--- title: Comp AI API Integration on Truto slug: compai category: Compliance canonical: "https://truto.one/integrations/detail/compai/" --- # Comp AI API Integration on Truto **Category:** Compliance **Status:** Generally available ## MCP-ready AI tools Truto exposes 412 tools for Comp AI that AI agents can call directly. - **list_all_comp_ai_organizations** — Retrieve the compai organization profile used to personalize compliance workflows, Trust Center branding, and audit readiness reporting. Returns: id, name, slug, logo, website, onboardingCompleted, hasAccess, primaryColor, createdAt, and authType. - **update_a_comp_ai_organization_by_id** — Partially update the authenticated organization in compai; only the fields you supply are changed. Returns: id, name, slug, logo, website, onboardingCompleted, hasAccess, primaryColor, createdAt, and authType. - **delete_a_comp_ai_organization_by_id** — Permanently delete the authenticated organization in compai. This action cannot be undone. Returns: success, deletedOrganization (containing the deleted organization's id and name), and authType. - **list_all_comp_ai_organization_onboardings** — Get the organization onboarding status in Comp AI. Returns the onboarding configuration including profile, api_keys, logo, ownership, role_notifications, and access_approval settings. - **create_a_comp_ai_organization_transfer_ownership** — Transfer organization ownership to another member in compai. The current owner becomes an admin and the new member receives the owner role. Returns: success, message, currentOwner (with memberId, previousRoles, newRoles), and newOwner (with memberId, previousRoles, newRoles). Required: newOwnerId. - **list_all_comp_ai_organization_role_notifications** — Get the current role notification settings for the organization in Comp AI. Returns: settings (an array of per-role notification preferences, each containing role, policyNotifications, taskReminders, taskAssignments, taskMentions, weeklyTaskDigest, and findingNotifications). - **update_a_comp_ai_organization_role_notification_by_id** — Update role notification settings for the organization in Comp AI. Returns the updated settings array, each entry containing role, policyNotifications, taskReminders, taskAssignments, taskMentions, weeklyTaskDigest, and findingNotifications. Required: settings. - **list_all_comp_ai_organization_api_keys** — List active API keys for the organization in compai, enabling administrators to audit automation access and safely rotate credentials. Returns: id, attributes. - **create_a_comp_ai_organization_api_key** — Create a scoped API key for the organization in compai for server-side compliance automation such as evidence sync, policy workflows, or security questionnaire tooling. Returns: id, attributes. - **list_all_comp_ai_api_keys_available_scopes** — List available API key scopes and permissions in compai. Retrieves the full set of scope and permission definitions that can be assigned when creating API key credentials for compliance automation workflows. No required parameters. - **list_all_comp_ai_organization_primary_colors** — Retrieve the organization's primary brand color in compai, used for Trust Center theming, portals, and embedded experiences. Returns: primaryColor, authType. - **create_a_comp_ai_organization_logo** — Upload an organization logo in Comp AI. Returns an empty 201 response on success. - **delete_a_comp_ai_organization_logo_by_id** — Remove the organization logo in Comp AI. Returns an empty 200 response on success. - **create_a_comp_ai_api_keys_revoke** — Revoke an organization API key in compai when an integration is retired, credentials rotate, or access should be removed. Returns an empty 201 response on success. - **create_a_comp_ai_organization_access_auto_approve** — Trigger an auto-approval check for organization access in compai. Grants access if the requesting user is an internal trycomp.ai user, the deployment is self-hosted, or the user's email domain matches the organization's website domain and the organization is an active Stripe customer. Returns: hasAccess. - **create_a_comp_ai_people_invite** — Invite employees or contractors in compai to complete portal tasks, training, device setup, and compliance evidence requirements. Returns a 201 response with no body on success. - **list_all_comp_ai_peoples** — List employees and contractors in compai with onboarding, device, and compliance status. Returns: data (array of member records including id, role, department, isActive, createdAt, user), count, authType. Required: includeDeactivated, onboardAfter, onboardBefore, offboardAfter, offboardBefore. - **create_a_comp_ai_people** — Create a new workforce member in compai by adding an existing user to the authenticated organization. Returns: id, organizationId, userId, role, department, isActive, createdAt, user. Required: userId. - **comp_ai_peoples_bulk_create** — Bulk add multiple members to the authenticated organization in compai in a single request. Members who already exist or have invalid data are skipped with error details returned. Returns: created (successfully added member records), errors (with index, userId, error), summary (total, successful, failed). Required: members. - **get_single_comp_ai_people_by_id** — Get a specific workforce member in compai by their member id. Returns: id, organizationId, userId, role, department, isActive, createdAt, user. Required: id. - **update_a_comp_ai_people_by_id** — Update a workforce member's profile, role, department, or compliance metadata in compai. Returns: id, organizationId, userId, role, department, isActive, createdAt, user. Required: id. - **delete_a_comp_ai_people_by_id** — Permanently delete a workforce member from the organization in compai. This action cannot be undone. Returns: success, deletedMember (id, name, email), authType. Required: id, skipOffboarding. - **list_all_comp_ai_people_devices** — List all employee devices with fleet compliance data in compai. Returns device records containing workforce member device and compliance information; the upstream source does not enumerate specific response fields for this endpoint — consult the compai API documentation for the full field-level breakdown. - **list_all_comp_ai_test_stats_by_assignees** — List integration test statistics grouped by assignee in compai. Returns test statistics data per