunChecksDto" + type: "object" + properties: + file: + type: "string" + format: "binary" + description: "Questionnaire file (PDF, image, XLSX, CSV, TXT)" + organizationId: + type: "string" + description: "Organization ID" + source: + type: "string" + enum: + - "internal" + - "external" + default: "internal" + description: "Source of the upload" + required: + - "file" + - "organizationId" responses: - "201": - description: "" + "200": + description: "Upload file, parse questions (no answers), save to DB, return questionnaireId" + content: + application/json: + schema: + type: "object" + properties: + questionnaireId: + type: "string" + totalQuestions: + type: "number" security: - apikey: [] - summary: "Run integration checks" + summary: "Upload and parse questionnaire file" tags: - - "Integrations" - description: "Run all compliance checks for an integration connection and capture results as automated evidence." + - "Questionnaire" + description: "Upload a security questionnaire file, extract questions, save the parsed questionnaire, and return its identifier and question count." x-mint: + href: "/api-reference/questionnaire/upload-a-questionnaire-file-and-parse-its-questions" metadata: - title: "Run integration checks | Comp AI API" - sidebarTitle: "Run integration checks" - description: "Run all compliance checks for an integration connection and capture results as automated evidence." - og:title: "Run integration checks | Comp AI API" - og:description: "Run all compliance checks for an integration connection and capture results as automated evidence." + title: "Upload and parse questionnaire file | Comp AI API" + sidebarTitle: "Upload and parse questionnaire file" + description: "Upload a security questionnaire file, extract questions, save the parsed questionnaire, and return its identifier and question count." + og:title: "Upload and parse questionnaire file | Comp AI API" + og:description: "Upload a security questionnaire file, extract questions, save the parsed questionnaire, and return its identifier and question count." x-speakeasy-mcp: - name: "run-connection-checks" - /v1/integrations/checks/connections/{connectionId}/run/{checkId}: + name: "upload-and-parse-upload" + disabled: true + /v1/questionnaire/parse/upload: post: - operationId: "ChecksController_runSingleCheck_v1" - parameters: - - name: "connectionId" - required: true - in: "path" - schema: - type: "string" - - name: "checkId" - required: true - in: "path" - schema: - type: "string" + operationId: "QuestionnaireController_parseQuestionnaireUpload_v1" + parameters: [] + requestBody: + required: true + content: + multipart/form-data: + schema: + type: "object" + properties: + file: + type: "string" + format: "binary" + description: "Questionnaire file (PDF, image, XLSX, CSV, TXT)" + organizationId: + type: "string" + description: "Organization to use for generating answers" + format: + type: "string" + enum: + - "pdf" + - "csv" + - "xlsx" + default: "xlsx" + description: "Output format (defaults to XLSX)" + source: + type: "string" + enum: + - "internal" + - "external" + default: "internal" + description: "Indicates if the request originated from our UI (internal) or trust portal (external)." + required: + - "file" + - "organizationId" responses: "201": description: "" security: - apikey: [] - summary: "Run a single check on a connection" + summary: "Auto-answer uploaded questionnaire" tags: - - "Integrations" - description: "Run a single check on a connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + - "Questionnaire" + description: "Upload a questionnaire file and generate answer exports from approved organization evidence in PDF, CSV, or XLSX format." x-mint: + href: "/api-reference/questionnaire/upload-a-questionnaire-file-and-auto-answer-with-export" metadata: - title: "Run a single check on a connection | Comp AI API" - sidebarTitle: "Run a single check on a connection" - description: "Run a single check on a connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." - og:title: "Run a single check on a connection | Comp AI API" - og:description: "Run a single check on a connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." + title: "Auto-answer uploaded questionnaire | Comp AI API" + sidebarTitle: "Auto-answer uploaded questionnaire" + description: "Upload a questionnaire file and generate answer exports from approved organization evidence in PDF, CSV, or XLSX format." + og:title: "Auto-answer uploaded questionnaire | Comp AI API" + og:description: "Upload a questionnaire file and generate answer exports from approved organization evidence in PDF, CSV, or XLSX format." x-speakeasy-mcp: - name: "run-single-check" - /v1/integrations/variables/providers/{providerSlug}: - get: - operationId: "VariablesController_getProviderVariables_v1" - parameters: - - name: "providerSlug" - required: true - in: "path" - schema: - type: "string" + name: "parse-questionnaire-upload" + disabled: true + /v1/questionnaire/answers/export: + post: + operationId: "QuestionnaireController_autoAnswerAndExport_v1" + parameters: [] + requestBody: + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/ExportQuestionnaireDto" responses: - "200": + "201": description: "" security: - apikey: [] - summary: "List variable definitions for a provider" + summary: "Export generated questionnaire answers" tags: - - "Integrations" - description: "List variable definitions for a provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + - "Questionnaire" + description: "Generate and export questionnaire answers from a submitted payload using approved organization evidence." x-mint: + href: "/api-reference/questionnaire/export-questionnaire-answers" metadata: - title: "List variable definitions for a provider | Comp AI API" - sidebarTitle: "List variable definitions for a provider" - description: "List variable definitions for a provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." - og:title: "List variable definitions for a provider | Comp AI API" - og:description: "List variable definitions for a provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." + title: "Export generated questionnaire answers | Comp AI API" + sidebarTitle: "Export generated questionnaire answers" + description: "Generate and export questionnaire answers from a submitted payload using approved organization evidence." + og:title: "Export generated questionnaire answers | Comp AI API" + og:description: "Generate and export questionnaire answers from a submitted payload using approved organization evidence." x-speakeasy-mcp: - name: "get-provider-variables" - /v1/integrations/variables/connections/{connectionId}: - get: - operationId: "VariablesController_getConnectionVariables_v1" - parameters: - - name: "connectionId" - required: true - in: "path" - schema: - type: "string" + name: "auto-answer-and-export" + disabled: true + /v1/questionnaire/answers/export/upload: + post: + operationId: "QuestionnaireController_autoAnswerAndExportUpload_v1" + parameters: [] + requestBody: + required: true + content: + multipart/form-data: + schema: + type: "object" + properties: + file: + type: "string" + format: "binary" + description: "Questionnaire file (PDF, image, XLSX, CSV, TXT)" + organizationId: + type: "string" + description: "Organization to use for answer generation" + format: + type: "string" + enum: + - "pdf" + - "csv" + - "xlsx" + default: "xlsx" + description: "Output format (defaults to XLSX)" + required: + - "file" + - "organizationId" responses: - "200": + "201": description: "" security: - apikey: [] - summary: "List connection variables" + summary: "Upload and export generated answers" tags: - - "Integrations" - description: "List connection variables in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + - "Questionnaire" + description: "Upload a questionnaire file and return generated answer exports in PDF, CSV, or XLSX format." x-mint: + href: "/api-reference/questionnaire/upload-a-questionnaire-file-and-export-auto-generated-answers" metadata: - title: "List connection variables | Comp AI API" - sidebarTitle: "List connection variables" - description: "List connection variables in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect." - og:title: "List connection variables | Comp AI API" - og:description: "List connection variables in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect." + title: "Upload and export generated answers | Comp AI API" + sidebarTitle: "Upload and export generated answers" + description: "Upload a questionnaire file and return generated answer exports in PDF, CSV, or XLSX format." + og:title: "Upload and export generated answers | Comp AI API" + og:description: "Upload a questionnaire file and return generated answer exports in PDF, CSV, or XLSX format." x-speakeasy-mcp: - name: "get-connection-variables" + name: "auto-answer-and-export-upload" + disabled: true + /v1/questionnaire/auto-answer: post: - operationId: "VariablesController_saveConnectionVariables_v1" - parameters: - - name: "connectionId" - required: true - in: "path" - schema: - type: "string" + operationId: "QuestionnaireController_autoAnswer_v1" + parameters: [] requestBody: required: true content: application/json: schema: - $ref: "#/components/schemas/SaveVariablesDto" + $ref: "#/components/schemas/AutoAnswerDto" responses: "201": description: "" security: - apikey: [] - summary: "Update connection variables" - tags: - - "Integrations" - description: "Update connection variables in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - x-mint: - metadata: - title: "Update connection variables | Comp AI API" - sidebarTitle: "Update connection variables" - description: "Update connection variables in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect." - og:title: "Update connection variables | Comp AI API" - og:description: "Update connection variables in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect." - x-speakeasy-mcp: - name: "save-connection-variables" - /v1/integrations/variables/connections/{connectionId}/options/{variableId}: - get: - operationId: "VariablesController_fetchVariableOptions_v1" - parameters: - - name: "connectionId" - required: true - in: "path" - schema: - type: "string" - - name: "variableId" - required: true - in: "path" - schema: - type: "string" - responses: - "200": - description: "" - security: - - apikey: [] - summary: "Get options for a connection variable" + summary: "Stream generated questionnaire answers" tags: - - "Integrations" - description: "Get options for a connection variable in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + - "Questionnaire" + description: "Stream generated questionnaire answers over server-sent events so clients can show progress while answers are produced." x-mint: + href: "/api-reference/questionnaire/auto-answer-a-questionnaire" metadata: - title: "Get options for a connection variable | Comp AI API" - sidebarTitle: "Get options for a connection variable" - description: "Get options for a connection variable in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." - og:title: "Get options for a connection variable | Comp AI API" - og:description: "Get options for a connection variable in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." + title: "Stream generated questionnaire answers | Comp AI API" + sidebarTitle: "Stream generated questionnaire answers" + description: "Stream generated questionnaire answers over server-sent events so clients can show progress while answers are produced." + og:title: "Stream generated questionnaire answers | Comp AI API" + og:description: "Stream generated questionnaire answers over server-sent events so clients can show progress while answers are produced." x-speakeasy-mcp: - name: "fetch-variable-options" - /v1/integrations/tasks/template/{templateId}/checks: + name: "auto-answer" + disabled: true + /v1/knowledge-base/documents: get: - operationId: "TaskIntegrationsController_getChecksForTaskTemplate_v1" - parameters: - - name: "templateId" - required: true - in: "path" - schema: - type: "string" + operationId: "KnowledgeBaseController_listDocuments_v1" + parameters: [] responses: "200": - description: "" + description: "List of knowledge base documents" security: - apikey: [] - summary: "List checks for a task template" + summary: "List knowledge base documents" tags: - - "Integrations" - description: "List checks for a task template in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + - "Knowledge Base" + description: "List uploaded knowledge base documents that Comp AI can use as approved source material for answers, policies, and reviews." x-mint: metadata: - title: "List checks for a task template | Comp AI API" - sidebarTitle: "List checks for a task template" - description: "List checks for a task template in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." - og:title: "List checks for a task template | Comp AI API" - og:description: "List checks for a task template in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." + title: "List knowledge base documents | Comp AI API" + sidebarTitle: "List knowledge base documents" + description: "List uploaded knowledge base documents that Comp AI can use as approved source material for answers, policies, and reviews." + og:title: "List knowledge base documents | Comp AI API" + og:description: "List uploaded knowledge base documents that Comp AI can use as approved source material for answers, policies, and reviews." x-speakeasy-mcp: - name: "get-checks-for-task-template" - /v1/integrations/tasks/{taskId}/checks: + name: "list-documents" + /v1/knowledge-base/manual-answers: get: - operationId: "TaskIntegrationsController_getChecksForTask_v1" - parameters: - - name: "taskId" - required: true - in: "path" - schema: - type: "string" + operationId: "KnowledgeBaseController_listManualAnswers_v1" + parameters: [] responses: "200": - description: "" + description: "List of manual answers" security: - apikey: [] - summary: "List checks attached to a task" + summary: "List all manual answers for an organization" tags: - - "Integrations" - description: "List checks attached to a task in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + - "Knowledge Base" + description: "List all manual answers for an organization in Comp AI. Upload source documents, process them for retrieval, and manage reusable manual answers that power questionnaires and AI policy workflows." x-mint: metadata: - title: "List checks attached to a task | Comp AI API" - sidebarTitle: "List checks attached to a task" - description: "List checks attached to a task in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." - og:title: "List checks attached to a task | Comp AI API" - og:description: "List checks attached to a task in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." + title: "List all manual answers for an organization | Comp AI API" + sidebarTitle: "List all manual answers for an organization" + description: "List all manual answers for an organization in Comp AI. Upload source documents, process them for retrieval, and manage reusable manual answers that power." + og:title: "List all manual answers for an organization | Comp AI API" + og:description: "List all manual answers for an organization in Comp AI. Upload source documents, process them for retrieval, and manage reusable manual answers that power." x-speakeasy-mcp: - name: "get-checks-for-task" - /v1/integrations/tasks/{taskId}/run-check: + name: "list-manual-answers" post: - operationId: "TaskIntegrationsController_runCheckForTask_v1" - parameters: - - name: "taskId" - required: true - in: "path" - schema: - type: "string" + operationId: "KnowledgeBaseController_saveManualAnswer_v1" + parameters: [] requestBody: required: true content: application/json: schema: - $ref: "#/components/schemas/RunCheckForTaskDto" + $ref: "#/components/schemas/SaveManualAnswerDto" responses: - "201": - description: "" + "200": + description: "Manual answer saved" security: - apikey: [] - summary: "Run a check for a task" + summary: "Save reusable manual answer" tags: - - "Integrations" - description: "Run a check for a task in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + - "Knowledge Base" + description: "Save or update a reusable manual answer for security questionnaires that need approved, consistent response language." x-mint: metadata: - title: "Run a check for a task | Comp AI API" - sidebarTitle: "Run a check for a task" - description: "Run a check for a task in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect." - og:title: "Run a check for a task | Comp AI API" - og:description: "Run a check for a task in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect." + title: "Save reusable manual answer | Comp AI API" + sidebarTitle: "Save reusable manual answer" + description: "Save or update a reusable manual answer for security questionnaires that need approved, consistent response language." + og:title: "Save reusable manual answer | Comp AI API" + og:description: "Save or update a reusable manual answer for security questionnaires that need approved, consistent response language." x-speakeasy-mcp: - name: "run-check-for-task" - /v1/integrations/tasks/{taskId}/checks/disconnect: + name: "save-manual-answer" + /v1/knowledge-base/documents/upload: post: - operationId: "TaskIntegrationsController_disconnectCheckFromTask_v1" - parameters: - - name: "taskId" - required: true - in: "path" - schema: - type: "string" + operationId: "KnowledgeBaseController_uploadDocument_v1" + parameters: [] requestBody: required: true content: application/json: schema: - $ref: "#/components/schemas/ToggleCheckForTaskDto" + $ref: "#/components/schemas/UploadDocumentDto" responses: - "201": - description: "" + "200": + description: "Document uploaded successfully" security: - apikey: [] - summary: "Disconnect checks from a task" + summary: "Upload knowledge base document" tags: - - "Integrations" - description: "Disconnect checks from a task in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + - "Knowledge Base" + description: "Upload supporting documentation so Comp AI can process approved source material for questionnaire answers and policy workflows." x-mint: metadata: - title: "Disconnect checks from a task | Comp AI API" - sidebarTitle: "Disconnect checks from a task" - description: "Disconnect checks from a task in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect." - og:title: "Disconnect checks from a task | Comp AI API" - og:description: "Disconnect checks from a task in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect." + title: "Upload knowledge base document | Comp AI API" + sidebarTitle: "Upload knowledge base document" + description: "Upload supporting documentation so Comp AI can process approved source material for questionnaire answers and policy workflows." + og:title: "Upload knowledge base document | Comp AI API" + og:description: "Upload supporting documentation so Comp AI can process approved source material for questionnaire answers and policy workflows." x-speakeasy-mcp: - name: "disconnect-check-from-task" - /v1/integrations/tasks/{taskId}/checks/reconnect: + name: "upload-document" + /v1/knowledge-base/documents/{documentId}/download: post: - operationId: "TaskIntegrationsController_reconnectCheckToTask_v1" + operationId: "KnowledgeBaseController_getDownloadUrl_v1" parameters: - - name: "taskId" + - name: "documentId" required: true in: "path" schema: type: "string" - requestBody: - required: true - content: - application/json: - schema: - $ref: "#/components/schemas/ToggleCheckForTaskDto" responses: - "201": - description: "" + "200": + description: "Signed download URL generated" security: - apikey: [] - summary: "Reconnect checks to a task" + summary: "Get a signed download URL for a document" tags: - - "Integrations" - description: "Reconnect checks to a task in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + - "Knowledge Base" + description: "Get a signed download URL for a document in Comp AI. Upload source documents, process them for retrieval, and manage reusable manual answers that power questionnaires and AI policy workflows." x-mint: metadata: - title: "Reconnect checks to a task | Comp AI API" - sidebarTitle: "Reconnect checks to a task" - description: "Reconnect checks to a task in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect." - og:title: "Reconnect checks to a task | Comp AI API" - og:description: "Reconnect checks to a task in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect." + title: "Get a signed download URL for a document | Comp AI API" + sidebarTitle: "Get a signed download URL for a document" + description: "Get a signed download URL for a document in Comp AI. Upload source documents, process them for retrieval, and manage reusable manual answers that power." + og:title: "Get a signed download URL for a document | Comp AI API" + og:description: "Get a signed download URL for a document in Comp AI. Upload source documents, process them for retrieval, and manage reusable manual answers that power." x-speakeasy-mcp: - name: "reconnect-check-to-task" - /v1/integrations/tasks/{taskId}/runs: - get: - operationId: "TaskIntegrationsController_getTaskCheckRuns_v1" + name: "get-download-url" + /v1/knowledge-base/documents/{documentId}/view: + post: + operationId: "KnowledgeBaseController_getViewUrl_v1" parameters: - - name: "taskId" + - name: "documentId" required: true in: "path" schema: type: "string" - - name: "limit" - required: true - in: "query" - schema: - type: "string" responses: "200": - description: "" + description: "Signed view URL generated" security: - apikey: [] - summary: "List check runs for a task" + summary: "Get a signed view URL for a document" tags: - - "Integrations" - description: "List check runs for a task in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + - "Knowledge Base" + description: "Get a signed view URL for a document in Comp AI. Upload source documents, process them for retrieval, and manage reusable manual answers that power questionnaires and AI policy workflows." x-mint: metadata: - title: "List check runs for a task | Comp AI API" - sidebarTitle: "List check runs for a task" - description: "List check runs for a task in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect." - og:title: "List check runs for a task | Comp AI API" - og:description: "List check runs for a task in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect." + title: "Get a signed view URL for a document | Comp AI API" + sidebarTitle: "Get a signed view URL for a document" + description: "Get a signed view URL for a document in Comp AI. Upload source documents, process them for retrieval, and manage reusable manual answers that power." + og:title: "Get a signed view URL for a document | Comp AI API" + og:description: "Get a signed view URL for a document in Comp AI. Upload source documents, process them for retrieval, and manage reusable manual answers that power." x-speakeasy-mcp: - name: "get-task-check-runs" - /v1/integrations/sync/google-workspace/employees: + name: "get-view-url" + /v1/knowledge-base/documents/{documentId}/delete: post: - operationId: "SyncController_syncGoogleWorkspaceEmployees_v1" + operationId: "KnowledgeBaseController_deleteDocument_v1" parameters: - - name: "connectionId" + - name: "documentId" required: true - in: "query" + in: "path" schema: type: "string" responses: - "201": - description: "" + "200": + description: "Document deleted successfully" security: - apikey: [] - summary: "Sync Google Workspace employees" + summary: "Delete a knowledge base document" tags: - - "Integrations" - description: "Sync Google Workspace employees in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + - "Knowledge Base" + description: "Delete a knowledge base document in Comp AI. Upload source documents, process them for retrieval, and manage reusable manual answers that power questionnaires and AI policy workflows." x-mint: metadata: - title: "Sync Google Workspace employees | Comp AI API" - sidebarTitle: "Sync Google Workspace employees" - description: "Sync Google Workspace employees in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." - og:title: "Sync Google Workspace employees | Comp AI API" - og:description: "Sync Google Workspace employees in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." + title: "Delete a knowledge base document | Comp AI API" + sidebarTitle: "Delete a knowledge base document" + description: "Delete a knowledge base document in Comp AI. Upload source documents, process them for retrieval, and manage reusable manual answers that power." + og:title: "Delete a knowledge base document | Comp AI API" + og:description: "Delete a knowledge base document in Comp AI. Upload source documents, process them for retrieval, and manage reusable manual answers that power." x-speakeasy-mcp: - name: "sync-google-workspace-employees" - /v1/integrations/sync/google-workspace/status: + name: "delete-document" + /v1/knowledge-base/documents/process: post: - operationId: "SyncController_getGoogleWorkspaceStatus_v1" + operationId: "KnowledgeBaseController_processDocuments_v1" parameters: [] + requestBody: + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/ProcessDocumentsDto" responses: - "201": - description: "" + "200": + description: "Document processing triggered" security: - apikey: [] - summary: "Get Google Workspace sync status" + summary: "Process knowledge base documents" tags: - - "Integrations" - description: "Get Google Workspace sync status in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + - "Knowledge Base" + description: "Start document processing so uploaded knowledge base files become searchable source material for AI-assisted compliance workflows." x-mint: metadata: - title: "Get Google Workspace sync status | Comp AI API" - sidebarTitle: "Get Google Workspace sync status" - description: "Get Google Workspace sync status in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." - og:title: "Get Google Workspace sync status | Comp AI API" - og:description: "Get Google Workspace sync status in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." + title: "Process knowledge base documents | Comp AI API" + sidebarTitle: "Process knowledge base documents" + description: "Start document processing so uploaded knowledge base files become searchable source material for AI-assisted compliance workflows." + og:title: "Process knowledge base documents | Comp AI API" + og:description: "Start document processing so uploaded knowledge base files become searchable source material for AI-assisted compliance workflows." x-speakeasy-mcp: - name: "get-google-workspace-status" - /v1/integrations/sync/rippling/employees: + name: "process-documents" + /v1/knowledge-base/runs/{runId}/token: post: - operationId: "SyncController_syncRipplingEmployees_v1" + operationId: "KnowledgeBaseController_createRunToken_v1" parameters: - - name: "connectionId" + - name: "runId" required: true - in: "query" + in: "path" schema: type: "string" responses: - "201": - description: "" + "200": + description: "Public access token created" security: - apikey: [] - summary: "Sync Rippling employees" + summary: "Create a public access token for a run" tags: - - "Integrations" - description: "Sync Rippling employees in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + - "Knowledge Base" + description: "Create a public access token for a run in Comp AI. Upload source documents, process them for retrieval, and manage reusable manual answers that power questionnaires and AI policy workflows." x-mint: metadata: - title: "Sync Rippling employees | Comp AI API" - sidebarTitle: "Sync Rippling employees" - description: "Sync Rippling employees in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect." - og:title: "Sync Rippling employees | Comp AI API" - og:description: "Sync Rippling employees in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect." + title: "Create a public access token for a run | Comp AI API" + sidebarTitle: "Create a public access token for a run" + description: "Create a public access token for a run in Comp AI. Upload source documents, process them for retrieval, and manage reusable manual answers that power." + og:title: "Create a public access token for a run | Comp AI API" + og:description: "Create a public access token for a run in Comp AI. Upload source documents, process them for retrieval, and manage reusable manual answers that power." x-speakeasy-mcp: - name: "sync-rippling-employees" - /v1/integrations/sync/rippling/status: + name: "create-run-token" + /v1/knowledge-base/manual-answers/{manualAnswerId}/delete: post: - operationId: "SyncController_getRipplingStatus_v1" + operationId: "KnowledgeBaseController_deleteManualAnswer_v1" + parameters: + - name: "manualAnswerId" + required: true + in: "path" + schema: + type: "string" + requestBody: + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/DeleteManualAnswerDto" + responses: + "200": + description: "Manual answer deleted" + security: + - apikey: [] + summary: "Delete a manual answer" + tags: + - "Knowledge Base" + description: "Delete a manual answer in Comp AI. Upload source documents, process them for retrieval, and manage reusable manual answers that power questionnaires and AI policy workflows." + x-mint: + metadata: + title: "Delete a manual answer | Comp AI API" + sidebarTitle: "Delete a manual answer" + description: "Delete a manual answer in Comp AI. Upload source documents, process them for retrieval, and manage reusable manual answers that power questionnaires and AI." + og:title: "Delete a manual answer | Comp AI API" + og:description: "Delete a manual answer in Comp AI. Upload source documents, process them for retrieval, and manage reusable manual answers that power questionnaires and AI." + x-speakeasy-mcp: + name: "delete-manual-answer" + /v1/knowledge-base/manual-answers/delete-all: + post: + operationId: "KnowledgeBaseController_deleteAllManualAnswers_v1" parameters: [] + requestBody: + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/DeleteAllManualAnswersDto" responses: - "201": - description: "" + "200": + description: "All manual answers deleted" security: - apikey: [] - summary: "Get Rippling sync status" + summary: "Delete all manual answers for an organization" tags: - - "Integrations" - description: "Get Rippling sync status in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + - "Knowledge Base" + description: "Delete all manual answers for an organization in Comp AI. Upload source documents, process them for retrieval, and manage reusable manual answers that power questionnaires and AI policy workflows." x-mint: metadata: - title: "Get Rippling sync status | Comp AI API" - sidebarTitle: "Get Rippling sync status" - description: "Get Rippling sync status in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect." - og:title: "Get Rippling sync status | Comp AI API" - og:description: "Get Rippling sync status in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect." + title: "Delete all manual answers for an organization | Comp AI API" + sidebarTitle: "Delete all manual answers for an organization" + description: "Delete all manual answers for an organization in Comp AI. Upload source documents, process them for retrieval, and manage reusable manual answers that power." + og:title: "Delete all manual answers for an organization | Comp AI API" + og:description: "Delete all manual answers for an organization in Comp AI. Upload source documents, process them for retrieval, and manage reusable manual answers that power." x-speakeasy-mcp: - name: "get-rippling-status" - /v1/integrations/sync/jumpcloud/employees: + name: "delete-all-manual-answers" + /v1/soa/save-answer: post: - operationId: "SyncController_syncJumpCloudEmployees_v1" - parameters: - - name: "connectionId" - required: true - in: "query" - schema: - type: "string" + operationId: "SOAController_saveAnswer_v1" + parameters: [] + requestBody: + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/SaveSOAAnswerDto" responses: - "201": - description: "" + "200": + description: "Answer saved successfully" + content: + application/json: + schema: + type: "object" + properties: + success: + type: "boolean" security: - apikey: [] - summary: "Sync JumpCloud employees" + summary: "Save a SOA answer" tags: - - "Integrations" - description: "Sync JumpCloud employees in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + - "SOA" + description: "Save a SOA answer in Comp AI. Create, auto-fill, review, approve, and export ISO 27001 Statement of Applicability documents." x-mint: metadata: - title: "Sync JumpCloud employees | Comp AI API" - sidebarTitle: "Sync JumpCloud employees" - description: "Sync JumpCloud employees in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect." - og:title: "Sync JumpCloud employees | Comp AI API" - og:description: "Sync JumpCloud employees in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect." + title: "Save a SOA answer | Comp AI API" + sidebarTitle: "Save a SOA answer" + description: "Save a SOA answer in Comp AI. Create, auto-fill, review, approve, and export ISO 27001 Statement of Applicability documents." + og:title: "Save a SOA answer | Comp AI API" + og:description: "Save a SOA answer in Comp AI. Create, auto-fill, review, approve, and export ISO 27001 Statement of Applicability documents." x-speakeasy-mcp: - name: "sync-jump-cloud-employees" - /v1/integrations/sync/jumpcloud/status: + name: "soa-save-answer" + /v1/soa/auto-fill: post: - operationId: "SyncController_getJumpCloudStatus_v1" + description: "Auto-fill a Statement of Applicability draft using organization context and framework mappings for ISO 27001 review." + operationId: "SOAController_autoFill_v1" parameters: [] + requestBody: + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/AutoFillSOADto" responses: "201": description: "" security: - apikey: [] - summary: "Get JumpCloud sync status" + summary: "Auto-fill ISO 27001 SOA" tags: - - "Integrations" - description: "Get JumpCloud sync status in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + - "SOA" x-mint: metadata: - title: "Get JumpCloud sync status | Comp AI API" - sidebarTitle: "Get JumpCloud sync status" - description: "Get JumpCloud sync status in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect." - og:title: "Get JumpCloud sync status | Comp AI API" - og:description: "Get JumpCloud sync status in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect." + title: "Auto-fill ISO 27001 SOA | Comp AI API" + sidebarTitle: "Auto-fill ISO 27001 SOA" + description: "Auto-fill a Statement of Applicability draft using organization context and framework mappings for ISO 27001 review." + og:title: "Auto-fill ISO 27001 SOA | Comp AI API" + og:description: "Auto-fill a Statement of Applicability draft using organization context and framework mappings for ISO 27001 review." x-speakeasy-mcp: - name: "get-jump-cloud-status" - /v1/integrations/sync/employee-sync-provider: - get: - operationId: "SyncController_getEmployeeSyncProvider_v1" + name: "auto-fill" + /v1/soa/create-document: + post: + operationId: "SOAController_createDocument_v1" parameters: [] + requestBody: + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/CreateSOADocumentDto" responses: "200": - description: "" + description: "Document created successfully" security: - apikey: [] - summary: "Get the currently configured employee sync provider" + summary: "Create a new SOA document" tags: - - "Integrations" - description: "Get the currently configured employee sync provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - x-mint: - metadata: - title: "Get the currently configured employee sync | Comp AI API" - sidebarTitle: "Get the currently configured employee sync provider" - description: "Get the currently configured employee sync provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage." - og:title: "Get the currently configured employee sync | Comp AI API" - og:description: "Get the currently configured employee sync provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage." + - "SOA" + description: "Create a new SOA document in Comp AI. Create, auto-fill, review, approve, and export ISO 27001 Statement of Applicability documents." + x-mint: + metadata: + title: "Create a new SOA document | Comp AI API" + sidebarTitle: "Create a new SOA document" + description: "Create a new SOA document in Comp AI. Create, auto-fill, review, approve, and export ISO 27001 Statement of Applicability documents." + og:title: "Create a new SOA document | Comp AI API" + og:description: "Create a new SOA document in Comp AI. Create, auto-fill, review, approve, and export ISO 27001 Statement of Applicability documents." x-speakeasy-mcp: - name: "get-employee-sync-provider" + name: "create-document" + /v1/soa/ensure-setup: post: - operationId: "SyncController_setEmployeeSyncProvider_v1" + operationId: "SOAController_ensureSetup_v1" parameters: [] requestBody: required: true content: application/json: schema: - $ref: "#/components/schemas/SetEmployeeSyncProviderDto" + $ref: "#/components/schemas/EnsureSOASetupDto" responses: - "201": - description: "" + "200": + description: "Setup ensured" security: - apikey: [] - summary: "Set the employee sync provider" + summary: "Ensure SOA configuration and document exist" tags: - - "Integrations" - description: "Set the employee sync provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + - "SOA" + description: "Ensure SOA configuration and document exist in Comp AI. Create, auto-fill, review, approve, and export ISO 27001 Statement of Applicability documents." x-mint: metadata: - title: "Set the employee sync provider | Comp AI API" - sidebarTitle: "Set the employee sync provider" - description: "Set the employee sync provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." - og:title: "Set the employee sync provider | Comp AI API" - og:description: "Set the employee sync provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." + title: "Ensure SOA configuration and document exist | Comp AI API" + sidebarTitle: "Ensure SOA configuration and document exist" + description: "Ensure SOA configuration and document exist in Comp AI. Create, auto-fill, review, approve, and export ISO 27001 Statement of Applicability documents." + og:title: "Ensure SOA configuration and document exist | Comp AI API" + og:description: "Ensure SOA configuration and document exist in Comp AI. Create, auto-fill, review, approve, and export ISO 27001 Statement of Applicability documents." x-speakeasy-mcp: - name: "set-employee-sync-provider" - /v1/integrations/sync/device-sync-provider: - get: - operationId: "SyncController_getDeviceSyncProvider_v1" + name: "ensure-setup" + /v1/soa/get-setup: + post: + operationId: "SOAController_getSetup_v1" parameters: [] + requestBody: + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/EnsureSOASetupDto" responses: "200": - description: "" + description: "Setup returned (configuration/document may be null)" security: - apikey: [] - summary: "Get the currently configured device sync provider" + summary: "Read SOA configuration and document without creating either" tags: - - "Integrations" - description: "Get the currently configured device sync provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + - "SOA" + description: "Read SOA configuration and document without creating either in Comp AI. Create, auto-fill, review, approve, and export ISO 27001 Statement of Applicability documents." x-mint: metadata: - title: "Get the currently configured device sync | Comp AI API" - sidebarTitle: "Get the currently configured device sync provider" - description: "Get the currently configured device sync provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage." - og:title: "Get the currently configured device sync | Comp AI API" - og:description: "Get the currently configured device sync provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage." + title: "Read SOA configuration and document without | Comp AI API" + sidebarTitle: "Read SOA configuration and document without creating either" + description: "Read SOA configuration and document without creating either in Comp AI. Create, auto-fill, review, approve, and export ISO 27001 Statement of Applicability." + og:title: "Read SOA configuration and document without | Comp AI API" + og:description: "Read SOA configuration and document without creating either in Comp AI. Create, auto-fill, review, approve, and export ISO 27001 Statement of Applicability." x-speakeasy-mcp: - name: "get-device-sync-provider" + name: "get-setup" + /v1/soa/approve: post: - operationId: "SyncController_setDeviceSyncProvider_v1" + operationId: "SOAController_approveDocument_v1" parameters: [] + requestBody: + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/ApproveSOADocumentDto" responses: - "201": - description: "" + "200": + description: "Document approved successfully" security: - apikey: [] - summary: "Set the device sync provider" + summary: "Approve a SOA document" tags: - - "Integrations" - description: "Set the device sync provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + - "SOA" + description: "Approve a SOA document in Comp AI. Create, auto-fill, review, approve, and export ISO 27001 Statement of Applicability documents." x-mint: metadata: - title: "Set the device sync provider | Comp AI API" - sidebarTitle: "Set the device sync provider" - description: "Set the device sync provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect." - og:title: "Set the device sync provider | Comp AI API" - og:description: "Set the device sync provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect." + title: "Approve a SOA document | Comp AI API" + sidebarTitle: "Approve a SOA document" + description: "Approve a SOA document in Comp AI. Create, auto-fill, review, approve, and export ISO 27001 Statement of Applicability documents." + og:title: "Approve a SOA document | Comp AI API" + og:description: "Approve a SOA document in Comp AI. Create, auto-fill, review, approve, and export ISO 27001 Statement of Applicability documents." x-speakeasy-mcp: - name: "set-device-sync-provider" - /v1/integrations/sync/available-providers: - get: - operationId: "SyncController_getAvailableSyncProviders_v1" - parameters: - - name: "syncType" - required: true - in: "query" - schema: - type: "string" + name: "approve-document" + /v1/soa/decline: + post: + operationId: "SOAController_declineDocument_v1" + parameters: [] + requestBody: + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/DeclineSOADocumentDto" responses: "200": - description: "" + description: "Document declined successfully" security: - apikey: [] - summary: "List sync providers available to the org" + summary: "Decline a SOA document" tags: - - "Integrations" - description: "List sync providers available to the org in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + - "SOA" + description: "Decline a SOA document in Comp AI. Create, auto-fill, review, approve, and export ISO 27001 Statement of Applicability documents." x-mint: metadata: - title: "List sync providers available to the org | Comp AI API" - sidebarTitle: "List sync providers available to the org" - description: "List sync providers available to the org in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." - og:title: "List sync providers available to the org | Comp AI API" - og:description: "List sync providers available to the org in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." + title: "Decline a SOA document | Comp AI API" + sidebarTitle: "Decline a SOA document" + description: "Decline a SOA document in Comp AI. Create, auto-fill, review, approve, and export ISO 27001 Statement of Applicability documents." + og:title: "Decline a SOA document | Comp AI API" + og:description: "Decline a SOA document in Comp AI. Create, auto-fill, review, approve, and export ISO 27001 Statement of Applicability documents." x-speakeasy-mcp: - name: "get-available-sync-providers" - /v1/integrations/sync/dynamic/{providerSlug}/employees: + name: "decline-document" + /v1/soa/submit-for-approval: post: - operationId: "SyncController_syncDynamicProviderEmployees_v1" - parameters: - - name: "providerSlug" - required: true - in: "path" - schema: - type: "string" - - name: "connectionId" - required: true - in: "query" - schema: - type: "string" + operationId: "SOAController_submitForApproval_v1" + parameters: [] + requestBody: + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/SubmitSOAForApprovalDto" responses: - "201": - description: "" + "200": + description: "Document submitted for approval successfully" security: - apikey: [] - summary: "Sync employees for a dynamic provider" + summary: "Submit SOA document for approval" tags: - - "Integrations" - description: "Sync employees for a dynamic provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + - "SOA" + description: "Submit SOA document for approval in Comp AI. Create, auto-fill, review, approve, and export ISO 27001 Statement of Applicability documents." x-mint: metadata: - title: "Sync employees for a dynamic provider | Comp AI API" - sidebarTitle: "Sync employees for a dynamic provider" - description: "Sync employees for a dynamic provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." - og:title: "Sync employees for a dynamic provider | Comp AI API" - og:description: "Sync employees for a dynamic provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." + title: "Submit SOA document for approval | Comp AI API" + sidebarTitle: "Submit SOA document for approval" + description: "Submit SOA document for approval in Comp AI. Create, auto-fill, review, approve, and export ISO 27001 Statement of Applicability documents." + og:title: "Submit SOA document for approval | Comp AI API" + og:description: "Submit SOA document for approval in Comp AI. Create, auto-fill, review, approve, and export ISO 27001 Statement of Applicability documents." x-speakeasy-mcp: - name: "sync-dynamic-provider-employees" - /v1/integrations/sync/dynamic/{providerSlug}/devices: + name: "submit-for-approval" + /v1/soa/export: post: - operationId: "SyncController_syncDynamicProviderDevices_v1" - parameters: - - name: "providerSlug" - required: true - in: "path" - schema: - type: "string" - - name: "connectionId" - required: true - in: "query" - schema: - type: "string" + operationId: "SOAController_exportDocument_v1" + parameters: [] + requestBody: + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/ExportSOADocumentDto" responses: - "201": - description: "" + "200": + description: "Export SOA document to PDF" security: - apikey: [] - summary: "Sync devices for a dynamic provider" - tags: - - "Integrations" - description: "Sync devices for a dynamic provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - x-mint: - metadata: - title: "Sync devices for a dynamic provider | Comp AI API" - sidebarTitle: "Sync devices for a dynamic provider" - description: "Sync devices for a dynamic provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." - og:title: "Sync devices for a dynamic provider | Comp AI API" - og:description: "Sync devices for a dynamic provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables." - x-speakeasy-mcp: - name: "sync-dynamic-provider-devices" - /v1/cloud-security/activity: - get: - operationId: "CloudSecurityController_getActivity_v1" - parameters: - - name: "connectionId" - required: true - in: "query" - schema: - type: "string" - responses: - "200": - description: "" - summary: "List recent cloud security activity" + summary: "Export ISO 27001 SOA" tags: - - "CloudSecurity" - description: "List recent cloud security activity in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." + - "SOA" + description: "Export the approved Statement of Applicability document for ISO 27001 auditors, customer reviews, and internal records." x-mint: metadata: - title: "List recent cloud security activity | Comp AI API" - sidebarTitle: "List recent cloud security activity" - description: "List recent cloud security activity in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud." - og:title: "List recent cloud security activity | Comp AI API" - og:description: "List recent cloud security activity in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud." + title: "Export ISO 27001 SOA | Comp AI API" + sidebarTitle: "Export ISO 27001 SOA" + description: "Export the approved Statement of Applicability document for ISO 27001 auditors, customer reviews, and internal records." + og:title: "Export ISO 27001 SOA | Comp AI API" + og:description: "Export the approved Statement of Applicability document for ISO 27001 auditors, customer reviews, and internal records." x-speakeasy-mcp: - name: "get-activity" - /v1/cloud-security/providers: - get: - operationId: "CloudSecurityController_getProviders_v1" + name: "export-document" + /v1/isms/ensure-setup: + post: + operationId: "IsmsController_ensureSetup_v1" parameters: [] + requestBody: + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/EnsureIsmsSetupDto" responses: "200": - description: "" - summary: "List supported cloud providers" + description: "Setup ensured" + security: + - apikey: [] + summary: "Ensure ISMS foundational documents exist" tags: - - "CloudSecurity" - description: "List supported cloud providers in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." + - "ISMS" + description: "Ensure ISMS foundational documents exist in Comp AI." x-mint: metadata: - title: "List supported cloud providers | Comp AI API" - sidebarTitle: "List supported cloud providers" - description: "List supported cloud providers in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture." - og:title: "List supported cloud providers | Comp AI API" - og:description: "List supported cloud providers in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture." + title: "Ensure ISMS foundational documents exist | Comp AI API" + sidebarTitle: "Ensure ISMS foundational documents exist" + description: "Ensure ISMS foundational documents exist in Comp AI." + og:title: "Ensure ISMS foundational documents exist | Comp AI API" + og:description: "Ensure ISMS foundational documents exist in Comp AI." x-speakeasy-mcp: - name: "get-providers" - /v1/cloud-security/findings: + name: "isms-ensure-setup" + /v1/isms/documents/{id}: get: - operationId: "CloudSecurityController_getFindings_v1" - parameters: [] + operationId: "IsmsController_getDocument_v1" + parameters: + - name: "id" + required: true + in: "path" + schema: + type: "string" responses: "200": - description: "" - summary: "List cloud security findings" + description: "ISMS document" + security: + - apikey: [] + summary: "Get an ISMS document with its latest version" tags: - - "CloudSecurity" - description: "List cloud security findings discovered by scans so teams can prioritize remediation before issues become audit findings." + - "ISMS" + description: "Get an ISMS document with its latest version in Comp AI." x-mint: metadata: - title: "List cloud security findings | Comp AI API" - sidebarTitle: "List cloud security findings" - description: "List cloud security findings discovered by scans so teams can prioritize remediation before issues become audit findings." - og:title: "List cloud security findings | Comp AI API" - og:description: "List cloud security findings discovered by scans so teams can prioritize remediation before issues become audit findings." + title: "Get an ISMS document with its latest version | Comp AI API" + sidebarTitle: "Get an ISMS document with its latest version" + description: "Get an ISMS document with its latest version in Comp AI." + og:title: "Get an ISMS document with its latest version | Comp AI API" + og:description: "Get an ISMS document with its latest version in Comp AI." x-speakeasy-mcp: - name: "get-findings" - /v1/cloud-security/findings/{findingId}/exception: + name: "get-document" + /v1/isms/documents/{id}/controls: post: - description: "Accepts session, API key, or service token auth. For API key / service token callers without an explicit user attribution, the action is attributed to the org's owner and the audit log description records the calling key/service name." - operationId: "CloudSecurityController_markFindingAsException_v1" + operationId: "IsmsController_addControls_v1" parameters: - - name: "findingId" + - name: "id" required: true in: "path" schema: @@ -13833,408 +13877,704 @@ paths: content: application/json: schema: - $ref: "#/components/schemas/MarkExceptionDto" + $ref: "#/components/schemas/LinkIsmsControlsDto" responses: - "201": - description: "" - summary: "Mark a finding as an exception so it no longer appears in the active Scan Results list" + "200": + description: "Controls linked" + security: + - apikey: [] + summary: "Map organization controls to an ISMS document" tags: - - "CloudSecurity" + - "ISMS" + description: "Map organization controls to an ISMS document in Comp AI." x-mint: metadata: - title: "Mark a finding as an exception so it no | Comp AI API" - sidebarTitle: "Mark a finding as an exception so it no longer appears in the active Scan Results list" - description: "Accepts session, API key, or service token auth. For API key / service token callers without an explicit user attribution, the action is attributed to the." - og:title: "Mark a finding as an exception so it no | Comp AI API" - og:description: "Accepts session, API key, or service token auth. For API key / service token callers without an explicit user attribution, the action is attributed to the." + title: "Map organization controls to an ISMS document | Comp AI API" + sidebarTitle: "Map organization controls to an ISMS document" + description: "Map organization controls to an ISMS document in Comp AI." + og:title: "Map organization controls to an ISMS document | Comp AI API" + og:description: "Map organization controls to an ISMS document in Comp AI." x-speakeasy-mcp: - name: "mark-finding-as-exception" - /v1/cloud-security/connections/{connectionId}/scan-mode: - patch: - description: "Accepts session, API key, or service token auth. For API key / service token callers without an explicit user attribution, the action is attributed to the org's owner." - operationId: "CloudSecurityController_updateAwsScanMode_v1" + name: "add-controls" + /v1/isms/documents/{id}/controls/{controlId}: + delete: + operationId: "IsmsController_removeControl_v1" parameters: - - name: "connectionId" + - name: "id" + required: true + in: "path" + schema: + type: "string" + - name: "controlId" required: true in: "path" schema: type: "string" - requestBody: - required: true - content: - application/json: - schema: - $ref: "#/components/schemas/UpdateAwsScanModeDto" responses: "200": - description: "" - summary: "Switch the AWS scan engine for a connection (Comp AI scanners ↔ Security Hub)" + description: "Control unlinked" + security: + - apikey: [] + summary: "Remove a control mapping from an ISMS document" tags: - - "CloudSecurity" + - "ISMS" + description: "Remove a control mapping from an ISMS document in Comp AI." x-mint: metadata: - title: "Switch the AWS scan engine for a connection | Comp AI API" - sidebarTitle: "Switch the AWS scan engine for a connection (Comp AI scanners ↔ Security Hub)" - description: "Accepts session, API key, or service token auth. For API key / service token callers without an explicit user attribution, the action is attributed to the." - og:title: "Switch the AWS scan engine for a connection | Comp AI API" - og:description: "Accepts session, API key, or service token auth. For API key / service token callers without an explicit user attribution, the action is attributed to the." + title: "Remove a control mapping from an ISMS document | Comp AI API" + sidebarTitle: "Remove a control mapping from an ISMS document" + description: "Remove a control mapping from an ISMS document in Comp AI." + og:title: "Remove a control mapping from an ISMS document | Comp AI API" + og:description: "Remove a control mapping from an ISMS document in Comp AI." x-speakeasy-mcp: - name: "update-aws-scan-mode" - /v1/cloud-security/exceptions/{exceptionId}: - delete: - description: "Accepts session, API key, or service token auth. For API key / service token callers without an explicit user attribution, the action is attributed to the org's owner." - operationId: "CloudSecurityController_revokeException_v1" + name: "remove-control" + /v1/isms/documents/{id}/generate: + post: + operationId: "IsmsController_generate_v1" parameters: - - name: "exceptionId" + - name: "id" required: true in: "path" schema: type: "string" responses: "200": - description: "" - summary: "Revoke an exception, reopening the finding" + description: "Document with derived issues" + security: + - apikey: [] + summary: "Derive Context-of-the-Organization issues" tags: - - "CloudSecurity" + - "ISMS" + description: "Derive Context-of-the-Organization issues in Comp AI." x-mint: metadata: - title: "Revoke an exception, reopening the finding | Comp AI API" - sidebarTitle: "Revoke an exception, reopening the finding" - description: "Accepts session, API key, or service token auth. For API key / service token callers without an explicit user attribution, the action is attributed to the." - og:title: "Revoke an exception, reopening the finding | Comp AI API" - og:description: "Accepts session, API key, or service token auth. For API key / service token callers without an explicit user attribution, the action is attributed to the." + title: "Derive Context-of-the-Organization issues | Comp AI API" + sidebarTitle: "Derive Context-of-the-Organization issues" + description: "Derive Context-of-the-Organization issues in Comp AI." + og:title: "Derive Context-of-the-Organization issues | Comp AI API" + og:description: "Derive Context-of-the-Organization issues in Comp AI." x-speakeasy-mcp: - name: "revoke-exception" - /v1/cloud-security/history: - get: - operationId: "CloudSecurityController_getHistory_v1" + name: "generate" + /v1/isms/documents/{id}/submit-for-approval: + post: + operationId: "IsmsController_submitForApproval_v1" parameters: - - name: "connectionId" + - name: "id" required: true - in: "query" + in: "path" schema: type: "string" + requestBody: + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/SubmitIsmsForApprovalDto" responses: "200": - description: "" - summary: "List resolution, exception, and regression history for a connection" + description: "Document submitted for approval" + security: + - apikey: [] + summary: "Submit an ISMS document for approval" tags: - - "CloudSecurity" - description: "List resolution, exception, and regression history for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." + - "ISMS" + description: "Submit an ISMS document for approval in Comp AI." x-mint: metadata: - title: "List resolution, exception, and regression | Comp AI API" - sidebarTitle: "List resolution, exception, and regression history for a connection" - description: "List resolution, exception, and regression history for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services." - og:title: "List resolution, exception, and regression | Comp AI API" - og:description: "List resolution, exception, and regression history for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services." + title: "Submit an ISMS document for approval | Comp AI API" + sidebarTitle: "Submit an ISMS document for approval" + description: "Submit an ISMS document for approval in Comp AI." + og:title: "Submit an ISMS document for approval | Comp AI API" + og:description: "Submit an ISMS document for approval in Comp AI." x-speakeasy-mcp: - name: "get-history" - /v1/cloud-security/findings/{findingId}/check-definition: - get: - operationId: "CloudSecurityController_getCheckDefinition_v1" + name: "isms-submit-for-approval" + /v1/isms/documents/{id}/approve: + post: + operationId: "IsmsController_approve_v1" parameters: - - name: "findingId" + - name: "id" required: true in: "path" schema: type: "string" responses: "200": - description: "" - summary: "Resolve the \"About this check\" description for a finding (AI-cached for AWS; provider-derived for GCP/Azure)" + description: "Document approved" + security: + - apikey: [] + summary: "Approve an ISMS document" tags: - - "CloudSecurity" - description: "Resolve the \"About this check\" description for a finding (AI-cached for AWS; provider-derived for GCP/Azure) in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture." + - "ISMS" + description: "Approve an ISMS document in Comp AI." x-mint: metadata: - title: "Resolve the \"About this check\" description | Comp AI API" - sidebarTitle: "Resolve the \"About this check\" description for a finding (AI-cached for AWS; provider-derived for GCP/Azure)" - description: "Resolve the \"About this check\" description for a finding (AI-cached for AWS; provider-derived for GCP/Azure) in Comp AI. Run AWS, Azure, and GCP cloud." - og:title: "Resolve the \"About this check\" description | Comp AI API" - og:description: "Resolve the \"About this check\" description for a finding (AI-cached for AWS; provider-derived for GCP/Azure) in Comp AI. Run AWS, Azure, and GCP cloud." + title: "Approve an ISMS document | Comp AI API" + sidebarTitle: "Approve an ISMS document" + description: "Approve an ISMS document in Comp AI." + og:title: "Approve an ISMS document | Comp AI API" + og:description: "Approve an ISMS document in Comp AI." + x-speakeasy-mcp: + name: "approve" + /v1/isms/documents/{id}/decline: + post: + operationId: "IsmsController_decline_v1" + parameters: + - name: "id" + required: true + in: "path" + schema: + type: "string" + responses: + "200": + description: "Document declined" + security: + - apikey: [] + summary: "Decline an ISMS document" + tags: + - "ISMS" + description: "Decline an ISMS document in Comp AI." + x-mint: + metadata: + title: "Decline an ISMS document | Comp AI API" + sidebarTitle: "Decline an ISMS document" + description: "Decline an ISMS document in Comp AI." + og:title: "Decline an ISMS document | Comp AI API" + og:description: "Decline an ISMS document in Comp AI." x-speakeasy-mcp: - name: "get-check-definition" - /v1/cloud-security/resolve-session/{connectionId}: - post: - operationId: "CloudSecurityController_resolveSession_v1" + name: "decline" + /v1/isms/documents/{id}/drift: + get: + operationId: "IsmsController_drift_v1" parameters: - - name: "connectionId" + - name: "id" required: true in: "path" schema: type: "string" responses: - "201": - description: "" - summary: "Resolve short-lived AWS credentials for a connection (internal only)" + "200": + description: "Drift status" + security: + - apikey: [] + summary: "Detect drift against the approved snapshot" tags: - - "CloudSecurity" - description: "Resolve short-lived AWS credentials for a connection (internal only) in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." + - "ISMS" + description: "Detect drift against the approved snapshot in Comp AI." x-mint: metadata: - title: "Resolve short-lived AWS credentials for a | Comp AI API" - sidebarTitle: "Resolve short-lived AWS credentials for a connection (internal only)" - description: "Resolve short-lived AWS credentials for a connection (internal only) in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services." - og:title: "Resolve short-lived AWS credentials for a | Comp AI API" - og:description: "Resolve short-lived AWS credentials for a connection (internal only) in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services." + title: "Detect drift against the approved snapshot | Comp AI API" + sidebarTitle: "Detect drift against the approved snapshot" + description: "Detect drift against the approved snapshot in Comp AI." + og:title: "Detect drift against the approved snapshot | Comp AI API" + og:description: "Detect drift against the approved snapshot in Comp AI." x-speakeasy-mcp: - name: "resolve-session" - /v1/cloud-security/scan/{connectionId}: - post: - operationId: "CloudSecurityController_scan_v1" + name: "drift" + /v1/isms/documents/{id}/versions: + get: + operationId: "IsmsController_getVersions_v1" parameters: - - name: "connectionId" + - name: "id" required: true in: "path" schema: type: "string" responses: - "201": - description: "" - summary: "Run cloud security scan" + "200": + description: "Published versions, newest first" + security: + - apikey: [] + summary: "List an ISMS document's published version history" tags: - - "CloudSecurity" - description: "Trigger a cloud security scan for a connected AWS, Azure, or GCP account and collect findings for compliance remediation." + - "ISMS" + description: "List an ISMS document's published version history in Comp AI." x-mint: metadata: - title: "Run cloud security scan | Comp AI API" - sidebarTitle: "Run cloud security scan" - description: "Trigger a cloud security scan for a connected AWS, Azure, or GCP account and collect findings for compliance remediation." - og:title: "Run cloud security scan | Comp AI API" - og:description: "Trigger a cloud security scan for a connected AWS, Azure, or GCP account and collect findings for compliance remediation." + title: "List an ISMS document's published version | Comp AI API" + sidebarTitle: "List an ISMS document's published version history" + description: "List an ISMS document's published version history in Comp AI." + og:title: "List an ISMS document's published version | Comp AI API" + og:description: "List an ISMS document's published version history in Comp AI." x-speakeasy-mcp: - name: "scan" - /v1/cloud-security/detect-services/{connectionId}: + name: "get-versions" + /v1/isms/documents/{id}/export: post: - operationId: "CloudSecurityController_detectServices_v1" + operationId: "IsmsController_exportDocument_v1" parameters: - - name: "connectionId" + - name: "id" required: true in: "path" schema: type: "string" + requestBody: + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/ExportIsmsDocumentDto" responses: - "201": - description: "" - summary: "Detect available cloud services for a connection" + "200": + description: "Rendered document" + security: + - apikey: [] + summary: "Export an ISMS document as PDF or DOCX" tags: - - "CloudSecurity" - description: "Detect available cloud services for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." + - "ISMS" + description: "Export an ISMS document as PDF or DOCX in Comp AI." x-mint: metadata: - title: "Detect available cloud services for a | Comp AI API" - sidebarTitle: "Detect available cloud services for a connection" - description: "Detect available cloud services for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings." - og:title: "Detect available cloud services for a | Comp AI API" - og:description: "Detect available cloud services for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings." + title: "Export an ISMS document as PDF or DOCX | Comp AI API" + sidebarTitle: "Export an ISMS document as PDF or DOCX" + description: "Export an ISMS document as PDF or DOCX in Comp AI." + og:title: "Export an ISMS document as PDF or DOCX | Comp AI API" + og:description: "Export an ISMS document as PDF or DOCX in Comp AI." x-speakeasy-mcp: - name: "detect-services" - /v1/cloud-security/detect-gcp-org/{connectionId}: + name: "isms-export-document" + /v1/isms/documents/{id}/registers/{register}: post: - operationId: "CloudSecurityController_detectGcpOrg_v1" + operationId: "IsmsRegistersController_createRow_v1" parameters: - - name: "connectionId" + - name: "id" + required: true + in: "path" + schema: + type: "string" + - name: "register" required: true in: "path" schema: type: "string" + requestBody: + required: true + description: "Register row fields (per-register; validated at runtime by zod)" + content: + application/json: + schema: + type: "object" + properties: + kind: + type: "string" + enum: + - "internal" + - "external" + category: + type: "string" + description: + type: "string" + effect: + type: "string" + name: + type: "string" + needsExpectations: + type: "string" + interestedPartyId: + type: "string" + partyName: + type: "string" + requirement: + type: "string" + treatment: + type: "string" + objective: + type: "string" + target: + type: "string" + ownerMemberId: + type: "string" + cadence: + type: "string" + plan: + type: "string" + measurementMethod: + type: "string" + status: + type: "string" + enum: + - "not_started" + - "on_track" + - "at_risk" + - "met" + responsibilities: + type: "string" + authorities: + type: "string" + authorityGrantedBy: + type: "string" + requiredCompetence: + type: "string" + auditRoute: + type: "string" + enum: + - "in_house" + - "external" + - "training_planned" + nullable: true + auditRouteMemberId: + type: "string" + nullable: true + auditFirmName: + type: "string" + nullable: true + auditEvidenceRef: + type: "string" + nullable: true + auditCourse: + type: "string" + nullable: true + auditDueDate: + type: "string" + nullable: true + roleId: + type: "string" + memberId: + type: "string" + basisOfCompetence: + type: "string" + enum: + - "education" + - "training" + - "experience" + - "combination" + nullable: true + evidenceRetained: + type: "string" + nullable: true + gap: + type: "string" + nullable: true + remediationAction: + type: "string" + nullable: true + remediationDueDate: + type: "string" + nullable: true + position: + type: "integer" + minimum: 0 responses: - "201": - description: "" - summary: "Detect the GCP organization for a connection" + "200": + description: "Register row created" + security: + - apikey: [] + summary: "Create a row in an ISMS register" tags: - - "CloudSecurity" - description: "Detect the GCP organization for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." + - "ISMS" + description: "Create a row in an ISMS register in Comp AI." x-mint: metadata: - title: "Detect the GCP organization for a connection | Comp AI API" - sidebarTitle: "Detect the GCP organization for a connection" - description: "Detect the GCP organization for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect." - og:title: "Detect the GCP organization for a connection | Comp AI API" - og:description: "Detect the GCP organization for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect." + title: "Create a row in an ISMS register | Comp AI API" + sidebarTitle: "Create a row in an ISMS register" + description: "Create a row in an ISMS register in Comp AI." + og:title: "Create a row in an ISMS register | Comp AI API" + og:description: "Create a row in an ISMS register in Comp AI." x-speakeasy-mcp: - name: "detect-gcp-org" - /v1/cloud-security/select-gcp-projects/{connectionId}: - post: - operationId: "CloudSecurityController_selectGcpProjects_v1" + name: "create-row" + /v1/isms/registers/{register}/{rowId}: + patch: + operationId: "IsmsRegistersController_updateRow_v1" parameters: - - name: "connectionId" + - name: "register" + required: true + in: "path" + schema: + type: "string" + - name: "rowId" required: true in: "path" schema: type: "string" + requestBody: + required: true + description: "Register row fields (per-register; validated at runtime by zod)" + content: + application/json: + schema: + type: "object" + properties: + kind: + type: "string" + enum: + - "internal" + - "external" + category: + type: "string" + description: + type: "string" + effect: + type: "string" + name: + type: "string" + needsExpectations: + type: "string" + interestedPartyId: + type: "string" + partyName: + type: "string" + requirement: + type: "string" + treatment: + type: "string" + objective: + type: "string" + target: + type: "string" + ownerMemberId: + type: "string" + cadence: + type: "string" + plan: + type: "string" + measurementMethod: + type: "string" + status: + type: "string" + enum: + - "not_started" + - "on_track" + - "at_risk" + - "met" + responsibilities: + type: "string" + authorities: + type: "string" + authorityGrantedBy: + type: "string" + requiredCompetence: + type: "string" + auditRoute: + type: "string" + enum: + - "in_house" + - "external" + - "training_planned" + nullable: true + auditRouteMemberId: + type: "string" + nullable: true + auditFirmName: + type: "string" + nullable: true + auditEvidenceRef: + type: "string" + nullable: true + auditCourse: + type: "string" + nullable: true + auditDueDate: + type: "string" + nullable: true + roleId: + type: "string" + memberId: + type: "string" + basisOfCompetence: + type: "string" + enum: + - "education" + - "training" + - "experience" + - "combination" + nullable: true + evidenceRetained: + type: "string" + nullable: true + gap: + type: "string" + nullable: true + remediationAction: + type: "string" + nullable: true + remediationDueDate: + type: "string" + nullable: true + position: + type: "integer" + minimum: 0 responses: - "201": - description: "" - summary: "Select GCP projects for a connection" + "200": + description: "Register row updated" + security: + - apikey: [] + summary: "Update a row in an ISMS register" tags: - - "CloudSecurity" - description: "Select GCP projects for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." + - "ISMS" + description: "Update a row in an ISMS register in Comp AI." x-mint: metadata: - title: "Select GCP projects for a connection | Comp AI API" - sidebarTitle: "Select GCP projects for a connection" - description: "Select GCP projects for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud." - og:title: "Select GCP projects for a connection | Comp AI API" - og:description: "Select GCP projects for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud." + title: "Update a row in an ISMS register | Comp AI API" + sidebarTitle: "Update a row in an ISMS register" + description: "Update a row in an ISMS register in Comp AI." + og:title: "Update a row in an ISMS register | Comp AI API" + og:description: "Update a row in an ISMS register in Comp AI." x-speakeasy-mcp: - name: "select-gcp-projects" - /v1/cloud-security/setup-gcp/{connectionId}: - post: - operationId: "CloudSecurityController_setupGcp_v1" + name: "update-row" + delete: + operationId: "IsmsRegistersController_deleteRow_v1" parameters: - - name: "connectionId" + - name: "register" required: true in: "path" schema: type: "string" - responses: - "201": - description: "" - summary: "Set up GCP for a connection" - tags: - - "CloudSecurity" - description: "Set up GCP for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." - x-mint: - metadata: - title: "Set up GCP for a connection | Comp AI API" - sidebarTitle: "Set up GCP for a connection" - description: "Set up GCP for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture." - og:title: "Set up GCP for a connection | Comp AI API" - og:description: "Set up GCP for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture." - x-speakeasy-mcp: - name: "setup-gcp" - /v1/cloud-security/setup-gcp/{connectionId}/resolve-step: - post: - operationId: "CloudSecurityController_resolveGcpSetupStep_v1" - parameters: - - name: "connectionId" + - name: "rowId" required: true in: "path" schema: type: "string" responses: - "201": - description: "" - summary: "Resolve a GCP setup step" + "200": + description: "Register row deleted" + security: + - apikey: [] + summary: "Delete a row in an ISMS register" tags: - - "CloudSecurity" - description: "Resolve a GCP setup step in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." + - "ISMS" + description: "Delete a row in an ISMS register in Comp AI." x-mint: metadata: - title: "Resolve a GCP setup step | Comp AI API" - sidebarTitle: "Resolve a GCP setup step" - description: "Resolve a GCP setup step in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture." - og:title: "Resolve a GCP setup step | Comp AI API" - og:description: "Resolve a GCP setup step in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture." + title: "Delete a row in an ISMS register | Comp AI API" + sidebarTitle: "Delete a row in an ISMS register" + description: "Delete a row in an ISMS register in Comp AI." + og:title: "Delete a row in an ISMS register | Comp AI API" + og:description: "Delete a row in an ISMS register in Comp AI." x-speakeasy-mcp: - name: "resolve-gcp-setup-step" - /v1/cloud-security/setup-azure/{connectionId}: + name: "delete-row" + /v1/isms/documents/{id}/narrative: post: - operationId: "CloudSecurityController_setupAzure_v1" + operationId: "IsmsRegistersController_saveNarrative_v1" parameters: - - name: "connectionId" + - name: "id" required: true in: "path" schema: type: "string" + requestBody: + required: true + description: "Singleton document narrative payload" + content: + application/json: + schema: + type: "object" + properties: + narrative: + type: "object" + description: "Per-type narrative object (e.g. ISMS scope or leadership commitment), validated at runtime by zod" + additionalProperties: true + required: + - "narrative" responses: - "201": - description: "" - summary: "Set up Azure for a connection" + "200": + description: "Narrative saved" + security: + - apikey: [] + summary: "Save a singleton document narrative" tags: - - "CloudSecurity" - description: "Set up Azure for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." + - "ISMS" + description: "Save a singleton document narrative in Comp AI." x-mint: metadata: - title: "Set up Azure for a connection | Comp AI API" - sidebarTitle: "Set up Azure for a connection" - description: "Set up Azure for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture." - og:title: "Set up Azure for a connection | Comp AI API" - og:description: "Set up Azure for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture." + title: "Save a singleton document narrative | Comp AI API" + sidebarTitle: "Save a singleton document narrative" + description: "Save a singleton document narrative in Comp AI." + og:title: "Save a singleton document narrative | Comp AI API" + og:description: "Save a singleton document narrative in Comp AI." x-speakeasy-mcp: - name: "setup-azure" - /v1/cloud-security/validate-azure/{connectionId}: - post: - operationId: "CloudSecurityController_validateAzure_v1" + name: "save-narrative" + /v1/isms/profile: + get: + operationId: "IsmsProfileController_getProfile_v1" parameters: - - name: "connectionId" + - name: "frameworkId" required: true - in: "path" + in: "query" schema: type: "string" responses: - "201": - description: "" - summary: "Validate Azure credentials for a connection" + "200": + description: "Wizard profile, defaults and member options" + security: + - apikey: [] + summary: "Get the ISMS wizard profile, defaults and members" tags: - - "CloudSecurity" - description: "Validate Azure credentials for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." + - "ISMS" + description: "Get the ISMS wizard profile, defaults and members in Comp AI." x-mint: metadata: - title: "Validate Azure credentials for a connection | Comp AI API" - sidebarTitle: "Validate Azure credentials for a connection" - description: "Validate Azure credentials for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect." - og:title: "Validate Azure credentials for a connection | Comp AI API" - og:description: "Validate Azure credentials for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect." + title: "Get the ISMS wizard profile, defaults and | Comp AI API" + sidebarTitle: "Get the ISMS wizard profile, defaults and members" + description: "Get the ISMS wizard profile, defaults and members in Comp AI." + og:title: "Get the ISMS wizard profile, defaults and | Comp AI API" + og:description: "Get the ISMS wizard profile, defaults and members in Comp AI." x-speakeasy-mcp: - name: "validate-azure" - /v1/cloud-security/trigger/{connectionId}: + name: "get-profile" post: - operationId: "CloudSecurityController_triggerScan_v1" - parameters: - - name: "connectionId" - required: true - in: "path" - schema: - type: "string" + operationId: "IsmsProfileController_saveProfile_v1" + parameters: [] + requestBody: + required: true + description: "Partial ISMS wizard answers (validated at runtime by zod)" + content: + application/json: + schema: + type: "object" + properties: + frameworkId: + type: "string" + answers: + type: "object" + description: "Deeply-partial wizard answers (any subset of the wizard steps)" + additionalProperties: true + complete: + type: "boolean" + description: "Whether the wizard is being finalized" + required: + - "frameworkId" + - "answers" responses: - "201": - description: "" - summary: "Trigger a cloud security run for a connection" + "200": + description: "Saved profile" + security: + - apikey: [] + summary: "Save (partial) ISMS wizard answers" tags: - - "CloudSecurity" - description: "Trigger a cloud security run for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." + - "ISMS" + description: "Save (partial) ISMS wizard answers in Comp AI." x-mint: - metadata: - title: "Trigger a cloud security run for a connection | Comp AI API" - sidebarTitle: "Trigger a cloud security run for a connection" - description: "Trigger a cloud security run for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings." - og:title: "Trigger a cloud security run for a connection | Comp AI API" - og:description: "Trigger a cloud security run for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings." + metadata: + title: "Save (partial) ISMS wizard answers | Comp AI API" + sidebarTitle: "Save (partial) ISMS wizard answers" + description: "Save (partial) ISMS wizard answers in Comp AI." + og:title: "Save (partial) ISMS wizard answers | Comp AI API" + og:description: "Save (partial) ISMS