API Documentation

Documentation for our API

Getting Started

The RiskMate API allows you to create applications that can read/update information in your RiskMate account.Each request to the Api must be authenticated with your Api token using an “Authorization-Token” header containing your token. For Example:

POST https://api.riskmate.uk/api/Risks
Authorization-Token: AB4C3B13-6882-4175-8048-1218C442FF85
Content-Type: application/x-www-form-urlencoded

When using the authentication token you do not require any additional password. 

Important

You must treat your Api token as you would treat your login password. Anyone that has your Api token can post to the Api on your behalf!  If you suspect someone has your Api token you can reset it on the “Setup > Business Details” page.

Risks

Overview

URLhttps://api.riskmate.uk/api/Risks
Methods SupportedGET, POST, PUT, DELETE
DescriptionAllows you to create or get risks in a RiskMate account

Elements For Risks

GuidThe risks’s unique id in the system read only
AssessmentDateThe risk assessment date dd/mm/yyyy format
RiskTitle requiredThe title of the Risk (max length = 50)
CorporateObjectiveThe corporate objective (max length = 100)
PrincipalInherentRisk requiredThe principal inherent risk
CategoryThe risk category (max length = 50)
DepartmentThe department (max length = 50)
BusinessUnitThe business unit (max length = 50)
InherentImpact requiredThe inherent impact (Minor, Moderate, Major, Critical)
InherentLikelihood requiredThe inherent likelihood (Almost Never, Unlikely, Likely, Almost Certain)
InherentRatingThe inherent risk rating (worked out from your risk matrix)
KeyControlsInPlace requiredThe key controls in place
ResidualImpact requiredThe residual impact (Minor, Moderate, Major, Critical)
ResidualLikelihood requiredThe residual likelihood (Almost Never, Unlikely, Likely, Almost Certain)
ResidualRatingThe residual risk rating (worked out from your risk matrix)
FormalReviewFrequencyThe review frequency (Monthly, Quarterly, Half Yearly, Annual)
FormalReviewDateThe review date (dd/mm/yyyy)
RiskOwnerThe risk owner
PrincipalAssurance1The principal assurance 1 (max length = 50)
PrincipalAssurance2The principal assurance 2 (max length = 50)
PrincipalAssurance3The principal assurance 3 (max length = 50)
GapsActionResponsibilityTimescaleThe gaps, action, responsibility and timescale
IndependentAssuranceThe independent assurance
ArchivedThe archived status

Get Risk

To get a Risk, use the following URL where {guid} is the Guid of the Risk:

GET http://www.riskmate.uk/api/Risks/{guid}

Data Returned When you GET a risk, the following JSON will be retuned:

[{
"Guid": "85525b05-ef52-4997-9f50-6ed0539d37b0",
"AssessmentDate": "01/06/2015",
"RiskTitle": "Loss of key board directors",
etc...
}]

When you POST a new risk, a JSON object will be returned with the Risk’s details.

POST http://www.riskmate.uk/api/Risks

When you PUT (update) a Risk, the api will return a JSON object with the Risk’s details

PUT http://www.riskmate.uk/api/Risks/{guid}

When you DELETE a Risk, the api will return a JSON object with the Status message.

DELETE http://www.riskmate.uk/api/Risks/{guid}

Incidents

Overview

URLhttps://api.riskmate.uk/api/Incidents
Methods SupportedGET, POST, PUT, DELETE
DescriptionAllows you to create or get incidents in a RiskMate account

Elements For Incidents

GuidThe incident unique id in the system read only
IncidentDate requiredThe date of the incident dd/mm/yyyy format
IncidentTitle requiredThe title of the incident (max length = 100)
IncidentCategoryThe incident category (max length = 50)
DepartmentThe department (max length = 50)
BusinessUnitThe business unit (max length = 50)
IncidentDetails requiredThe incident details
ActionTakenThe action taken
IncidentSeverityThe severity of the incident N/A, Minor, Moderate, Major, Severe
LineManagerInformedHas the line manager been informed? Yes, No
LineManagerThe line manager’s name
LineManagerActionThe action the line manager has taken
ActionedDateThe date the line manager took action
StatusThe status of the incident Open, Waiting, On Hold, Closed
ArchivedThe archived status of the incident Yes, No

Get Incident

To get an incident, use the following URL where {guid} is the Guid of the Incident:

GET http://www.riskmate.uk/api/Incidents/{guid}

Data Returned When you GET an Incident, the following JSON will be returned:

[{
"Guid": "f6e21c87-1581-4aa6-a15a-791874b1eddf",
"IncidentDate": "07/08/2015",
"IncidentTitle": "Customer has fallen through man hole cover at depot",
etc...
}]

When you POST a new Incident, the api will return a JSON object with the Incident’s details.