assignee; the upstream source does not enumerate response fields for this endpoint. - **list_all_comp_ai_people_mentionables** — List compai members who can read a specific resource type and are eligible to be mentioned. Returns: id, name. Required: resource. - **update_a_comp_ai_reactivate_by_id** — Reactivate a deactivated member in Comp AI. Returns a 200 response on success with no documented body. Required: id. - **list_all_comp_ai_training_videos** — List training video completions for a member in Comp AI. Returns an array of training video completion records associated with the specified member; the upstream source does not enumerate specific response fields beyond the 200 OK status. Required: id. - **list_all_comp_ai_fleet_compliances** — List fleet device compliance records for a member in compai. Returns endpoint security findings and compliance status data including id and compliance attributes. Required: id. - **delete_a_comp_ai_host_by_id** — Remove a FleetDM host (device) from a compai member's Fleet. Returns: success, authType. Required: id, host_id. - **create_a_comp_ai_resend_portal_invite** — Resend a portal invite email to a member in compai. Returns an empty 201 response on success. Required: id. - **update_a_comp_ai_unlink_device_by_id** — Unlink a device from a compai member by resetting their fleetDmLabelId, disconnecting the device from the organization's FleetDM. Returns: id, organizationId, role, isActive, fleetDmLabelId, and a nested user object including name and email. Required: id. - **list_all_comp_ai_employment_evidences** — List employment evidence attachments for a person in Comp AI by event type. Returns the onboarding or offboarding evidence records associated with the specified member (response body fields not enumerated by the source). Required: id, event_type. - **create_a_comp_ai_employment_evidence** — Upload an employment evidence attachment for a person in Comp AI. Associates an evidence document with a member's onboarding or offboarding event record (response body fields not enumerated by the source). Required: id, event_type. - **delete_a_comp_ai_employment_evidence_by_id** — Delete an employment evidence attachment for a person in Comp AI. Returns an empty 200 response on success. Required: id, event_type, attachment_id. - **get_single_comp_ai_people_email_preference_by_id** — Get current user email notification preferences in Comp AI. Returns the email notification preferences as an object; the upstream API does not enumerate specific response fields for this endpoint. - **update_a_comp_ai_people_email_preference_by_id** — Update current user email notification preferences in Comp AI. Returns the updated email notification preferences as an object; specific request body fields (UpdateEmailPreferencesDto) and response fields are not enumerated in the upstream API documentation. - **create_a_comp_ai_attachment** — Upload a base64-encoded file and attach it to a supported entity (task, vendor, risk, or comment) in compai. The file is stored on S3 and a database record is created. Returns the created attachment record including id, url, file_name, entity_type, entity_id, and created_at. Required: file, file_name, entity_type, entity_id. - **list_all_comp_ai_attachment_downloads** — Generate a signed download URL for a shared attachment in compai linked to comments, evidence records, or compliance workflow reviews. Returns: downloadUrl, expiresIn. Required: attachment_id. - **create_a_comp_ai_uploads_presign** — Create a presigned S3 upload URL in compai. Returns the presignedUrl to PUT raw file bytes to directly, and the s3Key where the file lands for use in downstream feature tool calls (e.g. upload-and-parse). File bytes never pass through the LLM. - **list_all_comp_ai_timelines** — List timelines for the organization in Comp AI. Returns: id, phases. - **get_single_comp_ai_timeline_by_id** — Get a single timeline instance with phases in Comp AI. Returns: id, phases. Required: id. - **create_a_comp_ai_phase_ready** — Mark a phase as ready for review in Comp AI, signalling audit and compliance readiness for a specific timeline phase. Returns an empty 201 response on success. Required: id (timeline id), phase_id. - **list_all_comp_ai_risks** — List organization risks in compai with owners, severity, and mitigation status for risk management reporting. Returns: id, title, category, status, likelihood, impact, treatmentStrategy, assigneeId, createdAt, updatedAt per item. - **create_a_comp_ai_risk** — Create a risk record in compai so compliance teams can track mitigation and remediation work. Returns: id, title, category, department, status, likelihood, impact, residualLikelihood, residualImpact, treatmentStrategy, organizationId, assigneeId, createdAt, updatedAt. Required: title, description, category. - **get_single_comp_ai_risk_by_id** — Get a single organization risk by id in compai including owner, department, severity, residual risk scores, and treatment strategy. Returns: id, title, category, department, status, likelihood, impact, residualLikelihood, residualImpact, treatmentStrategy, organizationId, assigneeId, createdAt, updatedAt. Required: id. - **update_a_comp_ai_risk_by_id** — Update an organization risk by id in compai as mitigation work progresses to keep compliance reports current. Returns: id, title, category, department, status, likelihood, impact, residualLikelihood, residualImpact, treatmentStrategy, organizationId, assigneeId, createdAt, updatedAt. Required: id. - **delete_a_comp_ai_risk_by_id** — Delete an organization risk by id in compai that no longer needs active tracking in the risk register. Returns: message, deletedRisk (containing id and title). Required: id. - **list_all_comp_ai_stats_by_assignees** — List risk statistics grouped by assignee in Comp AI, covering organizational risks with ownership, departments, and compliance remediation status. Returns per-assignee aggregated risk statistics in attributes; the exact field shape is not enumerated in the upstream documentation — consult the compai API for the full field-level breakdown. - **list_all_comp_ai_stats_by_departments** — Get risk count statistics grouped by department in compai. Returns: department, count. - **list_all_comp_ai_global_searches** — Search global vendor records in compai by name to prefill vendor profiles and speed up third-party risk