wizard answers in Comp AI." x-speakeasy-mcp: - name: "trigger-scan" - /v1/cloud-security/runs/{runId}: - get: - operationId: "CloudSecurityController_getRunStatus_v1" - parameters: - - name: "runId" - required: true - in: "path" - schema: - type: "string" - - name: "connectionId" - required: true - in: "query" - schema: - type: "string" + name: "save-profile" + /v1/isms/generate-all: + post: + operationId: "IsmsProfileController_generateAll_v1" + parameters: [] + requestBody: + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/GenerateAllDto" responses: "200": - description: "" - summary: "Get a cloud security scan run by ID" + description: "Regenerated ISMS documents" + security: + - apikey: [] + summary: "Ensure and regenerate all ISMS documents" tags: - - "CloudSecurity" - description: "Get a cloud security scan run by ID in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." + - "ISMS" + description: "Ensure and regenerate all ISMS documents in Comp AI." x-mint: metadata: - title: "Get a cloud security scan run by ID | Comp AI API" - sidebarTitle: "Get a cloud security scan run by ID" - description: "Get a cloud security scan run by ID in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud." - og:title: "Get a cloud security scan run by ID | Comp AI API" - og:description: "Get a cloud security scan run by ID in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud." + title: "Ensure and regenerate all ISMS documents | Comp AI API" + sidebarTitle: "Ensure and regenerate all ISMS documents" + description: "Ensure and regenerate all ISMS documents in Comp AI." + og:title: "Ensure and regenerate all ISMS documents | Comp AI API" + og:description: "Ensure and regenerate all ISMS documents in Comp AI." x-speakeasy-mcp: - name: "get-run-status" + name: "generate-all" /v1/task-management/stats: get: description: "Get task items statistics for an entity in Comp AI. Manage task items and attachments linked to operational entities such as risks and vendors." @@ -15561,6 +15901,39 @@ paths: og:description: "Create a custom framework for this organization in Comp AI. Manage SOC 2, ISO 27001, HIPAA, GDPR, and custom framework instances, requirements, scores." x-speakeasy-mcp: name: "create-custom" + /v1/frameworks/{id}/custom: + patch: + description: "Update the name and/or description of an organization's custom framework. Only custom frameworks are editable; platform frameworks return 400." + operationId: "FrameworksController_updateCustom_v1" + parameters: + - name: "id" + required: true + in: "path" + schema: + type: "string" + requestBody: + required: true + content: + application/json: + schema: + $ref: "#/components/schemas/UpdateCustomFrameworkDto" + responses: + "200": + description: "" + security: + - bearer: [] + summary: "Update a custom framework" + tags: + - "Frameworks" + x-mint: + metadata: + title: "Update a custom framework | Comp AI API" + sidebarTitle: "Update a custom framework" + description: "Update the name and/or description of an organization's custom framework. Only custom frameworks are editable; platform frameworks return 400." + og:title: "Update a custom framework | Comp AI API" + og:description: "Update the name and/or description of an organization's custom framework. Only custom frameworks are editable; platform frameworks return 400." + x-speakeasy-mcp: + name: "update-custom" /v1/frameworks/{id}/requirements: post: operationId: "FrameworksController_createRequirement_v1" @@ -17533,65 +17906,236 @@ components: example: 1024000 downloadUrl: type: "string" - description: "Signed URL for downloading the file (temporary)" - example: "https://bucket.s3.amazonaws.com/path/to/file.pdf?signature=..." - createdAt: - format: "date-time" + description: "Signed URL for downloading the file (temporary)" + example: "https://bucket.s3.amazonaws.com/path/to/file.pdf?signature=..." + createdAt: + format: "date-time" + type: "string" + description: "Upload timestamp" + example: "2024-01-15T10:30:00Z" + required: + - "id" + - "name" + - "type" + - "size" + - "downloadUrl" + - "createdAt" + CreateUploadUrlDto: + type: "object" + properties: + purpose: + type: "string" + enum: + - "questionnaire" + - "policy_pdf" + - "evidence" + - "attachment" + - "document" + - "general" + description: "What the file is for. Controls where the file is stored and which feature is expected to consume the returned s3Key." + example: "questionnaire" + fileName: + type: "string" + description: "Original filename, used for the stored object name. Non-alphanumeric characters are replaced with underscores." + example: "vendor-security-questionnaire.xlsx" + fileType: + type: "string" + description: "MIME type of the file (e.g. application/pdf, text/csv). Recorded as metadata and passed to the feature endpoint; the PUT itself is content-type agnostic, so the upload never fails on a header mismatch." + example: "application/vnd.openxmlformats-officedocument.spreadsheetml.sheet" + required: + - "purpose" + - "fileName" + - "fileType" + UploadUrlResponseDto: + type: "object" + properties: + uploadUrl: + type: "string" + description: "Presigned S3 URL. Send the raw file bytes with a plain HTTP PUT to this URL — no Content-Type or auth headers are required (the signature is in the URL). Then call the feature endpoint with the s3Key below." + example: "https://bucket.s3.us-east-1.amazonaws.com/org_x/uploads/...?X-Amz-Signature=..." + s3Key: + type: "string" + description: "The S3 key the file will land at. Pass this to the feature endpoint (e.g. questionnaire upload-and-parse) instead of base64 file data." + example: "org_abc/uploads/questionnaire/1735000000-questionnaire.xlsx" + expiresIn: + type: "number" + description: "Seconds until the presigned URL expires." + example: 900 + required: + - "uploadUrl" + - "s3Key" + - "expiresIn" + CreateConnectionDto: + type: "object" + properties: + organizationId: + type: "string" + description: "Auto-resolved from your API key / session. You can omit this; it is ignored by the server." + providerSlug: + type: "string" + description: "Provider slug for the integration. Call list-providers first to see the available slugs (e.g. 'aws', 'gcp', 'azure', 'github')." + example: "aws" + credentials: + type: "object" + description: "Provider-specific credential fields. Keys differ by provider — call get-provider-details for the exact shape. For AWS (Cloud Tests) the fields are: connectionName (display name), awsType ('aws-commercial' or 'aws-govcloud'), roleArn (auditor role), externalId (typically your org id), regions (string array), and optionally remediationRoleArn and awsScanMode ('comp_scanners' or 'security_hub'). Omit credentials for OAuth providers — use POST /v1/integrations/oauth/start instead." + additionalProperties: true + example: + connectionName: "Production AWS" + awsType: "aws-commercial" + roleArn: "arn:aws:iam::123456789012:role/CompAI-Auditor" + externalId: "org_abc123" + regions: + - "us-east-1" + - "us-west-2" + remediationRoleArn: "arn:aws:iam::123456789012:role/CompAI-Remediator" + awsScanMode: "comp_scanners" + required: + - "providerSlug" + UpdateConnectionDto: + type: "object" + properties: + organizationId: + type: "string" + description: "Auto-resolved from your API key / session. You can omit this; it is ignored by the server." + metadata: + type: "object" + description: "Connection metadata to merge into the existing record. Common AWS keys: connectionName, regions (string array), awsScanMode ('comp_scanners' or 'security_hub'). The server shallow-merges this with the existing metadata, so include only the keys you want to change." + additionalProperties: true + example: + connectionName: "Production AWS (renamed)" + regions: + - "us-east-1" + - "us-west-2" + UpdateConnectionServicesDto: + type: "object" + properties: + organizationId: + type: "string" + description: "Auto-resolved from your API key / session. You can omit this; it is ignored by the server." + services: + type: "array" + description: "Service IDs to enable on this connection. Any service IDs from the provider's manifest that are NOT in this list become disabled. Pass an empty array to disable all services." + items: + type: "string" + example: + - "s3" + - "iam" + - "cloudtrail" + required: + - "services" + RunChecksDto: + type: "object" + properties: + organizationId: + type: "string" + description: "Auto-resolved from your API key / session. You can omit this; it is ignored by the server." + checkId: + type: "string" + description: "Specific check ID to run. Omit to run ALL available checks for the connection (matches the provider manifest)." + example: "aws-s3-bucket-public-access" + SaveVariablesDto: + type: "object" + properties: + organizationId: + type: "string" + description: "Auto-resolved from your API key / session. You can omit this; it is ignored by the server." + variables: + type: "object" + description: "Map of variable id → value to persist for this connection. Values can be string, number, boolean, or string[] (the shape is provider-defined — call get-connection-variables to see what each connection accepts). Pass only the variables you want to set; existing ones not included are left untouched." + additionalProperties: true + example: + scan-interval-hours: 24 + enabled-regions: + - "us-east-1" + - "us-west-2" + strict-mode: true + required: + - "variables" + RunCheckForTaskDto: + type: "object" + properties: + organizationId: + type: "string" + description: "Auto-resolved from your API key / session. You can omit this; it is ignored by the server." + connectionId: + type: "string" + description: "ID of the integration connection that owns the check (call list-connections to find it)." + example: "conn_abc123" + checkId: + type: "string" + description: "ID of the integration check to run (from the provider manifest — call list-checks-for-task to find available ones)." + example: "aws-s3-bucket-public-access" + required: + - "connectionId" + - "checkId" + ToggleCheckForTaskDto: + type: "object" + properties: + organizationId: + type: "string" + description: "Auto-resolved from your API key / session. You can omit this; it is ignored by the server." + connectionId: + type: "string" + description: "ID of the integration connection whose check is being disconnected from / reconnected to this task." + example: "conn_abc123" + checkId: + type: "string" + description: "ID of the integration check being toggled." + example: "aws-s3-bucket-public-access" + required: + - "connectionId" + - "checkId" + SetEmployeeSyncProviderDto: + type: "object" + properties: + organizationId: + type: "string" + description: "Auto-resolved from your API key / session. You can omit this; it is ignored by the server." + provider: + type: "object" + description: "Provider slug to use for employee sync (must have the \"sync\" capability in its manifest — call list-providers to see options). Pass null or omit the field to disable employee sync for this org." + example: "google-workspace" + nullable: true + SetTwoFactorSourceDto: + type: "object" + properties: + organizationId: type: "string" - description: "Upload timestamp" - example: "2024-01-15T10:30:00Z" - required: - - "id" - - "name" - - "type" - - "size" - - "downloadUrl" - - "createdAt" - CreateUploadUrlDto: + description: "Auto-resolved from your API key / session. You can omit this; it is ignored by the server." + provider: + type: "object" + description: "Provider slug whose 2FA check feeds the People-tab 2FA column (must be bound to the 2FA task — call available-2fa-sources for options). Pass null or omit to clear the source." + example: "google-workspace" + nullable: true + MarkExceptionDto: type: "object" properties: - purpose: + reason: type: "string" - enum: - - "questionnaire" - - "policy_pdf" - - "evidence" - - "attachment" - - "document" - - "general" - description: "What the file is for. Controls where the file is stored and which feature is expected to consume the returned s3Key." - example: "questionnaire" - fileName: + description: "Documentation for why this finding does not apply or is being accepted. Minimum 20 non-whitespace characters." + example: "Bucket hosts intentionally public marketing assets; writes restricted to the marketing IAM role." + reviewedBy: type: "string" - description: "Original filename, used for the stored object name. Non-alphanumeric characters are replaced with underscores." - example: "vendor-security-questionnaire.xlsx" - fileType: + description: "Free-text reviewer or approval reference." + example: "Approved by CISO 2026-Q1" + expiresAt: type: "string" - description: "MIME type of the file (e.g. application/pdf, text/csv). Recorded as metadata and passed to the feature endpoint; the PUT itself is content-type agnostic, so the upload never fails on a header mismatch." - example: "application/vnd.openxmlformats-officedocument.spreadsheetml.sheet" + description: "ISO date when this exception should auto-expire. Null/missing = never." + example: "2026-08-13" required: - - "purpose" - - "fileName" - - "fileType" - UploadUrlResponseDto: + - "reason" + UpdateAwsScanModeDto: type: "object" properties: - uploadUrl: - type: "string" - description: "Presigned S3 URL. Send the raw file bytes with a plain HTTP PUT to this URL — no Content-Type or auth headers are required (the signature is in the URL). Then call the feature endpoint with the s3Key below." - example: "https://bucket.s3.us-east-1.amazonaws.com/org_x/uploads/...?X-Amz-Signature=..." - s3Key: + mode: type: "string" - description: "The S3 key the file will land at. Pass this to the feature endpoint (e.g. questionnaire upload-and-parse) instead of base64 file data." - example: "org_abc/uploads/questionnaire/1735000000-questionnaire.xlsx" - expiresIn: - type: "number" - description: "Seconds until the presigned URL expires." - example: 900 + description: "Which scan engine to use for this AWS connection." + enum: + - "comp_scanners" + - "security_hub" + example: "security_hub" required: - - "uploadUrl" - - "s3Key" - - "expiresIn" + - "mode" CreateRiskDto: type: "object" properties: @@ -19960,6 +20504,9 @@ components: - "pdf" - "docx" example: "pdf" + versionId: + type: "string" + description: "Published version to export. Omit to export the document's current published version (or the working draft if it has never been published); provide a version id to download exactly what was approved at that version." required: - "format" GenerateAllDto: @@ -19971,166 +20518,6 @@ components: example: "frk_abc123def456" required: - "frameworkId" - CreateConnectionDto: - type: "object" - properties: - organizationId: - type: "string" - description: "Auto-resolved from your API key / session. You can omit this; it is ignored by the server." - providerSlug: - type: "string" - description: "Provider slug for the integration. Call list-providers first to see the available slugs (e.g. 'aws', 'gcp', 'azure', 'github')." - example: "aws" - credentials: - type: "object" - description: "Provider-specific credential fields. Keys differ by provider — call get-provider-details for the exact shape. For AWS (Cloud Tests) the fields are: connectionName (display name), awsType ('aws-commercial' or 'aws-govcloud'), roleArn (auditor role), externalId (typically your org id), regions (string array), and optionally remediationRoleArn and awsScanMode ('comp_scanners' or 'security_hub'). Omit credentials for OAuth providers — use POST /v1/integrations/oauth/start instead." - additionalProperties: true - example: - connectionName: "Production AWS" - awsType: "aws-commercial" - roleArn: "arn:aws:iam::123456789012:role/CompAI-Auditor" - externalId: "org_abc123" - regions: - - "us-east-1" - - "us-west-2" - remediationRoleArn: "arn:aws:iam::123456789012:role/CompAI-Remediator" - awsScanMode: "comp_scanners" - required: - - "providerSlug" - UpdateConnectionDto: - type: "object" - properties: - organizationId: - type: "string" - description: "Auto-resolved from your API key / session. You can omit this; it is ignored by the server." - metadata: - type: "object" - description: "Connection metadata to merge into the existing record. Common AWS keys: connectionName, regions (string array), awsScanMode ('comp_scanners' or 'security_hub'). The server shallow-merges this with the existing metadata, so include only the keys you want to change." - additionalProperties: true - example: - connectionName: "Production AWS (renamed)" - regions: - - "us-east-1" - - "us-west-2" - UpdateConnectionServicesDto: - type: "object" - properties: - organizationId: - type: "string" - description: "Auto-resolved from your API key / session. You can omit this; it is ignored by the server." - services: - type: "array" - description: "Service IDs to enable on this connection. Any service IDs from the provider's manifest that are NOT in this list become disabled. Pass an empty array to disable all services." - items: - type: "string" - example: - - "s3" - - "iam" - - "cloudtrail" - required: - - "services" - RunChecksDto: - type: "object" - properties: - organizationId: - type: "string" - description: "Auto-resolved from your API key / session. You can omit this; it is ignored by the server." - checkId: - type: "string" - description: "Specific check ID to run. Omit to run ALL available checks for the connection (matches the provider manifest)." - example: "aws-s3-bucket-public-access" - SaveVariablesDto: - type: "object" - properties: - organizationId: - type: "string" - description: "Auto-resolved from your API key / session. You can omit this; it is ignored by the server." - variables: - type: "object" - description: "Map of variable id → value to persist for this connection. Values can be string, number, boolean, or string[] (the shape is provider-defined — call get-connection-variables to see what each connection accepts). Pass only the variables you want to set; existing ones not included are left untouched." - additionalProperties: true - example: - scan-interval-hours: 24 - enabled-regions: - - "us-east-1" - - "us-west-2" - strict-mode: true - required: - - "variables" - RunCheckForTaskDto: - type: "object" - properties: - organizationId: - type: "string" - description: "Auto-resolved from your API key / session. You can omit this; it is ignored by the server." - connectionId: - type: "string" - description: "ID of the integration connection that owns the check (call list-connections to find it)." - example: "conn_abc123" - checkId: - type: "string" - description: "ID of the integration check to run (from the provider manifest — call list-checks-for-task to find available ones)." - example: "aws-s3-bucket-public-access" - required: - - "connectionId" - - "checkId" - ToggleCheckForTaskDto: - type: "object" - properties: - organizationId: - type: "string" - description: "Auto-resolved from your API key / session. You can omit this; it is ignored by the server." - connectionId: - type: "string" - description: "ID of the integration connection whose check is being disconnected from / reconnected to this task." - example: "conn_abc123" - checkId: - type: "string" - description: "ID of the integration check being toggled." - example: "aws-s3-bucket-public-access" - required: - - "connectionId" - - "checkId" - SetEmployeeSyncProviderDto: - type: "object" - properties: - organizationId: - type: "string" - description: "Auto-resolved from your API key / session. You can omit this; it is ignored by the server." - provider: - type: "object" - description: "Provider slug to use for employee sync (must have the \"sync\" capability in its manifest — call list-providers to see options). Pass null or omit the field to disable employee sync for this org." - example: "google-workspace" - nullable: true - MarkExceptionDto: - type: "object" - properties: - reason: - type: "string" - description: "Documentation for why this finding does not apply or is being accepted. Minimum 20 non-whitespace characters." - example: "Bucket hosts intentionally public marketing assets; writes restricted to the marketing IAM role." - reviewedBy: - type: "string" - description: "Free-text reviewer or approval reference." - example: "Approved by CISO 2026-Q1" - expiresAt: - type: "string" - description: "ISO date when this exception should auto-expire. Null/missing = never." - example: "2026-08-13" - required: - - "reason" - UpdateAwsScanModeDto: - type: "object" - properties: - mode: - type: "string" - description: "Which scan engine to use for this AWS connection." - enum: - - "comp_scanners" - - "security_hub" - example: "security_hub" - required: - - "mode" TaskItemAssigneeDto: type: "object" properties: @@ -20467,6 +20854,16 @@ components: required: - "name" - "description" + UpdateCustomFrameworkDto: + type: "object" + properties: + name: + type: "string" + description: "Framework name" + example: "Internal Controls" + description: + type: "string" + description: "Framework description" CreateCustomRequirementDto: type: "object" properties: diff --git a/apps/mcp-server/.speakeasy/workflow.lock b/apps/mcp-server/.speakeasy/workflow.lock index 4b57bc066e..3db1206b33 100644 --- a/apps/mcp-server/.speakeasy/workflow.lock +++ b/apps/mcp-server/.speakeasy/workflow.lock @@ -1,9 +1,9 @@ -speakeasyVersion: 1.785.0 +speakeasyVersion: 1.790.2 sources: Comp AI API: sourceNamespace: comp-ai-api - sourceRevisionDigest: sha256:7a85bb1b9b3e5f9f1fb02c3aa235925ab56571b89de351675e31af6ae70213a7 - sourceBlobDigest: sha256:06abc466e0092a7aee845553344879075f2411c5190cc0c03664529990a09350 + sourceRevisionDigest: sha256:bff3fda8efabdd1da47d6371310d9adc8f39965857964f6be21aa15256179d7d + sourceBlobDigest: sha256:e69605f5f3f0c12dba244c4fe4ac767dd0129a5a01ce4f90086b06158eebdf73 tags: - latest - "1.0" @@ -11,8 +11,8 @@ targets: comp-ai: source: Comp AI API sourceNamespace: comp-ai-api - sourceRevisionDigest: sha256:7a85bb1b9b3e5f9f1fb02c3aa235925ab56571b89de351675e31af6ae70213a7 - sourceBlobDigest: sha256:06abc466e0092a7aee845553344879075f2411c5190cc0c03664529990a09350 + sourceRevisionDigest: sha256:bff3fda8efabdd1da47d6371310d9adc8f39965857964f6be21aa15256179d7d + sourceBlobDigest: sha256:e69605f5f3f0c12dba244c4fe4ac767dd0129a5a01ce4f90086b06158eebdf73 workflow: workflowVersion: 1.0.0 speakeasyVersion: latest diff --git a/apps/mcp-server/README.md b/apps/mcp-server/README.md index 3b68036ab4..c86f1ecc08 100644 --- a/apps/mcp-server/README.md +++ b/apps/mcp-server/README.md @@ -30,9 +30,9 @@ Comp AI API: Compliance automation API for SOC 2, ISO 27001, HIPAA, GDPR, eviden
Claude Desktop -Install the MCP server as a Desktop Extension using the pre-built [`mcp-server.mcpb`](https://github.com/trycompai/comp/releases/download/v0.2.1/mcp-server.mcpb) file: +Install the MCP server as a Desktop Extension using the pre-built [`mcp-server.mcpb`](https://github.com/trycompai/comp/releases/download/v0.2.2/mcp-server.mcpb) file: -Simply drag and drop the [`mcp-server.mcpb`](https://github.com/trycompai/comp/releases/download/v0.2.1/mcp-server.mcpb) file onto Claude Desktop to install the extension. +Simply drag and drop the [`mcp-server.mcpb`](https://github.com/trycompai/comp/releases/download/v0.2.2/mcp-server.mcpb) file onto Claude Desktop to install the extension. The MCP bundle package includes the MCP server and all necessary configuration. Once installed, the server will be available without additional setup. diff --git a/apps/mcp-server/RELEASES.md b/apps/mcp-server/RELEASES.md index 354bafb14e..a7e05b3f38 100644 --- a/apps/mcp-server/RELEASES.md +++ b/apps/mcp-server/RELEASES.md @@ -46,4 +46,12 @@ Based on: - OpenAPI Doc - Speakeasy CLI 1.785.0 (2.912.1) https://github.com/speakeasy-api/speakeasy ### Generated -- [mcp-typescript v0.2.1] apps/mcp-server \ No newline at end of file +- [mcp-typescript v0.2.1] apps/mcp-server + +## 2026-07-16 00:48:06 +### Changes +Based on: +- OpenAPI Doc +- Speakeasy CLI 1.790.2 (2.918.3) https://github.com/speakeasy-api/speakeasy +### Generated +- [mcp-typescript v0.2.2] apps/mcp-server \ No newline at end of file diff --git a/apps/mcp-server/manifest.json b/apps/mcp-server/manifest.json index 58b681ade5..175c3d2daa 100644 --- a/apps/mcp-server/manifest.json +++ b/apps/mcp-server/manifest.json @@ -1,7 +1,7 @@ { "manifest_version": "0.3", "name": "@trycompai/mcp-server", - "version": "0.2.1", + "version": "0.2.2", "description": "", "long_description": "Comp AI API: Compliance automation API for SOC 2, ISO 27001, HIPAA, GDPR, evidence collection, policy workflows, Trust Access, security questionnaires, integrations, cloud checks, and device compliance.", "author": { @@ -144,6 +144,10 @@ "name": "delete-member", "description": "Delete member\n\nPermanently removes a member from the organization. This action cannot be undone." }, + { + "name": "get-member-access", + "description": "Member's access across connected integrations\n\nAggregates the latest Employee Access check results from every connected integration bound to the Employee Access task, matched to the member by email." + }, { "name": "get-training-videos", "description": "Get training video completions for a member\n\nGet training video completions for a member in Comp AI. Invite and manage workforce members, training status, device compliance, email preferences, and employee evidence records." @@ -196,6 +200,258 @@ "name": "create-upload-url", "description": "Get a presigned URL to upload a file\n\nReturns a presigned S3 URL plus the s3Key the file lands at. PUT the raw file bytes to that URL, then call the feature tool (e.g. upload-and-parse) with the s3Key instead of sending file data. Bytes never pass through the LLM." }, + { + "name": "list-providers", + "description": "List integration providers\n\nList available integration providers that can connect to the organization for automated evidence collection and compliance checks." + }, + { + "name": "get-provider", + "description": "Get an integration provider by slug\n\nGet an integration provider by slug in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "list-connections", + "description": "List integration connections\n\nList integration connections in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "create-connection", + "description": "Create integration connection\n\nCreate an integration connection so Comp AI can collect evidence, run checks, or sync data from a connected provider." + }, + { + "name": "get-connection", + "description": "Get an integration connection by ID\n\nGet an integration connection by ID in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "delete-connection", + "description": "Delete an integration connection\n\nDelete an integration connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "update-connection", + "description": "Update an integration connection\n\nUpdate an integration connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "test-connection", + "description": "Test an integration connection\n\nTest an integration connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "pause-connection", + "description": "Pause an integration connection\n\nPause an integration connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "resume-connection", + "description": "Resume an integration connection\n\nResume an integration connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "disconnect-connection", + "description": "Disconnect an integration\n\nDisconnect an integration in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "update-connection-services", + "description": "Set services enabled on a connection\n\nSet services enabled on a connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "get-connection-services", + "description": "List services enabled on a connection\n\nList services enabled on a connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "list-provider-checks", + "description": "List check definitions for a provider\n\nList check definitions for a provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "list-connection-checks", + "description": "List checks for a connection\n\nList checks for a connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "run-connection-checks", + "description": "Run integration checks\n\nRun all compliance checks for an integration connection and capture results as automated evidence." + }, + { + "name": "run-single-check", + "description": "Run a single check on a connection\n\nRun a single check on a connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "get-provider-variables", + "description": "List variable definitions for a provider\n\nList variable definitions for a provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "get-connection-variables", + "description": "List connection variables\n\nList connection variables in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "save-connection-variables", + "description": "Update connection variables\n\nUpdate connection variables in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "fetch-variable-options", + "description": "Get options for a connection variable\n\nGet options for a connection variable in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "get-checks-for-task-template", + "description": "List checks for a task template\n\nList checks for a task template in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "get-checks-for-task", + "description": "List checks attached to a task\n\nList checks attached to a task in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "run-check-for-task", + "description": "Run a check for a task\n\nRun a check for a task in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "disconnect-check-from-task", + "description": "Disconnect checks from a task\n\nDisconnect checks from a task in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "reconnect-check-to-task", + "description": "Reconnect checks to a task\n\nReconnect checks to a task in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "get-task-check-runs", + "description": "List check runs for a task\n\nList check runs for a task in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "sync-google-workspace-employees", + "description": "Sync Google Workspace employees\n\nSync Google Workspace employees in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "get-google-workspace-status", + "description": "Get Google Workspace sync status\n\nGet Google Workspace sync status in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "sync-rippling-employees", + "description": "Sync Rippling employees\n\nSync Rippling employees in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "get-rippling-status", + "description": "Get Rippling sync status\n\nGet Rippling sync status in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "sync-jump-cloud-employees", + "description": "Sync JumpCloud employees\n\nSync JumpCloud employees in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "get-jump-cloud-status", + "description": "Get JumpCloud sync status\n\nGet JumpCloud sync status in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "get-employee-sync-provider", + "description": "Get the currently configured employee sync provider\n\nGet the currently configured employee sync provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "set-employee-sync-provider", + "description": "Set the employee sync provider\n\nSet the employee sync provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "get-device-sync-provider", + "description": "Get the currently configured device sync provider\n\nGet the currently configured device sync provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "set-device-sync-provider", + "description": "Set the device sync provider\n\nSet the device sync provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "get-available-sync-providers", + "description": "List sync providers available to the org\n\nList sync providers available to the org in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "sync-dynamic-provider-employees", + "description": "Sync employees for a dynamic provider\n\nSync employees for a dynamic provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "sync-dynamic-provider-devices", + "description": "Sync devices for a dynamic provider\n\nSync devices for a dynamic provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "get-two-factor-source", + "description": "Get the configured 2FA source provider\n\nGet the configured 2FA source provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "set-two-factor-source", + "description": "Set the 2FA source provider\n\nSet the 2FA source provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "get-available-two-factor-sources", + "description": "List integrations that can supply per-user 2FA status\n\nList integrations that can supply per-user 2FA status in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "get-two-factor-statuses", + "description": "Per-user 2FA status from the configured source\n\nPer-user 2FA status from the configured source in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "get-activity", + "description": "List recent cloud security activity\n\nList recent cloud security activity in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." + }, + { + "name": "get-providers", + "description": "List supported cloud providers\n\nList supported cloud providers in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." + }, + { + "name": "get-findings", + "description": "List cloud security findings\n\nList cloud security findings discovered by scans so teams can prioritize remediation before issues become audit findings." + }, + { + "name": "mark-finding-as-exception", + "description": "Mark a finding as an exception so it no longer appears in the active Scan Results list\n\nAccepts session, API key, or service token auth. For API key / service token callers without an explicit user attribution, the action is attributed to the org's owner and the audit log description records the calling key/service name." + }, + { + "name": "update-aws-scan-mode", + "description": "Switch the AWS scan engine for a connection (Comp AI scanners ↔ Security Hub)\n\nAccepts session, API key, or service token auth. For API key / service token callers without an explicit user attribution, the action is attributed to the org's owner." + }, + { + "name": "revoke-exception", + "description": "Revoke an exception, reopening the finding\n\nAccepts session, API key, or service token auth. For API key / service token callers without an explicit user attribution, the action is attributed to the org's owner." + }, + { + "name": "get-history", + "description": "List resolution, exception, and regression history for a connection\n\nList resolution, exception, and regression history for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." + }, + { + "name": "get-check-definition", + "description": "Resolve the \"About this check\" description for a finding (AI-cached for AWS; provider-derived for GCP/Azure)\n\nResolve the \"About this check\" description for a finding (AI-cached for AWS; provider-derived for GCP/Azure) in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture." + }, + { + "name": "resolve-session", + "description": "Resolve short-lived AWS credentials for a connection (internal only)\n\nResolve short-lived AWS credentials for a connection (internal only) in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." + }, + { + "name": "scan", + "description": "Run cloud security scan\n\nTrigger a cloud security scan for a connected AWS, Azure, or GCP account and collect findings for compliance remediation." + }, + { + "name": "detect-services", + "description": "Detect available cloud services for a connection\n\nDetect available cloud services for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." + }, + { + "name": "detect-gcp-org", + "description": "Detect the GCP organization for a connection\n\nDetect the GCP organization for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." + }, + { + "name": "select-gcp-projects", + "description": "Select GCP projects for a connection\n\nSelect GCP projects for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." + }, + { + "name": "setup-gcp", + "description": "Set up GCP for a connection\n\nSet up GCP for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." + }, + { + "name": "resolve-gcp-setup-step", + "description": "Resolve a GCP setup step\n\nResolve a GCP setup step in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." + }, + { + "name": "setup-azure", + "description": "Set up Azure for a connection\n\nSet up Azure for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." + }, + { + "name": "validate-azure", + "description": "Validate Azure credentials for a connection\n\nValidate Azure credentials for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." + }, + { + "name": "trigger-scan", + "description": "Trigger a cloud security run for a connection\n\nTrigger a cloud security run for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." + }, + { + "name": "get-run-status", + "description": "Get a cloud security scan run by ID\n\nGet a cloud security scan run by ID in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." + }, { "name": "get-all-risks", "description": "List organization risks\n\nList organization risks with owners, departments, severity, mitigation status, and evidence for risk management reporting." @@ -660,6 +916,10 @@ "name": "update-frameworks", "description": "Update trust portal framework settings\n\nUpdate trust portal framework settings in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures." }, + { + "name": "update-security-questionnaire", + "description": "Show or hide the Security Questionnaire on the public trust portal\n\nShow or hide the Security Questionnaire on the public trust portal in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures." + }, { "name": "list-custom-frameworks", "description": "List org-authored custom frameworks with their trust portal selection\n\nList org-authored custom frameworks with their trust portal selection in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures." @@ -764,6 +1024,10 @@ "name": "get-public-overview", "description": "Get Trust Center overview\n\nRetrieve the published Trust Center overview for an organization, including public security posture messaging." }, + { + "name": "get-public-security-questionnaire", + "description": "Get Security Questionnaire visibility for a trust portal\n\nWhether the org offers the AI-assisted Security Questionnaire on its public trust portal. Defaults to enabled when the portal can't be resolved." + }, { "name": "get-public-custom-links", "description": "List Trust Center custom links\n\nList published custom links shown on an organization Trust Center for customer security and compliance reviews." @@ -996,6 +1260,10 @@ "name": "drift", "description": "Detect drift against the approved snapshot\n\nDetect drift against the approved snapshot in Comp AI." }, + { + "name": "get-versions", + "description": "List an ISMS document's published version history\n\nList an ISMS document's published version history in Comp AI." + }, { "name": "isms-export-document", "description": "Export an ISMS document as PDF or DOCX\n\nExport an ISMS document as PDF or DOCX in Comp AI." @@ -1028,242 +1296,6 @@ "name": "generate-all", "description": "Ensure and regenerate all ISMS documents\n\nEnsure and regenerate all ISMS documents in Comp AI." }, - { - "name": "list-providers", - "description": "List integration providers\n\nList available integration providers that can connect to the organization for automated evidence collection and compliance checks." - }, - { - "name": "get-provider", - "description": "Get an integration provider by slug\n\nGet an integration provider by slug in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "list-connections", - "description": "List integration connections\n\nList integration connections in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "create-connection", - "description": "Create integration connection\n\nCreate an integration connection so Comp AI can collect evidence, run checks, or sync data from a connected provider." - }, - { - "name": "get-connection", - "description": "Get an integration connection by ID\n\nGet an integration connection by ID in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "delete-connection", - "description": "Delete an integration connection\n\nDelete an integration connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "update-connection", - "description": "Update an integration connection\n\nUpdate an integration connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "test-connection", - "description": "Test an integration connection\n\nTest an integration connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "pause-connection", - "description": "Pause