Overview
The Risk Legion API is a RESTful API built with FastAPI, providing comprehensive access to all platform features including BRA management, control assurance, governance, and administration.Base URLs
All API endpoints are prefixed with
/api/v1.
Authentication
All API endpoints (except/health) require authentication using JWT Bearer tokens.
Response Format
Success Responses
All successful responses follow this structure:Paginated Responses
List endpoints return paginated data:Error Responses
Error responses include:HTTP Status Codes
Pagination
Query Parameters
Example
Filtering
Most list endpoints support filtering:Rate Limiting
The API implements rate limiting to ensure fair usage:
Rate limit headers are included in responses:
API Versioning
The current API version isv1. The version is included in the URL path:
API Reference
Core Endpoints
BRA Management
Create, manage, and approve Business Risk Assessments
Control Assurance
Manage controls and assess effectiveness
Governance
Risk appetite, audit trails, and action plans
Admin Operations
Enterprise and user management
Quick Reference
Interactive Documentation
When running locally, access the interactive API documentation:SDKs and Tools
cURL
JavaScript/TypeScript
Python
Error Handling Best Practices
Need Help?
Architecture
Learn about the system architecture
Authentication
Detailed authentication guide