assessment workflows. Returns matching vendor records; the upstream source does not enumerate the specific response fields for this endpoint. Optional: name. - **list_all_comp_ai_vendors** — List vendors in compai for third-party risk management. Returns: id, name, category, status, inherentProbability, inherentImpact, residualProbability, residualImpact, website, assigneeId, createdAt, updatedAt. - **create_a_comp_ai_vendor** — Create a vendor record in compai to track third-party risk, assessment status, category, and ownership. Returns: id, name, category, status, organizationId, assigneeId, inherentProbability, inherentImpact, residualProbability, residualImpact, website, createdAt. Required: name, description. - **get_single_comp_ai_vendor_by_id** — Get a single vendor by id in compai. Returns: id, name, description, category, status, inherentProbability, inherentImpact, residualProbability, residualImpact, website, organizationId, assigneeId, createdAt, updatedAt. Required: id. - **update_a_comp_ai_vendor_by_id** — Update a vendor record in compai by id, modifying name, category, status, risk attributes, or assigned owner. Returns: id, name, category, status, organizationId, assigneeId, inherentProbability, inherentImpact, residualProbability, residualImpact, updatedAt. Required: id. - **delete_a_comp_ai_vendor_by_id** — Permanently delete a vendor from compai by id. This action cannot be undone. Returns: message, deletedVendor (id and name of the removed record). Required: id. - **create_a_comp_ai_vendor_trigger_assessment** — Trigger a vendor risk assessment in Comp AI so it can update third-party risk evidence and vendor security review status for the specified vendor. Returns an empty 201 response on success. Required: id. - **list_all_comp_ai_contexts** — List compai organization context entries used as approved source material for evidence, questionnaires, and AI workflows. Returns: id, organizationId, question, answer, tags, createdAt, updatedAt per entry. - **create_a_comp_ai_context** — Create a new context entry in compai for the authenticated organization. Returns the created entry including id, organizationId, question, answer, tags, createdAt, updatedAt, and authType. Required: question, answer. - **get_single_comp_ai_context_by_id** — Get a single compai context entry by id. Returns: id, organizationId, question, answer, tags, createdAt, updatedAt, authType. Required: id. - **update_a_comp_ai_context_by_id** — Update a compai organization context entry with partial data. Returns the updated entry including id, organizationId, question, answer, tags, createdAt, updatedAt, and authType. Required: id. - **delete_a_comp_ai_context_by_id** — Permanently delete a compai context entry by id. Returns: message, deletedContext (containing id and question), and authType. Required: id. - **list_all_comp_ai_devices** — List managed employee devices in compai with endpoint compliance status, ownership, and security check results for workforce controls. Returns: data (array of device records), count, authType, authenticatedUser. - **delete_a_comp_ai_device_by_id** — Delete a device in compai by id. Returns an empty 204 response on success. Required: id. - **create_a_comp_ai_device** — Sync devices for a dynamic provider integration in compai. Returns an empty 201 response on success. Required: provider_slug, connectionId. - **get_single_comp_ai_devices_member_by_id** — Get all devices assigned to a specific member in compai. Retrieves devices from FleetDM using the member's dedicated FleetDM label ID. Returns: devices. Required: id. - **list_all_comp_ai_policies** — List compliance policies in compai. Returns: id, name, status, content, frequency, department, isRequiredToSign, reviewDate, isArchived, createdAt, updatedAt, organizationId, assigneeId, approverId. Active (non-archived) policies are returned by default; use includeArchived=true to include archived policies, or excludeContent=true to omit rich-text content and draftContent fields. - **create_a_comp_ai_policy** — Create a new compliance policy in compai that can be reviewed, versioned, published, and linked to controls. Returns: id, name, description, status, content, frequency, department, isRequiredToSign, reviewDate, isArchived, createdAt, updatedAt, organizationId, assigneeId, approverId. Required: name. - **get_single_comp_ai_policy_by_id** — Get a single compliance policy by id in compai, including its current content, draft content, review status, and audit metadata. Returns: id, name, description, status, content, isRequiredToSign, signedBy, reviewDate, isArchived, createdAt, updatedAt, organizationId, assigneeId, approverId. Required: id. - **update_a_comp_ai_policy_by_id** — Update a compliance policy by id in compai while keeping it connected to controls, tasks, and approvals. Returns: id, name, description, status, content, frequency, department, isRequiredToSign, signedBy, reviewDate, isArchived, createdAt, updatedAt, organizationId, assigneeId, approverId. Required: id. - **delete_a_comp_ai_policy_by_id** — Delete a compliance policy by id in compai. Returns: success, deletedPolicy (id, name), authType. Required: id. - **create_a_comp_ai_policies_publish_all** — Publish all draft policies in bulk in compai so that approved policy content can power Trust Center sharing, questionnaire answers, and audit evidence. Returns an empty 201 response on success. - **list_all_comp_ai_policies_download_alls** — Download all published compliance policies in compai as a single PDF bundle, suitable for auditor reviews, customer security reviews, and Trust Center workflows. Returns a signed URL for downloading the generated PDF bundle. Returns: url. - **list_all_comp_ai_policie_controls** — List all controls mapped to a policy in Comp AI. Returns: id. Required: id. - **create_a_comp_ai_policie_control** — Map controls to a policy in Comp AI. Returns: id. Required: id. - **delete_a_comp_ai_policie_control_by_id** — Remove a control mapping from a policy in Comp AI. Returns an empty 204 response on success. Required: id, control_id. - **list_all_comp_ai_policie_evidence_tasks** — List evidence tasks that serve as evidence for a Comp AI policy, grouped by control. Returns: control, tasks. Required: id (Policy ID). - **create_a_comp_ai_policie_regenerate** — Regenerate policy content using Comp AI for a specific policy in