an integration connection\n\nPause an integration connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "resume-connection", - "description": "Resume an integration connection\n\nResume an integration connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "disconnect-connection", - "description": "Disconnect an integration\n\nDisconnect an integration in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "update-connection-services", - "description": "Set services enabled on a connection\n\nSet services enabled on a connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "get-connection-services", - "description": "List services enabled on a connection\n\nList services enabled on a connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "list-provider-checks", - "description": "List check definitions for a provider\n\nList check definitions for a provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "list-connection-checks", - "description": "List checks for a connection\n\nList checks for a connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "run-connection-checks", - "description": "Run integration checks\n\nRun all compliance checks for an integration connection and capture results as automated evidence." - }, - { - "name": "run-single-check", - "description": "Run a single check on a connection\n\nRun a single check on a connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "get-provider-variables", - "description": "List variable definitions for a provider\n\nList variable definitions for a provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "get-connection-variables", - "description": "List connection variables\n\nList connection variables in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "save-connection-variables", - "description": "Update connection variables\n\nUpdate connection variables in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "fetch-variable-options", - "description": "Get options for a connection variable\n\nGet options for a connection variable in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "get-checks-for-task-template", - "description": "List checks for a task template\n\nList checks for a task template in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "get-checks-for-task", - "description": "List checks attached to a task\n\nList checks attached to a task in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "run-check-for-task", - "description": "Run a check for a task\n\nRun a check for a task in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "disconnect-check-from-task", - "description": "Disconnect checks from a task\n\nDisconnect checks from a task in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "reconnect-check-to-task", - "description": "Reconnect checks to a task\n\nReconnect checks to a task in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "get-task-check-runs", - "description": "List check runs for a task\n\nList check runs for a task in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "sync-google-workspace-employees", - "description": "Sync Google Workspace employees\n\nSync Google Workspace employees in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "get-google-workspace-status", - "description": "Get Google Workspace sync status\n\nGet Google Workspace sync status in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "sync-rippling-employees", - "description": "Sync Rippling employees\n\nSync Rippling employees in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "get-rippling-status", - "description": "Get Rippling sync status\n\nGet Rippling sync status in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "sync-jump-cloud-employees", - "description": "Sync JumpCloud employees\n\nSync JumpCloud employees in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "get-jump-cloud-status", - "description": "Get JumpCloud sync status\n\nGet JumpCloud sync status in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "get-employee-sync-provider", - "description": "Get the currently configured employee sync provider\n\nGet the currently configured employee sync provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "set-employee-sync-provider", - "description": "Set the employee sync provider\n\nSet the employee sync provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "get-device-sync-provider", - "description": "Get the currently configured device sync provider\n\nGet the currently configured device sync provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "set-device-sync-provider", - "description": "Set the device sync provider\n\nSet the device sync provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "get-available-sync-providers", - "description": "List sync providers available to the org\n\nList sync providers available to the org in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "sync-dynamic-provider-employees", - "description": "Sync employees for a dynamic provider\n\nSync employees for a dynamic provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "sync-dynamic-provider-devices", - "description": "Sync devices for a dynamic provider\n\nSync devices for a dynamic provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "get-activity", - "description": "List recent cloud security activity\n\nList recent cloud security activity in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." - }, - { - "name": "get-providers", - "description": "List supported cloud providers\n\nList supported cloud providers in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." - }, - { - "name": "get-findings", - "description": "List cloud security findings\n\nList cloud security findings discovered by scans so teams can prioritize remediation before issues become audit findings." - }, - { - "name": "mark-finding-as-exception", - "description": "Mark a finding as an exception so it no longer appears in the active Scan Results list\n\nAccepts session, API key, or service token auth. For API key / service token callers without an explicit user attribution, the action is attributed to the org's owner and the audit log description records the calling key/service name." - }, - { - "name": "update-aws-scan-mode", - "description": "Switch the AWS scan engine for a connection (Comp AI scanners ↔ Security Hub)\n\nAccepts session, API key, or service token auth. For API key / service token callers without an explicit user attribution, the action is attributed to the org's owner." - }, - { - "name": "revoke-exception", - "description": "Revoke an exception, reopening the finding\n\nAccepts session, API key, or service token auth. For API key / service token callers without an explicit user attribution, the action is attributed to the org's owner." - }, - { - "name": "get-history", - "description": "List resolution, exception, and regression history for a connection\n\nList resolution, exception, and regression history for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." - }, - { - "name": "get-check-definition", - "description": "Resolve the \"About this check\" description for a finding (AI-cached for AWS; provider-derived for GCP/Azure)\n\nResolve the \"About this check\" description for a finding (AI-cached for AWS; provider-derived for GCP/Azure) in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture." - }, - { - "name": "resolve-session", - "description": "Resolve short-lived AWS credentials for a connection (internal only)\n\nResolve short-lived AWS credentials for a connection (internal only) in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." - }, - { - "name": "scan", - "description": "Run cloud security scan\n\nTrigger a cloud security scan for a connected AWS, Azure, or GCP account and collect findings for compliance remediation." - }, - { - "name": "detect-services", - "description": "Detect available cloud services for a connection\n\nDetect available cloud services for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." - }, - { - "name": "detect-gcp-org", - "description": "Detect the GCP organization for a connection\n\nDetect the GCP organization for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." - }, - { - "name": "select-gcp-projects", - "description": "Select GCP projects for a connection\n\nSelect GCP projects for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." - }, - { - "name": "setup-gcp", - "description": "Set up GCP for a connection\n\nSet up GCP for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." - }, - { - "name": "resolve-gcp-setup-step", - "description": "Resolve a GCP setup step\n\nResolve a GCP setup step in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." - }, - { - "name": "setup-azure", - "description": "Set up Azure for a connection\n\nSet up Azure for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." - }, - { - "name": "validate-azure", - "description": "Validate Azure credentials for a connection\n\nValidate Azure credentials for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." - }, - { - "name": "trigger-scan", - "description": "Trigger a cloud security run for a connection\n\nTrigger a cloud security run for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." - }, - { - "name": "get-run-status", - "description": "Get a cloud security scan run by ID\n\nGet a cloud security scan run by ID in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." - }, { "name": "get-task-items-stats", "description": "Get task items statistics for an entity\n\nGet task items statistics for an entity in Comp AI. Manage task items and attachments linked to operational entities such as risks and vendors." diff --git a/apps/mcp-server/package-lock.json b/apps/mcp-server/package-lock.json index 975a53171b..d2754de3e6 100644 --- a/apps/mcp-server/package-lock.json +++ b/apps/mcp-server/package-lock.json @@ -1,12 +1,12 @@ { "name": "@trycompai/mcp-server", - "version": "0.2.1", + "version": "0.2.2", "lockfileVersion": 3, "requires": true, "packages": { "": { "name": "@trycompai/mcp-server", - "version": "0.2.1", + "version": "0.2.2", "dependencies": { "@modelcontextprotocol/sdk": "1.26.0", "@stricli/core": "^1.1.2", @@ -2098,6 +2098,19 @@ "node": ">=0.10.0" } }, + "node_modules/external-editor/node_modules/tmp": { + "version": "0.0.33", + "resolved": "https://registry.npmjs.org/tmp/-/tmp-0.0.33.tgz", + "integrity": "sha512-jRCJlojKnZ3addtTOjdIqoRuPEKBvNXcGYqzO6zWZX8KfKEpnGY5jfggJQ3EjKuu8D4bJRr0y+cYJFmYbImXGw==", + "dev": true, + "license": "MIT", + "dependencies": { + "os-tmpdir": "~1.0.2" + }, + "engines": { + "node": ">=0.6.0" + } + }, "node_modules/fast-deep-equal": { "version": "3.1.3", "resolved": "https://registry.npmjs.org/fast-deep-equal/-/fast-deep-equal-3.1.3.tgz", @@ -2834,6 +2847,16 @@ "node": ">= 0.8.0" } }, + "node_modules/os-tmpdir": { + "version": "1.0.2", + "resolved": "https://registry.npmjs.org/os-tmpdir/-/os-tmpdir-1.0.2.tgz", + "integrity": "sha512-D2FR03Vir7FIu45XBY20mTb+/ZSWB00sjU9jdQXt83gDrI4Ztz5Fs7/yy74g2N5SVQY4xY1qDr4rNddwYRVX0g==", + "dev": true, + "license": "MIT", + "engines": { + "node": ">=0.10.0" + } + }, "node_modules/p-limit": { "version": "3.1.0", "resolved": "https://registry.npmjs.org/p-limit/-/p-limit-3.1.0.tgz", @@ -3315,16 +3338,6 @@ "url": "https://github.com/sponsors/SuperchupuDev" } }, - "node_modules/tmp": { - "version": "0.2.7", - "resolved": "https://registry.npmjs.org/tmp/-/tmp-0.2.7.tgz", - "integrity": "sha512-e0votIpp4Uo2AJYSzVHV6xCcawuiez3DzqDAbrTc3YxBkplN6e+dM13ZeIcZnDg/QpSuU2zfZ3rzwY8ukEnaXw==", - "dev": true, - "license": "MIT", - "engines": { - "node": ">=14.14" - } - }, "node_modules/toidentifier": { "version": "1.0.1", "resolved": "https://registry.npmjs.org/toidentifier/-/toidentifier-1.0.1.tgz", diff --git a/apps/mcp-server/package.json b/apps/mcp-server/package.json index fc6337ff27..241bfb6192 100644 --- a/apps/mcp-server/package.json +++ b/apps/mcp-server/package.json @@ -1,6 +1,6 @@ { "name": "@trycompai/mcp-server", - "version": "0.2.1", + "version": "0.2.2", "author": "Comp AI", "type": "module", "sideEffects": false, @@ -29,9 +29,7 @@ "overrides": { "@modelcontextprotocol/sdk": "1.26.0", "hono": ">=4.12.25", - "fast-uri": ">=3.1.2", - "tmp": "^0.2.6", - "js-yaml": "^4.2.0" + "fast-uri": ">=3.1.2" }, "devDependencies": { "@anthropic-ai/mcpb": "^1.2.0", diff --git a/apps/mcp-server/src/funcs/frameworksFrameworksControllerUpdateCustomV1.ts b/apps/mcp-server/src/funcs/frameworksFrameworksControllerUpdateCustomV1.ts new file mode 100644 index 0000000000..2eaba9b235 --- /dev/null +++ b/apps/mcp-server/src/funcs/frameworksFrameworksControllerUpdateCustomV1.ts @@ -0,0 +1,166 @@ +/* + * Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT. + */ + +import { CompAiCore } from "../core.js"; +import { encodeJSON, encodeSimple } from "../lib/encodings.js"; +import { compactMap } from "../lib/primitives.js"; +import { safeParse } from "../lib/schemas.js"; +import { RequestOptions } from "../lib/sdks.js"; +import { resolveSecurity } from "../lib/security.js"; +import { pathToFunc } from "../lib/url.js"; +import { APIError } from "../models/errors/apierror.js"; +import { + ConnectionError, + InvalidRequestError, + RequestAbortedError, + RequestTimeoutError, + UnexpectedClientError, +} from "../models/errors/httpclienterrors.js"; +import { SDKValidationError } from "../models/errors/sdkvalidationerror.js"; +import { + FrameworksControllerUpdateCustomV1Request, + FrameworksControllerUpdateCustomV1Request$zodSchema, + FrameworksControllerUpdateCustomV1Security, +} from "../models/frameworkscontrollerupdatecustomv1op.js"; +import { APICall, APIPromise } from "../types/async.js"; +import { Result } from "../types/fp.js"; + +/** + * Update a custom framework + * + * @remarks + * Update the name and/or description of an organization's custom framework. Only custom frameworks are editable; platform frameworks return 400. + */ +export function frameworksFrameworksControllerUpdateCustomV1( + client$: CompAiCore, + security: FrameworksControllerUpdateCustomV1Security, + request: FrameworksControllerUpdateCustomV1Request, + options?: RequestOptions, +): APIPromise< + Result< + Response, + | APIError + | SDKValidationError + | UnexpectedClientError + | InvalidRequestError + | RequestAbortedError + | RequestTimeoutError + | ConnectionError + > +> { + return new APIPromise($do( + client$, + security, + request, + options, + )); +} + +async function $do( + client$: CompAiCore, + security: FrameworksControllerUpdateCustomV1Security, + request: FrameworksControllerUpdateCustomV1Request, + options?: RequestOptions, +): Promise< + [ + Result< + Response, + | APIError + | SDKValidationError + | UnexpectedClientError + | InvalidRequestError + | RequestAbortedError + | RequestTimeoutError + | ConnectionError + >, + APICall, + ] +> { + const parsed$ = safeParse( + request, + (value$) => + FrameworksControllerUpdateCustomV1Request$zodSchema.parse(value$), + "Input validation failed", + ); + if (!parsed$.ok) { + return [parsed$, { status: "invalid" }]; + } + const payload$ = parsed$.value; + const body$ = encodeJSON("body", payload$.body, { explode: true }); + + const pathParams$ = { + id: encodeSimple("id", payload$.id, { + explode: false, + charEncoding: "percent", + }), + }; + const path$ = pathToFunc("/v1/frameworks/{id}/custom")( + pathParams$, + ); + + const headers$ = new Headers(compactMap({ + "Content-Type": "application/json", + Accept: "*/*", + })); + + const requestSecurity = resolveSecurity( + [ + { + fieldName: "Authorization", + type: "apiKey:header", + value: security?.bearer, + }, + ], + ); + + const context = { + options: client$._options, + baseURL: options?.serverURL ?? client$._baseURL ?? "", + operationID: "FrameworksController_updateCustom_v1", + oAuth2Scopes: null, + resolvedSecurity: requestSecurity, + securitySource: security, + retryConfig: options?.retries + || client$._options.retryConfig + || { strategy: "none" }, + retryCodes: options?.retryCodes || [ + "429", + "500", + "502", + "503", + "504", + ], + }; + + const requestRes = client$._createRequest(context, { + security: requestSecurity, + method: "PATCH", + baseURL: options?.serverURL, + path: path$, + headers: headers$, + body: body$, + userAgent: client$._options.userAgent, + timeoutMs: options?.timeoutMs || client$._options.timeoutMs + || 120000, + }, options); + if (!requestRes.ok) { + return [requestRes, { status: "invalid" }]; + } + const req$ = requestRes.value; + + const doResult = await client$._do(req$, { + context, + errorCodes: [], + retryConfig: context.retryConfig, + retryCodes: context.retryCodes, + }); + if (!doResult.ok) { + return [doResult, { status: "request-error", request: req$ }]; + } + return [doResult, { + status: "complete", + "request": req$, + response: doResult.value, + }]; +} diff --git a/apps/mcp-server/src/funcs/integrationsTwoFactorSourceControllerGetAvailableTwoFactorSourcesV1.ts b/apps/mcp-server/src/funcs/integrationsTwoFactorSourceControllerGetAvailableTwoFactorSourcesV1.ts new file mode 100644 index 0000000000..3895200a7e --- /dev/null +++ b/apps/mcp-server/src/funcs/integrationsTwoFactorSourceControllerGetAvailableTwoFactorSourcesV1.ts @@ -0,0 +1,125 @@ +/* + * Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT. + */ + +import { CompAiCore } from "../core.js"; +import { compactMap } from "../lib/primitives.js"; +import { RequestOptions } from "../lib/sdks.js"; +import { extractSecurity, resolveGlobalSecurity } from "../lib/security.js"; +import { pathToFunc } from "../lib/url.js"; +import { APIError } from "../models/errors/apierror.js"; +import { + ConnectionError, + InvalidRequestError, + RequestAbortedError, + RequestTimeoutError, + UnexpectedClientError, +} from "../models/errors/httpclienterrors.js"; +import { SDKValidationError } from "../models/errors/sdkvalidationerror.js"; +import { APICall, APIPromise } from "../types/async.js"; +import { Result } from "../types/fp.js"; + +/** + * List integrations that can supply per-user 2FA status + * + * @remarks + * List integrations that can supply per-user 2FA status in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence. + * + * If set, this operation will use {@link Security.apikey} from the global security. + */ +export function integrationsTwoFactorSourceControllerGetAvailableTwoFactorSourcesV1( + client$: CompAiCore, + options?: RequestOptions, +): APIPromise< + Result< + Response, + | APIError + | SDKValidationError + | UnexpectedClientError + | InvalidRequestError + | RequestAbortedError + | RequestTimeoutError + | ConnectionError + > +> { + return new APIPromise($do( + client$, + options, + )); +} + +async function $do( + client$: CompAiCore, + options?: RequestOptions, +): Promise< + [ + Result< + Response, + | APIError + | SDKValidationError + | UnexpectedClientError + | InvalidRequestError + | RequestAbortedError + | RequestTimeoutError + | ConnectionError + >, + APICall, + ] +> { + const path$ = pathToFunc("/v1/integrations/sync/available-2fa-sources")(); + + const headers$ = new Headers(compactMap({ + Accept: "*/*", + })); + const securityInput = await extractSecurity(client$._options.security); + const requestSecurity = resolveGlobalSecurity(securityInput, [0]); + + const context = { + options: client$._options, + baseURL: options?.serverURL ?? client$._baseURL ?? "", + operationID: "TwoFactorSourceController_getAvailableTwoFactorSources_v1", + oAuth2Scopes: null, + resolvedSecurity: requestSecurity, + securitySource: client$._options.security, + retryConfig: options?.retries + || client$._options.retryConfig + || { strategy: "none" }, + retryCodes: options?.retryCodes || [ + "429", + "500", + "502", + "503", + "504", + ], + }; + + const requestRes = client$._createRequest(context, { + security: requestSecurity, + method: "GET", + baseURL: options?.serverURL, + path: path$, + headers: headers$, + userAgent: client$._options.userAgent, + timeoutMs: options?.timeoutMs || client$._options.timeoutMs + || 120000, + }, options); + if (!requestRes.ok) { + return [requestRes, { status: "invalid" }]; + } + const req$ = requestRes.value; + + const doResult = await client$._do(req$, { + context, + errorCodes: [], + retryConfig: context.retryConfig, + retryCodes: context.retryCodes, + }); + if (!doResult.ok) { + return [doResult, { status: "request-error", request: req$ }]; + } + return [doResult, { + status: "complete", + "request": req$, + response: doResult.value, + }]; +} diff --git a/apps/mcp-server/src/funcs/integrationsTwoFactorSourceControllerGetTwoFactorSourceV1.ts b/apps/mcp-server/src/funcs/integrationsTwoFactorSourceControllerGetTwoFactorSourceV1.ts new file mode 100644 index 0000000000..1650995b78 --- /dev/null +++ b/apps/mcp-server/src/funcs/integrationsTwoFactorSourceControllerGetTwoFactorSourceV1.ts @@ -0,0 +1,125 @@ +/* + * Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT. + */ + +import { CompAiCore } from "../core.js"; +import { compactMap } from "../lib/primitives.js"; +import { RequestOptions } from "../lib/sdks.js"; +import { extractSecurity, resolveGlobalSecurity } from "../lib/security.js"; +import { pathToFunc } from "../lib/url.js"; +import { APIError } from "../models/errors/apierror.js"; +import { + ConnectionError, + InvalidRequestError, + RequestAbortedError, + RequestTimeoutError, + UnexpectedClientError, +} from "../models/errors/httpclienterrors.js"; +import { SDKValidationError } from "../models/errors/sdkvalidationerror.js"; +import { APICall, APIPromise } from "../types/async.js"; +import { Result } from "../types/fp.js"; + +/** + * Get the configured 2FA source provider + * + * @remarks + * Get the configured 2FA source provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence. + * + * If set, this operation will use {@link Security.apikey} from the global security. + */ +export function integrationsTwoFactorSourceControllerGetTwoFactorSourceV1( + client$: CompAiCore, + options?: RequestOptions, +): APIPromise< + Result< + Response, + | APIError + | SDKValidationError + | UnexpectedClientError + | InvalidRequestError + | RequestAbortedError + | RequestTimeoutError + | ConnectionError + > +> { + return new APIPromise($do( + client$, + options, + )); +} + +async function $do( + client$: CompAiCore, + options?: RequestOptions, +): Promise< + [ + Result< + Response, + | APIError + | SDKValidationError + | UnexpectedClientError + | InvalidRequestError + | RequestAbortedError + | RequestTimeoutError + | ConnectionError + >, + APICall, + ] +> { + const path$ = pathToFunc("/v1/integrations/sync/two-factor-source")(); + + const headers$ = new Headers(compactMap({ + Accept: "*/*", + })); + const securityInput = await extractSecurity(client$._options.security); + const requestSecurity = resolveGlobalSecurity(securityInput, [0]); + + const context = { + options: client$._options, + baseURL: options?.serverURL ?? client$._baseURL ?? "", + operationID: "TwoFactorSourceController_getTwoFactorSource_v1", + oAuth2Scopes: null, + resolvedSecurity: requestSecurity, + securitySource: client$._options.security, + retryConfig: options?.retries + || client$._options.retryConfig + || { strategy: "none" }, + retryCodes: options?.retryCodes || [ + "429", + "500", + "502", + "503", + "504", + ], + }; + + const requestRes = client$._createRequest(context, { + security: requestSecurity, + method: "GET", + baseURL: options?.serverURL, + path: path$, + headers: headers$, + userAgent: client$._options.userAgent, + timeoutMs: options?.timeoutMs || client$._options.timeoutMs + || 120000, + }, options); + if (!requestRes.ok) { + return [requestRes, { status: "invalid" }]; + } + const req$ = requestRes.value; + + const doResult = await client$._do(req$, { + context, + errorCodes: [], + retryConfig: context.retryConfig, + retryCodes: context.retryCodes, + }); + if (!doResult.ok) { + return [doResult, { status: "request-error", request: req$ }]; + } + return [doResult, { + status: "complete", + "request": req$, + response: doResult.value, + }]; +} diff --git a/apps/mcp-server/src/funcs/integrationsTwoFactorSourceControllerGetTwoFactorStatusesV1.ts b/apps/mcp-server/src/funcs/integrationsTwoFactorSourceControllerGetTwoFactorStatusesV1.ts new file mode 100644 index 0000000000..889f35d87f --- /dev/null +++ b/apps/mcp-server/src/funcs/integrationsTwoFactorSourceControllerGetTwoFactorStatusesV1.ts @@ -0,0 +1,125 @@ +/* + * Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT. + */ + +import { CompAiCore } from "../core.js"; +import { compactMap } from "../lib/primitives.js"; +import { RequestOptions } from "../lib/sdks.js"; +import { extractSecurity, resolveGlobalSecurity } from "../lib/security.js"; +import { pathToFunc } from "../lib/url.js"; +import { APIError } from "../models/errors/apierror.js"; +import { + ConnectionError, + InvalidRequestError, + RequestAbortedError, + RequestTimeoutError, + UnexpectedClientError, +} from "../models/errors/httpclienterrors.js"; +import { SDKValidationError } from "../models/errors/sdkvalidationerror.js"; +import { APICall, APIPromise } from "../types/async.js"; +import { Result } from "../types/fp.js"; + +/** + * Per-user 2FA status from the configured source + * + * @remarks + * Per-user 2FA status from the configured source in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence. + * + * If set, this operation will use {@link Security.apikey} from the global security. + */ +export function integrationsTwoFactorSourceControllerGetTwoFactorStatusesV1( + client$: CompAiCore, + options?: RequestOptions, +): APIPromise< + Result< + Response, + | APIError + | SDKValidationError + | UnexpectedClientError + | InvalidRequestError + | RequestAbortedError + | RequestTimeoutError + | ConnectionError + > +> { + return new APIPromise($do( + client$, + options, + )); +} + +async function $do( + client$: CompAiCore, + options?: RequestOptions, +): Promise< + [ + Result< + Response, + | APIError + | SDKValidationError + | UnexpectedClientError + | InvalidRequestError + | RequestAbortedError + | RequestTimeoutError + | ConnectionError + >, + APICall, + ] +> { + const path$ = pathToFunc("/v1/integrations/sync/two-factor-statuses")(); + + const headers$ = new Headers(compactMap({ + Accept: "*/*", + })); + const securityInput = await extractSecurity(client$._options.security); + const requestSecurity = resolveGlobalSecurity(securityInput, [0]); + + const context = { + options: client$._options, + baseURL: options?.serverURL ?? client$._baseURL ?? "", + operationID: "TwoFactorSourceController_getTwoFactorStatuses_v1", + oAuth2Scopes: null, + resolvedSecurity: requestSecurity, + securitySource: client$._options.security, + retryConfig: options?.retries + || client$._options.retryConfig + || { strategy: "none" }, + retryCodes: options?.retryCodes || [ + "429", + "500", + "502", + "503", + "504", + ], + }; + + const requestRes = client$._createRequest(context, { + security: requestSecurity, + method: "GET", + baseURL: options?.serverURL, + path: path$, + headers: headers$, + userAgent: client$._options.userAgent, + timeoutMs: options?.timeoutMs || client$._options.timeoutMs + || 120000, + }, options); + if (!requestRes.ok) { + return [requestRes, { status: "invalid" }]; + } + const req$ = requestRes.value; + + const doResult = await client$._do(req$, { + context, + errorCodes: [], + retryConfig: context.retryConfig, + retryCodes: context.retryCodes, + }); + if (!doResult.ok) { + return [doResult, { status: "request-error", request: req$ }]; + } + return [doResult, { + status: "complete", + "request": req$, + response: doResult.value, + }]; +} diff --git a/apps/mcp-server/src/funcs/integrationsTwoFactorSourceControllerSetTwoFactorSourceV1.ts b/apps/mcp-server/src/funcs/integrationsTwoFactorSourceControllerSetTwoFactorSourceV1.ts new file mode 100644 index 0000000000..50bf124d2a --- /dev/null +++ b/apps/mcp-server/src/funcs/integrationsTwoFactorSourceControllerSetTwoFactorSourceV1.ts @@ -0,0 +1,146 @@ +/* + * Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT. + */ + +import { CompAiCore } from "../core.js"; +import { encodeJSON } from "../lib/encodings.js"; +import { compactMap } from "../lib/primitives.js"; +import { safeParse } from "../lib/schemas.js"; +import { RequestOptions } from "../lib/sdks.js"; +import { extractSecurity, resolveGlobalSecurity } from "../lib/security.js"; +import { pathToFunc } from "../lib/url.js"; +import { APIError } from "../models/errors/apierror.js"; +import { + ConnectionError, + InvalidRequestError, + RequestAbortedError, + RequestTimeoutError, + UnexpectedClientError, +} from "../models/errors/httpclienterrors.js"; +import { SDKValidationError } from "../models/errors/sdkvalidationerror.js"; +import { + SetTwoFactorSourceDto, + SetTwoFactorSourceDto$zodSchema, +} from "../models/settwofactorsourcedto.js"; +import { APICall, APIPromise } from "../types/async.js"; +import { Result } from "../types/fp.js"; + +/** + * Set the 2FA source provider + * + * @remarks + * Set the 2FA source provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence. + * + * If set, this operation will use {@link Security.apikey} from the global security. + */ +export function integrationsTwoFactorSourceControllerSetTwoFactorSourceV1( + client$: CompAiCore, + request: SetTwoFactorSourceDto, + options?: RequestOptions, +): APIPromise< + Result< + Response, + | APIError + | SDKValidationError + | UnexpectedClientError + | InvalidRequestError + | RequestAbortedError + | RequestTimeoutError + | ConnectionError + > +> { + return new APIPromise($do( + client$, + request, + options, + )); +} + +async function $do( + client$: CompAiCore, + request: SetTwoFactorSourceDto, + options?: RequestOptions, +): Promise< + [ + Result< + Response, + | APIError + | SDKValidationError + | UnexpectedClientError + | InvalidRequestError + | RequestAbortedError + | RequestTimeoutError + | ConnectionError + >, + APICall, + ] +> { + const parsed$ = safeParse( + request, + (value$) => SetTwoFactorSourceDto$zodSchema.parse(value$), + "Input validation failed", + ); + if (!parsed$.ok) { + return [parsed$, { status: "invalid" }]; + } + const payload$ = parsed$.value; + const body$ = encodeJSON("body", payload$, { explode: true }); + const path$ = pathToFunc("/v1/integrations/sync/two-factor-source")(); + + const headers$ = new Headers(compactMap({ + "Content-Type": "application/json", + Accept: "*/*", + })); + const securityInput = await extractSecurity(client$._options.security); + const requestSecurity = resolveGlobalSecurity(securityInput, [0]); + + const context = { + options: client$._options, + baseURL: options?.serverURL ?? client$._baseURL ?? "", + operationID: "TwoFactorSourceController_setTwoFactorSource_v1", + oAuth2Scopes: null, + resolvedSecurity: requestSecurity, + securitySource: client$._options.security, + retryConfig: options?.retries + || client$._options.retryConfig + || { strategy: "none" }, + retryCodes: options?.retryCodes || [ + "429", + "500", + "502", + "503", + "504", + ], + }; + + const requestRes = client$._createRequest(context, { + security: requestSecurity, + method: "POST", + baseURL: options?.serverURL, + path: path$, + headers: headers$, + body: body$, + userAgent: client$._options.userAgent, + timeoutMs: options?.timeoutMs || client$._options.timeoutMs + || 120000, + }, options); + if (!requestRes.ok) { + return [requestRes, { status: "invalid" }]; + } + const req$ = requestRes.value; + + const doResult = await client$._do(req$, { + context, + errorCodes: [], + retryConfig: context.retryConfig, + retryCodes: context.retryCodes, + }); + if (!doResult.ok) { + return [doResult, { status: "request-error", request: req$ }]; + } + return [doResult, { + status: "complete", + "request": req$, + response: doResult.value, + }]; +} diff --git a/apps/mcp-server/src/funcs/ismsISMSControllerGetVersionsV1.ts b/apps/mcp-server/src/funcs/ismsISMSControllerGetVersionsV1.ts new file mode 100644 index 0000000000..67d7ec8143 --- /dev/null +++ b/apps/mcp-server/src/funcs/ismsISMSControllerGetVersionsV1.ts @@ -0,0 +1,154 @@ +/* + * Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT. + */ + +import { CompAiCore } from "../core.js"; +import { encodeSimple } from "../lib/encodings.js"; +import { compactMap } from "../lib/primitives.js"; +import { safeParse } from "../lib/schemas.js"; +import { RequestOptions } from "../lib/sdks.js"; +import { extractSecurity, resolveGlobalSecurity } from "../lib/security.js"; +import { pathToFunc } from "../lib/url.js"; +import { APIError } from "../models/errors/apierror.js"; +import { + ConnectionError, + InvalidRequestError, + RequestAbortedError, + RequestTimeoutError, + UnexpectedClientError, +} from "../models/errors/httpclienterrors.js"; +import { SDKValidationError } from "../models/errors/sdkvalidationerror.js"; +import { + IsmsControllerGetVersionsV1Request, + IsmsControllerGetVersionsV1Request$zodSchema, +} from "../models/ismscontrollergetversionsv1op.js"; +import { APICall, APIPromise } from "../types/async.js"; +import { Result } from "../types/fp.js"; + +/** + * List an ISMS document's published version history + * + * @remarks + * List an ISMS document's published version history in Comp AI. + * + * If set, this operation will use {@link Security.apikey} from the global security. + */ +export function ismsISMSControllerGetVersionsV1( + client$: CompAiCore, + request: IsmsControllerGetVersionsV1Request, + options?: RequestOptions, +): APIPromise< + Result< + Response, + | APIError + | SDKValidationError + | UnexpectedClientError + | InvalidRequestError + | RequestAbortedError + | RequestTimeoutError + | ConnectionError + > +> { + return new APIPromise($do( + client$, + request, + options, + )); +} + +async function $do( + client$: CompAiCore, + request: IsmsControllerGetVersionsV1Request, + options?: RequestOptions, +): Promise< + [ + Result< + Response, + | APIError + | SDKValidationError + | UnexpectedClientError + | InvalidRequestError + | RequestAbortedError + | RequestTimeoutError + | ConnectionError + >, + APICall, + ] +> { + const parsed$ = safeParse( + request, + (value$) => IsmsControllerGetVersionsV1Request$zodSchema.parse(value$), + "Input validation failed", + ); + if (!parsed$.ok) { + return [parsed$, { status: "invalid" }]; + } + const payload$ = parsed$.value; + const body$ = null; + + const pathParams$ = { + id: encodeSimple("id", payload$.id, { + explode: false, + charEncoding: "percent", + }), + }; + const path$ = pathToFunc("/v1/isms/documents/{id}/versions")( + pathParams$, + ); + + const headers$ = new Headers(compactMap({ + Accept: "*/*", + })); + const securityInput = await extractSecurity(client$._options.security); + const requestSecurity = resolveGlobalSecurity(securityInput, [0]); + + const context = { + options: client$._options, + baseURL: options?.serverURL ?? client$._baseURL ?? "", + operationID: "IsmsController_getVersions_v1", + oAuth2Scopes: null, + resolvedSecurity: requestSecurity, + securitySource: client$._options.security, + retryConfig: options?.retries + || client$._options.retryConfig + || { strategy: "none" }, + retryCodes: options?.retryCodes || [ + "429", + "500", + "502", + "503", + "504", + ], + }; + + const requestRes = client$._createRequest(context, { + security: requestSecurity, + method: "GET", + baseURL: options?.serverURL, + path: path$, + headers: headers$, + body: body$, + userAgent: client$._options.userAgent, + timeoutMs: options?.timeoutMs || client$._options.timeoutMs + || 120000, + }, options); + if (!requestRes.ok) { + return [requestRes, { status: "invalid" }]; + } + const req$ = requestRes.value; + + const doResult = await client$._do(req$, { + context, + errorCodes: [], + retryConfig: context.retryConfig, + retryCodes: context.retryCodes, + }); + if (!doResult.ok) { + return [doResult, { status: "request-error", request: req$ }]; + } + return [doResult, { + status: "complete", + "request": req$, + response: doResult.value, + }]; +} diff --git a/apps/mcp-server/src/funcs/peoplePeopleControllerGetMemberAccessV1.ts b/apps/mcp-server/src/funcs/peoplePeopleControllerGetMemberAccessV1.ts new file mode 100644 index 0000000000..e8992748a5 --- /dev/null +++ b/apps/mcp-server/src/funcs/peoplePeopleControllerGetMemberAccessV1.ts @@ -0,0 +1,155 @@ +/* + * Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT. + */ + +import { CompAiCore } from "../core.js"; +import { encodeSimple } from "../lib/encodings.js"; +import { compactMap } from "../lib/primitives.js"; +import { safeParse } from "../lib/schemas.js"; +import { RequestOptions } from "../lib/sdks.js"; +import { extractSecurity, resolveGlobalSecurity } from "../lib/security.js"; +import { pathToFunc } from "../lib/url.js"; +import { APIError } from "../models/errors/apierror.js"; +import { + ConnectionError, + InvalidRequestError, + RequestAbortedError, + RequestTimeoutError, + UnexpectedClientError, +} from "../models/errors/httpclienterrors.js"; +import { SDKValidationError } from "../models/errors/sdkvalidationerror.js"; +import { + PeopleControllerGetMemberAccessV1Request, + PeopleControllerGetMemberAccessV1Request$zodSchema, +} from "../models/peoplecontrollergetmemberaccessv1op.js"; +import { APICall, APIPromise } from "../types/async.js"; +import { Result } from "../types/fp.js"; + +/** + * Member's access across connected integrations + * + * @remarks + * Aggregates the latest Employee Access check results from every connected integration bound to the Employee Access task, matched to the member by email. + * + * If set, this operation will use {@link Security.apikey} from the global security. + */ +export function peoplePeopleControllerGetMemberAccessV1( + client$: CompAiCore, + request: PeopleControllerGetMemberAccessV1Request, + options?: RequestOptions, +): APIPromise< + Result< + Response, + | APIError + | SDKValidationError + | UnexpectedClientError + | InvalidRequestError + | RequestAbortedError + | RequestTimeoutError + | ConnectionError + > +> { + return new APIPromise($do( + client$, + request, + options, + )); +} + +async function $do( + client$: CompAiCore, + request: PeopleControllerGetMemberAccessV1Request, + options?: RequestOptions, +): Promise< + [ + Result< + Response, + | APIError + | SDKValidationError + | UnexpectedClientError + | InvalidRequestError + | RequestAbortedError + | RequestTimeoutError + | ConnectionError + >, + APICall, + ] +> { + const parsed$ = safeParse( + request, + (value$) => + PeopleControllerGetMemberAccessV1Request$zodSchema.parse(value$), + "Input validation failed", + ); + if (!parsed$.ok) { + return [parsed$, { status: "invalid" }]; + } + const payload$ = parsed$.value; + const body$ = null; + + const pathParams$ = { + id: encodeSimple("id", payload$.id, { + explode: false, + charEncoding: "percent", + }), + }; + const path$ = pathToFunc("/v1/people/{id}/access")( + pathParams$, + ); + + const headers$ = new Headers(compactMap({ + Accept: "*/*", + })); + const securityInput = await extractSecurity(client$._options.security); + const requestSecurity = resolveGlobalSecurity(securityInput, [0]); + + const context = { + options: client$._options, + baseURL: options?.serverURL ?? client$._baseURL ?? "", + operationID: "PeopleController_getMemberAccess_v1", + oAuth2Scopes: null, + resolvedSecurity: requestSecurity, + securitySource: client$._options.security, + retryConfig: options?.retries + || client$._options.retryConfig + || { strategy: "none" }, + retryCodes: options?.retryCodes || [ + "429", + "500", + "502", + "503", + "504", + ], + }; + + const requestRes = client$._createRequest(context, { + security: requestSecurity, + method: "GET", + baseURL: options?.serverURL, + path: path$, + headers: headers$, + body: body$, + userAgent: client$._options.userAgent, + timeoutMs: options?.timeoutMs || client$._options.timeoutMs + || 120000, + }, options); + if (!requestRes.ok) { + return [requestRes, { status: "invalid" }]; + } + const req$ = requestRes.value; + + const doResult = await client$._do(req$, { + context, + errorCodes: [], + retryConfig: context.retryConfig, + retryCodes: context.retryCodes, + }); + if (!doResult.ok) { + return [doResult, { status: "request-error", request: req$ }]; + } + return [doResult, { + status: "complete", + "request": req$, + response: doResult.value, + }]; +} diff --git a/apps/mcp-server/src/funcs/trustAccessTrustAccessControllerGetPublicSecurityQuestionnaireV1.ts b/apps/mcp-server/src/funcs/trustAccessTrustAccessControllerGetPublicSecurityQuestionnaireV1.ts new file mode 100644 index 0000000000..9363b073f2 --- /dev/null +++ b/apps/mcp-server/src/funcs/trustAccessTrustAccessControllerGetPublicSecurityQuestionnaireV1.ts @@ -0,0 +1,156 @@ +/* + * Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT. + */ + +import { CompAiCore } from "../core.js"; +import { encodeSimple } from "../lib/encodings.js"; +import { compactMap } from "../lib/primitives.js"; +import { safeParse } from "../lib/schemas.js"; +import { RequestOptions } from "../lib/sdks.js"; +import { extractSecurity, resolveGlobalSecurity } from "../lib/security.js"; +import { pathToFunc } from "../lib/url.js"; +import { APIError } from "../models/errors/apierror.js"; +import { + ConnectionError, + InvalidRequestError, + RequestAbortedError, + RequestTimeoutError, + UnexpectedClientError, +} from "../models/errors/httpclienterrors.js"; +import { SDKValidationError } from "../models/errors/sdkvalidationerror.js"; +import { + TrustAccessControllerGetPublicSecurityQuestionnaireV1Request, + TrustAccessControllerGetPublicSecurityQuestionnaireV1Request$zodSchema, +} from "../models/trustaccesscontrollergetpublicsecurityquestionnairev1op.js"; +import { APICall, APIPromise } from "../types/async.js"; +import { Result } from "../types/fp.js"; + +/** + * Get Security Questionnaire visibility for a trust portal + * + * @remarks + * Whether the org offers the AI-assisted Security Questionnaire on its public trust portal. Defaults to enabled when the portal can't be resolved. + */ +export function trustAccessTrustAccessControllerGetPublicSecurityQuestionnaireV1( + client$: CompAiCore, + request: TrustAccessControllerGetPublicSecurityQuestionnaireV1Request, + options?: RequestOptions, +): APIPromise< + Result< + Response, + | APIError + | SDKValidationError + | UnexpectedClientError + | InvalidRequestError + | RequestAbortedError + | RequestTimeoutError + | ConnectionError + > +> { + return new APIPromise($do( + client$, + request, + options, + )); +} + +async function $do( + client$: CompAiCore, + request: TrustAccessControllerGetPublicSecurityQuestionnaireV1Request, + options?: RequestOptions, +): Promise< + [ + Result< + Response, + | APIError + | SDKValidationError + | UnexpectedClientError + | InvalidRequestError + | RequestAbortedError + | RequestTimeoutError + | ConnectionError + >, + APICall, + ] +> { + const parsed$ = safeParse( + request, + (value$) => + TrustAccessControllerGetPublicSecurityQuestionnaireV1Request$zodSchema + .parse(value$), + "Input validation failed", + ); + if (!parsed$.ok) { + return [parsed$, { status: "invalid" }]; + } + const payload$ = parsed$.value; + const body$ = null; + + const pathParams$ = { + friendlyUrl: encodeSimple("friendlyUrl", payload$.friendlyUrl, { + explode: false, + charEncoding: "percent", + }), + }; + const path$ = pathToFunc( + "/v1/trust-access/{friendlyUrl}/security-questionnaire", + )( + pathParams$, + ); + + const headers$ = new Headers(compactMap({ + Accept: "application/json", + })); + const securityInput = await extractSecurity(client$._options.security); + const requestSecurity = resolveGlobalSecurity(securityInput); + + const context = { + options: client$._options, + baseURL: options?.serverURL ?? client$._baseURL ?? "", + operationID: "TrustAccessController_getPublicSecurityQuestionnaire_v1", + oAuth2Scopes: null, + resolvedSecurity: requestSecurity, + securitySource: client$._options.security, + retryConfig: options?.retries + || client$._options.retryConfig + || { strategy: "none" }, + retryCodes: options?.retryCodes || [ + "429", + "500", + "502", + "503", + "504", + ], + }; + + const requestRes = client$._createRequest(context, { + security: requestSecurity, + method: "GET", + baseURL: options?.serverURL, + path: path$, + headers: headers$, + body: body$, + userAgent: client$._options.userAgent, + timeoutMs: options?.timeoutMs || client$._options.timeoutMs + || 120000, + }, options); + if (!requestRes.ok) { + return [requestRes, { status: "invalid" }]; + } + const req$ = requestRes.value; + + const doResult = await client$._do(req$, { + context, + errorCodes: [], + retryConfig: context.retryConfig, + retryCodes: context.retryCodes, + }); + if (!doResult.ok) { + return [doResult, { status: "request-error", request: req$ }]; + } + return [doResult, { + status: "complete", + "request": req$, + response: doResult.value, + }]; +} diff --git a/apps/mcp-server/src/funcs/trustPortalTrustPortalControllerUpdateSecurityQuestionnaireV1.ts b/apps/mcp-server/src/funcs/trustPortalTrustPortalControllerUpdateSecurityQuestionnaireV1.ts new file mode 100644 index 0000000000..aeca1ef9ff --- /dev/null +++ b/apps/mcp-server/src/funcs/trustPortalTrustPortalControllerUpdateSecurityQuestionnaireV1.ts @@ -0,0 +1,151 @@ +/* + * Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT. + */ + +import { CompAiCore } from "../core.js"; +import { encodeJSON } from "../lib/encodings.js"; +import { compactMap } from "../lib/primitives.js"; +import { safeParse } from "../lib/schemas.js"; +import { RequestOptions } from "../lib/sdks.js"; +import { extractSecurity, resolveGlobalSecurity } from "../lib/security.js"; +import { pathToFunc } from "../lib/url.js"; +import { APIError } from "../models/errors/apierror.js"; +import { + ConnectionError, + InvalidRequestError, + RequestAbortedError, + RequestTimeoutError, + UnexpectedClientError, +} from "../models/errors/httpclienterrors.js"; +import { SDKValidationError } from "../models/errors/sdkvalidationerror.js"; +import { + TrustPortalControllerUpdateSecurityQuestionnaireV1Request, + TrustPortalControllerUpdateSecurityQuestionnaireV1Request$zodSchema, +} from "../models/trustportalcontrollerupdatesecurityquestionnairev1op.js"; +import { APICall, APIPromise } from "../types/async.js"; +import { Result } from "../types/fp.js"; + +/** + * Show or hide the Security Questionnaire on the public trust portal + * + * @remarks + * Show or hide the Security Questionnaire on the public trust portal in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures. + * + * If set, this operation will use {@link Security.apikey} from the global security. + */ +export function trustPortalTrustPortalControllerUpdateSecurityQuestionnaireV1( + client$: CompAiCore, + request: TrustPortalControllerUpdateSecurityQuestionnaireV1Request, + options?: RequestOptions, +): APIPromise< + Result< + Response, + | APIError + | SDKValidationError + | UnexpectedClientError + | InvalidRequestError + | RequestAbortedError + | RequestTimeoutError + | ConnectionError + > +> { + return new APIPromise($do( + client$, + request, + options, + )); +} + +async function $do( + client$: CompAiCore, + request: TrustPortalControllerUpdateSecurityQuestionnaireV1Request, + options?: RequestOptions, +): Promise< + [ + Result< + Response, + | APIError + | SDKValidationError + | UnexpectedClientError + | InvalidRequestError + | RequestAbortedError + | RequestTimeoutError + | ConnectionError + >, + APICall, + ] +> { + const parsed$ = safeParse( + request, + (value$) => + TrustPortalControllerUpdateSecurityQuestionnaireV1Request$zodSchema.parse( + value$, + ), + "Input validation failed", + ); + if (!parsed$.ok) { + return [parsed$, { status: "invalid" }]; + } + const payload$ = parsed$.value; + const body$ = encodeJSON("body", payload$, { explode: true }); + const path$ = pathToFunc( + "/v1/trust-portal/settings/security-questionnaire", + )(); + + const headers$ = new Headers(compactMap({ + "Content-Type": "application/json", + Accept: "*/*", + })); + const securityInput = await extractSecurity(client$._options.security); + const requestSecurity = resolveGlobalSecurity(securityInput, [0]); + + const context = { + options: client$._options, + baseURL: options?.serverURL ?? client$._baseURL ?? "", + operationID: "TrustPortalController_updateSecurityQuestionnaire_v1", + oAuth2Scopes: null, + resolvedSecurity: requestSecurity, + securitySource: client$._options.security, + retryConfig: options?.retries + || client$._options.retryConfig + || { strategy: "none" }, + retryCodes: options?.retryCodes || [ + "429", + "500", + "502", + "503", + "504", + ], + }; + + const requestRes = client$._createRequest(context, { + security: requestSecurity, + method: "PUT", + baseURL: options?.serverURL, + path: path$, + headers: headers$, + body: body$, + userAgent: client$._options.userAgent, + timeoutMs: options?.timeoutMs || client$._options.timeoutMs + || 120000, + }, options); + if (!requestRes.ok) { + return [requestRes, { status: "invalid" }]; + } + const req$ = requestRes.value; + + const doResult = await client$._do(req$, { + context, + errorCodes: [], + retryConfig: context.retryConfig, + retryCodes: context.retryCodes, + }); + if (!doResult.ok) { + return [doResult, { status: "request-error", request: req$ }]; + } + return [doResult, { + status: "complete", + "request": req$, + response: doResult.value, + }]; +} diff --git a/apps/mcp-server/src/landing-page.ts b/apps/mcp-server/src/landing-page.ts index 7fa965187f..b759398a35 100644 --- a/apps/mcp-server/src/landing-page.ts +++ b/apps/mcp-server/src/landing-page.ts @@ -930,7 +930,7 @@ http_headers = { "apikey" = "YOUR_APIKEY" }`;

Instructions

One-click installation for Claude Desktop users

diff --git a/apps/mcp-server/src/lib/config.ts b/apps/mcp-server/src/lib/config.ts index 87f1298a7a..062b0ac8bf 100644 --- a/apps/mcp-server/src/lib/config.ts +++ b/apps/mcp-server/src/lib/config.ts @@ -65,8 +65,8 @@ export function serverURLFromOptions(options: SDKOptions): URL | null { export const SDK_METADATA = { language: "typescript", openapiDocVersion: "1.0", - sdkVersion: "0.2.1", - genVersion: "2.912.1", + sdkVersion: "0.2.2", + genVersion: "2.918.3", userAgent: - "speakeasy-sdk/mcp-typescript 0.2.1 2.912.1 1.0 @trycompai/mcp-server", + "speakeasy-sdk/mcp-typescript 0.2.2 2.918.3 1.0 @trycompai/mcp-server", } as const; diff --git a/apps/mcp-server/src/lib/http.ts b/apps/mcp-server/src/lib/http.ts index 13cf1fd789..6b7a6cf3e2 100644 --- a/apps/mcp-server/src/lib/http.ts +++ b/apps/mcp-server/src/lib/http.ts @@ -45,8 +45,10 @@ export class HTTPClient { private requestHooks: BeforeRequestHook[] = []; private requestErrorHooks: RequestErrorHook[] = []; private responseHooks: ResponseHook[] = []; + private options: HTTPClientOptions; - constructor(private options: HTTPClientOptions = {}) { + constructor(options: HTTPClientOptions = {}) { + this.options = options; this.fetcher = options.fetcher || DEFAULT_FETCHER; } diff --git a/apps/mcp-server/src/lib/security.ts b/apps/mcp-server/src/lib/security.ts index 453602ecea..22e038c927 100644 --- a/apps/mcp-server/src/lib/security.ts +++ b/apps/mcp-server/src/lib/security.ts @@ -13,17 +13,22 @@ type OAuth2PasswordFlow = { tokenURL: string; }; -export enum SecurityErrorCode { - Incomplete = "incomplete", - UnrecognisedSecurityType = "unrecognized_security_type", -} +export const SecurityErrorCode = { + Incomplete: "incomplete", + UnrecognisedSecurityType: "unrecognized_security_type", +} as const; +export type SecurityErrorCode = + (typeof SecurityErrorCode)[keyof typeof SecurityErrorCode]; export class SecurityError extends Error { + public code: SecurityErrorCode; + constructor( - public code: SecurityErrorCode, + code: SecurityErrorCode, message: string, ) { super(message); + this.code = code; this.name = "SecurityError"; } diff --git a/apps/mcp-server/src/mcp-server/mcp-server.ts b/apps/mcp-server/src/mcp-server/mcp-server.ts index 376f67f80f..47c95984c9 100644 --- a/apps/mcp-server/src/mcp-server/mcp-server.ts +++ b/apps/mcp-server/src/mcp-server/mcp-server.ts @@ -21,7 +21,7 @@ const routes = buildRouteMap({ export const app = buildApplication(routes, { name: "mcp", versionInfo: { - currentVersion: "0.2.1", + currentVersion: "0.2.2", }, }); diff --git a/apps/mcp-server/src/mcp-server/server.ts b/apps/mcp-server/src/mcp-server/server.ts index e1e5786a84..a3610a1c6c 100644 --- a/apps/mcp-server/src/mcp-server/server.ts +++ b/apps/mcp-server/src/mcp-server/server.ts @@ -123,6 +123,10 @@ import { tool$integrationsTaskIntegrationsControllerGetChecksForTaskV1 } from ". import { tool$integrationsTaskIntegrationsControllerGetTaskCheckRunsV1 } from "./tools/integrationsTaskIntegrationsControllerGetTaskCheckRunsV1.js"; import { tool$integrationsTaskIntegrationsControllerReconnectCheckToTaskV1 } from "./tools/integrationsTaskIntegrationsControllerReconnectCheckToTaskV1.js"; import { tool$integrationsTaskIntegrationsControllerRunCheckForTaskV1 } from "./tools/integrationsTaskIntegrationsControllerRunCheckForTaskV1.js"; +import { tool$integrationsTwoFactorSourceControllerGetAvailableTwoFactorSourcesV1 } from "./tools/integrationsTwoFactorSourceControllerGetAvailableTwoFactorSourcesV1.js"; +import { tool$integrationsTwoFactorSourceControllerGetTwoFactorSourceV1 } from "./tools/integrationsTwoFactorSourceControllerGetTwoFactorSourceV1.js"; +import { tool$integrationsTwoFactorSourceControllerGetTwoFactorStatusesV1 } from "./tools/integrationsTwoFactorSourceControllerGetTwoFactorStatusesV1.js"; +import { tool$integrationsTwoFactorSourceControllerSetTwoFactorSourceV1 } from "./tools/integrationsTwoFactorSourceControllerSetTwoFactorSourceV1.js"; import { tool$integrationsVariablesControllerFetchVariableOptionsV1 } from "./tools/integrationsVariablesControllerFetchVariableOptionsV1.js"; import { tool$integrationsVariablesControllerGetConnectionVariablesV1 } from "./tools/integrationsVariablesControllerGetConnectionVariablesV1.js"; import { tool$integrationsVariablesControllerGetProviderVariablesV1 } from "./tools/integrationsVariablesControllerGetProviderVariablesV1.js"; @@ -135,6 +139,7 @@ import { tool$ismsISMSControllerEnsureSetupV1 } from "./tools/ismsISMSController import { tool$ismsISMSControllerExportDocumentV1 } from "./tools/ismsISMSControllerExportDocumentV1.js"; import { tool$ismsISMSControllerGenerateV1 } from "./tools/ismsISMSControllerGenerateV1.js"; import { tool$ismsISMSControllerGetDocumentV1 } from "./tools/ismsISMSControllerGetDocumentV1.js"; +import { tool$ismsISMSControllerGetVersionsV1 } from "./tools/ismsISMSControllerGetVersionsV1.js"; import { tool$ismsISMSControllerRemoveControlV1 } from "./tools/ismsISMSControllerRemoveControlV1.js"; import { tool$ismsISMSControllerSubmitForApprovalV1 } from "./tools/ismsISMSControllerSubmitForApprovalV1.js"; import { tool$ismsISMSProfileControllerGenerateAllV1 } from "./tools/ismsISMSProfileControllerGenerateAllV1.js"; @@ -198,6 +203,7 @@ import { tool$peoplePeopleControllerGetDevicesV1 } from "./tools/peoplePeopleCon import { tool$peoplePeopleControllerGetEmailPreferencesV1 } from "./tools/peoplePeopleControllerGetEmailPreferencesV1.js"; import { tool$peoplePeopleControllerGetEmploymentEvidenceV1 } from "./tools/peoplePeopleControllerGetEmploymentEvidenceV1.js"; import { tool$peoplePeopleControllerGetFleetComplianceV1 } from "./tools/peoplePeopleControllerGetFleetComplianceV1.js"; +import { tool$peoplePeopleControllerGetMemberAccessV1 } from "./tools/peoplePeopleControllerGetMemberAccessV1.js"; import { tool$peoplePeopleControllerGetMentionableMembersV1 } from "./tools/peoplePeopleControllerGetMentionableMembersV1.js"; import { tool$peoplePeopleControllerGetPersonByIdV1 } from "./tools/peoplePeopleControllerGetPersonByIdV1.js"; import { tool$peoplePeopleControllerGetTestStatsByAssigneeV1 } from "./tools/peoplePeopleControllerGetTestStatsByAssigneeV1.js"; @@ -334,6 +340,7 @@ import { tool$trustAccessTrustAccessControllerGetPublicCustomFrameworksV1 } from import { tool$trustAccessTrustAccessControllerGetPublicCustomLinksV1 } from "./tools/trustAccessTrustAccessControllerGetPublicCustomLinksV1.js"; import { tool$trustAccessTrustAccessControllerGetPublicFaviconV1 } from "./tools/trustAccessTrustAccessControllerGetPublicFaviconV1.js"; import { tool$trustAccessTrustAccessControllerGetPublicOverviewV1 } from "./tools/trustAccessTrustAccessControllerGetPublicOverviewV1.js"; +import { tool$trustAccessTrustAccessControllerGetPublicSecurityQuestionnaireV1 } from "./tools/trustAccessTrustAccessControllerGetPublicSecurityQuestionnaireV1.js"; import { tool$trustAccessTrustAccessControllerGetPublicVendorsV1 } from "./tools/trustAccessTrustAccessControllerGetPublicVendorsV1.js"; import { tool$trustAccessTrustAccessControllerListAccessRequestsV1 } from "./tools/trustAccessTrustAccessControllerListAccessRequestsV1.js"; import { tool$trustAccessTrustAccessControllerListGrantsV1 } from "./tools/trustAccessTrustAccessControllerListGrantsV1.js"; @@ -368,6 +375,7 @@ import { tool$trustPortalTrustPortalControllerUpdateCustomLinkV1 } from "./tools import { tool$trustPortalTrustPortalControllerUpdateFaqsV1 } from "./tools/trustPortalTrustPortalControllerUpdateFaqsV1.js"; import { tool$trustPortalTrustPortalControllerUpdateFrameworksV1 } from "./tools/trustPortalTrustPortalControllerUpdateFrameworksV1.js"; import { tool$trustPortalTrustPortalControllerUpdateOverviewV1 } from "./tools/trustPortalTrustPortalControllerUpdateOverviewV1.js"; +import { tool$trustPortalTrustPortalControllerUpdateSecurityQuestionnaireV1 } from "./tools/trustPortalTrustPortalControllerUpdateSecurityQuestionnaireV1.js"; import { tool$trustPortalTrustPortalControllerUpdateVendorTrustSettingsV1 } from "./tools/trustPortalTrustPortalControllerUpdateVendorTrustSettingsV1.js"; import { tool$trustPortalTrustPortalControllerUploadComplianceResourceV1 } from "./tools/trustPortalTrustPortalControllerUploadComplianceResourceV1.js"; import { tool$trustPortalTrustPortalControllerUploadCustomFrameworkBadgeV1 } from "./tools/trustPortalTrustPortalControllerUploadCustomFrameworkBadgeV1.js"; @@ -395,7 +403,7 @@ export function createMCPServer(deps: { }) { const server = new McpServer({ name: "CompAi", - version: "0.2.1", + version: "0.2.2", }); const getClient = deps.getSDK || (() => @@ -466,6 +474,7 @@ export function createMCPServer(deps: { tool(tool$peoplePeopleControllerGetPersonByIdV1); tool(tool$peoplePeopleControllerUpdateMemberV1); tool(tool$peoplePeopleControllerDeleteMemberV1); + tool(tool$peoplePeopleControllerGetMemberAccessV1); tool(tool$peoplePeopleControllerGetTrainingVideosV1); tool(tool$peoplePeopleControllerGetFleetComplianceV1); tool(tool$peoplePeopleControllerRemoveHostV1); @@ -479,6 +488,71 @@ export function createMCPServer(deps: { tool(tool$attachmentsAttachmentsControllerCreateAttachmentV1); tool(tool$attachmentsAttachmentsControllerGetAttachmentDownloadUrlV1); tool(tool$uploadsUploadsControllerCreateUploadUrlV1); + tool(tool$integrationsConnectionsControllerListProvidersV1); + tool(tool$integrationsConnectionsControllerGetProviderV1); + tool(tool$integrationsConnectionsControllerListConnectionsV1); + tool(tool$integrationsConnectionsControllerCreateConnectionV1); + tool(tool$integrationsConnectionsControllerGetConnectionV1); + tool(tool$integrationsConnectionsControllerDeleteConnectionV1); + tool(tool$integrationsConnectionsControllerUpdateConnectionV1); + tool(tool$integrationsConnectionsControllerTestConnectionV1); + tool(tool$integrationsConnectionsControllerPauseConnectionV1); + tool(tool$integrationsConnectionsControllerResumeConnectionV1); + tool(tool$integrationsConnectionsControllerDisconnectConnectionV1); + tool(tool$integrationsConnectionsControllerUpdateConnectionServicesV1); + tool(tool$integrationsServicesControllerGetConnectionServicesV1); + tool(tool$integrationsChecksControllerListProviderChecksV1); + tool(tool$integrationsChecksControllerListConnectionChecksV1); + tool(tool$integrationsChecksControllerRunConnectionChecksV1); + tool(tool$integrationsChecksControllerRunSingleCheckV1); + tool(tool$integrationsVariablesControllerGetProviderVariablesV1); + tool(tool$integrationsVariablesControllerGetConnectionVariablesV1); + tool(tool$integrationsVariablesControllerSaveConnectionVariablesV1); + tool(tool$integrationsVariablesControllerFetchVariableOptionsV1); + tool(tool$integrationsTaskIntegrationsControllerGetChecksForTaskTemplateV1); + tool(tool$integrationsTaskIntegrationsControllerGetChecksForTaskV1); + tool(tool$integrationsTaskIntegrationsControllerRunCheckForTaskV1); + tool(tool$integrationsTaskIntegrationsControllerDisconnectCheckFromTaskV1); + tool(tool$integrationsTaskIntegrationsControllerReconnectCheckToTaskV1); + tool(tool$integrationsTaskIntegrationsControllerGetTaskCheckRunsV1); + tool(tool$integrationsSyncControllerSyncGoogleWorkspaceEmployeesV1); + tool(tool$integrationsSyncControllerGetGoogleWorkspaceStatusV1); + tool(tool$integrationsSyncControllerSyncRipplingEmployeesV1); + tool(tool$integrationsSyncControllerGetRipplingStatusV1); + tool(tool$integrationsSyncControllerSyncJumpCloudEmployeesV1); + tool(tool$integrationsSyncControllerGetJumpCloudStatusV1); + tool(tool$integrationsSyncControllerGetEmployeeSyncProviderV1); + tool(tool$integrationsSyncControllerSetEmployeeSyncProviderV1); + tool(tool$integrationsSyncControllerGetDeviceSyncProviderV1); + tool(tool$integrationsSyncControllerSetDeviceSyncProviderV1); + tool(tool$integrationsSyncControllerGetAvailableSyncProvidersV1); + tool(tool$integrationsSyncControllerSyncDynamicProviderEmployeesV1); + tool(tool$integrationsSyncControllerSyncDynamicProviderDevicesV1); + tool(tool$integrationsTwoFactorSourceControllerGetTwoFactorSourceV1); + tool(tool$integrationsTwoFactorSourceControllerSetTwoFactorSourceV1); + tool( + tool$integrationsTwoFactorSourceControllerGetAvailableTwoFactorSourcesV1, + ); + tool(tool$integrationsTwoFactorSourceControllerGetTwoFactorStatusesV1); + tool(tool$cloudSecurityCloudSecurityControllerGetActivityV1); + tool(tool$cloudSecurityCloudSecurityControllerGetProvidersV1); + tool(tool$cloudSecurityCloudSecurityControllerGetFindingsV1); + tool(tool$cloudSecurityCloudSecurityControllerMarkFindingAsExceptionV1); + tool(tool$cloudSecurityCloudSecurityControllerUpdateAwsScanModeV1); + tool(tool$cloudSecurityCloudSecurityControllerRevokeExceptionV1); + tool(tool$cloudSecurityCloudSecurityControllerGetHistoryV1); + tool(tool$cloudSecurityCloudSecurityControllerGetCheckDefinitionV1); + tool(tool$cloudSecurityCloudSecurityControllerResolveSessionV1); + tool(tool$cloudSecurityCloudSecurityControllerScanV1); + tool(tool$cloudSecurityCloudSecurityControllerDetectServicesV1); + tool(tool$cloudSecurityCloudSecurityControllerDetectGcpOrgV1); + tool(tool$cloudSecurityCloudSecurityControllerSelectGcpProjectsV1); + tool(tool$cloudSecurityCloudSecurityControllerSetupGcpV1); + tool(tool$cloudSecurityCloudSecurityControllerResolveGcpSetupStepV1); + tool(tool$cloudSecurityCloudSecurityControllerSetupAzureV1); + tool(tool$cloudSecurityCloudSecurityControllerValidateAzureV1); + tool(tool$cloudSecurityCloudSecurityControllerTriggerScanV1); + tool(tool$cloudSecurityCloudSecurityControllerGetRunStatusV1); tool(tool$risksRisksControllerGetAllRisksV1); tool(tool$risksRisksControllerCreateRiskV1); tool(tool$risksRisksControllerGetStatsByAssigneeV1); @@ -597,6 +671,7 @@ export function createMCPServer(deps: { tool(tool$trustPortalTrustPortalControllerUpdateAllowedDomainsV1); tool(tool$trustPortalTrustPortalControllerUpdateAllowedEmailsV1); tool(tool$trustPortalTrustPortalControllerUpdateFrameworksV1); + tool(tool$trustPortalTrustPortalControllerUpdateSecurityQuestionnaireV1); tool(tool$trustPortalTrustPortalControllerListCustomFrameworksV1); tool(tool$trustPortalTrustPortalControllerUpdateCustomFrameworkV1); tool(tool$trustPortalTrustPortalControllerUploadCustomFrameworkBadgeV1); @@ -623,6 +698,7 @@ export function createMCPServer(deps: { tool(tool$trustAccessTrustAccessControllerReclaimAccessV1); tool(tool$trustAccessTrustAccessControllerGetFaqsV1); tool(tool$trustAccessTrustAccessControllerGetPublicOverviewV1); + tool(tool$trustAccessTrustAccessControllerGetPublicSecurityQuestionnaireV1); tool(tool$trustAccessTrustAccessControllerGetPublicCustomLinksV1); tool(tool$trustAccessTrustAccessControllerGetPublicFaviconV1); tool(tool$trustAccessTrustAccessControllerGetPublicVendorsV1); @@ -681,6 +757,7 @@ export function createMCPServer(deps: { tool(tool$ismsISMSControllerApproveV1); tool(tool$ismsISMSControllerDeclineV1); tool(tool$ismsISMSControllerDriftV1); + tool(tool$ismsISMSControllerGetVersionsV1); tool(tool$ismsISMSControllerExportDocumentV1); tool(tool$ismsISMSRegistersControllerCreateRowV1); tool(tool$ismsISMSRegistersControllerUpdateRowV1); @@ -689,65 +766,6 @@ export function createMCPServer(deps: { tool(tool$ismsISMSProfileControllerGetProfileV1); tool(tool$ismsISMSProfileControllerSaveProfileV1); tool(tool$ismsISMSProfileControllerGenerateAllV1); - tool(tool$integrationsConnectionsControllerListProvidersV1); - tool(tool$integrationsConnectionsControllerGetProviderV1); - tool(tool$integrationsConnectionsControllerListConnectionsV1); - tool(tool$integrationsConnectionsControllerCreateConnectionV1); - tool(tool$integrationsConnectionsControllerGetConnectionV1); - tool(tool$integrationsConnectionsControllerDeleteConnectionV1); - tool(tool$integrationsConnectionsControllerUpdateConnectionV1); - tool(tool$integrationsConnectionsControllerTestConnectionV1); - tool(tool$integrationsConnectionsControllerPauseConnectionV1); - tool(tool$integrationsConnectionsControllerResumeConnectionV1); - tool(tool$integrationsConnectionsControllerDisconnectConnectionV1); - tool(tool$integrationsConnectionsControllerUpdateConnectionServicesV1); - tool(tool$integrationsServicesControllerGetConnectionServicesV1); - tool(tool$integrationsChecksControllerListProviderChecksV1); - tool(tool$integrationsChecksControllerListConnectionChecksV1); - tool(tool$integrationsChecksControllerRunConnectionChecksV1); - tool(tool$integrationsChecksControllerRunSingleCheckV1); - tool(tool$integrationsVariablesControllerGetProviderVariablesV1); - tool(tool$integrationsVariablesControllerGetConnectionVariablesV1); - tool(tool$integrationsVariablesControllerSaveConnectionVariablesV1); - tool(tool$integrationsVariablesControllerFetchVariableOptionsV1); - tool(tool$integrationsTaskIntegrationsControllerGetChecksForTaskTemplateV1); - tool(tool$integrationsTaskIntegrationsControllerGetChecksForTaskV1); - tool(tool$integrationsTaskIntegrationsControllerRunCheckForTaskV1); - tool(tool$integrationsTaskIntegrationsControllerDisconnectCheckFromTaskV1); - tool(tool$integrationsTaskIntegrationsControllerReconnectCheckToTaskV1); - tool(tool$integrationsTaskIntegrationsControllerGetTaskCheckRunsV1); - tool(tool$integrationsSyncControllerSyncGoogleWorkspaceEmployeesV1); - tool(tool$integrationsSyncControllerGetGoogleWorkspaceStatusV1); - tool(tool$integrationsSyncControllerSyncRipplingEmployeesV1); - tool(tool$integrationsSyncControllerGetRipplingStatusV1); - tool(tool$integrationsSyncControllerSyncJumpCloudEmployeesV1); - tool(tool$integrationsSyncControllerGetJumpCloudStatusV1); - tool(tool$integrationsSyncControllerGetEmployeeSyncProviderV1); - tool(tool$integrationsSyncControllerSetEmployeeSyncProviderV1); - tool(tool$integrationsSyncControllerGetDeviceSyncProviderV1); - tool(tool$integrationsSyncControllerSetDeviceSyncProviderV1); - tool(tool$integrationsSyncControllerGetAvailableSyncProvidersV1); - tool(tool$integrationsSyncControllerSyncDynamicProviderEmployeesV1); - tool(tool$integrationsSyncControllerSyncDynamicProviderDevicesV1); - tool(tool$cloudSecurityCloudSecurityControllerGetActivityV1); - tool(tool$cloudSecurityCloudSecurityControllerGetProvidersV1); - tool(tool$cloudSecurityCloudSecurityControllerGetFindingsV1); - tool(tool$cloudSecurityCloudSecurityControllerMarkFindingAsExceptionV1); - tool(tool$cloudSecurityCloudSecurityControllerUpdateAwsScanModeV1); - tool(tool$cloudSecurityCloudSecurityControllerRevokeExceptionV1); - tool(tool$cloudSecurityCloudSecurityControllerGetHistoryV1); - tool(tool$cloudSecurityCloudSecurityControllerGetCheckDefinitionV1); - tool(tool$cloudSecurityCloudSecurityControllerResolveSessionV1); - tool(tool$cloudSecurityCloudSecurityControllerScanV1); - tool(tool$cloudSecurityCloudSecurityControllerDetectServicesV1); - tool(tool$cloudSecurityCloudSecurityControllerDetectGcpOrgV1); - tool(tool$cloudSecurityCloudSecurityControllerSelectGcpProjectsV1); - tool(tool$cloudSecurityCloudSecurityControllerSetupGcpV1); - tool(tool$cloudSecurityCloudSecurityControllerResolveGcpSetupStepV1); - tool(tool$cloudSecurityCloudSecurityControllerSetupAzureV1); - tool(tool$cloudSecurityCloudSecurityControllerValidateAzureV1); - tool(tool$cloudSecurityCloudSecurityControllerTriggerScanV1); - tool(tool$cloudSecurityCloudSecurityControllerGetRunStatusV1); tool(tool$taskManagementTaskManagementControllerGetTaskItemsStatsV1); tool(tool$taskManagementTaskManagementControllerGetTaskItemsV1); tool(tool$taskManagementTaskManagementControllerCreateTaskItemV1); diff --git a/apps/mcp-server/src/mcp-server/tools/integrationsTwoFactorSourceControllerGetAvailableTwoFactorSourcesV1.ts b/apps/mcp-server/src/mcp-server/tools/integrationsTwoFactorSourceControllerGetAvailableTwoFactorSourcesV1.ts new file mode 100644 index 0000000000..751a8b9936 --- /dev/null +++ b/apps/mcp-server/src/mcp-server/tools/integrationsTwoFactorSourceControllerGetAvailableTwoFactorSourcesV1.ts @@ -0,0 +1,37 @@ +/* + * Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT. + */ + +import { integrationsTwoFactorSourceControllerGetAvailableTwoFactorSourcesV1 } from "../../funcs/integrationsTwoFactorSourceControllerGetAvailableTwoFactorSourcesV1.js"; +import { formatResult, ToolDefinition } from "../tools.js"; + +export const tool$integrationsTwoFactorSourceControllerGetAvailableTwoFactorSourcesV1: + ToolDefinition = { + name: "get-available-two-factor-sources", + description: `List integrations that can supply per-user 2FA status + +List integrations that can supply per-user 2FA status in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence.`, + annotations: { + "title": "", + "destructiveHint": false, + "idempotentHint": false, + "openWorldHint": false, + "readOnlyHint": false, + }, + tool: async (client, ctx) => { + const [result] = + await integrationsTwoFactorSourceControllerGetAvailableTwoFactorSourcesV1( + client, + { fetchOptions: { signal: ctx.signal } }, + ).$inspect(); + + if (!result.ok) { + return { + content: [{ type: "text", text: result.error.message }], + isError: true, + }; + } + + return formatResult(result.value); + }, + }; diff --git a/apps/mcp-server/src/mcp-server/tools/integrationsTwoFactorSourceControllerGetTwoFactorSourceV1.ts b/apps/mcp-server/src/mcp-server/tools/integrationsTwoFactorSourceControllerGetTwoFactorSourceV1.ts new file mode 100644 index 0000000000..ee7efcd8d4 --- /dev/null +++ b/apps/mcp-server/src/mcp-server/tools/integrationsTwoFactorSourceControllerGetTwoFactorSourceV1.ts @@ -0,0 +1,37 @@ +/* + * Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT. + */ + +import { integrationsTwoFactorSourceControllerGetTwoFactorSourceV1 } from "../../funcs/integrationsTwoFactorSourceControllerGetTwoFactorSourceV1.js"; +import { formatResult, ToolDefinition } from "../tools.js"; + +export const tool$integrationsTwoFactorSourceControllerGetTwoFactorSourceV1: + ToolDefinition = { + name: "get-two-factor-source", + description: `Get the configured 2FA source provider + +Get the configured 2FA source provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence.`, + annotations: { + "title": "", + "destructiveHint": false, + "idempotentHint": false, + "openWorldHint": false, + "readOnlyHint": false, + }, + tool: async (client, ctx) => { + const [result] = + await integrationsTwoFactorSourceControllerGetTwoFactorSourceV1( + client, + { fetchOptions: { signal: ctx.signal } }, + ).$inspect(); + + if (!result.ok) { + return { + content: [{ type: "text", text: result.error.message }], + isError: true, + }; + } + + return formatResult(result.value); + }, + }; diff --git a/apps/mcp-server/src/mcp-server/tools/integrationsTwoFactorSourceControllerGetTwoFactorStatusesV1.ts b/apps/mcp-server/src/mcp-server/tools/integrationsTwoFactorSourceControllerGetTwoFactorStatusesV1.ts new file mode 100644 index 0000000000..da97659045 --- /dev/null +++ b/apps/mcp-server/src/mcp-server/tools/integrationsTwoFactorSourceControllerGetTwoFactorStatusesV1.ts @@ -0,0 +1,37 @@ +/* + * Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT. + */ + +import { integrationsTwoFactorSourceControllerGetTwoFactorStatusesV1 } from "../../funcs/integrationsTwoFactorSourceControllerGetTwoFactorStatusesV1.js"; +import { formatResult, ToolDefinition } from "../tools.js"; + +export const tool$integrationsTwoFactorSourceControllerGetTwoFactorStatusesV1: + ToolDefinition = { + name: "get-two-factor-statuses", + description: `Per-user 2FA status from the configured source + +Per-user 2FA status from the configured source in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence.`, + annotations: { + "title": "", + "destructiveHint": false, + "idempotentHint": false, + "openWorldHint": false, + "readOnlyHint": false, + }, + tool: async (client, ctx) => { + const [result] = + await integrationsTwoFactorSourceControllerGetTwoFactorStatusesV1( + client, + { fetchOptions: { signal: ctx.signal } }, + ).$inspect(); + + if (!result.ok) { + return { + content: [{ type: "text", text: result.error.message }], + isError: true, + }; + } + + return formatResult(result.value); + }, + }; diff --git a/apps/mcp-server/src/mcp-server/tools/integrationsTwoFactorSourceControllerSetTwoFactorSourceV1.ts b/apps/mcp-server/src/mcp-server/tools/integrationsTwoFactorSourceControllerSetTwoFactorSourceV1.ts new file mode 100644 index 0000000000..0e028af47b --- /dev/null +++ b/apps/mcp-server/src/mcp-server/tools/integrationsTwoFactorSourceControllerSetTwoFactorSourceV1.ts @@ -0,0 +1,44 @@ +/* + * Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT. + */ + +import { integrationsTwoFactorSourceControllerSetTwoFactorSourceV1 } from "../../funcs/integrationsTwoFactorSourceControllerSetTwoFactorSourceV1.js"; +import { SetTwoFactorSourceDto$zodSchema } from "../../models/settwofactorsourcedto.js"; +import { formatResult, ToolDefinition } from "../tools.js"; + +const args = { + request: SetTwoFactorSourceDto$zodSchema, +}; + +export const tool$integrationsTwoFactorSourceControllerSetTwoFactorSourceV1: + ToolDefinition = { + name: "set-two-factor-source", + description: `Set the 2FA source provider + +Set the 2FA source provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence.`, + annotations: { + "title": "", + "destructiveHint": false, + "idempotentHint": false, + "openWorldHint": false, + "readOnlyHint": false, + }, + args, + tool: async (client, args, ctx) => { + const [result] = + await integrationsTwoFactorSourceControllerSetTwoFactorSourceV1( + client, + args.request, + { fetchOptions: { signal: ctx.signal } }, + ).$inspect(); + + if (!result.ok) { + return { + content: [{ type: "text", text: result.error.message }], + isError: true, + }; + } + + return formatResult(result.value); + }, + }; diff --git a/apps/mcp-server/src/mcp-server/tools/ismsISMSControllerGetVersionsV1.ts b/apps/mcp-server/src/mcp-server/tools/ismsISMSControllerGetVersionsV1.ts new file mode 100644 index 0000000000..c393f36351 --- /dev/null +++ b/apps/mcp-server/src/mcp-server/tools/ismsISMSControllerGetVersionsV1.ts @@ -0,0 +1,43 @@ +/* + * Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT. + */ + +import { ismsISMSControllerGetVersionsV1 } from "../../funcs/ismsISMSControllerGetVersionsV1.js"; +import { IsmsControllerGetVersionsV1Request$zodSchema } from "../../models/ismscontrollergetversionsv1op.js"; +import { formatResult, ToolDefinition } from "../tools.js"; + +const args = { + request: IsmsControllerGetVersionsV1Request$zodSchema, +}; + +export const tool$ismsISMSControllerGetVersionsV1: ToolDefinition = + { + name: "get-versions", + description: `List an ISMS document's published version history + +List an ISMS document's published version history in Comp AI.`, + annotations: { + "title": "", + "destructiveHint": false, + "idempotentHint": false, + "openWorldHint": false, + "readOnlyHint": false, + }, + args, + tool: async (client, args, ctx) => { + const [result] = await ismsISMSControllerGetVersionsV1( + client, + args.request, + { fetchOptions: { signal: ctx.signal } }, + ).$inspect(); + + if (!result.ok) { + return { + content: [{ type: "text", text: result.error.message }], + isError: true, + }; + } + + return formatResult(result.value); + }, + }; diff --git a/apps/mcp-server/src/mcp-server/tools/peoplePeopleControllerGetMemberAccessV1.ts b/apps/mcp-server/src/mcp-server/tools/peoplePeopleControllerGetMemberAccessV1.ts new file mode 100644 index 0000000000..e634364575 --- /dev/null +++ b/apps/mcp-server/src/mcp-server/tools/peoplePeopleControllerGetMemberAccessV1.ts @@ -0,0 +1,44 @@ +/* + * Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT. + */ + +import { peoplePeopleControllerGetMemberAccessV1 } from "../../funcs/peoplePeopleControllerGetMemberAccessV1.js"; +import { PeopleControllerGetMemberAccessV1Request$zodSchema } from "../../models/peoplecontrollergetmemberaccessv1op.js"; +import { formatResult, ToolDefinition } from "../tools.js"; + +const args = { + request: PeopleControllerGetMemberAccessV1Request$zodSchema, +}; + +export const tool$peoplePeopleControllerGetMemberAccessV1: ToolDefinition< + typeof args +> = { + name: "get-member-access", + description: `Member's access across connected integrations + +Aggregates the latest Employee Access check results from every connected integration bound to the Employee Access task, matched to the member by email.`, + annotations: { + "title": "", + "destructiveHint": false, + "idempotentHint": false, + "openWorldHint": false, + "readOnlyHint": false, + }, + args, + tool: async (client, args, ctx) => { + const [result] = await peoplePeopleControllerGetMemberAccessV1( + client, + args.request, + { fetchOptions: { signal: ctx.signal } }, + ).$inspect(); + + if (!result.ok) { + return { + content: [{ type: "text", text: result.error.message }], + isError: true, + }; + } + + return formatResult(result.value); + }, +}; diff --git a/apps/mcp-server/src/mcp-server/tools/trustAccessTrustAccessControllerGetPublicSecurityQuestionnaireV1.ts b/apps/mcp-server/src/mcp-server/tools/trustAccessTrustAccessControllerGetPublicSecurityQuestionnaireV1.ts new file mode 100644 index 0000000000..ba32347050 --- /dev/null +++ b/apps/mcp-server/src/mcp-server/tools/trustAccessTrustAccessControllerGetPublicSecurityQuestionnaireV1.ts @@ -0,0 +1,45 @@ +/* + * Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT. + */ + +import { trustAccessTrustAccessControllerGetPublicSecurityQuestionnaireV1 } from "../../funcs/trustAccessTrustAccessControllerGetPublicSecurityQuestionnaireV1.js"; +import { TrustAccessControllerGetPublicSecurityQuestionnaireV1Request$zodSchema } from "../../models/trustaccesscontrollergetpublicsecurityquestionnairev1op.js"; +import { formatResult, ToolDefinition } from "../tools.js"; + +const args = { + request: + TrustAccessControllerGetPublicSecurityQuestionnaireV1Request$zodSchema, +}; + +export const tool$trustAccessTrustAccessControllerGetPublicSecurityQuestionnaireV1: + ToolDefinition = { + name: "get-public-security-questionnaire", + description: `Get Security Questionnaire visibility for a trust portal + +Whether the org offers the AI-assisted Security Questionnaire on its public trust portal. Defaults to enabled when the portal can't be resolved.`, + annotations: { + "title": "", + "destructiveHint": false, + "idempotentHint": false, + "openWorldHint": false, + "readOnlyHint": false, + }, + args, + tool: async (client, args, ctx) => { + const [result] = + await trustAccessTrustAccessControllerGetPublicSecurityQuestionnaireV1( + client, + args.request, + { fetchOptions: { signal: ctx.signal } }, + ).$inspect(); + + if (!result.ok) { + return { + content: [{ type: "text", text: result.error.message }], + isError: true, + }; + } + + return formatResult(result.value); + }, + }; diff --git a/apps/mcp-server/src/mcp-server/tools/trustPortalTrustPortalControllerUpdateSecurityQuestionnaireV1.ts b/apps/mcp-server/src/mcp-server/tools/trustPortalTrustPortalControllerUpdateSecurityQuestionnaireV1.ts new file mode 100644 index 0000000000..28de16dd0b --- /dev/null +++ b/apps/mcp-server/src/mcp-server/tools/trustPortalTrustPortalControllerUpdateSecurityQuestionnaireV1.ts @@ -0,0 +1,45 @@ +/* + * Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT. + */ + +import { trustPortalTrustPortalControllerUpdateSecurityQuestionnaireV1 } from "../../funcs/trustPortalTrustPortalControllerUpdateSecurityQuestionnaireV1.js"; +import { TrustPortalControllerUpdateSecurityQuestionnaireV1Request$zodSchema } from "../../models/trustportalcontrollerupdatesecurityquestionnairev1op.js"; +import { formatResult, ToolDefinition } from "../tools.js"; + +const args = { + request: TrustPortalControllerUpdateSecurityQuestionnaireV1Request$zodSchema, +}; + +export const tool$trustPortalTrustPortalControllerUpdateSecurityQuestionnaireV1: + ToolDefinition = { + name: "update-security-questionnaire", + description: + `Show or hide the Security Questionnaire on the public trust portal + +Show or hide the Security Questionnaire on the public trust portal in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures.`, + annotations: { + "title": "", + "destructiveHint": false, + "idempotentHint": false, + "openWorldHint": false, + "readOnlyHint": false, + }, + args, + tool: async (client, args, ctx) => { + const [result] = + await trustPortalTrustPortalControllerUpdateSecurityQuestionnaireV1( + client, + args.request, + { fetchOptions: { signal: ctx.signal } }, + ).$inspect(); + + if (!result.ok) { + return { + content: [{ type: "text", text: result.error.message }], + isError: true, + }; + } + + return formatResult(result.value); + }, + }; diff --git a/apps/mcp-server/src/models/automationscontrollergettaskautomationrunsv1op.ts b/apps/mcp-server/src/models/automationscontrollergettaskautomationrunsv1op.ts index 88aaaf0517..26c1a1e600 100644 --- a/apps/mcp-server/src/models/automationscontrollergettaskautomationrunsv1op.ts +++ b/apps/mcp-server/src/models/automationscontrollergettaskautomationrunsv1op.ts @@ -5,15 +5,6 @@ import * as z from "zod"; import { ClosedEnum } from "../types/enums.js"; -export type AutomationsControllerGetTaskAutomationRunsV1Request = { - taskId: string; -}; - -export const AutomationsControllerGetTaskAutomationRunsV1Request$zodSchema: - z.ZodType = z.object({ - taskId: z.string().describe("Task ID"), - }); - export const AutomationsControllerGetTaskAutomationRunsV1Status = { Pending: "PENDING", Running: "RUNNING", @@ -45,6 +36,15 @@ export const Trigger$zodSchema = z.enum([ "EVENT", ]); +export type AutomationsControllerGetTaskAutomationRunsV1Request = { + taskId: string; +}; + +export const AutomationsControllerGetTaskAutomationRunsV1Request$zodSchema: + z.ZodType = z.object({ + taskId: z.string().describe("Task ID"), + }); + export type AutomationsControllerGetTaskAutomationRunsV1Error = {}; export const AutomationsControllerGetTaskAutomationRunsV1Error$zodSchema: diff --git a/apps/mcp-server/src/models/contextcontrollercreatecontextv1op.ts b/apps/mcp-server/src/models/contextcontrollercreatecontextv1op.ts index be1415665c..1c4c44ddfc 100644 --- a/apps/mcp-server/src/models/contextcontrollercreatecontextv1op.ts +++ b/apps/mcp-server/src/models/contextcontrollercreatecontextv1op.ts @@ -5,6 +5,19 @@ import * as z from "zod"; import { ClosedEnum } from "../types/enums.js"; +export const ContextControllerCreateContextV1AuthType = { + ApiKey: "api-key", + Session: "session", +} as const; +export type ContextControllerCreateContextV1AuthType = ClosedEnum< + typeof ContextControllerCreateContextV1AuthType +>; + +export const ContextControllerCreateContextV1AuthType$zodSchema = z.enum([ + "api-key", + "session", +]); + /** * Internal server error */ @@ -65,19 +78,6 @@ export const ContextControllerCreateContextV1BadRequestResponseBody$zodSchema: statusCode: z.number().optional(), }).describe("Bad request - Invalid input data"); -export const ContextControllerCreateContextV1AuthType = { - ApiKey: "api-key", - Session: "session", -} as const; -export type ContextControllerCreateContextV1AuthType = ClosedEnum< - typeof ContextControllerCreateContextV1AuthType ->; - -export const ContextControllerCreateContextV1AuthType$zodSchema = z.enum([ - "api-key", - "session", -]); - /** * Context entry created successfully */ diff --git a/apps/mcp-server/src/models/contextcontrollerdeletecontextv1op.ts b/apps/mcp-server/src/models/contextcontrollerdeletecontextv1op.ts index 5f4c354078..66c1eb084e 100644 --- a/apps/mcp-server/src/models/contextcontrollerdeletecontextv1op.ts +++ b/apps/mcp-server/src/models/contextcontrollerdeletecontextv1op.ts @@ -5,6 +5,19 @@ import * as z from "zod"; import { ClosedEnum } from "../types/enums.js"; +export const ContextControllerDeleteContextV1AuthType = { + ApiKey: "api-key", + Session: "session", +} as const; +export type ContextControllerDeleteContextV1AuthType = ClosedEnum< + typeof ContextControllerDeleteContextV1AuthType +>; + +export const ContextControllerDeleteContextV1AuthType$zodSchema = z.enum([ + "api-key", + "session", +]); + export type ContextControllerDeleteContextV1Request = { id: string }; export const ContextControllerDeleteContextV1Request$zodSchema: z.ZodType< @@ -67,19 +80,6 @@ export const DeletedContext$zodSchema: z.ZodType = z.object({ question: z.string().optional(), }); -export const ContextControllerDeleteContextV1AuthType = { - ApiKey: "api-key", - Session: "session", -} as const; -export type ContextControllerDeleteContextV1AuthType = ClosedEnum< - typeof ContextControllerDeleteContextV1AuthType ->; - -export const ContextControllerDeleteContextV1AuthType$zodSchema = z.enum([ - "api-key", - "session", -]); - /** * Context entry deleted successfully */ diff --git a/apps/mcp-server/src/models/contextcontrollergetallcontextv1op.ts b/apps/mcp-server/src/models/contextcontrollergetallcontextv1op.ts index ec2cafca9b..ab07e6e915 100644 --- a/apps/mcp-server/src/models/contextcontrollergetallcontextv1op.ts +++ b/apps/mcp-server/src/models/contextcontrollergetallcontextv1op.ts @@ -5,6 +5,19 @@ import * as z from "zod"; import { ClosedEnum } from "../types/enums.js"; +export const ContextControllerGetAllContextV1AuthType = { + ApiKey: "api-key", + Session: "session", +} as const; +export type ContextControllerGetAllContextV1AuthType = ClosedEnum< + typeof ContextControllerGetAllContextV1AuthType +>; + +export const ContextControllerGetAllContextV1AuthType$zodSchema = z.enum([ + "api-key", + "session", +]); + export type ContextControllerGetAllContextV1Request = { search?: string | undefined; page?: string | undefined; @@ -85,19 +98,6 @@ export const ContextControllerGetAllContextV1Data$zodSchema: z.ZodType< updatedAt: z.iso.datetime({ offset: true }).optional(), }); -export const ContextControllerGetAllContextV1AuthType = { - ApiKey: "api-key", - Session: "session", -} as const; -export type ContextControllerGetAllContextV1AuthType = ClosedEnum< - typeof ContextControllerGetAllContextV1AuthType ->; - -export const ContextControllerGetAllContextV1AuthType$zodSchema = z.enum([ - "api-key", - "session", -]); - /** * Context entries retrieved successfully */ diff --git a/apps/mcp-server/src/models/contextcontrollergetcontextbyidv1op.ts b/apps/mcp-server/src/models/contextcontrollergetcontextbyidv1op.ts index fe26dabef9..e1d06d3e72 100644 --- a/apps/mcp-server/src/models/contextcontrollergetcontextbyidv1op.ts +++ b/apps/mcp-server/src/models/contextcontrollergetcontextbyidv1op.ts @@ -5,6 +5,19 @@ import * as z from "zod"; import { ClosedEnum } from "../types/enums.js"; +export const ContextControllerGetContextByIdV1AuthType = { + ApiKey: "api-key", + Session: "session", +} as const; +export type ContextControllerGetContextByIdV1AuthType = ClosedEnum< + typeof ContextControllerGetContextByIdV1AuthType +>; + +export const ContextControllerGetContextByIdV1AuthType$zodSchema = z.enum([ + "api-key", + "session", +]); + export type ContextControllerGetContextByIdV1Request = { id: string }; export const ContextControllerGetContextByIdV1Request$zodSchema: z.ZodType< @@ -57,19 +70,6 @@ export const ContextControllerGetContextByIdV1UnauthorizedResponseBody$zodSchema statusCode: z.number().optional(), }).describe("Unauthorized - Invalid or missing authentication"); -export const ContextControllerGetContextByIdV1AuthType = { - ApiKey: "api-key", - Session: "session", -} as const; -export type ContextControllerGetContextByIdV1AuthType = ClosedEnum< - typeof ContextControllerGetContextByIdV1AuthType ->; - -export const ContextControllerGetContextByIdV1AuthType$zodSchema = z.enum([ - "api-key", - "session", -]); - /** * Context entry retrieved successfully */ diff --git a/apps/mcp-server/src/models/controlscontrollerunlinkdocumenttypev1op.ts b/apps/mcp-server/src/models/controlscontrollerunlinkdocumenttypev1op.ts index 70efb8dea0..de7cbf43a1 100644 --- a/apps/mcp-server/src/models/controlscontrollerunlinkdocumenttypev1op.ts +++ b/apps/mcp-server/src/models/controlscontrollerunlinkdocumenttypev1op.ts @@ -5,13 +5,6 @@ import * as z from "zod"; import { ClosedEnum } from "../types/enums.js"; -export type ControlsControllerUnlinkDocumentTypeV1Security = { bearer: string }; - -export const ControlsControllerUnlinkDocumentTypeV1Security$zodSchema: - z.ZodType = z.object({ - bearer: z.string().describe("API Key"), - }); - /** * Evidence form type to unlink from the control */ @@ -53,6 +46,13 @@ export const ControlsControllerUnlinkDocumentTypeV1FormType$zodSchema = z.enum([ "account_types", ]).describe("Evidence form type to unlink from the control"); +export type ControlsControllerUnlinkDocumentTypeV1Security = { bearer: string }; + +export const ControlsControllerUnlinkDocumentTypeV1Security$zodSchema: + z.ZodType = z.object({ + bearer: z.string().describe("API Key"), + }); + export type ControlsControllerUnlinkDocumentTypeV1Request = { id: string; frameworkInstanceId: string; diff --git a/apps/mcp-server/src/models/devicescontrollergetalldevicesv1op.ts b/apps/mcp-server/src/models/devicescontrollergetalldevicesv1op.ts index abe29a2fda..a593036155 100644 --- a/apps/mcp-server/src/models/devicescontrollergetalldevicesv1op.ts +++ b/apps/mcp-server/src/models/devicescontrollergetalldevicesv1op.ts @@ -9,6 +9,25 @@ import { DeviceResponseDto$zodSchema, } from "./deviceresponsedto.js"; +/** + * How the request was authenticated + */ +export const DevicesControllerGetAllDevicesV1AuthType = { + ApiKey: "api-key", + Session: "session", +} as const; +/** + * How the request was authenticated + */ +export type DevicesControllerGetAllDevicesV1AuthType = ClosedEnum< + typeof DevicesControllerGetAllDevicesV1AuthType +>; + +export const DevicesControllerGetAllDevicesV1AuthType$zodSchema = z.enum([ + "api-key", + "session", +]).describe("How the request was authenticated"); + /** * Internal server error - FleetDM integration issue */ @@ -49,25 +68,6 @@ export const DevicesControllerGetAllDevicesV1UnauthorizedResponseBody$zodSchema: "Unauthorized - Invalid authentication or insufficient permissions", ); -/** - * How the request was authenticated - */ -export const DevicesControllerGetAllDevicesV1AuthType = { - ApiKey: "api-key", - Session: "session", -} as const; -/** - * How the request was authenticated - */ -export type DevicesControllerGetAllDevicesV1AuthType = ClosedEnum< - typeof DevicesControllerGetAllDevicesV1AuthType ->; - -export const DevicesControllerGetAllDevicesV1AuthType$zodSchema = z.enum([ - "api-key", - "session", -]).describe("How the request was authenticated"); - export type DevicesControllerGetAllDevicesV1AuthenticatedUser = { id?: string | undefined; email?: string | undefined; diff --git a/apps/mcp-server/src/models/exportismsdocumentdto.ts b/apps/mcp-server/src/models/exportismsdocumentdto.ts index 283e5373cb..ed491d1682 100644 --- a/apps/mcp-server/src/models/exportismsdocumentdto.ts +++ b/apps/mcp-server/src/models/exportismsdocumentdto.ts @@ -22,11 +22,17 @@ export const Format$zodSchema = z.enum([ "docx", ]).describe("File format to export the ISMS document as"); -export type ExportIsmsDocumentDto = { format: Format }; +export type ExportIsmsDocumentDto = { + format: Format; + versionId?: string | undefined; +}; export const ExportIsmsDocumentDto$zodSchema: z.ZodType = z.object({ format: Format$zodSchema.describe( "File format to export the ISMS document as", ), + versionId: z.string().optional().describe( + "Published version to export. Omit to export the document's current published version (or the working draft if it has never been published); provide a version id to download exactly what was approved at that version.", + ), }); diff --git a/apps/mcp-server/src/models/frameworkscontrollerupdatecustomv1op.ts b/apps/mcp-server/src/models/frameworkscontrollerupdatecustomv1op.ts new file mode 100644 index 0000000000..ebc34d8cb0 --- /dev/null +++ b/apps/mcp-server/src/models/frameworkscontrollerupdatecustomv1op.ts @@ -0,0 +1,29 @@ +/* + * Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT. + */ + +import * as z from "zod"; +import { + UpdateCustomFrameworkDto, + UpdateCustomFrameworkDto$zodSchema, +} from "./updatecustomframeworkdto.js"; + +export type FrameworksControllerUpdateCustomV1Security = { bearer: string }; + +export const FrameworksControllerUpdateCustomV1Security$zodSchema: z.ZodType< + FrameworksControllerUpdateCustomV1Security +> = z.object({ + bearer: z.string().describe("API Key"), +}); + +export type FrameworksControllerUpdateCustomV1Request = { + id: string; + body: UpdateCustomFrameworkDto; +}; + +export const FrameworksControllerUpdateCustomV1Request$zodSchema: z.ZodType< + FrameworksControllerUpdateCustomV1Request +> = z.object({ + body: UpdateCustomFrameworkDto$zodSchema, + id: z.string(), +}); diff --git a/apps/mcp-server/src/models/ismscontrollergetversionsv1op.ts b/apps/mcp-server/src/models/ismscontrollergetversionsv1op.ts new file mode 100644 index 0000000000..3f04e3775d --- /dev/null +++ b/apps/mcp-server/src/models/ismscontrollergetversionsv1op.ts @@ -0,0 +1,13 @@ +/* + * Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT. + */ + +import * as z from "zod"; + +export type IsmsControllerGetVersionsV1Request = { id: string }; + +export const IsmsControllerGetVersionsV1Request$zodSchema: z.ZodType< + IsmsControllerGetVersionsV1Request +> = z.object({ + id: z.string(), +}); diff --git a/apps/mcp-server/src/models/ismsregisterscontrollercreaterowv1op.ts b/apps/mcp-server/src/models/ismsregisterscontrollercreaterowv1op.ts index 69e20134cd..8506dc7ad1 100644 --- a/apps/mcp-server/src/models/ismsregisterscontrollercreaterowv1op.ts +++ b/apps/mcp-server/src/models/ismsregisterscontrollercreaterowv1op.ts @@ -35,6 +35,39 @@ export const IsmsRegistersControllerCreateRowV1Status$zodSchema = z.enum([ "met", ]); +export const IsmsRegistersControllerCreateRowV1AuditRoute = { + InHouse: "in_house", + External: "external", + TrainingPlanned: "training_planned", +} as const; +export type IsmsRegistersControllerCreateRowV1AuditRoute = ClosedEnum< + typeof IsmsRegistersControllerCreateRowV1AuditRoute +>; + +export const IsmsRegistersControllerCreateRowV1AuditRoute$zodSchema = z.enum([ + "in_house", + "external", + "training_planned", +]); + +export const IsmsRegistersControllerCreateRowV1BasisOfCompetence = { + Education: "education", + Training: "training", + Experience: "experience", + Combination: "combination", +} as const; +export type IsmsRegistersControllerCreateRowV1BasisOfCompetence = ClosedEnum< + typeof IsmsRegistersControllerCreateRowV1BasisOfCompetence +>; + +export const IsmsRegistersControllerCreateRowV1BasisOfCompetence$zodSchema = z + .enum([ + "education", + "training", + "experience", + "combination", + ]); + /** * Register row fields (per-register; validated at runtime by zod) */ @@ -56,19 +89,54 @@ export type IsmsRegistersControllerCreateRowV1RequestBody = { plan?: string | undefined; measurementMethod?: string | undefined; status?: IsmsRegistersControllerCreateRowV1Status | undefined; + responsibilities?: string | undefined; + authorities?: string | undefined; + authorityGrantedBy?: string | undefined; + requiredCompetence?: string | undefined; + auditRoute?: IsmsRegistersControllerCreateRowV1AuditRoute | null | undefined; + auditRouteMemberId?: string | null | undefined; + auditFirmName?: string | null | undefined; + auditEvidenceRef?: string | null | undefined; + auditCourse?: string | null | undefined; + auditDueDate?: string | null | undefined; + roleId?: string | undefined; + memberId?: string | undefined; + basisOfCompetence?: + | IsmsRegistersControllerCreateRowV1BasisOfCompetence + | null + | undefined; + evidenceRetained?: string | null | undefined; + gap?: string | null | undefined; + remediationAction?: string | null | undefined; + remediationDueDate?: string | null | undefined; position?: number | undefined; }; export const IsmsRegistersControllerCreateRowV1RequestBody$zodSchema: z.ZodType< IsmsRegistersControllerCreateRowV1RequestBody > = z.object({ + auditCourse: z.string().nullable().optional(), + auditDueDate: z.string().nullable().optional(), + auditEvidenceRef: z.string().nullable().optional(), + auditFirmName: z.string().nullable().optional(), + auditRoute: IsmsRegistersControllerCreateRowV1AuditRoute$zodSchema.nullable() + .optional(), + auditRouteMemberId: z.string().nullable().optional(), + authorities: z.string().optional(), + authorityGrantedBy: z.string().optional(), + basisOfCompetence: + IsmsRegistersControllerCreateRowV1BasisOfCompetence$zodSchema.nullable() + .optional(), cadence: z.string().optional(), category: z.string().optional(), description: z.string().optional(), effect: z.string().optional(), + evidenceRetained: z.string().nullable().optional(), + gap: z.string().nullable().optional(), interestedPartyId: z.string().optional(), kind: IsmsRegistersControllerCreateRowV1Kind$zodSchema.optional(), measurementMethod: z.string().optional(), + memberId: z.string().optional(), name: z.string().optional(), needsExpectations: z.string().optional(), objective: z.string().optional(), @@ -76,7 +144,12 @@ export const IsmsRegistersControllerCreateRowV1RequestBody$zodSchema: z.ZodType< partyName: z.string().optional(), plan: z.string().optional(), position: z.int().optional(), + remediationAction: z.string().nullable().optional(), + remediationDueDate: z.string().nullable().optional(), + requiredCompetence: z.string().optional(), requirement: z.string().optional(), + responsibilities: z.string().optional(), + roleId: z.string().optional(), status: IsmsRegistersControllerCreateRowV1Status$zodSchema.optional(), target: z.string().optional(), treatment: z.string().optional(), diff --git a/apps/mcp-server/src/models/ismsregisterscontrollerupdaterowv1op.ts b/apps/mcp-server/src/models/ismsregisterscontrollerupdaterowv1op.ts index 73ba642b21..2a9c700495 100644 --- a/apps/mcp-server/src/models/ismsregisterscontrollerupdaterowv1op.ts +++ b/apps/mcp-server/src/models/ismsregisterscontrollerupdaterowv1op.ts @@ -35,6 +35,39 @@ export const IsmsRegistersControllerUpdateRowV1Status$zodSchema = z.enum([ "met", ]); +export const IsmsRegistersControllerUpdateRowV1AuditRoute = { + InHouse: "in_house", + External: "external", + TrainingPlanned: "training_planned", +} as const; +export type IsmsRegistersControllerUpdateRowV1AuditRoute = ClosedEnum< + typeof IsmsRegistersControllerUpdateRowV1AuditRoute +>; + +export const IsmsRegistersControllerUpdateRowV1AuditRoute$zodSchema = z.enum([ + "in_house", + "external", + "training_planned", +]); + +export const IsmsRegistersControllerUpdateRowV1BasisOfCompetence = { + Education: "education", + Training: "training", + Experience: "experience", + Combination: "combination", +} as const; +export type IsmsRegistersControllerUpdateRowV1BasisOfCompetence = ClosedEnum< + typeof IsmsRegistersControllerUpdateRowV1BasisOfCompetence +>; + +export const IsmsRegistersControllerUpdateRowV1BasisOfCompetence$zodSchema = z + .enum([ + "education", + "training", + "experience", + "combination", + ]); + /** * Register row fields (per-register; validated at runtime by zod) */ @@ -56,19 +89,54 @@ export type IsmsRegistersControllerUpdateRowV1RequestBody = { plan?: string | undefined; measurementMethod?: string | undefined; status?: IsmsRegistersControllerUpdateRowV1Status | undefined; + responsibilities?: string | undefined; + authorities?: string | undefined; + authorityGrantedBy?: string | undefined; + requiredCompetence?: string | undefined; + auditRoute?: IsmsRegistersControllerUpdateRowV1AuditRoute | null | undefined; + auditRouteMemberId?: string | null | undefined; + auditFirmName?: string | null | undefined; + auditEvidenceRef?: string | null | undefined; + auditCourse?: string | null | undefined; + auditDueDate?: string | null | undefined; + roleId?: string | undefined; + memberId?: string | undefined; + basisOfCompetence?: + | IsmsRegistersControllerUpdateRowV1BasisOfCompetence + | null + | undefined; + evidenceRetained?: string | null | undefined; + gap?: string | null | undefined; + remediationAction?: string | null | undefined; + remediationDueDate?: string | null | undefined; position?: number | undefined; }; export const IsmsRegistersControllerUpdateRowV1RequestBody$zodSchema: z.ZodType< IsmsRegistersControllerUpdateRowV1RequestBody > = z.object({ + auditCourse: z.string().nullable().optional(), + auditDueDate: z.string().nullable().optional(), + auditEvidenceRef: z.string().nullable().optional(), + auditFirmName: z.string().nullable().optional(), + auditRoute: IsmsRegistersControllerUpdateRowV1AuditRoute$zodSchema.nullable() + .optional(), + auditRouteMemberId: z.string().nullable().optional(), + authorities: z.string().optional(), + authorityGrantedBy: z.string().optional(), + basisOfCompetence: + IsmsRegistersControllerUpdateRowV1BasisOfCompetence$zodSchema.nullable() + .optional(), cadence: z.string().optional(), category: z.string().optional(), description: z.string().optional(), effect: z.string().optional(), + evidenceRetained: z.string().nullable().optional(), + gap: z.string().nullable().optional(), interestedPartyId: z.string().optional(), kind: IsmsRegistersControllerUpdateRowV1Kind$zodSchema.optional(), measurementMethod: z.string().optional(), + memberId: z.string().optional(), name: z.string().optional(), needsExpectations: z.string().optional(), objective: z.string().optional(), @@ -76,7 +144,12 @@ export const IsmsRegistersControllerUpdateRowV1RequestBody$zodSchema: z.ZodType< partyName: z.string().optional(), plan: z.string().optional(), position: z.int().optional(), + remediationAction: z.string().nullable().optional(), + remediationDueDate: z.string().nullable().optional(), + requiredCompetence: z.string().optional(), requirement: z.string().optional(), + responsibilities: z.string().optional(), + roleId: z.string().optional(), status: IsmsRegistersControllerUpdateRowV1Status$zodSchema.optional(), target: z.string().optional(), treatment: z.string().optional(), diff --git a/apps/mcp-server/src/models/organizationcontrollerdeleteorganizationv1op.ts b/apps/mcp-server/src/models/organizationcontrollerdeleteorganizationv1op.ts index 4a5ab7d79a..03e3692979 100644 --- a/apps/mcp-server/src/models/organizationcontrollerdeleteorganizationv1op.ts +++ b/apps/mcp-server/src/models/organizationcontrollerdeleteorganizationv1op.ts @@ -5,6 +5,26 @@ import * as z from "zod"; import { ClosedEnum } from "../types/enums.js"; +/** + * How the request was authenticated + */ +export const OrganizationControllerDeleteOrganizationV1AuthType = { + ApiKey: "api-key", + Session: "session", +} as const; +/** + * How the request was authenticated + */ +export type OrganizationControllerDeleteOrganizationV1AuthType = ClosedEnum< + typeof OrganizationControllerDeleteOrganizationV1AuthType +>; + +export const OrganizationControllerDeleteOrganizationV1AuthType$zodSchema = z + .enum([ + "api-key", + "session", + ]).describe("How the request was authenticated"); + /** * Organization not found */ @@ -44,26 +64,6 @@ export const DeletedOrganization$zodSchema: z.ZodType = z name: z.string().optional().describe("The deleted organization name"), }); -/** - * How the request was authenticated - */ -export const OrganizationControllerDeleteOrganizationV1AuthType = { - ApiKey: "api-key", - Session: "session", -} as const; -/** - * How the request was authenticated - */ -export type OrganizationControllerDeleteOrganizationV1AuthType = ClosedEnum< - typeof OrganizationControllerDeleteOrganizationV1AuthType ->; - -export const OrganizationControllerDeleteOrganizationV1AuthType$zodSchema = z - .enum([ - "api-key", - "session", - ]).describe("How the request was authenticated"); - /** * Organization deleted successfully */ diff --git a/apps/mcp-server/src/models/organizationcontrollergetorganizationv1op.ts b/apps/mcp-server/src/models/organizationcontrollergetorganizationv1op.ts index 758bedf6fa..709401bc59 100644 --- a/apps/mcp-server/src/models/organizationcontrollergetorganizationv1op.ts +++ b/apps/mcp-server/src/models/organizationcontrollergetorganizationv1op.ts @@ -5,6 +5,27 @@ import * as z from "zod"; import { ClosedEnum } from "../types/enums.js"; +/** + * How the request was authenticated + */ +export const OrganizationControllerGetOrganizationV1AuthType = { + ApiKey: "api-key", + Session: "session", +} as const; +/** + * How the request was authenticated + */ +export type OrganizationControllerGetOrganizationV1AuthType = ClosedEnum< + typeof OrganizationControllerGetOrganizationV1AuthType +>; + +export const OrganizationControllerGetOrganizationV1AuthType$zodSchema = z.enum( + [ + "api-key", + "session", + ], +).describe("How the request was authenticated"); + export type OrganizationControllerGetOrganizationV1Request = { includeOwnership?: string | undefined; }; @@ -31,27 +52,6 @@ export const OrganizationControllerGetOrganizationV1UnauthorizedResponseBody$zod "Unauthorized - Invalid authentication or insufficient permissions", ); -/** - * How the request was authenticated - */ -export const OrganizationControllerGetOrganizationV1AuthType = { - ApiKey: "api-key", - Session: "session", -} as const; -/** - * How the request was authenticated - */ -export type OrganizationControllerGetOrganizationV1AuthType = ClosedEnum< - typeof OrganizationControllerGetOrganizationV1AuthType ->; - -export const OrganizationControllerGetOrganizationV1AuthType$zodSchema = z.enum( - [ - "api-key", - "session", - ], -).describe("How the request was authenticated"); - /** * Organization information retrieved successfully */ diff --git a/apps/mcp-server/src/models/organizationcontrollergetprimarycolorv1op.ts b/apps/mcp-server/src/models/organizationcontrollergetprimarycolorv1op.ts index 5845fb40d4..31bc4212ab 100644 --- a/apps/mcp-server/src/models/organizationcontrollergetprimarycolorv1op.ts +++ b/apps/mcp-server/src/models/organizationcontrollergetprimarycolorv1op.ts @@ -5,6 +5,27 @@ import * as z from "zod"; import { ClosedEnum } from "../types/enums.js"; +/** + * How the request was authenticated + */ +export const OrganizationControllerGetPrimaryColorV1AuthType = { + ApiKey: "api-key", + Session: "session", +} as const; +/** + * How the request was authenticated + */ +export type OrganizationControllerGetPrimaryColorV1AuthType = ClosedEnum< + typeof OrganizationControllerGetPrimaryColorV1AuthType +>; + +export const OrganizationControllerGetPrimaryColorV1AuthType$zodSchema = z.enum( + [ + "api-key", + "session", + ], +).describe("How the request was authenticated"); + export type OrganizationControllerGetPrimaryColorV1Request = { token?: any | undefined; }; @@ -44,27 +65,6 @@ export const OrganizationControllerGetPrimaryColorV1UnauthorizedResponseBody$zod "Unauthorized - Invalid authentication or insufficient permissions", ); -/** - * How the request was authenticated - */ -export const OrganizationControllerGetPrimaryColorV1AuthType = { - ApiKey: "api-key", - Session: "session", -} as const; -/** - * How the request was authenticated - */ -export type OrganizationControllerGetPrimaryColorV1AuthType = ClosedEnum< - typeof OrganizationControllerGetPrimaryColorV1AuthType ->; - -export const OrganizationControllerGetPrimaryColorV1AuthType$zodSchema = z.enum( - [ - "api-key", - "session", - ], -).describe("How the request was authenticated"); - /** * Organization primary color retrieved successfully */ diff --git a/apps/mcp-server/src/models/organizationcontrollerupdateorganizationv1op.ts b/apps/mcp-server/src/models/organizationcontrollerupdateorganizationv1op.ts index beb3b8c21a..286f4b84b6 100644 --- a/apps/mcp-server/src/models/organizationcontrollerupdateorganizationv1op.ts +++ b/apps/mcp-server/src/models/organizationcontrollerupdateorganizationv1op.ts @@ -5,6 +5,26 @@ import * as z from "zod"; import { ClosedEnum } from "../types/enums.js"; +/** + * How the request was authenticated + */ +export const OrganizationControllerUpdateOrganizationV1AuthType = { + ApiKey: "api-key", + Session: "session", +} as const; +/** + * How the request was authenticated + */ +export type OrganizationControllerUpdateOrganizationV1AuthType = ClosedEnum< + typeof OrganizationControllerUpdateOrganizationV1AuthType +>; + +export const OrganizationControllerUpdateOrganizationV1AuthType$zodSchema = z + .enum([ + "api-key", + "session", + ]).describe("How the request was authenticated"); + /** * Organization update data */ @@ -15,28 +35,38 @@ export type OrganizationControllerUpdateOrganizationV1Request = { metadata?: string | undefined; website?: string | undefined; onboardingCompleted?: boolean | undefined; - hasAccess?: boolean | undefined; fleetDmLabelId?: number | undefined; isFleetSetupCompleted?: boolean | undefined; primaryColor?: string | undefined; advancedModeEnabled?: boolean | undefined; backgroundCheckStepEnabled?: boolean | undefined; + evidenceApprovalEnabled?: boolean | undefined; + deviceAgentStepEnabled?: boolean | undefined; + securityTrainingStepEnabled?: boolean | undefined; + whistleblowerReportEnabled?: boolean | undefined; + accessRequestFormEnabled?: boolean | undefined; }; export const OrganizationControllerUpdateOrganizationV1Request$zodSchema: z.ZodType = z.object({ + accessRequestFormEnabled: z.boolean().optional().describe( + "Whether the trust-portal access request form is enabled.", + ), advancedModeEnabled: z.boolean().optional().describe( "Whether advanced mode is enabled for the organization", ), backgroundCheckStepEnabled: z.boolean().optional().describe( "Whether the background-check step is required during member onboarding. Set to false to turn off the \"Require background checks\" setting; true to require it.", ), + deviceAgentStepEnabled: z.boolean().optional().describe( + "Whether the device-agent step is enabled during member onboarding.", + ), + evidenceApprovalEnabled: z.boolean().optional().describe( + "Whether evidence requires approval before it is accepted.", + ), fleetDmLabelId: z.int().optional().describe( "FleetDM label ID for device management", ), - hasAccess: z.boolean().optional().describe( - "Whether organization has access to the platform", - ), isFleetSetupCompleted: z.boolean().optional().describe( "Whether FleetDM setup is completed", ), @@ -51,8 +81,14 @@ export const OrganizationControllerUpdateOrganizationV1Request$zodSchema: primaryColor: z.string().optional().describe( "Organization primary color in hex format", ), + securityTrainingStepEnabled: z.boolean().optional().describe( + "Whether the security-training step is enabled during member onboarding.", + ), slug: z.string().optional().describe("Organization slug"), website: z.string().optional().describe("Organization website URL"), + whistleblowerReportEnabled: z.boolean().optional().describe( + "Whether the whistleblower reporting feature is enabled.", + ), }).describe("Organization update data"); /** @@ -96,26 +132,6 @@ export const OrganizationControllerUpdateOrganizationV1BadRequestResponseBody$zo message: z.string().optional(), }).describe("Bad Request - Invalid update data"); -/** - * How the request was authenticated - */ -export const OrganizationControllerUpdateOrganizationV1AuthType = { - ApiKey: "api-key", - Session: "session", -} as const; -/** - * How the request was authenticated - */ -export type OrganizationControllerUpdateOrganizationV1AuthType = ClosedEnum< - typeof OrganizationControllerUpdateOrganizationV1AuthType ->; - -export const OrganizationControllerUpdateOrganizationV1AuthType$zodSchema = z - .enum([ - "api-key", - "session", - ]).describe("How the request was authenticated"); - /** * Organization updated successfully */ diff --git a/apps/mcp-server/src/models/peoplecontrollerbulkcreatemembersv1op.ts b/apps/mcp-server/src/models/peoplecontrollerbulkcreatemembersv1op.ts index cfe7e40947..79c6658993 100644 --- a/apps/mcp-server/src/models/peoplecontrollerbulkcreatemembersv1op.ts +++ b/apps/mcp-server/src/models/peoplecontrollerbulkcreatemembersv1op.ts @@ -9,6 +9,25 @@ import { PeopleResponseDto$zodSchema, } from "./peopleresponsedto.js"; +/** + * How the request was authenticated + */ +export const PeopleControllerBulkCreateMembersV1AuthType = { + ApiKey: "api-key", + Session: "session", +} as const; +/** + * How the request was authenticated + */ +export type PeopleControllerBulkCreateMembersV1AuthType = ClosedEnum< + typeof PeopleControllerBulkCreateMembersV1AuthType +>; + +export const PeopleControllerBulkCreateMembersV1AuthType$zodSchema = z.enum([ + "api-key", + "session", +]).describe("How the request was authenticated"); + /** * Internal server error */ @@ -100,25 +119,6 @@ export const Summary$zodSchema: z.ZodType = z.object({ ), }); -/** - * How the request was authenticated - */ -export const PeopleControllerBulkCreateMembersV1AuthType = { - ApiKey: "api-key", - Session: "session", -} as const; -/** - * How the request was authenticated - */ -export type PeopleControllerBulkCreateMembersV1AuthType = ClosedEnum< - typeof PeopleControllerBulkCreateMembersV1AuthType ->; - -export const PeopleControllerBulkCreateMembersV1AuthType$zodSchema = z.enum([ - "api-key", - "session", -]).describe("How the request was authenticated"); - export type PeopleControllerBulkCreateMembersV1AuthenticatedUser = { id?: string | undefined; email?: string | undefined; diff --git a/apps/mcp-server/src/models/peoplecontrollerdeletememberv1op.ts b/apps/mcp-server/src/models/peoplecontrollerdeletememberv1op.ts index bd157f96f3..01cd59b6e4 100644 --- a/apps/mcp-server/src/models/peoplecontrollerdeletememberv1op.ts +++ b/apps/mcp-server/src/models/peoplecontrollerdeletememberv1op.ts @@ -5,6 +5,25 @@ import * as z from "zod"; import { ClosedEnum } from "../types/enums.js"; +/** + * How the request was authenticated + */ +export const PeopleControllerDeleteMemberV1AuthType = { + ApiKey: "api-key", + Session: "session", +} as const; +/** + * How the request was authenticated + */ +export type PeopleControllerDeleteMemberV1AuthType = ClosedEnum< + typeof PeopleControllerDeleteMemberV1AuthType +>; + +export const PeopleControllerDeleteMemberV1AuthType$zodSchema = z.enum([ + "api-key", + "session", +]).describe("How the request was authenticated"); + export type PeopleControllerDeleteMemberV1Request = { id: string; skipOffboarding: string; @@ -68,25 +87,6 @@ export const DeletedMember$zodSchema: z.ZodType = z.object({ name: z.string().optional().describe("The deleted member name"), }); -/** - * How the request was authenticated - */ -export const PeopleControllerDeleteMemberV1AuthType = { - ApiKey: "api-key", - Session: "session", -} as const; -/** - * How the request was authenticated - */ -export type PeopleControllerDeleteMemberV1AuthType = ClosedEnum< - typeof PeopleControllerDeleteMemberV1AuthType ->; - -export const PeopleControllerDeleteMemberV1AuthType$zodSchema = z.enum([ - "api-key", - "session", -]).describe("How the request was authenticated"); - /** * Member deleted successfully */ diff --git a/apps/mcp-server/src/models/peoplecontrollergetallpeoplev1op.ts b/apps/mcp-server/src/models/peoplecontrollergetallpeoplev1op.ts index 9a41bf5884..32bfd8bd5c 100644 --- a/apps/mcp-server/src/models/peoplecontrollergetallpeoplev1op.ts +++ b/apps/mcp-server/src/models/peoplecontrollergetallpeoplev1op.ts @@ -9,6 +9,25 @@ import { PeopleResponseDto$zodSchema, } from "./peopleresponsedto.js"; +/** + * How the request was authenticated + */ +export const PeopleControllerGetAllPeopleV1AuthType = { + ApiKey: "api-key", + Session: "session", +} as const; +/** + * How the request was authenticated + */ +export type PeopleControllerGetAllPeopleV1AuthType = ClosedEnum< + typeof PeopleControllerGetAllPeopleV1AuthType +>; + +export const PeopleControllerGetAllPeopleV1AuthType$zodSchema = z.enum([ + "api-key", + "session", +]).describe("How the request was authenticated"); + export type PeopleControllerGetAllPeopleV1Request = { includeDeactivated: string; onboardAfter: string; @@ -66,25 +85,6 @@ export const PeopleControllerGetAllPeopleV1UnauthorizedResponseBody$zodSchema: "Unauthorized - Invalid authentication or insufficient permissions", ); -/** - * How the request was authenticated - */ -export const PeopleControllerGetAllPeopleV1AuthType = { - ApiKey: "api-key", - Session: "session", -} as const; -/** - * How the request was authenticated - */ -export type PeopleControllerGetAllPeopleV1AuthType = ClosedEnum< - typeof PeopleControllerGetAllPeopleV1AuthType ->; - -export const PeopleControllerGetAllPeopleV1AuthType$zodSchema = z.enum([ - "api-key", - "session", -]).describe("How the request was authenticated"); - export type PeopleControllerGetAllPeopleV1AuthenticatedUser = { id?: string | undefined; email?: string | undefined; diff --git a/apps/mcp-server/src/models/peoplecontrollergetmemberaccessv1op.ts b/apps/mcp-server/src/models/peoplecontrollergetmemberaccessv1op.ts new file mode 100644 index 0000000000..c8c5110a9b --- /dev/null +++ b/apps/mcp-server/src/models/peoplecontrollergetmemberaccessv1op.ts @@ -0,0 +1,13 @@ +/* + * Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT. + */ + +import * as z from "zod"; + +export type PeopleControllerGetMemberAccessV1Request = { id: string }; + +export const PeopleControllerGetMemberAccessV1Request$zodSchema: z.ZodType< + PeopleControllerGetMemberAccessV1Request +> = z.object({ + id: z.string().describe("Member ID"), +}); diff --git a/apps/mcp-server/src/models/peoplecontrollerremovehostv1op.ts b/apps/mcp-server/src/models/peoplecontrollerremovehostv1op.ts index 79899a6ece..61a07b4dfb 100644 --- a/apps/mcp-server/src/models/peoplecontrollerremovehostv1op.ts +++ b/apps/mcp-server/src/models/peoplecontrollerremovehostv1op.ts @@ -5,6 +5,25 @@ import * as z from "zod"; import { ClosedEnum } from "../types/enums.js"; +/** + * How the request was authenticated + */ +export const PeopleControllerRemoveHostV1AuthType = { + ApiKey: "api-key", + Session: "session", +} as const; +/** + * How the request was authenticated + */ +export type PeopleControllerRemoveHostV1AuthType = ClosedEnum< + typeof PeopleControllerRemoveHostV1AuthType +>; + +export const PeopleControllerRemoveHostV1AuthType$zodSchema = z.enum([ + "api-key", + "session", +]).describe("How the request was authenticated"); + export type PeopleControllerRemoveHostV1Request = { id: string; hostId: number; @@ -56,25 +75,6 @@ export const PeopleControllerRemoveHostV1UnauthorizedResponseBody$zodSchema: "Unauthorized - Invalid authentication, insufficient permissions, or not organization owner", ); -/** - * How the request was authenticated - */ -export const PeopleControllerRemoveHostV1AuthType = { - ApiKey: "api-key", - Session: "session", -} as const; -/** - * How the request was authenticated - */ -export type PeopleControllerRemoveHostV1AuthType = ClosedEnum< - typeof PeopleControllerRemoveHostV1AuthType ->; - -export const PeopleControllerRemoveHostV1AuthType$zodSchema = z.enum([ - "api-key", - "session", -]).describe("How the request was authenticated"); - /** * Host removed from Fleet successfully */ diff --git a/apps/mcp-server/src/models/policiescontrollerdeletepolicyv1op.ts b/apps/mcp-server/src/models/policiescontrollerdeletepolicyv1op.ts index 0c247aa9f1..63892579e9 100644 --- a/apps/mcp-server/src/models/policiescontrollerdeletepolicyv1op.ts +++ b/apps/mcp-server/src/models/policiescontrollerdeletepolicyv1op.ts @@ -5,6 +5,25 @@ import * as z from "zod"; import { ClosedEnum } from "../types/enums.js"; +/** + * How the request was authenticated + */ +export const PoliciesControllerDeletePolicyV1AuthType = { + ApiKey: "api-key", + Session: "session", +} as const; +/** + * How the request was authenticated + */ +export type PoliciesControllerDeletePolicyV1AuthType = ClosedEnum< + typeof PoliciesControllerDeletePolicyV1AuthType +>; + +export const PoliciesControllerDeletePolicyV1AuthType$zodSchema = z.enum([ + "api-key", + "session", +]).describe("How the request was authenticated"); + export type PoliciesControllerDeletePolicyV1Request = { xOrganizationId?: string | undefined; id: string; @@ -56,25 +75,6 @@ export const DeletedPolicy$zodSchema: z.ZodType = z.object({ name: z.string().optional().describe("The deleted policy name"), }); -/** - * How the request was authenticated - */ -export const PoliciesControllerDeletePolicyV1AuthType = { - ApiKey: "api-key", - Session: "session", -} as const; -/** - * How the request was authenticated - */ -export type PoliciesControllerDeletePolicyV1AuthType = ClosedEnum< - typeof PoliciesControllerDeletePolicyV1AuthType ->; - -export const PoliciesControllerDeletePolicyV1AuthType$zodSchema = z.enum([ - "api-key", - "session", -]).describe("How the request was authenticated"); - /** * Policy deleted successfully */ diff --git a/apps/mcp-server/src/models/policiescontrollergetallpoliciesv1op.ts b/apps/mcp-server/src/models/policiescontrollergetallpoliciesv1op.ts index 44e52242ac..68d7996df5 100644 --- a/apps/mcp-server/src/models/policiescontrollergetallpoliciesv1op.ts +++ b/apps/mcp-server/src/models/policiescontrollergetallpoliciesv1op.ts @@ -9,6 +9,25 @@ import { PolicyResponseDto$zodSchema, } from "./policyresponsedto.js"; +/** + * How the request was authenticated + */ +export const PoliciesControllerGetAllPoliciesV1AuthType = { + ApiKey: "api-key", + Session: "session", +} as const; +/** + * How the request was authenticated + */ +export type PoliciesControllerGetAllPoliciesV1AuthType = ClosedEnum< + typeof PoliciesControllerGetAllPoliciesV1AuthType +>; + +export const PoliciesControllerGetAllPoliciesV1AuthType$zodSchema = z.enum([ + "api-key", + "session", +]).describe("How the request was authenticated"); + export type PoliciesControllerGetAllPoliciesV1Request = { xOrganizationId?: string | undefined; excludeContent?: boolean | undefined; @@ -44,25 +63,6 @@ export const PoliciesControllerGetAllPoliciesV1UnauthorizedResponseBody$zodSchem "Unauthorized - Invalid authentication or insufficient permissions", ); -/** - * How the request was authenticated - */ -export const PoliciesControllerGetAllPoliciesV1AuthType = { - ApiKey: "api-key", - Session: "session", -} as const; -/** - * How the request was authenticated - */ -export type PoliciesControllerGetAllPoliciesV1AuthType = ClosedEnum< - typeof PoliciesControllerGetAllPoliciesV1AuthType ->; - -export const PoliciesControllerGetAllPoliciesV1AuthType$zodSchema = z.enum([ - "api-key", - "session", -]).describe("How the request was authenticated"); - /** * Authenticated user information (only present for session auth) */ diff --git a/apps/mcp-server/src/models/questionnairecontrollerautoanswerandexportuploadv1op.ts b/apps/mcp-server/src/models/questionnairecontrollerautoanswerandexportuploadv1op.ts index 9b07cdf319..ceaaf408bd 100644 --- a/apps/mcp-server/src/models/questionnairecontrollerautoanswerandexportuploadv1op.ts +++ b/apps/mcp-server/src/models/questionnairecontrollerautoanswerandexportuploadv1op.ts @@ -6,19 +6,6 @@ import * as z from "zod"; import * as b64$ from "../lib/base64.js"; import { ClosedEnum } from "../types/enums.js"; -export type QuestionnaireControllerAutoAnswerAndExportUploadV1File = { - fileName: string; - content: Uint8Array | string; -}; - -export const QuestionnaireControllerAutoAnswerAndExportUploadV1File$zodSchema: - z.ZodType = z.object({ - content: z.string().describe("Base64-encoded binary content").transform( - b64$.bytesFromBase64, - ), - fileName: z.string(), - }); - /** * Output format (defaults to XLSX) */ @@ -40,6 +27,19 @@ export const QuestionnaireControllerAutoAnswerAndExportUploadV1Format$zodSchema "xlsx", ]).describe("Output format (defaults to XLSX)"); +export type QuestionnaireControllerAutoAnswerAndExportUploadV1File = { + fileName: string; + content: Uint8Array | string; +}; + +export const QuestionnaireControllerAutoAnswerAndExportUploadV1File$zodSchema: + z.ZodType = z.object({ + content: z.string().describe("Base64-encoded binary content").transform( + b64$.bytesFromBase64, + ), + fileName: z.string(), + }); + export type QuestionnaireControllerAutoAnswerAndExportUploadV1Request = { file: QuestionnaireControllerAutoAnswerAndExportUploadV1File | Blob; organizationId: string; diff --git a/apps/mcp-server/src/models/questionnairecontrollerparsequestionnaireuploadv1op.ts b/apps/mcp-server/src/models/questionnairecontrollerparsequestionnaireuploadv1op.ts index bb26ede0a2..0389a33dca 100644 --- a/apps/mcp-server/src/models/questionnairecontrollerparsequestionnaireuploadv1op.ts +++ b/apps/mcp-server/src/models/questionnairecontrollerparsequestionnaireuploadv1op.ts @@ -6,19 +6,6 @@ import * as z from "zod"; import * as b64$ from "../lib/base64.js"; import { ClosedEnum } from "../types/enums.js"; -export type QuestionnaireControllerParseQuestionnaireUploadV1File = { - fileName: string; - content: Uint8Array | string; -}; - -export const QuestionnaireControllerParseQuestionnaireUploadV1File$zodSchema: - z.ZodType = z.object({ - content: z.string().describe("Base64-encoded binary content").transform( - b64$.bytesFromBase64, - ), - fileName: z.string(), - }); - /** * Output format (defaults to XLSX) */ @@ -61,6 +48,19 @@ export const QuestionnaireControllerParseQuestionnaireUploadV1Source$zodSchema = "Indicates if the request originated from our UI (internal) or trust portal (external).", ); +export type QuestionnaireControllerParseQuestionnaireUploadV1File = { + fileName: string; + content: Uint8Array | string; +}; + +export const QuestionnaireControllerParseQuestionnaireUploadV1File$zodSchema: + z.ZodType = z.object({ + content: z.string().describe("Base64-encoded binary content").transform( + b64$.bytesFromBase64, + ), + fileName: z.string(), + }); + export type QuestionnaireControllerParseQuestionnaireUploadV1Request = { file: QuestionnaireControllerParseQuestionnaireUploadV1File | Blob; organizationId: string; diff --git a/apps/mcp-server/src/models/questionnairecontrolleruploadandparseuploadv1op.ts b/apps/mcp-server/src/models/questionnairecontrolleruploadandparseuploadv1op.ts index 1fcb13c475..a254295e87 100644 --- a/apps/mcp-server/src/models/questionnairecontrolleruploadandparseuploadv1op.ts +++ b/apps/mcp-server/src/models/questionnairecontrolleruploadandparseuploadv1op.ts @@ -6,19 +6,6 @@ import * as z from "zod"; import * as b64$ from "../lib/base64.js"; import { ClosedEnum } from "../types/enums.js"; -export type QuestionnaireControllerUploadAndParseUploadV1File = { - fileName: string; - content: Uint8Array | string; -}; - -export const QuestionnaireControllerUploadAndParseUploadV1File$zodSchema: - z.ZodType = z.object({ - content: z.string().describe("Base64-encoded binary content").transform( - b64$.bytesFromBase64, - ), - fileName: z.string(), - }); - /** * Source of the upload */ @@ -39,6 +26,19 @@ export const QuestionnaireControllerUploadAndParseUploadV1Source$zodSchema = z "external", ]).describe("Source of the upload"); +export type QuestionnaireControllerUploadAndParseUploadV1File = { + fileName: string; + content: Uint8Array | string; +}; + +export const QuestionnaireControllerUploadAndParseUploadV1File$zodSchema: + z.ZodType = z.object({ + content: z.string().describe("Base64-encoded binary content").transform( + b64$.bytesFromBase64, + ), + fileName: z.string(), + }); + export type QuestionnaireControllerUploadAndParseUploadV1Request = { file: QuestionnaireControllerUploadAndParseUploadV1File | Blob; organizationId: string; diff --git a/apps/mcp-server/src/models/riskscontrollercreateriskv1op.ts b/apps/mcp-server/src/models/riskscontrollercreateriskv1op.ts index 17a08825ff..f664ec7e17 100644 --- a/apps/mcp-server/src/models/riskscontrollercreateriskv1op.ts +++ b/apps/mcp-server/src/models/riskscontrollercreateriskv1op.ts @@ -5,61 +5,6 @@ import * as z from "zod"; import { ClosedEnum } from "../types/enums.js"; -/** - * Internal server error - */ -export type RisksControllerCreateRiskV1InternalServerErrorResponseBody = { - message?: string | undefined; -}; - -export const RisksControllerCreateRiskV1InternalServerErrorResponseBody$zodSchema: - z.ZodType = z - .object({ - message: z.string().optional(), - }).describe("Internal server error"); - -/** - * Organization not found - */ -export type RisksControllerCreateRiskV1NotFoundResponseBody = { - message?: string | undefined; -}; - -export const RisksControllerCreateRiskV1NotFoundResponseBody$zodSchema: - z.ZodType = z.object({ - message: z.string().optional(), - }).describe("Organization not found"); - -/** - * Unauthorized - Invalid authentication or insufficient permissions - */ -export type RisksControllerCreateRiskV1UnauthorizedResponseBody = { - message?: string | undefined; -}; - -export const RisksControllerCreateRiskV1UnauthorizedResponseBody$zodSchema: - z.ZodType = z.object({ - message: z.string().optional(), - }).describe( - "Unauthorized - Invalid authentication or insufficient permissions", - ); - -/** - * Bad request - Invalid input data - */ -export type RisksControllerCreateRiskV1BadRequestResponseBody = { - message?: Array | undefined; - error?: string | undefined; - statusCode?: number | undefined; -}; - -export const RisksControllerCreateRiskV1BadRequestResponseBody$zodSchema: - z.ZodType = z.object({ - error: z.string().optional(), - message: z.array(z.string()).optional(), - statusCode: z.number().optional(), - }).describe("Bad request - Invalid input data"); - export const RisksControllerCreateRiskV1Category = { Customer: "customer", Governance: "governance", @@ -241,6 +186,61 @@ export const RisksControllerCreateRiskV1AuthType$zodSchema = z.enum([ "session", ]).describe("How the request was authenticated"); +/** + * Internal server error + */ +export type RisksControllerCreateRiskV1InternalServerErrorResponseBody = { + message?: string | undefined; +}; + +export const RisksControllerCreateRiskV1InternalServerErrorResponseBody$zodSchema: + z.ZodType = z + .object({ + message: z.string().optional(), + }).describe("Internal server error"); + +/** + * Organization not found + */ +export type RisksControllerCreateRiskV1NotFoundResponseBody = { + message?: string | undefined; +}; + +export const RisksControllerCreateRiskV1NotFoundResponseBody$zodSchema: + z.ZodType = z.object({ + message: z.string().optional(), + }).describe("Organization not found"); + +/** + * Unauthorized - Invalid authentication or insufficient permissions + */ +export type RisksControllerCreateRiskV1UnauthorizedResponseBody = { + message?: string | undefined; +}; + +export const RisksControllerCreateRiskV1UnauthorizedResponseBody$zodSchema: + z.ZodType = z.object({ + message: z.string().optional(), + }).describe( + "Unauthorized - Invalid authentication or insufficient permissions", + ); + +/** + * Bad request - Invalid input data + */ +export type RisksControllerCreateRiskV1BadRequestResponseBody = { + message?: Array | undefined; + error?: string | undefined; + statusCode?: number | undefined; +}; + +export const RisksControllerCreateRiskV1BadRequestResponseBody$zodSchema: + z.ZodType = z.object({ + error: z.string().optional(), + message: z.array(z.string()).optional(), + statusCode: z.number().optional(), + }).describe("Bad request - Invalid input data"); + /** * User information (only for session auth) */ diff --git a/apps/mcp-server/src/models/riskscontrollerdeleteriskv1op.ts b/apps/mcp-server/src/models/riskscontrollerdeleteriskv1op.ts index 3325ac6e35..8152b9c23d 100644 --- a/apps/mcp-server/src/models/riskscontrollerdeleteriskv1op.ts +++ b/apps/mcp-server/src/models/riskscontrollerdeleteriskv1op.ts @@ -5,6 +5,25 @@ import * as z from "zod"; import { ClosedEnum } from "../types/enums.js"; +/** + * How the request was authenticated + */ +export const RisksControllerDeleteRiskV1AuthType = { + ApiKey: "api-key", + Session: "session", +} as const; +/** + * How the request was authenticated + */ +export type RisksControllerDeleteRiskV1AuthType = ClosedEnum< + typeof RisksControllerDeleteRiskV1AuthType +>; + +export const RisksControllerDeleteRiskV1AuthType$zodSchema = z.enum([ + "api-key", + "session", +]).describe("How the request was authenticated"); + export type RisksControllerDeleteRiskV1Request = { id: string }; export const RisksControllerDeleteRiskV1Request$zodSchema: z.ZodType< @@ -62,25 +81,6 @@ export const DeletedRisk$zodSchema: z.ZodType = z.object({ title: z.string().optional().describe("Deleted risk title"), }); -/** - * How the request was authenticated - */ -export const RisksControllerDeleteRiskV1AuthType = { - ApiKey: "api-key", - Session: "session", -} as const; -/** - * How the request was authenticated - */ -export type RisksControllerDeleteRiskV1AuthType = ClosedEnum< - typeof RisksControllerDeleteRiskV1AuthType ->; - -export const RisksControllerDeleteRiskV1AuthType$zodSchema = z.enum([ - "api-key", - "session", -]).describe("How the request was authenticated"); - /** * User information (only for session auth) */ diff --git a/apps/mcp-server/src/models/riskscontrollergetallrisksv1op.ts b/apps/mcp-server/src/models/riskscontrollergetallrisksv1op.ts index 34b605bef1..8cd9f69cae 100644 --- a/apps/mcp-server/src/models/riskscontrollergetallrisksv1op.ts +++ b/apps/mcp-server/src/models/riskscontrollergetallrisksv1op.ts @@ -101,79 +101,6 @@ export const QueryParamCategory$zodSchema = z.enum([ "vendor_management", ]).describe("Filter by category"); -export type RisksControllerGetAllRisksV1Request = { - title?: string | undefined; - page?: number | undefined; - perPage?: number | undefined; - sort?: Sort | undefined; - sortDirection?: SortDirection | undefined; - status?: RisksControllerGetAllRisksV1QueryParamStatus | undefined; - category?: QueryParamCategory | undefined; - department?: string | undefined; - assigneeId?: string | undefined; -}; - -export const RisksControllerGetAllRisksV1Request$zodSchema: z.ZodType< - RisksControllerGetAllRisksV1Request -> = z.object({ - assigneeId: z.string().describe("Filter by assignee member ID").optional(), - category: QueryParamCategory$zodSchema.optional().describe( - "Filter by category", - ), - department: z.string().describe( - "Filter by department. Built-in values: none, admin, gov, hr, it, itsm, qms. Custom department names are also accepted.", - ).optional(), - page: z.number().default(1).describe("Page number (1-indexed)"), - perPage: z.number().default(50).describe("Number of items per page"), - sort: Sort$zodSchema.default("createdAt").describe("Sort by field"), - sortDirection: SortDirection$zodSchema.default("desc").describe( - "Sort direction", - ), - status: RisksControllerGetAllRisksV1QueryParamStatus$zodSchema.optional() - .describe("Filter by status"), - title: z.string().describe("Search by title (case-insensitive contains)") - .optional(), -}); - -/** - * Internal server error - */ -export type RisksControllerGetAllRisksV1InternalServerErrorResponseBody = { - message?: string | undefined; -}; - -export const RisksControllerGetAllRisksV1InternalServerErrorResponseBody$zodSchema: - z.ZodType = z - .object({ - message: z.string().optional(), - }).describe("Internal server error"); - -/** - * Organization not found - */ -export type RisksControllerGetAllRisksV1NotFoundResponseBody = { - message?: string | undefined; -}; - -export const RisksControllerGetAllRisksV1NotFoundResponseBody$zodSchema: - z.ZodType = z.object({ - message: z.string().optional(), - }).describe("Organization not found"); - -/** - * Unauthorized - Invalid authentication or insufficient permissions - */ -export type RisksControllerGetAllRisksV1UnauthorizedResponseBody = { - message?: string | undefined; -}; - -export const RisksControllerGetAllRisksV1UnauthorizedResponseBody$zodSchema: - z.ZodType = z.object({ - message: z.string().optional(), - }).describe( - "Unauthorized - Invalid authentication or insufficient permissions", - ); - export const RisksControllerGetAllRisksV1DataCategory = { Customer: "customer", Governance: "governance", @@ -275,6 +202,98 @@ export const RisksControllerGetAllRisksV1TreatmentStrategy$zodSchema = z.enum([ "transfer", ]); +/** + * How the request was authenticated + */ +export const RisksControllerGetAllRisksV1AuthType = { + ApiKey: "api-key", + Session: "session", +} as const; +/** + * How the request was authenticated + */ +export type RisksControllerGetAllRisksV1AuthType = ClosedEnum< + typeof RisksControllerGetAllRisksV1AuthType +>; + +export const RisksControllerGetAllRisksV1AuthType$zodSchema = z.enum([ + "api-key", + "session", +]).describe("How the request was authenticated"); + +export type RisksControllerGetAllRisksV1Request = { + title?: string | undefined; + page?: number | undefined; + perPage?: number | undefined; + sort?: Sort | undefined; + sortDirection?: SortDirection | undefined; + status?: RisksControllerGetAllRisksV1QueryParamStatus | undefined; + category?: QueryParamCategory | undefined; + department?: string | undefined; + assigneeId?: string | undefined; +}; + +export const RisksControllerGetAllRisksV1Request$zodSchema: z.ZodType< + RisksControllerGetAllRisksV1Request +> = z.object({ + assigneeId: z.string().describe("Filter by assignee member ID").optional(), + category: QueryParamCategory$zodSchema.optional().describe( + "Filter by category", + ), + department: z.string().describe( + "Filter by department. Built-in values: none, admin, gov, hr, it, itsm, qms. Custom department names are also accepted.", + ).optional(), + page: z.number().default(1).describe("Page number (1-indexed)"), + perPage: z.number().default(50).describe("Number of items per page"), + sort: Sort$zodSchema.default("createdAt").describe("Sort by field"), + sortDirection: SortDirection$zodSchema.default("desc").describe( + "Sort direction", + ), + status: RisksControllerGetAllRisksV1QueryParamStatus$zodSchema.optional() + .describe("Filter by status"), + title: z.string().describe("Search by title (case-insensitive contains)") + .optional(), +}); + +/** + * Internal server error + */ +export type RisksControllerGetAllRisksV1InternalServerErrorResponseBody = { + message?: string | undefined; +}; + +export const RisksControllerGetAllRisksV1InternalServerErrorResponseBody$zodSchema: + z.ZodType = z + .object({ + message: z.string().optional(), + }).describe("Internal server error"); + +/** + * Organization not found + */ +export type RisksControllerGetAllRisksV1NotFoundResponseBody = { + message?: string | undefined; +}; + +export const RisksControllerGetAllRisksV1NotFoundResponseBody$zodSchema: + z.ZodType = z.object({ + message: z.string().optional(), + }).describe("Organization not found"); + +/** + * Unauthorized - Invalid authentication or insufficient permissions + */ +export type RisksControllerGetAllRisksV1UnauthorizedResponseBody = { + message?: string | undefined; +}; + +export const RisksControllerGetAllRisksV1UnauthorizedResponseBody$zodSchema: + z.ZodType = z.object({ + message: z.string().optional(), + }).describe( + "Unauthorized - Invalid authentication or insufficient permissions", + ); + export type RisksControllerGetAllRisksV1Data = { id?: string | undefined; title?: string | undefined; @@ -312,25 +331,6 @@ export const RisksControllerGetAllRisksV1Data$zodSchema: z.ZodType< ), }); -/** - * How the request was authenticated - */ -export const RisksControllerGetAllRisksV1AuthType = { - ApiKey: "api-key", - Session: "session", -} as const; -/** - * How the request was authenticated - */ -export type RisksControllerGetAllRisksV1AuthType = ClosedEnum< - typeof RisksControllerGetAllRisksV1AuthType ->; - -export const RisksControllerGetAllRisksV1AuthType$zodSchema = z.enum([ - "api-key", - "session", -]).describe("How the request was authenticated"); - /** * User information (only for session auth) */ diff --git a/apps/mcp-server/src/models/riskscontrollergetriskbyidv1op.ts b/apps/mcp-server/src/models/riskscontrollergetriskbyidv1op.ts index 3b0199f171..131f337ee2 100644 --- a/apps/mcp-server/src/models/riskscontrollergetriskbyidv1op.ts +++ b/apps/mcp-server/src/models/riskscontrollergetriskbyidv1op.ts @@ -5,65 +5,6 @@ import * as z from "zod"; import { ClosedEnum } from "../types/enums.js"; -export type RisksControllerGetRiskByIdV1Request = { id: string }; - -export const RisksControllerGetRiskByIdV1Request$zodSchema: z.ZodType< - RisksControllerGetRiskByIdV1Request -> = z.object({ - id: z.string().describe("Risk ID"), -}); - -/** - * Internal server error - */ -export type RisksControllerGetRiskByIdV1InternalServerErrorResponseBody = { - message?: string | undefined; -}; - -export const RisksControllerGetRiskByIdV1InternalServerErrorResponseBody$zodSchema: - z.ZodType = z - .object({ - message: z.string().optional(), - }).describe("Internal server error"); - -/** - * Risk not found - */ -export type RisksControllerGetRiskByIdV1NotFoundResponseBody = { - message?: string | undefined; -}; - -export const RisksControllerGetRiskByIdV1NotFoundResponseBody$zodSchema: - z.ZodType = z.object({ - message: z.string().optional(), - }).describe("Risk not found"); - -/** - * Forbidden - User does not have permission to access this risk - */ -export type RisksControllerGetRiskByIdV1ForbiddenResponseBody = { - message?: string | undefined; -}; - -export const RisksControllerGetRiskByIdV1ForbiddenResponseBody$zodSchema: - z.ZodType = z.object({ - message: z.string().optional(), - }).describe("Forbidden - User does not have permission to access this risk"); - -/** - * Unauthorized - Invalid authentication or insufficient permissions - */ -export type RisksControllerGetRiskByIdV1UnauthorizedResponseBody = { - message?: string | undefined; -}; - -export const RisksControllerGetRiskByIdV1UnauthorizedResponseBody$zodSchema: - z.ZodType = z.object({ - message: z.string().optional(), - }).describe( - "Unauthorized - Invalid authentication or insufficient permissions", - ); - export const RisksControllerGetRiskByIdV1Category = { Customer: "customer", Governance: "governance", @@ -245,6 +186,65 @@ export const RisksControllerGetRiskByIdV1AuthType$zodSchema = z.enum([ "session", ]).describe("How the request was authenticated"); +export type RisksControllerGetRiskByIdV1Request = { id: string }; + +export const RisksControllerGetRiskByIdV1Request$zodSchema: z.ZodType< + RisksControllerGetRiskByIdV1Request +> = z.object({ + id: z.string().describe("Risk ID"), +}); + +/** + * Internal server error + */ +export type RisksControllerGetRiskByIdV1InternalServerErrorResponseBody = { + message?: string | undefined; +}; + +export const RisksControllerGetRiskByIdV1InternalServerErrorResponseBody$zodSchema: + z.ZodType = z + .object({ + message: z.string().optional(), + }).describe("Internal server error"); + +/** + * Risk not found + */ +export type RisksControllerGetRiskByIdV1NotFoundResponseBody = { + message?: string | undefined; +}; + +export const RisksControllerGetRiskByIdV1NotFoundResponseBody$zodSchema: + z.ZodType = z.object({ + message: z.string().optional(), + }).describe("Risk not found"); + +/** + * Forbidden - User does not have permission to access this risk + */ +export type RisksControllerGetRiskByIdV1ForbiddenResponseBody = { + message?: string | undefined; +}; + +export const RisksControllerGetRiskByIdV1ForbiddenResponseBody$zodSchema: + z.ZodType = z.object({ + message: z.string().optional(), + }).describe("Forbidden - User does not have permission to access this risk"); + +/** + * Unauthorized - Invalid authentication or insufficient permissions + */ +export type RisksControllerGetRiskByIdV1UnauthorizedResponseBody = { + message?: string | undefined; +}; + +export const RisksControllerGetRiskByIdV1UnauthorizedResponseBody$zodSchema: + z.ZodType = z.object({ + message: z.string().optional(), + }).describe( + "Unauthorized - Invalid authentication or insufficient permissions", + ); + /** * User information (only for session auth) */ diff --git a/apps/mcp-server/src/models/riskscontrollerupdateriskv1op.ts b/apps/mcp-server/src/models/riskscontrollerupdateriskv1op.ts index 4f0c959aa1..f03874ef2b 100644 --- a/apps/mcp-server/src/models/riskscontrollerupdateriskv1op.ts +++ b/apps/mcp-server/src/models/riskscontrollerupdateriskv1op.ts @@ -6,73 +6,6 @@ import * as z from "zod"; import { ClosedEnum } from "../types/enums.js"; import { UpdateRiskDto, UpdateRiskDto$zodSchema } from "./updateriskdto.js"; -export type RisksControllerUpdateRiskV1Request = { - id: string; - body: UpdateRiskDto; -}; - -export const RisksControllerUpdateRiskV1Request$zodSchema: z.ZodType< - RisksControllerUpdateRiskV1Request -> = z.object({ - body: UpdateRiskDto$zodSchema.describe("Risk update data"), - id: z.string().describe("Risk ID"), -}); - -/** - * Internal server error - */ -export type RisksControllerUpdateRiskV1InternalServerErrorResponseBody = { - message?: string | undefined; -}; - -export const RisksControllerUpdateRiskV1InternalServerErrorResponseBody$zodSchema: - z.ZodType = z - .object({ - message: z.string().optional(), - }).describe("Internal server error"); - -/** - * Risk not found - */ -export type RisksControllerUpdateRiskV1NotFoundResponseBody = { - message?: string | undefined; -}; - -export const RisksControllerUpdateRiskV1NotFoundResponseBody$zodSchema: - z.ZodType = z.object({ - message: z.string().optional(), - }).describe("Risk not found"); - -/** - * Unauthorized - Invalid authentication or insufficient permissions - */ -export type RisksControllerUpdateRiskV1UnauthorizedResponseBody = { - message?: string | undefined; -}; - -export const RisksControllerUpdateRiskV1UnauthorizedResponseBody$zodSchema: - z.ZodType = z.object({ - message: z.string().optional(), - }).describe( - "Unauthorized - Invalid authentication or insufficient permissions", - ); - -/** - * Bad request - Invalid input data - */ -export type RisksControllerUpdateRiskV1BadRequestResponseBody = { - message?: Array | undefined; - error?: string | undefined; - statusCode?: number | undefined; -}; - -export const RisksControllerUpdateRiskV1BadRequestResponseBody$zodSchema: - z.ZodType = z.object({ - error: z.string().optional(), - message: z.array(z.string()).optional(), - statusCode: z.number().optional(), - }).describe("Bad request - Invalid input data"); - export const RisksControllerUpdateRiskV1Category = { Customer: "customer", Governance: "governance", @@ -254,6 +187,73 @@ export const RisksControllerUpdateRiskV1AuthType$zodSchema = z.enum([ "session", ]).describe("How the request was authenticated"); +export type RisksControllerUpdateRiskV1Request = { + id: string; + body: UpdateRiskDto; +}; + +export const RisksControllerUpdateRiskV1Request$zodSchema: z.ZodType< + RisksControllerUpdateRiskV1Request +> = z.object({ + body: UpdateRiskDto$zodSchema.describe("Risk update data"), + id: z.string().describe("Risk ID"), +}); + +/** + * Internal server error + */ +export type RisksControllerUpdateRiskV1InternalServerErrorResponseBody = { + message?: string | undefined; +}; + +export const RisksControllerUpdateRiskV1InternalServerErrorResponseBody$zodSchema: + z.ZodType = z + .object({ + message: z.string().optional(), + }).describe("Internal server error"); + +/** + * Risk not found + */ +export type RisksControllerUpdateRiskV1NotFoundResponseBody = { + message?: string | undefined; +}; + +export const RisksControllerUpdateRiskV1NotFoundResponseBody$zodSchema: + z.ZodType = z.object({ + message: z.string().optional(), + }).describe("Risk not found"); + +/** + * Unauthorized - Invalid authentication or insufficient permissions + */ +export type RisksControllerUpdateRiskV1UnauthorizedResponseBody = { + message?: string | undefined; +}; + +export const RisksControllerUpdateRiskV1UnauthorizedResponseBody$zodSchema: + z.ZodType = z.object({ + message: z.string().optional(), + }).describe( + "Unauthorized - Invalid authentication or insufficient permissions", + ); + +/** + * Bad request - Invalid input data + */ +export type RisksControllerUpdateRiskV1BadRequestResponseBody = { + message?: Array | undefined; + error?: string | undefined; + statusCode?: number | undefined; +}; + +export const RisksControllerUpdateRiskV1BadRequestResponseBody$zodSchema: + z.ZodType = z.object({ + error: z.string().optional(), + message: z.array(z.string()).optional(), + statusCode: z.number().optional(), + }).describe("Bad request - Invalid input data"); + /** * User information (only for session auth) */ diff --git a/apps/mcp-server/src/models/setemployeesyncproviderdto.ts b/apps/mcp-server/src/models/setemployeesyncproviderdto.ts index f6423f370e..dce5e06638 100644 --- a/apps/mcp-server/src/models/setemployeesyncproviderdto.ts +++ b/apps/mcp-server/src/models/setemployeesyncproviderdto.ts @@ -7,15 +7,17 @@ import * as z from "zod"; /** * Provider slug to use for employee sync (must have the "sync" capability in its manifest — call list-providers to see options). Pass null or omit the field to disable employee sync for this org. */ -export type Provider = {}; +export type SetEmployeeSyncProviderDtoProvider = {}; -export const Provider$zodSchema: z.ZodType = z.object({}).describe( +export const SetEmployeeSyncProviderDtoProvider$zodSchema: z.ZodType< + SetEmployeeSyncProviderDtoProvider +> = z.object({}).describe( "Provider slug to use for employee sync (must have the \"sync\" capability in its manifest — call list-providers to see options). Pass null or omit the field to disable employee sync for this org.", ); export type SetEmployeeSyncProviderDto = { organizationId?: string | undefined; - provider?: Provider | null | undefined; + provider?: SetEmployeeSyncProviderDtoProvider | null | undefined; }; export const SetEmployeeSyncProviderDto$zodSchema: z.ZodType< @@ -24,7 +26,8 @@ export const SetEmployeeSyncProviderDto$zodSchema: z.ZodType< organizationId: z.string().optional().describe( "Auto-resolved from your API key / session. You can omit this; it is ignored by the server.", ), - provider: z.lazy(() => Provider$zodSchema).nullable().optional().describe( - "Provider slug to use for employee sync (must have the \"sync\" capability in its manifest — call list-providers to see options). Pass null or omit the field to disable employee sync for this org.", - ), + provider: z.lazy(() => SetEmployeeSyncProviderDtoProvider$zodSchema) + .nullable().optional().describe( + "Provider slug to use for employee sync (must have the \"sync\" capability in its manifest — call list-providers to see options). Pass null or omit the field to disable employee sync for this org.", + ), }); diff --git a/apps/mcp-server/src/models/settwofactorsourcedto.ts b/apps/mcp-server/src/models/settwofactorsourcedto.ts new file mode 100644 index 0000000000..fa4d79aa1d --- /dev/null +++ b/apps/mcp-server/src/models/settwofactorsourcedto.ts @@ -0,0 +1,32 @@ +/* + * Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT. + */ + +import * as z from "zod"; + +/** + * Provider slug whose 2FA check feeds the People-tab 2FA column (must be bound to the 2FA task — call available-2fa-sources for options). Pass null or omit to clear the source. + */ +export type SetTwoFactorSourceDtoProvider = {}; + +export const SetTwoFactorSourceDtoProvider$zodSchema: z.ZodType< + SetTwoFactorSourceDtoProvider +> = z.object({}).describe( + "Provider slug whose 2FA check feeds the People-tab 2FA column (must be bound to the 2FA task — call available-2fa-sources for options). Pass null or omit to clear the source.", +); + +export type SetTwoFactorSourceDto = { + organizationId?: string | undefined; + provider?: SetTwoFactorSourceDtoProvider | null | undefined; +}; + +export const SetTwoFactorSourceDto$zodSchema: z.ZodType = + z.object({ + organizationId: z.string().optional().describe( + "Auto-resolved from your API key / session. You can omit this; it is ignored by the server.", + ), + provider: z.lazy(() => SetTwoFactorSourceDtoProvider$zodSchema).nullable() + .optional().describe( + "Provider slug whose 2FA check feeds the People-tab 2FA column (must be bound to the 2FA task — call available-2fa-sources for options). Pass null or omit to clear the source.", + ), + }); diff --git a/apps/mcp-server/src/models/taskitemresponsedto.ts b/apps/mcp-server/src/models/taskitemresponsedto.ts index ddc07f7225..602cbdc666 100644 --- a/apps/mcp-server/src/models/taskitemresponsedto.ts +++ b/apps/mcp-server/src/models/taskitemresponsedto.ts @@ -9,15 +9,6 @@ import { TaskItemCreatorDto$zodSchema, } from "./taskitemcreatordto.js"; -/** - * Task description - */ -export type TaskItemResponseDtoDescription = {}; - -export const TaskItemResponseDtoDescription$zodSchema: z.ZodType< - TaskItemResponseDtoDescription -> = z.object({}).describe("Task description"); - /** * Task status */ @@ -85,6 +76,15 @@ export const TaskItemResponseDtoEntityType$zodSchema = z.enum([ "risk", ]).describe("Type of entity"); +/** + * Task description + */ +export type TaskItemResponseDtoDescription = {}; + +export const TaskItemResponseDtoDescription$zodSchema: z.ZodType< + TaskItemResponseDtoDescription +> = z.object({}).describe("Task description"); + /** * User information */ diff --git a/apps/mcp-server/src/models/taskresponsedto.ts b/apps/mcp-server/src/models/taskresponsedto.ts index 4a7daac265..3774bea6a3 100644 --- a/apps/mcp-server/src/models/taskresponsedto.ts +++ b/apps/mcp-server/src/models/taskresponsedto.ts @@ -26,14 +26,6 @@ export const TaskResponseDtoStatus$zodSchema = z.enum([ "blocked", ]).describe("Task status"); -/** - * Task template ID - */ -export type TaskTemplateId = {}; - -export const TaskTemplateId$zodSchema: z.ZodType = z.object({}) - .describe("Task template ID"); - /** * Cadence for running the integration check attached to this task */ @@ -59,6 +51,14 @@ export const IntegrationScheduleFrequency$zodSchema = z.enum([ "yearly", ]).describe("Cadence for running the integration check attached to this task"); +/** + * Task template ID + */ +export type TaskTemplateId = {}; + +export const TaskTemplateId$zodSchema: z.ZodType = z.object({}) + .describe("Task template ID"); + /** * Last successful integration check run timestamp */ diff --git a/apps/mcp-server/src/models/trustaccesscontrollergetpublicsecurityquestionnairev1op.ts b/apps/mcp-server/src/models/trustaccesscontrollergetpublicsecurityquestionnairev1op.ts new file mode 100644 index 0000000000..b734cbce2f --- /dev/null +++ b/apps/mcp-server/src/models/trustaccesscontrollergetpublicsecurityquestionnairev1op.ts @@ -0,0 +1,30 @@ +/* + * Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT. + */ + +import * as z from "zod"; + +export type TrustAccessControllerGetPublicSecurityQuestionnaireV1Request = { + friendlyUrl: string; +}; + +export const TrustAccessControllerGetPublicSecurityQuestionnaireV1Request$zodSchema: + z.ZodType = z + .object({ + friendlyUrl: z.string().describe( + "Trust Portal friendly URL or Organization ID", + ), + }); + +/** + * Security Questionnaire visibility retrieved successfully + */ +export type TrustAccessControllerGetPublicSecurityQuestionnaireV1Response = { + enabled?: boolean | undefined; +}; + +export const TrustAccessControllerGetPublicSecurityQuestionnaireV1Response$zodSchema: + z.ZodType = z + .object({ + enabled: z.boolean().optional(), + }).describe("Security Questionnaire visibility retrieved successfully"); diff --git a/apps/mcp-server/src/models/trustportalcontrollerupdatecustomframeworkv1op.ts b/apps/mcp-server/src/models/trustportalcontrollerupdatecustomframeworkv1op.ts index 9f5b8d021e..67ab22693b 100644 --- a/apps/mcp-server/src/models/trustportalcontrollerupdatecustomframeworkv1op.ts +++ b/apps/mcp-server/src/models/trustportalcontrollerupdatecustomframeworkv1op.ts @@ -21,20 +21,6 @@ export const TrustPortalControllerUpdateCustomFrameworkV1Status2$zodSchema = z "compliant", ]); -export type TrustPortalControllerUpdateCustomFrameworkV1RequestBody2 = { - customFrameworkId: string; - enabled?: boolean | undefined; - status: TrustPortalControllerUpdateCustomFrameworkV1Status2; -}; - -export const TrustPortalControllerUpdateCustomFrameworkV1RequestBody2$zodSchema: - z.ZodType = z - .object({ - customFrameworkId: z.string(), - enabled: z.boolean().optional(), - status: TrustPortalControllerUpdateCustomFrameworkV1Status2$zodSchema, - }); - export const TrustPortalControllerUpdateCustomFrameworkV1Status1 = { Started: "started", InProgress: "in_progress", @@ -51,6 +37,20 @@ export const TrustPortalControllerUpdateCustomFrameworkV1Status1$zodSchema = z "compliant", ]); +export type TrustPortalControllerUpdateCustomFrameworkV1RequestBody2 = { + customFrameworkId: string; + enabled?: boolean | undefined; + status: TrustPortalControllerUpdateCustomFrameworkV1Status2; +}; + +export const TrustPortalControllerUpdateCustomFrameworkV1RequestBody2$zodSchema: + z.ZodType = z + .object({ + customFrameworkId: z.string(), + enabled: z.boolean().optional(), + status: TrustPortalControllerUpdateCustomFrameworkV1Status2$zodSchema, + }); + export type TrustPortalControllerUpdateCustomFrameworkV1RequestBody1 = { customFrameworkId: string; enabled: boolean; diff --git a/apps/mcp-server/src/models/trustportalcontrollerupdatesecurityquestionnairev1op.ts b/apps/mcp-server/src/models/trustportalcontrollerupdatesecurityquestionnairev1op.ts new file mode 100644 index 0000000000..424a746d6e --- /dev/null +++ b/apps/mcp-server/src/models/trustportalcontrollerupdatesecurityquestionnairev1op.ts @@ -0,0 +1,17 @@ +/* + * Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT. + */ + +import * as z from "zod"; + +export type TrustPortalControllerUpdateSecurityQuestionnaireV1Request = { + enabled: boolean; +}; + +export const TrustPortalControllerUpdateSecurityQuestionnaireV1Request$zodSchema: + z.ZodType = z + .object({ + enabled: z.boolean().describe( + "When false, the Security Questionnaire is hidden from the public trust portal.", + ), + }); diff --git a/apps/mcp-server/src/models/updatecustomframeworkdto.ts b/apps/mcp-server/src/models/updatecustomframeworkdto.ts new file mode 100644 index 0000000000..9f9939fa41 --- /dev/null +++ b/apps/mcp-server/src/models/updatecustomframeworkdto.ts @@ -0,0 +1,17 @@ +/* + * Code generated by Speakeasy (https://speakeasy.com). DO NOT EDIT. + */ + +import * as z from "zod"; + +export type UpdateCustomFrameworkDto = { + name?: string | undefined; + description?: string | undefined; +}; + +export const UpdateCustomFrameworkDto$zodSchema: z.ZodType< + UpdateCustomFrameworkDto +> = z.object({ + description: z.string().optional().describe("Framework description"), + name: z.string().optional().describe("Framework name"), +}); diff --git a/apps/mcp-server/src/models/vendorscontrollercreatevendorv1op.ts b/apps/mcp-server/src/models/vendorscontrollercreatevendorv1op.ts index 211fb05b95..baa5a1cdc5 100644 --- a/apps/mcp-server/src/models/vendorscontrollercreatevendorv1op.ts +++ b/apps/mcp-server/src/models/vendorscontrollercreatevendorv1op.ts @@ -5,63 +5,6 @@ import * as z from "zod"; import { ClosedEnum } from "../types/enums.js"; -/** - * Internal server error - */ -export type VendorsControllerCreateVendorV1InternalServerErrorResponseBody = { - message?: string | undefined; -}; - -export const VendorsControllerCreateVendorV1InternalServerErrorResponseBody$zodSchema: - z.ZodType = z - .object({ - message: z.string().optional(), - }).describe("Internal server error"); - -/** - * Organization not found - */ -export type VendorsControllerCreateVendorV1NotFoundResponseBody = { - message?: string | undefined; -}; - -export const VendorsControllerCreateVendorV1NotFoundResponseBody$zodSchema: - z.ZodType = z.object({ - message: z.string().optional(), - }).describe("Organization not found"); - -/** - * Unauthorized - Invalid authentication or insufficient permissions - */ -export type VendorsControllerCreateVendorV1UnauthorizedResponseBody = { - message?: string | undefined; -}; - -export const VendorsControllerCreateVendorV1UnauthorizedResponseBody$zodSchema: - z.ZodType = z.object( - { - message: z.string().optional(), - }, - ).describe( - "Unauthorized - Invalid authentication or insufficient permissions", - ); - -/** - * Bad request - Invalid input data - */ -export type VendorsControllerCreateVendorV1BadRequestResponseBody = { - message?: Array | undefined; - error?: string | undefined; - statusCode?: number | undefined; -}; - -export const VendorsControllerCreateVendorV1BadRequestResponseBody$zodSchema: - z.ZodType = z.object({ - error: z.string().optional(), - message: z.array(z.string()).optional(), - statusCode: z.number().optional(), - }).describe("Bad request - Invalid input data"); - export const VendorsControllerCreateVendorV1Category = { Cloud: "cloud", Infrastructure: "infrastructure", @@ -199,6 +142,63 @@ export const VendorsControllerCreateVendorV1AuthType$zodSchema = z.enum([ "session", ]).describe("How the request was authenticated"); +/** + * Internal server error + */ +export type VendorsControllerCreateVendorV1InternalServerErrorResponseBody = { + message?: string | undefined; +}; + +export const VendorsControllerCreateVendorV1InternalServerErrorResponseBody$zodSchema: + z.ZodType = z + .object({ + message: z.string().optional(), + }).describe("Internal server error"); + +/** + * Organization not found + */ +export type VendorsControllerCreateVendorV1NotFoundResponseBody = { + message?: string | undefined; +}; + +export const VendorsControllerCreateVendorV1NotFoundResponseBody$zodSchema: + z.ZodType = z.object({ + message: z.string().optional(), + }).describe("Organization not found"); + +/** + * Unauthorized - Invalid authentication or insufficient permissions + */ +export type VendorsControllerCreateVendorV1UnauthorizedResponseBody = { + message?: string | undefined; +}; + +export const VendorsControllerCreateVendorV1UnauthorizedResponseBody$zodSchema: + z.ZodType = z.object( + { + message: z.string().optional(), + }, + ).describe( + "Unauthorized - Invalid authentication or insufficient permissions", + ); + +/** + * Bad request - Invalid input data + */ +export type VendorsControllerCreateVendorV1BadRequestResponseBody = { + message?: Array | undefined; + error?: string | undefined; + statusCode?: number | undefined; +}; + +export const VendorsControllerCreateVendorV1BadRequestResponseBody$zodSchema: + z.ZodType = z.object({ + error: z.string().optional(), + message: