• Platform
    • Overview
      • Risk Cloud Overview
      • Features
      • Services & Support
      • Pricing
    • Capabilities
      • Reporting & Analytics
      • Risk Quantificaton
      • Integrations & API
      • Risk Cloud Exchange
      • Platform Security
    • img
      See why Risk Cloud was rated the #1 GRC platform on the G2 Grid for Spring 2023.
      Learn more
  • Solutions
    • _separator
      • Cyber Risk & Controls Compliance
      • Enterprise Risk Management
      • Third-Party Risk Management
      • Controls Compliance
      • Policy Management
    • _separator
      • Regulatory Compliance
      • Data Privacy
      • Operational Resiliency
      • Environmental, Social & Governance
      • Internal Audit
    • 10 Purpose-Built GRC Solutions. One Connected Platform.
      View All Solutions
  • Industries
    • _separator
      • Industries Overview
      • Software
      • FinTech
      • Telecom
      • Banking
    • _separator
      • Insurance
      • Investment Services
      • Hospitals & Health Systems
      • Pharmaceuticals
      • Medical Devices
    • _separator
      • Oil & Gas
      • Utilities
      • Alternative Energy
  • Company
    • _separator
      • About Us
      • Careers
      • Leadership
      • Partners
    • _separator
      • News
      • Trust & Security
      • Contact Us
    • img
      See why Risk Cloud was rated the #1 GRC platform on the G2 Grid for Spring 2023.
      Learn More
  • Resources
    • Risk Cloud Help
      • Help Center
      • Developer Portal
    • Learn + Connect
      • Blog
      • Customer Stories
      • Resources
      • Events
      • Podcast
    • img
      KRIs for ERM: Developing Metrics for Managing Enterprise Risk
      Get the Guide
Request A Demo
img
See why Risk Cloud was rated the #1 GRC platform on the G2 Grid for Spring 2023.
Learn more

Documentation

Menu

  • Quick Start Guides
    • Risk Cloud API: Getting Started
    • Risk Cloud PowerBI Connection
    • Risk Cloud Webhooks
  • API Usage Guides
    • Risk Cloud API: Automated Evidence Collection
    • Risk Cloud API: Pagination
    • Risk Cloud API: Record Search
    • Risk Cloud API: Authentication
    • Risk Cloud API: Create Records
    • Risk Cloud API: Export Record Data
    • Risk Cloud API: Update Records
    • Risk Cloud API: Upload Attachments
    • Risk Cloud API: View User Access Audits
    • Risk Cloud API: View Applications, Workflows, and Steps
    • Risk Cloud API: Viewing Fields
    • Risk Cloud API: Viewing Users
    • Risk Cloud API: Create Users
  • Release Notes
    • v2023.5.1 Release Notes
    • v2023.5.0 Release Notes
    • v2021.4.0 Release Notes
    • v2021.3.0 Release Notes
    • v2021.2.0 Release Notes
    • v2021.1.0 Release Notes
  • Developer Blogs
    • Tidying Up Existing REST APIs
    • Accessibility Improvements at LogicGate
    • What Do We Look for in Developers?
    • 2 Quick Tips I’ve learned for FE Testing as a LogicGate Dev
    • Kotlin at LogicGate
    • Spring Boot with Neo4j & MySQL
  • Case Studies
  • Integrations
    • UCF Risk Cloud Connector
    • Salesforce Risk Cloud Connector
    • Jira Risk Cloud Connector
    • DocuSign Risk Cloud Connector
    • Slack Native Integration
    • ServiceNow Ticket Risk Cloud Connector
    • Google Drive Risk Cloud Connector
    • BitSight Risk Cloud Connector
    • Microsoft Teams Native Integration
    • CUBE Risk Cloud Connector
    • Vital4 Risk Cloud Connector
    • Ascent Risk Cloud Connector
    • SecurityScorecard Risk Cloud Connector
    • Tenable Risk Cloud Connector
    • Black Kite Risk Cloud Connector
  • Home
  • Developer Resources
  • API Usage Guides

Risk Cloud API: Upload Attachments

Updated on: January 17, 2022

This article will describe how to add an attachment to a Risk Cloud Record using our API.