compai. Triggers AI-based regeneration while keeping the result reviewable before it is published or used as compliance evidence. Returns an empty 201 response on success. Required: id. - **list_all_comp_ai_pdf_signed_urls** — Get a signed URL for a policy PDF in Comp AI. Returns: url (a time-limited signed URL for downloading or viewing the PDF export of the policy). Required: id. Optionally scope to a specific policy version with versionId. - **create_a_comp_ai_policie_pdf** — Upload a PDF to a policy version in compai via multipart file upload or base64-encoded JSON payload. Defaults to the latest draft version when no versionId is supplied; returns 400 if no draft is available. Returns an empty 201 response on success. Required: id. - **delete_a_comp_ai_policie_pdf_by_id** — Delete the PDF from a policy version in compai. Targets the latest draft version when no versionId is supplied. Cannot delete PDFs attached to published or pending-approval versions. Returns an empty 200 response on success. Required: id. - **create_a_comp_ai_pdf_upload_url** — Generate a presigned S3 upload URL for attaching a PDF to a compliance policy in compai. Returns the presigned upload URL and s3Key; upload the file bytes directly to S3 using the URL, then call confirm-policy-pdf-uploaded with the same s3Key to finalize the attachment. Required: id. - **create_a_comp_ai_pdf_confirm** — Confirm a policy PDF upload in compai by linking an uploaded file to a compliance policy after the file bytes have been PUT to a presigned S3 URL. The endpoint verifies the file exists in S3 before associating it with the policy or version. Returns an empty 201 response on success. Required: id, s3Key. - **list_all_comp_ai_policie_pdf_urls** — Get the signed PDF URL for a policy in Comp AI. Returns: url (a signed URL granting access to the policy PDF document). Required: id. Optionally scope the URL to a specific policy version with versionId. - **list_all_comp_ai_policie_versions** — List all versions of a Comp AI policy. Returns: versions (array of version objects), currentVersionId, pendingVersionId. Required: policy_id. - **create_a_comp_ai_policie_version** — Create a new draft policy version in Comp AI, cloned from the currently published version or a specified source version. Returns: versionId, version. Required: policy_id. - **update_a_comp_ai_policie_version_by_id** — Update the content of a Comp AI policy draft version. Returns: versionId. Required: policy_id, id. - **delete_a_comp_ai_policie_version_by_id** — Delete a Comp AI policy version by id. Returns: deletedVersion (the version number of the deleted version). Required: policy_id, id. - **comp_ai_policie_versions_activate** — Set a specific Comp AI policy version as the active published version. Returns: versionId, version. Required: policy_id, id. - **get_single_comp_ai_policie_version_by_id** — Get a specific Comp AI policy version by id. Returns: version, currentVersionId, pendingVersionId. Required: policy_id, id. - **create_a_comp_ai_versions_publish** — Publish a draft policy version in compai, making it the active/current version of the policy. Returns: versionId, version. Required: policy_id, versionId. - **create_a_comp_ai_version_submit_for_approval** — Submit a policy version for approval in compai, advancing it into the approval workflow. Returns: versionId, version. Required: policy_id, id. - **create_a_comp_ai_policie_accept_change** — Accept pending policy changes and publish the version in Comp AI. Returns an empty 201 response on success. Required: id. - **create_a_comp_ai_policie_deny_change** — Deny pending policy changes in Comp AI for a specific policy. Returns an empty 201 response on success. Required: id. - **create_a_comp_ai_policie_ai_chat** — Chat with AI about a compai policy to ask policy-specific questions or request draft improvements while preserving human review before changes are applied. Returns a streaming AI response in text/event-stream format (opaque text stream; cannot be represented as a structured JSON schema). Required: id. - **create_a_comp_ai_device_agent_exchange_code** — Exchange an auth code for device credentials in Comp AI, enabling device registration, compliance check-ins, and endpoint security management. Required: code. Returns an empty 201 response on success. - **list_all_comp_ai_device_agent_updates** — Download a device-agent update file from Comp AI by filename. Returns the binary file content of the requested update build; the response body is an opaque binary stream with no enumerable JSON fields. Required: filename. - **create_a_comp_ai_device_agent_auth_code** — Create a device-agent auth code in Comp AI to register employee devices, submit device compliance check-ins, download agent builds, or manage endpoint security status. Returns an empty 201 response on success. - **list_all_comp_ai_device_agent_my_organizations** — List organizations associated with the current device in Comp AI. Returns organization records including id and organization-specific attributes. No query parameters are required. - **create_a_comp_ai_device_agent_register** — Register a Comp AI Device Agent installation so employee endpoint checks can report into compliance tasks and device inventory. Returns an empty 201 response on success. - **create_a_comp_ai_device_agent_check_in** — Submit device security check results to compai, covering encryption, antivirus, password policy, screen lock, and other endpoint controls. Returns an empty 201 response on success. - **list_all_comp_ai_device_agent_status** — Get device-agent status in Comp AI for a specific device and organization. Returns the device-agent status object (attributes). Required: deviceId, organizationId. - **list_all_comp_ai_device_agent_macs** — Download the Comp AI Device Agent installer for macOS. Returns a binary DMG file (application/x-apple-diskimage) — an opaque binary blob whose contents are the device compliance and security monitoring agent installer, delivered with a Content-Disposition header indicating the filename (e.g., Comp AI Agent-1.0.0-arm64.dmg). - **list_all_comp_ai_device_agent_windows** — Download the Comp AI Windows Device Agent as a ZIP package containing the MSI installer, a customized setup batch script, and a README. Returns a binary ZIP file streamed as application/zip — not a JSON record; the response body is binary file content and