z.array(z.string()).optional(), + statusCode: z.number().optional(), + }).describe("Bad request - Invalid input data"); + /** * User information (only for session auth) */ diff --git a/apps/mcp-server/src/models/vendorscontrollerdeletevendorv1op.ts b/apps/mcp-server/src/models/vendorscontrollerdeletevendorv1op.ts index c302755faf..1c6e16ab2d 100644 --- a/apps/mcp-server/src/models/vendorscontrollerdeletevendorv1op.ts +++ b/apps/mcp-server/src/models/vendorscontrollerdeletevendorv1op.ts @@ -5,6 +5,25 @@ import * as z from "zod"; import { ClosedEnum } from "../types/enums.js"; +/** + * How the request was authenticated + */ +export const VendorsControllerDeleteVendorV1AuthType = { + ApiKey: "api-key", + Session: "session", +} as const; +/** + * How the request was authenticated + */ +export type VendorsControllerDeleteVendorV1AuthType = ClosedEnum< + typeof VendorsControllerDeleteVendorV1AuthType +>; + +export const VendorsControllerDeleteVendorV1AuthType$zodSchema = z.enum([ + "api-key", + "session", +]).describe("How the request was authenticated"); + export type VendorsControllerDeleteVendorV1Request = { id: string }; export const VendorsControllerDeleteVendorV1Request$zodSchema: z.ZodType< @@ -64,25 +83,6 @@ export const DeletedVendor$zodSchema: z.ZodType = z.object({ name: z.string().optional().describe("Deleted vendor name"), }); -/** - * How the request was authenticated - */ -export const VendorsControllerDeleteVendorV1AuthType = { - ApiKey: "api-key", - Session: "session", -} as const; -/** - * How the request was authenticated - */ -export type VendorsControllerDeleteVendorV1AuthType = ClosedEnum< - typeof VendorsControllerDeleteVendorV1AuthType ->; - -export const VendorsControllerDeleteVendorV1AuthType$zodSchema = z.enum([ - "api-key", - "session", -]).describe("How the request was authenticated"); - /** * User information (only for session auth) */ diff --git a/apps/mcp-server/src/models/vendorscontrollergetallvendorsv1op.ts b/apps/mcp-server/src/models/vendorscontrollergetallvendorsv1op.ts index 549818dcb9..f84d277c63 100644 --- a/apps/mcp-server/src/models/vendorscontrollergetallvendorsv1op.ts +++ b/apps/mcp-server/src/models/vendorscontrollergetallvendorsv1op.ts @@ -5,46 +5,6 @@ import * as z from "zod"; import { ClosedEnum } from "../types/enums.js"; -/** - * Internal server error - */ -export type VendorsControllerGetAllVendorsV1InternalServerErrorResponseBody = { - message?: string | undefined; -}; - -export const VendorsControllerGetAllVendorsV1InternalServerErrorResponseBody$zodSchema: - z.ZodType = z - .object({ - message: z.string().optional(), - }).describe("Internal server error"); - -/** - * Organization not found - */ -export type VendorsControllerGetAllVendorsV1NotFoundResponseBody = { - message?: string | undefined; -}; - -export const VendorsControllerGetAllVendorsV1NotFoundResponseBody$zodSchema: - z.ZodType = z.object({ - message: z.string().optional(), - }).describe("Organization not found"); - -/** - * Unauthorized - Invalid authentication or insufficient permissions - */ -export type VendorsControllerGetAllVendorsV1UnauthorizedResponseBody = { - message?: string | undefined; -}; - -export const VendorsControllerGetAllVendorsV1UnauthorizedResponseBody$zodSchema: - z.ZodType = z - .object({ - message: z.string().optional(), - }).describe( - "Unauthorized - Invalid authentication or insufficient permissions", - ); - export const VendorsControllerGetAllVendorsV1Category = { Cloud: "cloud", Infrastructure: "infrastructure", @@ -163,6 +123,65 @@ export const VendorsControllerGetAllVendorsV1ResidualImpact$zodSchema = z.enum([ "severe", ]); +/** + * How the request was authenticated + */ +export const VendorsControllerGetAllVendorsV1AuthType = { + ApiKey: "api-key", + Session: "session", +} as const; +/** + * How the request was authenticated + */ +export type VendorsControllerGetAllVendorsV1AuthType = ClosedEnum< + typeof VendorsControllerGetAllVendorsV1AuthType +>; + +export const VendorsControllerGetAllVendorsV1AuthType$zodSchema = z.enum([ + "api-key", + "session", +]).describe("How the request was authenticated"); + +/** + * Internal server error + */ +export type VendorsControllerGetAllVendorsV1InternalServerErrorResponseBody = { + message?: string | undefined; +}; + +export const VendorsControllerGetAllVendorsV1InternalServerErrorResponseBody$zodSchema: + z.ZodType = z + .object({ + message: z.string().optional(), + }).describe("Internal server error"); + +/** + * Organization not found + */ +export type VendorsControllerGetAllVendorsV1NotFoundResponseBody = { + message?: string | undefined; +}; + +export const VendorsControllerGetAllVendorsV1NotFoundResponseBody$zodSchema: + z.ZodType = z.object({ + message: z.string().optional(), + }).describe("Organization not found"); + +/** + * Unauthorized - Invalid authentication or insufficient permissions + */ +export type VendorsControllerGetAllVendorsV1UnauthorizedResponseBody = { + message?: string | undefined; +}; + +export const VendorsControllerGetAllVendorsV1UnauthorizedResponseBody$zodSchema: + z.ZodType = z + .object({ + message: z.string().optional(), + }).describe( + "Unauthorized - Invalid authentication or insufficient permissions", + ); + export type VendorsControllerGetAllVendorsV1Data = { id?: string | undefined; name?: string | undefined; @@ -211,25 +230,6 @@ export const VendorsControllerGetAllVendorsV1Data$zodSchema: z.ZodType< website: z.string().nullable().optional(), }); -/** - * How the request was authenticated - */ -export const VendorsControllerGetAllVendorsV1AuthType = { - ApiKey: "api-key", - Session: "session", -} as const; -/** - * How the request was authenticated - */ -export type VendorsControllerGetAllVendorsV1AuthType = ClosedEnum< - typeof VendorsControllerGetAllVendorsV1AuthType ->; - -export const VendorsControllerGetAllVendorsV1AuthType$zodSchema = z.enum([ - "api-key", - "session", -]).describe("How the request was authenticated"); - /** * User information (only for session auth) */ diff --git a/apps/mcp-server/src/models/vendorscontrollergetvendorbyidv1op.ts b/apps/mcp-server/src/models/vendorscontrollergetvendorbyidv1op.ts index c4bb0327b9..353b5dcc19 100644 --- a/apps/mcp-server/src/models/vendorscontrollergetvendorbyidv1op.ts +++ b/apps/mcp-server/src/models/vendorscontrollergetvendorbyidv1op.ts @@ -5,54 +5,6 @@ import * as z from "zod"; import { ClosedEnum } from "../types/enums.js"; -export type VendorsControllerGetVendorByIdV1Request = { id: string }; - -export const VendorsControllerGetVendorByIdV1Request$zodSchema: z.ZodType< - VendorsControllerGetVendorByIdV1Request -> = z.object({ - id: z.string().describe("Vendor ID"), -}); - -/** - * Internal server error - */ -export type VendorsControllerGetVendorByIdV1InternalServerErrorResponseBody = { - message?: string | undefined; -}; - -export const VendorsControllerGetVendorByIdV1InternalServerErrorResponseBody$zodSchema: - z.ZodType = z - .object({ - message: z.string().optional(), - }).describe("Internal server error"); - -/** - * Vendor not found - */ -export type VendorsControllerGetVendorByIdV1NotFoundResponseBody = { - message?: string | undefined; -}; - -export const VendorsControllerGetVendorByIdV1NotFoundResponseBody$zodSchema: - z.ZodType = z.object({ - message: z.string().optional(), - }).describe("Vendor not found"); - -/** - * Unauthorized - Invalid authentication or insufficient permissions - */ -export type VendorsControllerGetVendorByIdV1UnauthorizedResponseBody = { - message?: string | undefined; -}; - -export const VendorsControllerGetVendorByIdV1UnauthorizedResponseBody$zodSchema: - z.ZodType = z - .object({ - message: z.string().optional(), - }).describe( - "Unauthorized - Invalid authentication or insufficient permissions", - ); - export const VendorsControllerGetVendorByIdV1Category = { Cloud: "cloud", Infrastructure: "infrastructure", @@ -190,6 +142,54 @@ export const VendorsControllerGetVendorByIdV1AuthType$zodSchema = z.enum([ "session", ]).describe("How the request was authenticated"); +export type VendorsControllerGetVendorByIdV1Request = { id: string }; + +export const VendorsControllerGetVendorByIdV1Request$zodSchema: z.ZodType< + VendorsControllerGetVendorByIdV1Request +> = z.object({ + id: z.string().describe("Vendor ID"), +}); + +/** + * Internal server error + */ +export type VendorsControllerGetVendorByIdV1InternalServerErrorResponseBody = { + message?: string | undefined; +}; + +export const VendorsControllerGetVendorByIdV1InternalServerErrorResponseBody$zodSchema: + z.ZodType = z + .object({ + message: z.string().optional(), + }).describe("Internal server error"); + +/** + * Vendor not found + */ +export type VendorsControllerGetVendorByIdV1NotFoundResponseBody = { + message?: string | undefined; +}; + +export const VendorsControllerGetVendorByIdV1NotFoundResponseBody$zodSchema: + z.ZodType = z.object({ + message: z.string().optional(), + }).describe("Vendor not found"); + +/** + * Unauthorized - Invalid authentication or insufficient permissions + */ +export type VendorsControllerGetVendorByIdV1UnauthorizedResponseBody = { + message?: string | undefined; +}; + +export const VendorsControllerGetVendorByIdV1UnauthorizedResponseBody$zodSchema: + z.ZodType = z + .object({ + message: z.string().optional(), + }).describe( + "Unauthorized - Invalid authentication or insufficient permissions", + ); + /** * User information (only for session auth) */ diff --git a/apps/mcp-server/src/models/vendorscontrollerupdatevendorv1op.ts b/apps/mcp-server/src/models/vendorscontrollerupdatevendorv1op.ts index d89990b1a3..b28276e362 100644 --- a/apps/mcp-server/src/models/vendorscontrollerupdatevendorv1op.ts +++ b/apps/mcp-server/src/models/vendorscontrollerupdatevendorv1op.ts @@ -9,75 +9,6 @@ import { UpdateVendorDto$zodSchema, } from "./updatevendordto.js"; -export type VendorsControllerUpdateVendorV1Request = { - id: string; - body: UpdateVendorDto; -}; - -export const VendorsControllerUpdateVendorV1Request$zodSchema: z.ZodType< - VendorsControllerUpdateVendorV1Request -> = z.object({ - body: UpdateVendorDto$zodSchema.describe("Vendor update data"), - id: z.string().describe("Vendor ID"), -}); - -/** - * Internal server error - */ -export type VendorsControllerUpdateVendorV1InternalServerErrorResponseBody = { - message?: string | undefined; -}; - -export const VendorsControllerUpdateVendorV1InternalServerErrorResponseBody$zodSchema: - z.ZodType = z - .object({ - message: z.string().optional(), - }).describe("Internal server error"); - -/** - * Vendor not found - */ -export type VendorsControllerUpdateVendorV1NotFoundResponseBody = { - message?: string | undefined; -}; - -export const VendorsControllerUpdateVendorV1NotFoundResponseBody$zodSchema: - z.ZodType = z.object({ - message: z.string().optional(), - }).describe("Vendor not found"); - -/** - * Unauthorized - Invalid authentication or insufficient permissions - */ -export type VendorsControllerUpdateVendorV1UnauthorizedResponseBody = { - message?: string | undefined; -}; - -export const VendorsControllerUpdateVendorV1UnauthorizedResponseBody$zodSchema: - z.ZodType = z.object( - { - message: z.string().optional(), - }, - ).describe( - "Unauthorized - Invalid authentication or insufficient permissions", - ); - -/** - * Bad request - Invalid input data - */ -export type VendorsControllerUpdateVendorV1BadRequestResponseBody = { - message?: Array | undefined; - error?: string | undefined; - statusCode?: number | undefined; -}; - -export const VendorsControllerUpdateVendorV1BadRequestResponseBody$zodSchema: - z.ZodType = z.object({ - error: z.string().optional(), - message: z.array(z.string()).optional(), - statusCode: z.number().optional(), - }).describe("Bad request - Invalid input data"); - export const VendorsControllerUpdateVendorV1Category = { Cloud: "cloud", Infrastructure: "infrastructure", @@ -215,6 +146,75 @@ export const VendorsControllerUpdateVendorV1AuthType$zodSchema = z.enum([ "session", ]).describe("How the request was authenticated"); +export type VendorsControllerUpdateVendorV1Request = { + id: string; + body: UpdateVendorDto; +}; + +export const VendorsControllerUpdateVendorV1Request$zodSchema: z.ZodType< + VendorsControllerUpdateVendorV1Request +> = z.object({ + body: UpdateVendorDto$zodSchema.describe("Vendor update data"), + id: z.string().describe("Vendor ID"), +}); + +/** + * Internal server error + */ +export type VendorsControllerUpdateVendorV1InternalServerErrorResponseBody = { + message?: string | undefined; +}; + +export const VendorsControllerUpdateVendorV1InternalServerErrorResponseBody$zodSchema: + z.ZodType = z + .object({ + message: z.string().optional(), + }).describe("Internal server error"); + +/** + * Vendor not found + */ +export type VendorsControllerUpdateVendorV1NotFoundResponseBody = { + message?: string | undefined; +}; + +export const VendorsControllerUpdateVendorV1NotFoundResponseBody$zodSchema: + z.ZodType = z.object({ + message: z.string().optional(), + }).describe("Vendor not found"); + +/** + * Unauthorized - Invalid authentication or insufficient permissions + */ +export type VendorsControllerUpdateVendorV1UnauthorizedResponseBody = { + message?: string | undefined; +}; + +export const VendorsControllerUpdateVendorV1UnauthorizedResponseBody$zodSchema: + z.ZodType = z.object( + { + message: z.string().optional(), + }, + ).describe( + "Unauthorized - Invalid authentication or insufficient permissions", + ); + +/** + * Bad request - Invalid input data + */ +export type VendorsControllerUpdateVendorV1BadRequestResponseBody = { + message?: Array | undefined; + error?: string | undefined; + statusCode?: number | undefined; +}; + +export const VendorsControllerUpdateVendorV1BadRequestResponseBody$zodSchema: + z.ZodType = z.object({ + error: z.string().optional(), + message: z.array(z.string()).optional(), + statusCode: z.number().optional(), + }).describe("Bad request - Invalid input data"); + /** * User information (only for session auth) */ diff --git a/apps/mcp-server/src/tool-names.ts b/apps/mcp-server/src/tool-names.ts index 10a3e6a2d8..9a9ccbe30b 100644 --- a/apps/mcp-server/src/tool-names.ts +++ b/apps/mcp-server/src/tool-names.ts @@ -104,6 +104,10 @@ export const toolNames: Array<{ name: string; description: string }>= [ "name": "delete-member", "description": "Delete member\n\nPermanently removes a member from the organization. This action cannot be undone." }, + { + "name": "get-member-access", + "description": "Member's access across connected integrations\n\nAggregates the latest Employee Access check results from every connected integration bound to the Employee Access task, matched to the member by email." + }, { "name": "get-training-videos", "description": "Get training video completions for a member\n\nGet training video completions for a member in Comp AI. Invite and manage workforce members, training status, device compliance, email preferences, and employee evidence records." @@ -156,6 +160,258 @@ export const toolNames: Array<{ name: string; description: string }>= [ "name": "create-upload-url", "description": "Get a presigned URL to upload a file\n\nReturns a presigned S3 URL plus the s3Key the file lands at. PUT the raw file bytes to that URL, then call the feature tool (e.g. upload-and-parse) with the s3Key instead of sending file data. Bytes never pass through the LLM." }, + { + "name": "list-providers", + "description": "List integration providers\n\nList available integration providers that can connect to the organization for automated evidence collection and compliance checks." + }, + { + "name": "get-provider", + "description": "Get an integration provider by slug\n\nGet an integration provider by slug in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "list-connections", + "description": "List integration connections\n\nList integration connections in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "create-connection", + "description": "Create integration connection\n\nCreate an integration connection so Comp AI can collect evidence, run checks, or sync data from a connected provider." + }, + { + "name": "get-connection", + "description": "Get an integration connection by ID\n\nGet an integration connection by ID in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "delete-connection", + "description": "Delete an integration connection\n\nDelete an integration connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "update-connection", + "description": "Update an integration connection\n\nUpdate an integration connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "test-connection", + "description": "Test an integration connection\n\nTest an integration connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "pause-connection", + "description": "Pause an integration connection\n\nPause an integration connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "resume-connection", + "description": "Resume an integration connection\n\nResume an integration connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "disconnect-connection", + "description": "Disconnect an integration\n\nDisconnect an integration in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "update-connection-services", + "description": "Set services enabled on a connection\n\nSet services enabled on a connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "get-connection-services", + "description": "List services enabled on a connection\n\nList services enabled on a connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "list-provider-checks", + "description": "List check definitions for a provider\n\nList check definitions for a provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "list-connection-checks", + "description": "List checks for a connection\n\nList checks for a connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "run-connection-checks", + "description": "Run integration checks\n\nRun all compliance checks for an integration connection and capture results as automated evidence." + }, + { + "name": "run-single-check", + "description": "Run a single check on a connection\n\nRun a single check on a connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "get-provider-variables", + "description": "List variable definitions for a provider\n\nList variable definitions for a provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "get-connection-variables", + "description": "List connection variables\n\nList connection variables in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "save-connection-variables", + "description": "Update connection variables\n\nUpdate connection variables in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "fetch-variable-options", + "description": "Get options for a connection variable\n\nGet options for a connection variable in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "get-checks-for-task-template", + "description": "List checks for a task template\n\nList checks for a task template in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "get-checks-for-task", + "description": "List checks attached to a task\n\nList checks attached to a task in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "run-check-for-task", + "description": "Run a check for a task\n\nRun a check for a task in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "disconnect-check-from-task", + "description": "Disconnect checks from a task\n\nDisconnect checks from a task in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "reconnect-check-to-task", + "description": "Reconnect checks to a task\n\nReconnect checks to a task in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "get-task-check-runs", + "description": "List check runs for a task\n\nList check runs for a task in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "sync-google-workspace-employees", + "description": "Sync Google Workspace employees\n\nSync Google Workspace employees in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "get-google-workspace-status", + "description": "Get Google Workspace sync status\n\nGet Google Workspace sync status in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "sync-rippling-employees", + "description": "Sync Rippling employees\n\nSync Rippling employees in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "get-rippling-status", + "description": "Get Rippling sync status\n\nGet Rippling sync status in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "sync-jump-cloud-employees", + "description": "Sync JumpCloud employees\n\nSync JumpCloud employees in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "get-jump-cloud-status", + "description": "Get JumpCloud sync status\n\nGet JumpCloud sync status in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "get-employee-sync-provider", + "description": "Get the currently configured employee sync provider\n\nGet the currently configured employee sync provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "set-employee-sync-provider", + "description": "Set the employee sync provider\n\nSet the employee sync provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "get-device-sync-provider", + "description": "Get the currently configured device sync provider\n\nGet the currently configured device sync provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "set-device-sync-provider", + "description": "Set the device sync provider\n\nSet the device sync provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "get-available-sync-providers", + "description": "List sync providers available to the org\n\nList sync providers available to the org in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "sync-dynamic-provider-employees", + "description": "Sync employees for a dynamic provider\n\nSync employees for a dynamic provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "sync-dynamic-provider-devices", + "description": "Sync devices for a dynamic provider\n\nSync devices for a dynamic provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "get-two-factor-source", + "description": "Get the configured 2FA source provider\n\nGet the configured 2FA source provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "set-two-factor-source", + "description": "Set the 2FA source provider\n\nSet the 2FA source provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "get-available-two-factor-sources", + "description": "List integrations that can supply per-user 2FA status\n\nList integrations that can supply per-user 2FA status in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "get-two-factor-statuses", + "description": "Per-user 2FA status from the configured source\n\nPer-user 2FA status from the configured source in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." + }, + { + "name": "get-activity", + "description": "List recent cloud security activity\n\nList recent cloud security activity in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." + }, + { + "name": "get-providers", + "description": "List supported cloud providers\n\nList supported cloud providers in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." + }, + { + "name": "get-findings", + "description": "List cloud security findings\n\nList cloud security findings discovered by scans so teams can prioritize remediation before issues become audit findings." + }, + { + "name": "mark-finding-as-exception", + "description": "Mark a finding as an exception so it no longer appears in the active Scan Results list\n\nAccepts session, API key, or service token auth. For API key / service token callers without an explicit user attribution, the action is attributed to the org's owner and the audit log description records the calling key/service name." + }, + { + "name": "update-aws-scan-mode", + "description": "Switch the AWS scan engine for a connection (Comp AI scanners ↔ Security Hub)\n\nAccepts session, API key, or service token auth. For API key / service token callers without an explicit user attribution, the action is attributed to the org's owner." + }, + { + "name": "revoke-exception", + "description": "Revoke an exception, reopening the finding\n\nAccepts session, API key, or service token auth. For API key / service token callers without an explicit user attribution, the action is attributed to the org's owner." + }, + { + "name": "get-history", + "description": "List resolution, exception, and regression history for a connection\n\nList resolution, exception, and regression history for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." + }, + { + "name": "get-check-definition", + "description": "Resolve the \"About this check\" description for a finding (AI-cached for AWS; provider-derived for GCP/Azure)\n\nResolve the \"About this check\" description for a finding (AI-cached for AWS; provider-derived for GCP/Azure) in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture." + }, + { + "name": "resolve-session", + "description": "Resolve short-lived AWS credentials for a connection (internal only)\n\nResolve short-lived AWS credentials for a connection (internal only) in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." + }, + { + "name": "scan", + "description": "Run cloud security scan\n\nTrigger a cloud security scan for a connected AWS, Azure, or GCP account and collect findings for compliance remediation." + }, + { + "name": "detect-services", + "description": "Detect available cloud services for a connection\n\nDetect available cloud services for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." + }, + { + "name": "detect-gcp-org", + "description": "Detect the GCP organization for a connection\n\nDetect the GCP organization for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." + }, + { + "name": "select-gcp-projects", + "description": "Select GCP projects for a connection\n\nSelect GCP projects for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." + }, + { + "name": "setup-gcp", + "description": "Set up GCP for a connection\n\nSet up GCP for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." + }, + { + "name": "resolve-gcp-setup-step", + "description": "Resolve a GCP setup step\n\nResolve a GCP setup step in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." + }, + { + "name": "setup-azure", + "description": "Set up Azure for a connection\n\nSet up Azure for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." + }, + { + "name": "validate-azure", + "description": "Validate Azure credentials for a connection\n\nValidate Azure credentials for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." + }, + { + "name": "trigger-scan", + "description": "Trigger a cloud security run for a connection\n\nTrigger a cloud security run for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." + }, + { + "name": "get-run-status", + "description": "Get a cloud security scan run by ID\n\nGet a cloud security scan run by ID in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." + }, { "name": "get-all-risks", "description": "List organization risks\n\nList organization risks with owners, departments, severity, mitigation status, and evidence for risk management reporting." @@ -620,6 +876,10 @@ export const toolNames: Array<{ name: string; description: string }>= [ "name": "update-frameworks", "description": "Update trust portal framework settings\n\nUpdate trust portal framework settings in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures." }, + { + "name": "update-security-questionnaire", + "description": "Show or hide the Security Questionnaire on the public trust portal\n\nShow or hide the Security Questionnaire on the public trust portal in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures." + }, { "name": "list-custom-frameworks", "description": "List org-authored custom frameworks with their trust portal selection\n\nList org-authored custom frameworks with their trust portal selection in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures." @@ -724,6 +984,10 @@ export const toolNames: Array<{ name: string; description: string }>= [ "name": "get-public-overview", "description": "Get Trust Center overview\n\nRetrieve the published Trust Center overview for an organization, including public security posture messaging." }, + { + "name": "get-public-security-questionnaire", + "description": "Get Security Questionnaire visibility for a trust portal\n\nWhether the org offers the AI-assisted Security Questionnaire on its public trust portal. Defaults to enabled when the portal can't be resolved." + }, { "name": "get-public-custom-links", "description": "List Trust Center custom links\n\nList published custom links shown on an organization Trust Center for customer security and compliance reviews." @@ -956,6 +1220,10 @@ export const toolNames: Array<{ name: string; description: string }>= [ "name": "drift", "description": "Detect drift against the approved snapshot\n\nDetect drift against the approved snapshot in Comp AI." }, + { + "name": "get-versions", + "description": "List an ISMS document's published version history\n\nList an ISMS document's published version history in Comp AI." + }, { "name": "isms-export-document", "description": "Export an ISMS document as PDF or DOCX\n\nExport an ISMS document as PDF or DOCX in Comp AI." @@ -988,242 +1256,6 @@ export const toolNames: Array<{ name: string; description: string }>= [ "name": "generate-all", "description": "Ensure and regenerate all ISMS documents\n\nEnsure and regenerate all ISMS documents in Comp AI." }, - { - "name": "list-providers", - "description": "List integration providers\n\nList available integration providers that can connect to the organization for automated evidence collection and compliance checks." - }, - { - "name": "get-provider", - "description": "Get an integration provider by slug\n\nGet an integration provider by slug in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "list-connections", - "description": "List integration connections\n\nList integration connections in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "create-connection", - "description": "Create integration connection\n\nCreate an integration connection so Comp AI can collect evidence, run checks, or sync data from a connected provider." - }, - { - "name": "get-connection", - "description": "Get an integration connection by ID\n\nGet an integration connection by ID in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "delete-connection", - "description": "Delete an integration connection\n\nDelete an integration connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "update-connection", - "description": "Update an integration connection\n\nUpdate an integration connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "test-connection", - "description": "Test an integration connection\n\nTest an integration connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "pause-connection", - "description": "Pause an integration connection\n\nPause an integration connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "resume-connection", - "description": "Resume an integration connection\n\nResume an integration connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "disconnect-connection", - "description": "Disconnect an integration\n\nDisconnect an integration in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "update-connection-services", - "description": "Set services enabled on a connection\n\nSet services enabled on a connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "get-connection-services", - "description": "List services enabled on a connection\n\nList services enabled on a connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "list-provider-checks", - "description": "List check definitions for a provider\n\nList check definitions for a provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "list-connection-checks", - "description": "List checks for a connection\n\nList checks for a connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "run-connection-checks", - "description": "Run integration checks\n\nRun all compliance checks for an integration connection and capture results as automated evidence." - }, - { - "name": "run-single-check", - "description": "Run a single check on a connection\n\nRun a single check on a connection in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "get-provider-variables", - "description": "List variable definitions for a provider\n\nList variable definitions for a provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "get-connection-variables", - "description": "List connection variables\n\nList connection variables in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "save-connection-variables", - "description": "Update connection variables\n\nUpdate connection variables in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "fetch-variable-options", - "description": "Get options for a connection variable\n\nGet options for a connection variable in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "get-checks-for-task-template", - "description": "List checks for a task template\n\nList checks for a task template in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "get-checks-for-task", - "description": "List checks attached to a task\n\nList checks attached to a task in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "run-check-for-task", - "description": "Run a check for a task\n\nRun a check for a task in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "disconnect-check-from-task", - "description": "Disconnect checks from a task\n\nDisconnect checks from a task in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "reconnect-check-to-task", - "description": "Reconnect checks to a task\n\nReconnect checks to a task in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "get-task-check-runs", - "description": "List check runs for a task\n\nList check runs for a task in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "sync-google-workspace-employees", - "description": "Sync Google Workspace employees\n\nSync Google Workspace employees in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "get-google-workspace-status", - "description": "Get Google Workspace sync status\n\nGet Google Workspace sync status in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "sync-rippling-employees", - "description": "Sync Rippling employees\n\nSync Rippling employees in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "get-rippling-status", - "description": "Get Rippling sync status\n\nGet Rippling sync status in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "sync-jump-cloud-employees", - "description": "Sync JumpCloud employees\n\nSync JumpCloud employees in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "get-jump-cloud-status", - "description": "Get JumpCloud sync status\n\nGet JumpCloud sync status in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "get-employee-sync-provider", - "description": "Get the currently configured employee sync provider\n\nGet the currently configured employee sync provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "set-employee-sync-provider", - "description": "Set the employee sync provider\n\nSet the employee sync provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "get-device-sync-provider", - "description": "Get the currently configured device sync provider\n\nGet the currently configured device sync provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "set-device-sync-provider", - "description": "Set the device sync provider\n\nSet the device sync provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "get-available-sync-providers", - "description": "List sync providers available to the org\n\nList sync providers available to the org in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "sync-dynamic-provider-employees", - "description": "Sync employees for a dynamic provider\n\nSync employees for a dynamic provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "sync-dynamic-provider-devices", - "description": "Sync devices for a dynamic provider\n\nSync devices for a dynamic provider in Comp AI. Connect vendor systems, configure OAuth apps, run compliance checks, sync employees, manage variables, and collect automated evidence." - }, - { - "name": "get-activity", - "description": "List recent cloud security activity\n\nList recent cloud security activity in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." - }, - { - "name": "get-providers", - "description": "List supported cloud providers\n\nList supported cloud providers in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." - }, - { - "name": "get-findings", - "description": "List cloud security findings\n\nList cloud security findings discovered by scans so teams can prioritize remediation before issues become audit findings." - }, - { - "name": "mark-finding-as-exception", - "description": "Mark a finding as an exception so it no longer appears in the active Scan Results list\n\nAccepts session, API key, or service token auth. For API key / service token callers without an explicit user attribution, the action is attributed to the org's owner and the audit log description records the calling key/service name." - }, - { - "name": "update-aws-scan-mode", - "description": "Switch the AWS scan engine for a connection (Comp AI scanners ↔ Security Hub)\n\nAccepts session, API key, or service token auth. For API key / service token callers without an explicit user attribution, the action is attributed to the org's owner." - }, - { - "name": "revoke-exception", - "description": "Revoke an exception, reopening the finding\n\nAccepts session, API key, or service token auth. For API key / service token callers without an explicit user attribution, the action is attributed to the org's owner." - }, - { - "name": "get-history", - "description": "List resolution, exception, and regression history for a connection\n\nList resolution, exception, and regression history for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." - }, - { - "name": "get-check-definition", - "description": "Resolve the \"About this check\" description for a finding (AI-cached for AWS; provider-derived for GCP/Azure)\n\nResolve the \"About this check\" description for a finding (AI-cached for AWS; provider-derived for GCP/Azure) in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture." - }, - { - "name": "resolve-session", - "description": "Resolve short-lived AWS credentials for a connection (internal only)\n\nResolve short-lived AWS credentials for a connection (internal only) in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." - }, - { - "name": "scan", - "description": "Run cloud security scan\n\nTrigger a cloud security scan for a connected AWS, Azure, or GCP account and collect findings for compliance remediation." - }, - { - "name": "detect-services", - "description": "Detect available cloud services for a connection\n\nDetect available cloud services for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." - }, - { - "name": "detect-gcp-org", - "description": "Detect the GCP organization for a connection\n\nDetect the GCP organization for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." - }, - { - "name": "select-gcp-projects", - "description": "Select GCP projects for a connection\n\nSelect GCP projects for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." - }, - { - "name": "setup-gcp", - "description": "Set up GCP for a connection\n\nSet up GCP for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." - }, - { - "name": "resolve-gcp-setup-step", - "description": "Resolve a GCP setup step\n\nResolve a GCP setup step in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." - }, - { - "name": "setup-azure", - "description": "Set up Azure for a connection\n\nSet up Azure for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." - }, - { - "name": "validate-azure", - "description": "Validate Azure credentials for a connection\n\nValidate Azure credentials for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." - }, - { - "name": "trigger-scan", - "description": "Trigger a cloud security run for a connection\n\nTrigger a cloud security run for a connection in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." - }, - { - "name": "get-run-status", - "description": "Get a cloud security scan run by ID\n\nGet a cloud security scan run by ID in Comp AI. Run AWS, Azure, and GCP cloud security scans, detect enabled services, review findings, and connect cloud posture results to compliance work." - }, { "name": "get-task-items-stats", "description": "Get task items statistics for an entity\n\nGet task items statistics for an entity in Comp AI. Manage task items and attachments linked to operational entities such as risks and vendors."