Within Risk Cloud, you are able to add “Attachment” Fields to your Records. These Fields allow you, perhaps very obviously, to attach files. Customers use these Fields in order to upload evidence, add documents for employee attestation, and many additional use cases.

In this article, we will walk through three steps needed to attach a document using Risk Cloud API:

  1. Obtain the FIELD_ID where you would like to upload an attachment

  2. Upload a file via a POST /api/v1/attachments?field={FIELD_ID} request

  3. Attach the file to your specific record via a POST /api/v1/valueMaps?record={RECORD_ID} request

Obtaining proper API Authentication

Prior to any interaction with Risk Cloud’s APIs we will need to set the authorization header. Instructions on how this can be accomplished can be found here.

Step 1: Obtain the FIELD_ID

In the first step, we will be running a series of requests in order to determine the FIELD_ID where we would like to upload our attachment. If you already know your FIELD_ID from obtaining it in the Field Edit menu of your Risk Cloud environment, you may continue to Step 2.

First, we need to determine the WORKFLOW_ID of the workflow that contains our field. To do this, you can send the following GET request:

GET/api/v1/workflows

This will return an array of workflow objects, each looking like this:

{
        "id": "WORKFLOW_ID",
        "name": TABLE REPORT NAME,
        "recordPrefix": null,
        "allowGroups": false,
        "requireGroups": false,
        "xpos": 177,
        "ypos": 156,
        "priority": 0,
        "sla": {
            "enabled": false,
            "duration": 0
        },
        "steps": [
            {
                "stepType": "Origin",
                "id": "xt2X0dSM",
                "name": "Default Origin",
                "stepType": "Origin",
                "priority": 1,
                "allowEntitlements": true,
                "xpos": 55,
                "ypos": 55,
                "isPublic": false,
                "sla": {
                    "enabled": false,
                    "duration": 0
                },
                "chain": false,
                "origin": true,
                "end": false
            },
            {
                "stepType": "End",
                "id": "Y5B1k7yq",
                "name": "Default End",
                "stepType": "End",
                "priority": 2,
                "allowEntitlements": true,
                "xpos": 200,
                "ypos": 55,
                "isPublic": false,
                "sla": {
                    "enabled": false,
                    "duration": 0
                },
                "chain": false,
                "origin": false,
                "end": true
            }
        ]
    }

After identifying the Workflow that contains the Field you would like to add an attachment to, you can take the “id” from this object as your WORKFLOW_ID.

Now that we have our WORKFLOW_ID, we can send a request to find the specific Field where we want to add an attachment. To do this, we will send the following GET request:

GET/api/v1/fields/workflow/{WORKFLOW_ID}/values

This request will return an array of field objects, similar to this object:

{
        "fieldType": "TEXT_AREA",
        "id": "FIELD ID",
        "name": "text1",
        "label": "text1",
        "tooltip": null,
        "currentValues": [],
        "operators": [
            "NULL",
            "NOT_NULL",
            "EQUALS",
            "NOT_EQUALS",
            "CONTAINS",
            "DOES_NOT_CONTAIN"
        ],
        "convertibleTo": [
            "TEXT"
        ],
        "pattern": null,
        "message": null,
        "hasHtml": false,
        "fieldType": "TEXT_AREA",
        "valueType": "Common",
        "validTypeForCalculationInput": false,
        "discrete": false,
        "global": false
    }

Once you identify the Field where you would like to add an attachment, you can take the “id” value as your FIELD_ID for the subsequent steps.

Step 2: Upload the file

In this step, we will use the FIELD_ID found in step one to upload our attachment.

The file can be sent in the request using the  multipart/form-data content type with a key named file and a value of the attachment file (often represented by HTTP request libraries or tools as the path to the file).

