• Platform
    • Overview
      • Risk Cloud Overview
      • Features
      • Services & Support
      • Pricing
    • Capabilities
      • Reporting & Analytics
      • Risk Quantificaton
      • Integrations & API
      • Risk Cloud Exchange
      • Platform Security
    • img
      See why Risk Cloud was rated the #1 GRC platform on the G2 Grid for Winter 2023.
      Learn more
  • Solutions
    • _separator
      • Cyber Risk & Controls Compliance
      • Enterprise Risk Management
      • Third-Party Risk Management
      • Controls Compliance
      • Policy Management
    • _separator
      • Regulatory Compliance
      • Data Privacy
      • Operational Resiliency
      • Environmental, Social & Governance
      • Internal Audit
    • 10 Purpose-Built GRC Solutions. One Connected Platform.
      View All Solutions
  • Industries
    • _separator
      • Industries Overview
      • Software
      • FinTech
      • Telecom
      • Banking
    • _separator
      • Insurance
      • Investment Services
      • Hospitals & Health Systems
      • Pharmaceuticals
      • Medical Devices
    • _separator
      • Oil & Gas
      • Utilities
      • Alternative Energy
  • Company
    • _separator
      • Our Company
      • Careers
      • Executive Team
      • Partners
    • _separator
      • LogicGate News
      • LogicGate Trust Center
      • Contact Us
    • img
      The Root of the Compliance vs Security Paradox
      Upcoming Webinar
      Register Now
  • Resources
    • Risk Cloud Help
      • Help Center
      • Developer Portal
    • Learn + Connect
      • Blog
      • Customer Stories
      • LogicGate Resources
      • LogicGate Events
      • GRC & Me Podcast
    • img
      Five Board Questions That Security and Risk Leaders Must Be Prepared to Answer
      View Report
Request A Demo
img
See why Risk Cloud was rated the #1 GRC platform on the G2 Grid for Winter 2023.
Learn more

Documentation

Menu

  • Quick Start Guides
    • Risk Cloud API: Getting Started
    • Risk Cloud PowerBI Connection
    • Risk Cloud Webhooks
  • API Usage Guides
    • Risk Cloud API: Pagination
    • Risk Cloud API: Record Search
    • Risk Cloud API: Authentication
    • Risk Cloud API: Create Records
    • Risk Cloud API: Export Record Data
    • Risk Cloud API: Update Records
    • Risk Cloud API: Upload Attachments
    • Risk Cloud API: View User Access Audits
    • Risk Cloud API: View Applications, Workflows, and Steps
    • Risk Cloud API: Viewing Fields
    • Risk Cloud API: Viewing Users
    • Risk Cloud API: Create Users
  • Release Notes
    • v2021.4.0 Release Notes
    • v2021.3.0 Release Notes
    • v2021.2.0 Release Notes
    • v2021.1.0 Release Notes
  • Developer Blogs
    • Tidying Up Existing REST APIs
    • Accessibility Improvements at LogicGate
    • What Do We Look for in Developers?
    • 2 Quick Tips I’ve learned for FE Testing as a LogicGate Dev
    • Kotlin at LogicGate
    • Spring Boot with Neo4j & MySQL
  • Case Studies
  • Integrations
    • Vital4 Risk Cloud Connector
    • Ascent Risk Cloud Connector
    • SecurityScorecard Risk Cloud Connector
    • Tenable Risk Cloud Connector
    • Black Kite Risk Cloud Connector
  • Home
  • Developer Resources
  • API Usage Guides

Risk Cloud API: Upload Attachments

Updated on: January 17, 2022

This article will describe how to add an attachment to a Risk Cloud Record using our API.

Within Risk Cloud, you are able to add “Attachment” Fields to your Records. These Fields allow you, perhaps very obviously, to attach files. Customers use these Fields in order to upload evidence, add documents for employee attestation, and many additional use cases. In this article, we will walk through three steps needed to attach a document using Risk Cloud API:

  1. Obtain the FIELD_ID where you would like to upload an attachment

  2. Upload a file using a POST request to https://your-company.logicgate.com/api/v1/attachments?field=FIELD_ID

  3. Attach the file to your specific record using a POST request to https://your-company.logicgate.com/api/v1/valueMaps?record=RECORD_ID

Obtaining proper API Authentication

Prior to any interaction with Risk Cloud’s APIs we will need to set the authorization header. Instructions on how this can be accomplished can be found here.

Step 1:

In the first step, we will be running a series of requests in order to determine the FIELD_ID where we would like to upload our attachment. If you already know your FIELD_ID you may continue to step two.

First, we need to determine the WORKFLOW_ID of the workflow that contains our field. To do this, you can send the following GET request:

https://your-company.logicgate.com/api/v1/workflow

This will return an array of workflow objects, each looking like this:

{
        "id": "WORKFLOW_ID",
        "name": TABLE REPORT NAME,
        "recordPrefix": null,
        "allowGroups": false,
        "requireGroups": false,
        "xpos": 177,
        "ypos": 156,
        "priority": 0,
        "sla": {
            "enabled": false,
            "duration": 0
        },
        "steps": [
            {
                "stepType": "Origin",
                "id": "xt2X0dSM",
                "name": "Default Origin",
                "stepType": "Origin",
                "priority": 1,
                "allowEntitlements": true,
                "xpos": 55,
                "ypos": 55,
                "isPublic": false,
                "sla": {
                    "enabled": false,
                    "duration": 0
                },
                "chain": false,
                "origin": true,
                "end": false
            },
            {
                "stepType": "End",
                "id": "Y5B1k7yq",
                "name": "Default End",
                "stepType": "End",
                "priority": 2,
                "allowEntitlements": true,
                "xpos": 200,
                "ypos": 55,
                "isPublic": false,
                "sla": {
                    "enabled": false,
                    "duration": 0
                },
                "chain": false,
                "origin": false,
                "end": true
            }
        ]
    }

After identifying the Workflow that contains the Field you would like to add an attachment to, you can take the “id” from this object as your WORKFLOW_ID.