cannot be represented as enumerable fields. - **delete_a_comp_ai_device_agent_session_by_id** — Revoke a device agent session in Comp AI by device ID. Returns an empty 204 response on success. Required: id. - **list_all_comp_ai_tasks** — List compliance tasks in compai with assignments and status for tracking audit readiness, evidence work, and control implementation. Returns: id, title, description, status, createdAt, updatedAt. - **create_a_comp_ai_task** — Create a compliance task in compai for evidence collection, remediation, review, or recurring control work. Returns: id, title, description, status, createdAt, updatedAt. Required: title, description. - **comp_ai_tasks_bulk_update** — Update status for multiple compliance tasks in compai in a single request. Returns: updatedCount. Required: taskIds, status. - **comp_ai_tasks_bulk_delete** — Delete multiple compliance tasks in compai in a single request. Returns: deletedCount. Required: taskIds. - **comp_ai_tasks_bulk_assignee** — Update the assignee for multiple compliance tasks in compai in a single request. Returns: updatedCount. Required: taskIds. - **comp_ai_tasks_bulk_submit_for_review** — Bulk submit multiple compliance tasks for review in compai, assigning an approver to each. Returns an empty 204 response on success. Required: taskIds, approverId. - **get_single_comp_ai_task_by_id** — Get a single compliance task by id in compai. Returns: id, title, description, status, createdAt, updatedAt. Required: id. - **update_a_comp_ai_task_by_id** — Update a compliance task by id in compai, modifying fields such as status, assignee, department, frequency, or review date. Returns: id, title, description, status, createdAt, updatedAt. Required: id. - **delete_a_comp_ai_task_by_id** — Delete a compliance task by id in compai. Returns: success, message. Required: id. - **comp_ai_tasks_list_activity** — Get activity history for a compliance task by id in compai. Returns an empty 204 response on success. Required: id. - **comp_ai_tasks_approve** — Approve a compliance task that is in review in compai; moves status to done and creates an audit comment. Only the assigned approver can approve. Returns an empty 204 response on success. Required: id. - **comp_ai_tasks_reject** — Reject a compliance task that is in review in compai; reverts status to its previous value and creates an audit comment. Only the assigned approver can reject. Returns an empty 204 response on success. Required: id. - **comp_ai_tasks_list_attachments** — List evidence attachments for a compliance task by id in compai. Returns: id, name, type, size, downloadUrl, createdAt. Required: id. - **comp_ai_tasks_attach_attachment** — Upload an evidence attachment to a compliance task in compai so auditors and reviewers can trace completion to source documentation. Returns: id, entityId, entityType, fileName, fileType, fileSize, createdAt, createdBy. Required: id. - **list_all_comp_ai_tasks_templates** — List task templates in Comp AI for managing compliance task lifecycle. Returns: id, frameworkId. Optionally filter results by frameworkId. - **update_a_comp_ai_tasks_reorder_by_id** — Reorder tasks in Comp AI by submitting an array of task update objects with new ordering positions and statuses. Returns a 200 success response with no body on success. Required: updates (array of objects, each requiring id, order, and status). - **list_all_comp_ai_tasks_options** — List page options for the tasks overview in Comp AI, covering compliance task lifecycle, assignments, review approvals, evidence uploads, policy links, and activity history. Returns the available configuration options object. The specific response field structure is not enumerated in the upstream API documentation. - **list_all_comp_ai_task_policies** — List policies that reference a specific task via shared controls in Comp AI. Returns a list of policy objects linked to the task; the upstream source does not enumerate individual response fields. Required: task_id. - **create_a_comp_ai_task_regenerate** — Regenerate a task from its associated template in Comp AI, restarting the task based on the linked template definition. Returns an empty 200 response on success. Required: task_id. - **create_a_comp_ai_task_submit_for_review** — Submit a task for review in Comp AI. Transitions the task into a review state and routes it to the designated approver. Returns a 200 response confirming the submission with no body fields. Required: task_id, approverId. - **delete_a_comp_ai_task_attachment_by_id** — Delete a task attachment in Comp AI. Returns: success, deletedAttachmentId, message. Required: task_id, attachment_id. - **list_all_comp_ai_task_automations** — List all automations for a task in Comp AI. Returns automation records including id and name. Required: task_id. - **create_a_comp_ai_task_automation** — Create an automated evidence workflow attached to a task in Comp AI. Returns: success and an automation object containing id and name. Required: task_id. - **update_a_comp_ai_task_automation_by_id** — Update an existing automation in Comp AI. Returns: success and the updated automation object containing id, name, and description. Required: task_id, id. - **delete_a_comp_ai_task_automation_by_id** — Delete an automation by id in Comp AI. Returns an empty 204 response on success. Required: task_id, id. - **get_single_comp_ai_task_automation_by_id** — Get a specific automation by id for a task in Comp AI. Returns: success and an automation object containing id, name, and description. Required: task_id, id. - **list_all_comp_ai_automation_runs** — List all runs for a specific automation in Comp AI. Returns run records for the automation's evidence collection workflow; the exact shape of each run record depends on the automation's workflow configuration. Required: task_id, automation_id. - **list_all_comp_ai_automation_versions** — List all versions for an automation in Comp AI. Returns: id, version, scriptKey, changelog, publishedBy, and createdAt for each version record. Required: task_id, automation_id. - **create_a_comp_ai_automation_version** — Create a published version record for an automation in Comp AI. Returns: id, version, scriptKey, changelog, publishedBy, and createdAt for the newly created version. Required: task_id, automation_id, scriptKey. - **list_all_comp_ai_automations_runs** — List all automation runs