A cURL sample is demonstrated below:

curl --location 'https://your-company.logicgate.com/api/v1/attachments?field={FIELD_ID}' \\
--header 'Authorization: Bearer {API_TOKEN}' \\
--form '[email protected]"/the/path/to/attachment.pdf"'

Once you have built this body, you can send it using the following POST request:

POST/api/v1/attachments?field={FIELD_ID}

The response should look like this:

{
    "attachmentStatus": "CLEAN",
    "id": "QoZy9k73",
    "valueType": "Attachment",
    "discriminator": "CLEAN",
    "textValue": "FILE NAME",
    "numericValue": 1.0,
    "isDefault": false,
    "archived": false,
    "priority": 0,
    "attachmentStatus": "CLEAN",
    "contentType": "image/png",
    "fileSize": NUMBER,
    "fileExtension": "png",
    "originalFileExtension": "png",
    "awsS3Key": "S3 KEY",
    "versionCount": 1,
    "empty": false,
    "fieldId": "EbfvwDRi"
}

Step 3: Attach the file to the record

In this final step, we will compile the information from our previous two steps in order to attach our upload to the specific record that we are interested in. We will build our POST request’s body using the following structure:

{
  "currentValues": [
      # RESPONSE FROM STEP 2
  ],
  "field": {
    "valueType": "Attachment",
    "fieldType": "ATTACHMENT",
    "id": "FIELD_ID"
  }
}

Once you build the above body, send the following POST request:

POST/api/v1/valueMaps?record={RECORD_ID}

The response should look like this:

{
    "id": "uexgD8Ej",
    "currentValues": [
        {
            "discriminator": "CLEAN",
            "id": "QoZy9k73",
            "valueType": "Attachment",
            "discriminator": "CLEAN",
            "textValue": "TEXT",
            "numericValue": 1.0,
            "isDefault": false,
            "archived": false,
            "priority": 0,
            "attachmentStatus": "CLEAN",
            "contentType": "image/png",
            "fileSize": 33517,
            "fileExtension": "png",
            "originalFileExtension": "png",
            "awsS3Key": "S3 KEY",
            "versionCount": 1,
            "empty": false,
            "fieldId": null
        }
    ],
    "field": {
        "fieldType": "ATTACHMENT",
        "id": "EbfvwDRi",
        "name": "attachment",
        "label": "attachment",
        "tooltip": null,
        "enableVersions": true,
        "validTypeForCalculationInput": false
    },
    "expressionResult": 1.0
}

After sending this final POST request, your attachment should be attached to your specified Record and Field.

For any additional questions, please reach out to [email protected]!

Read Previous API Usage Guides
Read Next API Usage Guides
  • 320 W Ohio St
    Floor 5E
    Chicago, IL 60654
  • 312-279-2775
    • LinkedIn
    • Twitter
    • Youtube
    • Facebook
  • Looking for something specific?
  • Request A Demo
  • Platform
    • Risk Cloud Overview
    • Features
    • Reporting & Analytics
    • Risk Quantification
    • Integrations & API
    • Risk Cloud Exchange
    • Services & Support
    • Pricing
  • Company
    • Careers We're hiring!
    • Executive Team
    • Partners
    • LogicGate News
    • LogicGate Trust Center
    • Contact Us
  • Resources
    • Blog
    • Email Newsletter
    • Resource Center
    • Help Center
    • Developer
  • Solutions
    • Cyber Risk & Controls Compliance
    • Enterprise Risk Management
    • Third-Party Risk Management
    • Controls Compliance
    • Regulatory Compliance
    • Data Privacy Management
    • Operational Resiliency
    • Policy Management
    • Environmental, Social & Governance
    • Internal Audit Management
    • View All Solutions
  • Industries
    • Software
    • FinTech
    • Telecom
    • Banking
    • Insurance
    • Investment Services
    • Healthcare
    • Pharmaceuticals
    • Medical Devices
    • Oil & Gas
    • Utilities
    • Alternative Energy
Also of Interest
  • Integrate, Automate, and Scale Your Risk...
  • Grow Your Relationships Not Your Risks.
  • Connect, Optimize, and Scale Your Cyber Risk...
  • LinkedIn TwitterYoutubeFacebook

Copyright © 2023. LogicGate, Inc. All rights reserved.

  • Privacy Policy
  • Information Security Overview
  • Site Map