Overview

The RiskLens API is designed to enable the transfer of data to and from RiskLens. If you would like to leverage quantification assessment results in your systems of record, the RiskLens API was built for you. It is available to all customers, regardless of whether you use a GRC or not.

Specification

• Type: REST

• Version: 1.0

• Authentication: OAuth2

• URLs:

  • Authentication: https://v3.risklens.com/auth/connect/token

  • API: https://v3-api.risklens.com

API Status

The RiskLens API is monitored; to view the current status of the API go to https://status.risklens.com

Today the RiskLens API supports the following:

Risk Assessments

• Read access to view Risk Assessments, including the iteration data and results (except some aggregates). Results are always for the Current result set.

• Write access to create new Risk Assessments, this can be used in combination with Subscriptions to always get the latest aggregated result

Scenarios

• Write access to create new Scenarios, including setting the scope, selecting the appropriate Loss table and Organization Group ownership, and adding optional Scenario details and loss statements.

• Write access to run and delete Scenarios

• Read access to view Scenarios, including workshop inputs, iteration data, and results (except the scenario statements). Results are always for the Current result set.

Assets

• Full read-write access, including the ability to create, view, update, and delete assets and their associated workshop inputs.

Data Helpers

• Full read-write access, including the ability to create, update, view, and delete data helpers and their associated answers. Updating a data helper answer via API will automatically rerun any scenarios subscribed to the answer.

Subscriptions

• Allows you to create objects and automatically ingest their latest details and associated results. Currently available for Risk Assessments, which enables the ability to create Risk Assessments and automatically ingest their latest results.

Note: This does not create the associated scenarios, assets, etc., it just creates the risk assessment container and enables the results ingest capability.

Organization Groups

• Read access, including a listing of all Organization Groups in the environment and their associated names, IDs, and creation dates. This enables the ability to assign objects such as Scenarios, Assets, and Data Helpers to specific Organizational Groups during creation or update.