Getting Started
The RiskMate API allows you to create applications that can read/update information in your RiskMate account.Each request to the Api must be authenticated with your Api token using an “Authorization-Token” header containing your token. For Example:
POST https://api.riskmate.uk/api/Risks
Authorization-Token: AB4C3B13-6882-4175-8048-1218C442FF85
Content-Type: application/jsonWhen using the authentication token you do not require any additional password.
Important
You must treat your Api token as you would treat your login password. Anyone that has your Api token can post to the Api on your behalf! If you suspect someone has your Api token you can reset it on the “Setup > Business Details” page.
Risks
Overview
| URL | https://api.riskmate.uk/api/Risks |
| Methods Supported | GET, POST, PUT, DELETE |
| Description | Allows you to create or get risks in a RiskMate account |
Properties For Risks
| Guid | The risks’s unique id in the system read only |
| AssessmentDate | The risk assessment date dd/mm/yyyy format |
| RiskTitle required | The title of the Risk (max length = 50) |
| CorporateObjective | The corporate objective (max length = 100) |
| PrincipalInherentRisk required | The principal inherent risk |
| Category | The risk category (max length = 50) |
| Department | The department (max length = 50) |
| BusinessUnit | The business unit (max length = 50) |
| InherentImpact required | The inherent impact (Minor, Moderate, Major, Critical) |
| InherentLikelihood required | The inherent likelihood (Almost Never, Unlikely, Likely, Almost Certain) |
| InherentRating | The inherent risk rating (worked out from your risk matrix) |
| KeyControlsInPlace required | The key controls in place |
| ResidualImpact required | The residual impact (Minor, Moderate, Major, Critical) |
| ResidualLikelihood required | The residual likelihood (Almost Never, Unlikely, Likely, Almost Certain) |
| ResidualRating | The residual risk rating (worked out from your risk matrix) |
| FormalReviewFrequency | The review frequency (Monthly, Quarterly, Half Yearly, Annual) |
| FormalReviewDate | The review date (dd/mm/yyyy) |
| RiskOwner | The risk owner |
| PrincipalAssurance1 | The principal assurance 1 (max length = 50) |
| PrincipalAssurance2 | The principal assurance 2 (max length = 50) |
| PrincipalAssurance3 | The principal assurance 3 (max length = 50) |
| GapsActionResponsibilityTimescale | The gaps, action, responsibility and timescale |
| IndependentAssurance | The independent assurance |
| Archived | The archived status |
Get Risk
To get a Risk, use the following URL where {guid} is the Guid of the Risk:
GET https://www.riskmate.uk/api/Risks/{guid}Data Returned When you GET a risk, the following JSON will be retuned:
[{
"Guid": "85525b05-ef52-4997-9f50-6ed0539d37b0",
"AssessmentDate": "01/06/2015",
"RiskTitle": "Loss of key board directors",
etc...
}]When you POST a new risk, a JSON object will be returned with the Risk’s details.
POST https://www.riskmate.uk/api/RisksWhen you PUT (update) a Risk, the api will return a JSON object with the Risk’s details
PUT https://www.riskmate.uk/api/Risks/{guid}When you DELETE a Risk, the api will return a JSON object with the Status message.
DELETE https://www.riskmate.uk/api/Risks/{guid}Incidents
Overview
| URL | https://api.riskmate.uk/api/Incidents |
| Methods Supported | GET, POST, PUT, DELETE |
| Description | Allows you to create or get incidents in a RiskMate account |
Properties For Incidents
| Guid | The incident unique id in the system read only |
| IncidentDate required | The date of the incident dd/mm/yyyy format |
| IncidentTitle required | The title of the incident (max length = 100) |
| IncidentCategory | The incident category (max length = 50) |
| Department | The department (max length = 50) |
| BusinessUnit | The business unit (max length = 50) |
| IncidentDetails required | The incident details |
| ActionTaken | The action taken |
| IncidentSeverity | The severity of the incident N/A, Minor, Moderate, Major, Severe |
| LineManagerInformed | Has the line manager been informed? Yes, No |
| LineManager | The line manager’s name |
| LineManagerAction | The action the line manager has taken |
| ActionedDate | The date the line manager took action |
| Status | The status of the incident Open, Waiting, On Hold, Closed |
| Archived | The archived status of the incident Yes, No |
Get Incident
To get an incident, use the following URL where {guid} is the Guid of the Incident:
GET https://www.riskmate.uk/api/Incidents/{guid}Data Returned When you GET an Incident, the following JSON will be returned:
[{
"Guid": "f6e21c87-1581-4aa6-a15a-791874b1eddf",
"IncidentDate": "07/08/2015",
"IncidentTitle": "Customer has fallen through man hole cover at depot",
etc...