POST http://www.riskmate.uk/api/Incidents

When you PUT (update) an Incident, the api will return a JSON object with the Incident’s details

PUT http://www.riskmate.uk/api/Incidents/{guid}

When you DELETE an Incident, the api will return a JSON object with the Status message.

DELETE http://www.riskmate.uk/api/Incidents/{guid}

FOI Requests

Overview

URLhttps://api.riskmate.uk/api/FoiRequests
Methods SupportedGET, POST, PUT, DELETE
DescriptionAllows you to create or get FOI Requests in a RiskMate account

Elements For FOI Requests

GuidThe Request’s unique id in the system read only
RequestDateThe date of the request dd/mm/yyyy format
FirstNameThe requester’s first name (max length = 50)
LastNameThe requester’s last name (max length = 50)
PhoneThe requester’s phone number (max length = 50)
EmailThe requester’s email address (max length = 50)
DepartmentThe department (max length = 50)
BusinessUnitThe business unit (max length = 50)
RequestDetailsThe request details
StatusThe status of the request Open, Waiting, On Hold, Closed

Get FOI Request

To get an FOI Request, use the following URL where {guid} is the Guid of the Incident:

GET http://www.riskmate.uk/api/FoiRequests/{guid}

Data Returned When you GET an FOI Request, the following JSON will be returned:

[{
"Guid": "f6e21c87-1581-4aa6-a15a-791874b1eddf",
"RequestDate": "07/08/2015",
"FirstName": "Jo",
"LastName": "Bloggs",
etc...
}]

When you POST a new FOI Request, the api will return a JSON object with the FOI Request’s details.

POST http://www.riskmate.uk/api/FoiRequests

When you PUT (update) an FOI Request, the api will return a JSON object with the FOI Request’s details

PUT http://www.riskmate.uk/api/FoiRequests/{guid}

When you DELETE an FOI Request, the api will return a JSON object with the Status message.

DELETE http://www.riskmate.uk/api/FoiRequests/{guid}

Complaints

Overview

URLhttps://api.riskmate.uk/api/Complaints
Methods SupportedGET, POST, PUT, DELETE
DescriptionAllows you to create or get Complaints in a RiskMate account

Elements For Complaints

GuidThe Complaint’s unique id in the system read only
ComplaintCategoryThe category of the Complaint
DepartmentThe department (max length = 50)
BusinessUnitThe business unit (max length = 50)
ComplaintDate requiredThe date of the Complaint (dd/mm/yyyy format)
FirstName requiredThe requester’s first name (max length = 50)
LastName requiredThe requester’s last name (max length = 50)
Address1The requester’s address 1 (max length = 50)
Address2The requester’s address 2 (max length = 50)
Address3The requester’s address 3 (max length = 50)
Address4The requester’s address 4 (max length = 50)
PostcodeThe requester’s postcode (max length = 50)
PhoneThe requester’s phone number (max length = 50)
EmailThe requester’s email address (max length = 50)
ComplaintDetails requiredThe complaint details
StatusThe status of the complaint (Open, Waiting, On Hold, Closed)
LineManagerThe line manager to assign the complaint to
LineManagerActionThe action the line manager will take
LineManagerActionedDateThe date the action was taken
ClosedDateThe date the Complaint was closed (dd/mm/yyyy format)
ArchivedThe archived status of the complaint (Yes, No)

Get Complaint

To get a Complaint, use the following URL where {guid} is the Guid of the Incident:

GET http://www.riskmate.uk/api/Complaints/{guid}

Data Returned When you GET a Complaint, the following JSON will be returned:

[{
"Guid": "f6e21c87-1581-4aa6-a15a-791874b1eddf",
"ComplaintDate": "07/08/2015",
"FirstName": "Jo",
"LastName": "Bloggs",
etc...
}]

When you POST a new Complaint, the api will return a JSON object with the Complaint’s details.

POST http://www.riskmate.uk/api/Complaints

When you PUT (update) a Complaint, the api will return a JSON object with the Complaint’s details

PUT http://www.riskmate.uk/api/Complaints/{guid}

When you DELETE a Complaint, the api will return a JSON object with the Status message.

DELETE http://www.riskmate.uk/api/Complaints/{guid}

Error Codes

CodeExplanation
400Bad request – something is wrong with your data i.e. missing required fields etc
401Unauthorized – invalid authorization token
403Forbidden – you have made too many api requests in the current 24 hour period
404Not Found – you supplied an incorrect object id
500Internal Server Error – something has gone wrong on our side