Now that we have our WORKFLOW_ID, we can send a request to find the specific Field where we want to add an attachment. To do this, we will send the following GET request:

http://your-company.logicgate.com/api/v1/fields/workflow/WORKFLOW_ID/values

This request will return an array of field objects, similar to this object:

{
        "fieldType": "TEXT_AREA",
        "id": "FIELD ID",
        "name": "text1",
        "label": "text1",
        "tooltip": null,
        "currentValues": [],
        "operators": [
            "NULL",
            "NOT_NULL",
            "EQUALS",
            "NOT_EQUALS",
            "CONTAINS",
            "DOES_NOT_CONTAIN"
        ],
        "convertibleTo": [
            "TEXT"
        ],
        "pattern": null,
        "message": null,
        "hasHtml": false,
        "fieldType": "TEXT_AREA",
        "valueType": "Common",
        "validTypeForCalculationInput": false,
        "discrete": false,
        "global": false
    }

Once you identify the Field where you would like to add an attachment, you can take the “id” value as your FIELD_ID for the subsequent steps.

Step 2:

In this step, we will use the FIELD_ID found in step one to upload our attachment. You will need to create a binary multi-part request, with the form data containing the attachment file and file name.

Once you have built this body, you can send it using the following POST request:

https://your-company.logicgate.com/api/v1/attachments?field=FIELD_ID

The response should look like this:

{
    "attachmentStatus": "CLEAN",
    "id": "QoZy9k73",
    "valueType": "Attachment",
    "discriminator": "CLEAN",
    "textValue": "FILE NAME",
    "numericValue": 1.0,
    "isDefault": false,
    "archived": false,
    "priority": 0,
    "attachmentStatus": "CLEAN",
    "contentType": "image/png",
    "fileSize": NUMBER,
    "fileExtension": "png",
    "originalFileExtension": "png",
    "awsS3Key": "S3 KEY",
    "versionCount": 1,
    "empty": false,
    "fieldId": "EbfvwDRi"
}

Step 3:

In this final step, we will compile the information from our previous two steps in order to attach our upload to the specific record that we are interested in. We will build our POST request’s body using the following structure:

{
  "active": true,
  "currentValues": [
      RESPONSE FROM STEP 2
                   ]
   
  ],
  "field": {
    "active": true,
    "valueType": "Attachment",
    "fieldType": "ATTACHMENT",
    "id": "FIELD_ID"
  }
}

Once you build the above body, send the following POST request:

https://your-company.logicgate.com/api/v1/valueMaps?record=RECORD_ID

The response should look like this:

{
    "id": "uexgD8Ej",
    "currentValues": [
        {
            "discriminator": "CLEAN",
            "id": "QoZy9k73",
            "valueType": "Attachment",
            "discriminator": "CLEAN",
            "textValue": "TEXT",
            "numericValue": 1.0,
            "isDefault": false,
            "archived": false,
            "priority": 0,
            "attachmentStatus": "CLEAN",
            "contentType": "image/png",
            "fileSize": 33517,
            "fileExtension": "png",
            "originalFileExtension": "png",
            "awsS3Key": "S3 KEY",
            "versionCount": 1,
            "empty": false,
            "fieldId": null
        }
    ],
    "field": {
        "fieldType": "ATTACHMENT",
        "id": "EbfvwDRi",
        "name": "attachment",
        "label": "attachment",
        "tooltip": null,
        "enableVersions": true,
        "validTypeForCalculationInput": false
    },
    "expressionResult": 1.0
}

After sending this final POST request, your attachment should be attached to your specified Record and Field.

For any additional questions, please reach out to [email protected]!

Read Previous API Usage Guides
Read Next API Usage Guides
  • 320 W Ohio St
    Floor 5E
    Chicago, IL 60654
  • 312-279-2775
    • LinkedIn
    • Twitter
    • Youtube
    • Facebook
  • Looking for something specific?
  • Request A Demo
  • Platform
    • Risk Cloud Overview
    • Features
    • Reporting & Analytics
    • Risk Quantification
    • Integrations & API
    • Risk Cloud Exchange
    • Services & Support
    • Pricing
  • Company
    • Careers We're hiring!
    • Executive Team
    • Partners
    • LogicGate News
    • LogicGate Trust Center
    • Contact Us
  • Resources
    • Blog
    • Email Newsletter
    • Resource Center
    • Help Center
    • Developer
  • Solutions
    • Cyber Risk & Controls Compliance
    • Enterprise Risk Management
    • Third-Party Risk Management
    • Controls Compliance
    • Regulatory Compliance
    • Data Privacy Management
    • Operational Resiliency
    • Policy Management
    • Environmental, Social & Governance
    • Internal Audit Management
    • View All Solutions
  • Industries
    • Software
    • FinTech
    • Telecom
    • Banking
    • Insurance
    • Investment Services
    • Healthcare
    • Pharmaceuticals
    • Medical Devices
    • Oil & Gas
    • Utilities
    • Alternative Energy
Also of Interest
  • Connect, Optimize, and Scale Your Cyber Risk...
  • Data Privacy Software Solution
  • Grow Your Relationships Not Your Risks.
  • LinkedIn TwitterYoutubeFacebook

Copyright © 2023. LogicGate, Inc. All rights reserved.

  • Privacy Policy
  • Information Security Overview
  • Site Map

Copyright © 2023. LogicGate, Inc. All rights reserved.