}]When you POST a new Incident, the api will return a JSON object with the Incident’s details.
POST https://www.riskmate.uk/api/IncidentsWhen you PUT (update) an Incident, the api will return a JSON object with the Incident’s details
PUT https://www.riskmate.uk/api/Incidents/{guid}When you DELETE an Incident, the api will return a JSON object with the Status message.
DELETE https://www.riskmate.uk/api/Incidents/{guid}FOI Requests
Overview
| URL | https://api.riskmate.uk/api/FoiRequests |
| Methods Supported | GET, POST, PUT, DELETE |
| Description | Allows you to create or get FOI Requests in a RiskMate account |
Properties For FOI Requests
| Guid | The Request’s unique id in the system read only |
| RequestDate | The date of the request dd/mm/yyyy format |
| FirstName | The requester’s first name (max length = 50) |
| LastName | The requester’s last name (max length = 50) |
| Phone | The requester’s phone number (max length = 50) |
| The requester’s email address (max length = 50) | |
| Department | The department (max length = 50) |
| BusinessUnit | The business unit (max length = 50) |
| RequestDetails | The request details |
| Status | The status of the request Open, Waiting, On Hold, Closed |
Get FOI Request
To get an FOI Request, use the following URL where {guid} is the Guid of the Incident:
GET https://www.riskmate.uk/api/FoiRequests/{guid}Data Returned When you GET an FOI Request, the following JSON will be returned:
[{
"Guid": "f6e21c87-1581-4aa6-a15a-791874b1eddf",
"RequestDate": "07/08/2015",
"FirstName": "Jo",
"LastName": "Bloggs",
etc...
}]When you POST a new FOI Request, the api will return a JSON object with the FOI Request’s details.
POST https://www.riskmate.uk/api/FoiRequestsWhen you PUT (update) an FOI Request, the api will return a JSON object with the FOI Request’s details
PUT https://www.riskmate.uk/api/FoiRequests/{guid}When you DELETE an FOI Request, the api will return a JSON object with the Status message.
DELETE https://www.riskmate.uk/api/FoiRequests/{guid}Complaints
Overview
| URL | https://api.riskmate.uk/api/Complaints |
| Methods Supported | GET, POST, PUT, DELETE |
| Description | Allows you to create or get Complaints in a RiskMate account |
Properties For Complaints
| Guid | The Complaint’s unique id in the system read only |
| ComplaintCategory | The category of the Complaint |
| Department | The department (max length = 50) |
| BusinessUnit | The business unit (max length = 50) |
| ComplaintDate required | The date of the Complaint (dd/mm/yyyy format) |
| FirstName required | The requester’s first name (max length = 50) |
| LastName required | The requester’s last name (max length = 50) |
| Address1 | The requester’s address 1 (max length = 50) |
| Address2 | The requester’s address 2 (max length = 50) |
| Address3 | The requester’s address 3 (max length = 50) |
| Address4 | The requester’s address 4 (max length = 50) |
| Postcode | The requester’s postcode (max length = 50) |
| Phone | The requester’s phone number (max length = 50) |
| The requester’s email address (max length = 50) | |
| ComplaintDetails required | The complaint details |
| Status | The status of the complaint (Open, Waiting, On Hold, Closed) |
| LineManager | The line manager to assign the complaint to |
| LineManagerAction | The action the line manager will take |
| LineManagerActionedDate | The date the action was taken |
| ClosedDate | The date the Complaint was closed (dd/mm/yyyy format) |
| Archived | The archived status of the complaint (Yes, No) |
Get Complaint
To get a Complaint, use the following URL where {guid} is the Guid of the Incident:
GET https://www.riskmate.uk/api/Complaints/{guid}Data Returned When you GET a Complaint, the following JSON will be returned:
[{
"Guid": "f6e21c87-1581-4aa6-a15a-791874b1eddf",
"ComplaintDate": "07/08/2015",
"FirstName": "Jo",
"LastName": "Bloggs",
etc...
}]When you POST a new Complaint, the api will return a JSON object with the Complaint’s details.
POST https://www.riskmate.uk/api/ComplaintsWhen you PUT (update) a Complaint, the api will return a JSON object with the Complaint’s details
PUT https://www.riskmate.uk/api/Complaints/{guid}When you DELETE a Complaint, the api will return a JSON object with the Status message.
DELETE https://www.riskmate.uk/api/Complaints/{guid}Error Codes
| Code | Explanation |
|---|---|
| 400 | Bad request – something is wrong with your data i.e. missing required fields etc |
| 401 | Unauthorized – invalid authorization token |
| 403 | Forbidden – you have made too many api requests in the current 24 hour period |
| 404 | Not Found – you supplied an incorrect object id |
| 500 | Internal Server Error – something has gone wrong on our side |