Vendors API

Manage your organization’s vendor relationships, contracts, and risk assessments.

List Vendors

Get a paginated list of all vendors.

GET `/vendors/`

curl --location GET \
--url "[YOUR_KORDON_URL]/api/v1/vendors/" \
--header "Authorization: Bearer YOUR-TOKEN"

Example Response

Status: 200

{
    "data": [
        {
            "id": "c81c5ceb-fbd4-4d68-9db5-1e019dfa7c1c",
            "assets": [],
            "contact": "Eliise Veri",
            "contract_end_date": "2025-02-28T00:00:00+00:00",
            "contract_start_date": "2025-02-01T00:00:00+00:00",
            "country": "Spain",
            "created_at": "2025-02-27T08:11:34+00:00",
            "criticality": "high",
            "description": "<p>Something something something</p>",
            "labels": [],
            "manager": {
                "id": "aa0bfcda-2fc3-4b25-801a-1c053b5459c3",
                "name": "Jaana Manana"
            },
            "owner": {
                "id": "d650d63e-538e-4aff-a1df-d9ae8346a9f5",
                "name": "Andrey Rozumnyi"
            },
            "permissions": {
                "update": true,
                "destroy": true,
                "connect": true
            },
            "personal_data_classification": "no_personal",
            "risks": [],
            "state": "active",
            "tasks": [],
            "title": "My vendor",
            "updated_at": "2025-05-12T08:33:07+00:00"
        }
    ],
    "meta": {
        "total_count": 25,
        "page": 1,
        "permissions": {
            "create": true
        },
        "per_page": "1"
    }
}

Create Vendor

Create a new vendor relationship.

POST `/vendors/`

Required Parameters:

title - Vendor name
manager_id - User ID of the vendor manager
owner_id - User ID of the vendor owner
state - Vendor state

curl --location POST \
--url "[YOUR_KORDON_URL]/api/v1/vendors/" \
--header "Authorization: Bearer YOUR-TOKEN" \
--header "Content-Type: application/json" \
--data '{
    "title": "Vendor A",
    "manager_id": "6ab0ac31-8162-4e1c-ba4d-43ad29af6ee7",
    "owner_id": "6ab0ac31-8162-4e1c-ba4d-43ad29af6ee7",
    "state": "active"
}'

Update Vendor

Update vendor information.

PATCH `/vendors/:id`

curl --location PATCH \
--url "[YOUR_KORDON_URL]/api/v1/vendors/vendor-id-here" \
--header "Authorization: Bearer YOUR-TOKEN" \
--header "Content-Type: application/json" \
--data '{
    "country": "Italy"
}'

Delete Vendor

Remove a vendor relationship.

DELETE `/vendors/:id`

curl --location DELETE \
--url "[YOUR_KORDON_URL]/api/v1/vendors/vendor-id-here" \
--header "Authorization: Bearer YOUR-TOKEN"

Vendor States

Available vendor states:

onboarding - Vendor is being set up
active - Vendor relationship is active
offboarding - Vendor is being phased out
deprecated - Vendor relationship has ended

Criticality Levels

Available criticality levels:

low - Low business impact
medium - Medium business impact
high - High business impact

Personal Data Classifications

Available personal data classifications:

no_personal - No personal data processing
limited_personal - Limited personal data processing
extensive_personal - Extensive personal data processing