Certification
/api/v1/vendor/certificationsA compliance or security certification held by a vendor.
listgetcreateupdatedeleteSchema
| Field | Type | Notes |
|---|---|---|
| id* | uuid | Server-assigned ULID with type prefix (e.g. per_…). |
| tenant_id* | string | Tenant scope — auto-stamped from the caller's JWT. |
| app_id | string | App scope. Stamped ONLY when the caller's JWT was minted for a specific Application (integration API keys). Absent for human-user sessions. Filters reads when present. |
| created_at* | date-time | Server stamp. |
| updated_at* | date-time | Server stamp; updated on every patch. |
| created_by | uuid | Person id from the caller's JWT (sub). |
| updated_by | uuid | Person id from the last writer's JWT (sub). |
| source | string | Provenance tag — defaults to 'edm'. |
| source_type | enum | frontend | backend | server | system | apiWhere the write originated. Defaults to 'api'. |
| is_deleted | boolean | Soft-delete flag. Excluded from default list queries. |
| deleted_at | date-time | Stamped when soft-deleted; null otherwise. |
| deleted_by | uuid | Person id who soft-deleted; null otherwise. |
| schema_version | number | Document schema version. Bumped on incompatible writes. |
| vendor_id* | string | Id of the vendor that holds this certification (e.g. 'sup_01HXABC'). |
| type* | enum | soc2_type1 | soc2_type2 | iso27001 | iso9001 | iso14001 | hipaa | pci_dss | fedramp | hitrust | gdpr | otherCertification type. |
| status | enum | current | expired | in_progress | not_applicable | revokedCertification status. Defaults to 'current'. |
| issued_date | date-time | ISO 8601 date the certification was issued. |
| expiration_date | date-time | ISO 8601 date the certification expires. |
| auditor | string | Auditor or certifying body (e.g. 'Deloitte'). |
| scope | string | Scope covered by the certification (e.g. 'All production services'). |
| findings | string | Summary of audit findings. |
| qualified_opinion | boolean | Whether the audit resulted in a qualified opinion. Defaults to false. |
| document_url | string | URL of the certification document. |
| verified_at | date-time | When the certification was last verified. |
API
client.vendor.certifications.*Loading manifest…