for a task in Comp AI. Returns: id, status, trigger, createdAt, completedAt, and error for each run. Required: task_id. - **list_all_comp_ai_task_evidences** — Get the evidence summary for a task in Comp AI, covering task evidence, automation evidence, and reviewer-ready bundles exportable as PDF or ZIP files. Returns an opaque binary evidence bundle (PDF or ZIP). Required: task_id. - **list_all_comp_ai_pdfs** — Export automation evidence as a PDF file in Comp AI. Returns a binary PDF document containing the automation evidence for the specified task and automation. Required: task_id, automation_id. - **list_all_comp_ai_evidence_exports** — Download a ZIP package containing task evidence and automation results from compai for auditor review or customer security requests. Returns a binary ZIP file (application/zip) — no enumerable JSON fields. Required: task_id. - **create_a_comp_ai_evidence_export_all** — Trigger a bulk evidence export in Comp AI, packaging all organization evidence into an auditor review package. Returns an empty 201 response on success indicating the export job has started. - **list_all_comp_ai_comments** — List comments for a compai compliance entity (task, policy, risk, vendor, or finding). Returns: id, entityId, entityType, userId, content, createdAt. Required: entityId, entityType. - **create_a_comp_ai_comment** — Create a new comment on a compai compliance entity such as a task, policy, risk, vendor, or finding. Returns: id, entityId, entityType, userId, content, createdAt. Required: entityId, entityType, content. - **update_a_comp_ai_comment_by_id** — Update an existing comment by id in compai. Returns: id, entityId, entityType, userId, content, createdAt. Required: id, content. - **delete_a_comp_ai_comment_by_id** — Delete a comment by id in compai. Returns: success, deletedCommentId, message. Required: id. - **list_all_comp_ai_trust_portal_settings** — Get Trust Center settings in compai. Returns the portal configuration including is_public, custom_domains, framework_visibility, resources, faqs, and access_rules. No required parameters. - **create_a_comp_ai_trust_portal_favicon** — Upload a favicon for the trust portal in Comp AI. Returns an empty 201 response on success. - **delete_a_comp_ai_trust_portal_favicon_by_id** — Remove the trust portal favicon in Comp AI. Returns an empty 200 response on success. - **list_all_comp_ai_domain_status** — Get the domain verification status for a custom Trust Portal domain in Comp AI. Returns: domain, verified, status. Required: domain. - **create_a_comp_ai_compliance_resources_upload** — Upload or replace a compliance certificate PDF in compai for Trust Center sharing, supporting frameworks such as SOC 2, ISO 27001, HIPAA, and GDPR. Returns the uploaded compliance resource record including its id, framework, fileUrl, and organizationId. Required: framework, fileUrl. - **create_a_comp_ai_compliance_resources_signed_url** — Generate a temporary signed URL for a compliance certificate in Comp AI's Trust Portal. Returns: url. - **create_a_comp_ai_compliance_resources_list** — List uploaded compliance certificates for the organization in Comp AI's Trust Portal. Returns an array of compliance resource objects; each item includes id and attributes with schema-specific compliance resource fields. - **create_a_comp_ai_documents_upload** — Upload an additional trust portal document in Comp AI's Trust Center. Returns the uploaded trust document object including its id and schema-specific attributes. The request body is required; consult the Comp AI API reference (UploadTrustDocumentDto) for the full field list. - **create_a_comp_ai_documents_list** — List additional trust portal documents for the organization in Comp AI via a POST-based list endpoint. Returns an array of trust document objects; individual fields are schema-specific — Returns: id, attributes (document-specific fields; consult Comp AI upstream docs for the full field breakdown). - **create_a_comp_ai_document_download** — Generate a temporary signed URL for a trust portal document in Comp AI to enable direct downloads. Returns: url. Required: document_id. - **create_a_comp_ai_document_delete** — Delete (deactivate) a trust portal document in Comp AI. Returns: success. Required: document_id. - **update_a_comp_ai_settings_toggle_by_id** — Enable or disable the trust portal in Comp AI, toggling visibility and configuration of the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures. Returns a 200 response on success with no documented response body. - **create_a_comp_ai_settings_custom_domain** — Add or update a custom domain for the trust portal in Comp AI. Configures the live Trust Center including custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures. Returns a 201 response on success. - **create_a_comp_ai_settings_check_dn** — Check DNS records for a custom domain in Comp AI's Trust Portal. Verifies that DNS is correctly configured for the trust center's custom domain. Returns a 201 response on success with no documented response body. - **update_a_comp_ai_settings_faq_by_id** — Update trust portal FAQs in Comp AI. Returns a 200 response on success. No request body fields or response body fields are enumerated in the source documentation. - **update_a_comp_ai_settings_allowed_domain_by_id** — Update the allowed domains settings for the trust portal in Comp AI. Configure the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures. Returns a 200 response on success. - **update_a_comp_ai_settings_allowed_email_by_id** — Update the allowed emails configuration for the trust portal in Comp AI. Replaces the permitted email addresses or domains that may access the trust portal. Returns a 200 response on success. - **update_a_comp_ai_settings_framework_by_id** — Update trust portal framework settings in Comp AI. Configures the live Trust Center including custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures. Returns a 200 response on success. - **list_all_comp_ai_trust_portal_custom_frameworks** — List org-authored custom frameworks with their trust portal selection in Comp AI. Returns: customFrameworkId, enabled, status. - **update_a_comp_ai_trust_portal_custom_framework_by_id** — Enable or disable a custom framework on the trust portal and set its compliance status in Comp AI. Returns: customFrameworkId, enabled, status. Required: customFrameworkId, and