API Reference

StackTalk API

Integrate StackTalk into your workflows with our RESTful API. All endpoints require authentication via API key.

Authentication

All API requests require a bearer token. Include your API key in the Authorization header:

Authorization: Bearer sk_live_your_api_key_here

API keys are available in your StackTalk dashboard under Settings → API Keys. Use sk_test_ keys for development and sk_live_ keys for production.

Endpoints

GET
/v1/controls

List all controls and their current status across your compliance frameworks.

GET
/v1/controls/:id

Retrieve a specific control, including evidence history and test results.

POST
/v1/evidence

Submit evidence for a specific control. Supports file uploads and structured data.

GET
/v1/evidence/:id

Retrieve a specific evidence record with metadata and audit trail.

GET
/v1/frameworks

List all active regulatory frameworks and their control mappings.

POST
/v1/reports

Generate an audit-ready compliance report for a specific framework.

GET
/v1/alerts

List regulatory change alerts and their impact assessments.

PATCH
/v1/alerts/:id

Update alert status (acknowledge, dismiss, or assign to a team member).

POST
/v1/webhooks

Register a webhook endpoint to receive real-time compliance events.

DELETE
/v1/webhooks/:id

Remove a registered webhook endpoint.

Rate Limits

1,000 requests per minute for standard plans. Enterprise plans have custom limits.

Versioning

The API is versioned via URL path. Current stable version is v1.

SDKs

Official SDKs available for Python, Node.js, and Go. Community SDKs for Ruby and Java.