Skip to main content
GET
/
v1
/
risks
/
{id}
Get risk by ID
curl --request GET \
  --url http://localhost:3333/v1/risks/{id} \
  --header 'X-API-Key: <api-key>'
{
  "id": "rsk_abc123def456",
  "title": "Data breach vulnerability in user authentication system",
  "description": "Weak password requirements could lead to unauthorized access to user accounts",
  "category": "technology",
  "department": "it",
  "status": "open",
  "likelihood": "possible",
  "impact": "major",
  "residualLikelihood": "unlikely",
  "residualImpact": "minor",
  "treatmentStrategyDescription": "Implement multi-factor authentication and strengthen password requirements",
  "treatmentStrategy": "mitigate",
  "organizationId": "org_abc123def456",
  "assigneeId": "mem_abc123def456",
  "createdAt": "2023-11-07T05:31:56Z",
  "updatedAt": "2023-11-07T05:31:56Z",
  "authType": "api-key",
  "authenticatedUser": {
    "id": "usr_def456ghi789",
    "email": "user@example.com"
  }
}

Authorizations

X-API-Key
string
header
required

API key for authentication

Headers

X-Organization-Id
string

Organization ID (required for session auth, optional for API key auth)

Path Parameters

id
string
required

Risk ID

Example:

"rsk_abc123def456"

Response

Risk retrieved successfully

id
string

Risk ID

Example:

"rsk_abc123def456"

title
string

Risk title

Example:

"Data breach vulnerability in user authentication system"

description
string

Risk description

Example:

"Weak password requirements could lead to unauthorized access to user accounts"

category
enum<string>
Available options:
customer,
governance,
operations,
other,
people,
regulatory,
reporting,
resilience,
technology,
vendor_management
Example:

"technology"

department
enum<string> | null
Available options:
none,
admin,
gov,
hr,
it,
itsm,
qms
Example:

"it"

status
enum<string>
Available options:
open,
pending,
closed,
archived
Example:

"open"

likelihood
enum<string>
Available options:
very_unlikely,
unlikely,
possible,
likely,
very_likely
Example:

"possible"

impact
enum<string>
Available options:
insignificant,
minor,
moderate,
major,
severe
Example:

"major"

residualLikelihood
enum<string>
Available options:
very_unlikely,
unlikely,
possible,
likely,
very_likely
Example:

"unlikely"

residualImpact
enum<string>
Available options:
insignificant,
minor,
moderate,
major,
severe
Example:

"minor"

treatmentStrategyDescription
string | null
Example:

"Implement multi-factor authentication and strengthen password requirements"

treatmentStrategy
enum<string>
Available options:
accept,
avoid,
mitigate,
transfer
Example:

"mitigate"

organizationId
string
Example:

"org_abc123def456"

assigneeId
string | null

ID of the user assigned to this risk

Example:

"mem_abc123def456"

createdAt
string<date-time>

When the risk was created

updatedAt
string<date-time>

When the risk was last updated

authType
enum<string>

How the request was authenticated

Available options:
api-key,
session
authenticatedUser
object

User information (only for session auth)