at least one of enabled or status. - **list_all_comp_ai_trust_portal_overviews** — Get the trust portal overview for a Comp AI organization, including Trust Center configuration for custom domain, FAQs, compliance resources, documents, links, and vendor disclosures. Returns: organizationId, customDomain, overview, faqs, complianceResources, documents, links, vendorDisclosures. Required: organizationId. - **create_a_comp_ai_trust_portal_overview** — Update the public Trust Center overview content in Comp AI, configuring the security posture and compliance status shown to prospects and customers. Returns: organizationId, customDomain, overview, faqs, complianceResources, documents, links, vendorDisclosures. - **list_all_comp_ai_trust_portal_custom_links** — List custom links for the trust portal in Comp AI. Returns: id. Required: organizationId. - **create_a_comp_ai_trust_portal_custom_link** — Create a custom link for the trust portal in Comp AI. Returns: id. - **update_a_comp_ai_trust_portal_custom_link_by_id** — Update a custom link in the trust portal in Comp AI. Returns: id. Required: id. - **create_a_comp_ai_custom_link_delete** — Delete a custom link in Comp AI's Trust Portal. Returns an empty 200 response on success. Required: link_id. - **create_a_comp_ai_custom_links_reorder** — Reorder custom links in the Comp AI Trust Portal. Returns a 200 success response confirming the new order was applied; the source documents no response body fields. - **create_a_comp_ai_vendor_trust_setting** — Update vendor trust portal settings in Comp AI for a specific vendor, including the live Trust Center, custom domain, public overview, FAQs, compliance resources, documents, links, and vendor disclosures. Returns a 200 success response with no body on success. Required: vendor_id. - **list_all_comp_ai_trust_portal_vendors** — List vendors configured for the trust portal in Comp AI. Returns vendor records including id and vendor-specific attributes; the complete field structure is not enumerated in the upstream source documentation. Optional: `all` — when `true`, returns all org vendors with sync. - **create_a_comp_ai_trust_acces_request** — Submit a Trust Center access request in compai for administrator approval. The request body carries requester details, company context, and a review reason. Returns an empty 201 response on success. Required: friendly_url. - **list_all_comp_ai_admin_requests** — List Trust Center access requests in compai, covering both pending and completed entries. Returns: id, status. Optionally filter by status (under_review, approved, denied, canceled). - **get_single_comp_ai_admin_request_by_id** — Get a single Trust Center access request by id in compai, including requester context, review metadata, and audit details. Returns: id, status. Required: id. - **comp_ai_admin_requests_approve** — Approve a Trust Center access request in compai, configure the grant window, and trigger the NDA or access email workflow. Returns: id, status. Required: id. - **create_a_comp_ai_request_deny** — Deny a Trust Center access request in compai by id. Rejects the request with a review reason so that security access decisions remain auditable. Returns a 200 response on success with no documented body. Required: id. - **list_all_comp_ai_admin_grants** — List compai Trust Access grants including active, expired, and revoked entries for customer security reviews and shared compliance resources. Returns: id, status. - **comp_ai_admin_grants_revoke** — Immediately revoke a compai Trust Access grant when a customer review ends or shared compliance access should be removed. Returns: id, status. Required: id. - **create_a_comp_ai_grant_resend_access_email** — Resend the access email for an active Trust Access grant in compai so approved reviewers can reopen shared resources. Returns an empty 200 response on success. Required: id. - **create_a_comp_ai_request_resend_nda** — Resend the NDA signing email for a compai Trust Access request that still requires reviewer signature. Returns an empty 200 response confirming the email was resent. Required: id. - **create_a_comp_ai_request_preview_nda** — Generate a preview NDA PDF for a Trust Access request in compai before the reviewer signs and receives access. Returns an opaque PDF binary response (the generated NDA document). Required: id. - **create_a_comp_ai_trust_acces_reclaim** — Request a fresh Trust Access link for a reviewer who already has an active grant on a published compai Trust Center. Triggers re-delivery of the access link to the reviewer's email. Returns an empty 200 response confirming the link was sent. Required: friendly_url. - **list_all_comp_ai_trust_acces_faqs** — List published Trust Center FAQs for a compai organization's trust page. Returns: id, question, answer, order for each FAQ item. Required: friendly_url. - **list_all_comp_ai_trust_acces_overviews** — Retrieve the published Trust Center overview for an organization in compai, including public security posture messaging. Returns the overview object with organization-specific fields whose exact shape depends on the Trust Center configuration. Required: friendly_url. - **list_all_comp_ai_trust_acces_custom_links** — List published custom links shown on an organization Trust Center in compai for customer security and compliance reviews. Returns: id, name, url. Required: friendly_url (Trust Portal friendly URL or Organization ID). - **list_all_comp_ai_trust_acces_favicons** — Retrieve the favicon URL for a published compai Trust Center. Returns: faviconUrl. Required: friendly_url. - **list_all_comp_ai_trust_acces_vendors** — List published vendors and subprocessors for an organization's Trust Center in compai, allowing reviewers to inspect third-party posture. Returns vendor objects including id and vendor-specific attribute fields. Required: friendly_url. - **list_all_comp_ai_trust_acces_custom_frameworks** — List org-authored custom frameworks displayed on a Comp AI trust portal. Returns a collection of custom framework objects including id and framework-specific attributes. Required: friendly_url. - **list_all_comp_ai_findings** — List audit findings in Comp AI filtered by status, severity, area, and related entity IDs for compliance review workflows. Returns: id, status, severity, area, memberId, taskId, policyId, vendorId, riskId, evidenceSubmissionId, evidenceFormType, deviceId. - **create_a_comp_ai_finding** — Create an audit finding in Comp AI to track issue ownership, remediation activity, and severity. Returns: id, status, severity, area, memberId, taskId, policyId, vendorId, riskId, evidenceSubmissionId, evidenceFormType, deviceId. - **get_single_comp_ai_finding_by_id** — Get a single audit finding by id in Comp AI. Returns: id, status, severity, area, memberId, taskId, policyId, vendorId, riskId, evidenceSubmissionId, evidenceFormType, deviceId. Required: id. - **update_a_comp_ai_finding_by_id** — Update an audit finding by id in Comp AI; status transition rules apply. Returns: id, status, severity, area, memberId, taskId, policyId, vendorId, riskId, evidenceSubmissionId, evidenceFormType, deviceId. Required: id. - **delete_a_comp_ai_finding_by_id** — Delete an audit finding by id in Comp AI. Returns an empty 204 response on success. Required: id. - **comp_ai_findings_list_history** — Get activity history entries for an audit finding by id in Comp AI. Returns: id, createdAt. Required: id. - **list_all_comp_ai_findings_organizations** — List all findings for the organization in Comp AI, optionally filtered by status. Returns: id, status. - **list_all_comp_ai_roles** — List all roles in Comp AI. Returns: builtInRoles (each with name, isBuiltIn, description) and customRoles (each with id, name, permissions, isBuiltIn, createdAt, updatedAt). - **create_a_comp_ai_role** — Create a custom role in Comp AI for organization-level access control. Returns: id, name, permissions, isBuiltIn, createdAt, updatedAt. Required: name. - **get_single_comp_ai_role_by_id** — Get a single role by id in Comp AI. Returns: id, name, permissions, isBuiltIn, createdAt, updatedAt. Required: id. - **update_a_comp_ai_role_by_id** — Update a custom role by id in Comp AI. Returns: id, name, permissions, isBuiltIn, createdAt, updatedAt. Required: id. - **delete_a_comp_ai_role_by_id** — Delete a custom role by id in Comp AI. Returns: success, message. Required: id. - **list_all_comp_ai_roles_permissions** — Resolve merged permissions for one or more custom roles in compai. Returns the combined effective permissions across all requested roles. Returns: permissions (a map of role name to its array of allowed action strings). Required: roles. - **list_all_comp_ai_built_in_obligations** — Get the effective obligations for a built-in role in compai — returns the DB override if present, otherwise the hardcoded default. Returns: name, obligations (including compliance flag). Required: name. - **update_a_comp_ai_built_in_obligation_by_id** — Update (override) the obligations for a built-in role in compai, for example to disable the compliance obligation for owners. Permissions continue to be sourced from hardcoded defaults. Returns: name, obligations (including compliance flag). Required: name. - **list_all_comp_ai_questionnaires** — List security questionnaires in compai saved for an organization, enabling teams to track customer reviews, answer status, and response history. Returns: id, questions, answers, review_context. - **get_single_comp_ai_questionnaire_by_id** — Get a single security questionnaire by id in compai, including extracted questions, generated answers, and review context for the requesting client. Returns: id, questions, answers, review_context. Required: id. - **delete_a_comp_ai_questionnaire_by_id** — Delete a security questionnaire in compai when a customer review or vendor assessment no longer needs to be retained. Returns: id. Required: id. - **create_a_comp_ai_auto_answer** — Start background auto-answer generation for a compai questionnaire. Triggers an asynchronous answer-generation job and returns a run handle immediately; poll GET /v1/questionnaire/:id until answeredQuestions equals totalQuestions to track completion. Returns: id. Required: id. - **create_a_comp_ai_questionnaire_parse** — Parse questionnaire content in compai from a submitted JSON payload, extracting security questions before generating or reviewing answers. Returns the parsed questionnaire content as a dynamic object whose structure depends on the submitted questionnaire payload. - **create_a_comp_ai_questionnaire_answer_single** — Generate an AI-backed answer for a single security questionnaire question in compai, drawing on the organization's evidence library to produce source-referenced responses. Returns success status and a data object containing question, answer, sources (evidence references from the library), and error. Required: question. - **create_a_comp_ai_questionnaire_save_answer** — Save a manual or AI-generated security questionnaire answer in compai for later review, export, and audit tracking. Returns: success, error. - **create_a_comp_ai_questionnaire_delete_answer** — Delete a stored questionnaire answer in compai, removing it from the active response set. Returns: success, error. - **create_a_comp_ai_questionnaire_export** — Export a saved security questionnaire in compai as PDF, CSV, or XLSX for customer and vendor security reviews. Returns the exported file in the requested format; the response body is the binary file content (PDF, CSV, or XLSX) and cannot be enumerated as JSON fields. Required: id, format. - **create_a_comp_ai_questionnaire_upload_and_parse** — Upload a questionnaire payload to compai and start asynchronous parsing. Returns: runId, publicAccessToken. - **create_a_comp_ai_upload_and_parse_upload** — Upload a security questionnaire file to compai, extract its questions, and save the parsed result. Returns: questionnaireId, totalQuestions. Required: file, organizationId. - **create_a_comp_ai_parse_upload** — Upload a questionnaire file to compai and auto-generate answer exports from approved organization evidence in PDF, CSV, or XLSX format. Returns an empty 201 response on success. Required: file, organizationId. - **create_a_comp_ai_answers_export** — Generate and export questionnaire answers in compai from a submitted payload using approved organization evidence. Returns an empty 201 response on success. - **create_a_comp_ai_export_upload** — Upload a questionnaire file to compai and receive generated answer exports. Returns a binary file payload in the requested format (PDF, CSV, or XLSX). Required: file, organizationId. - **create_a_comp_ai_questionnaire_auto_answer** — Stream generated questionnaire answers in compai over server-sent events, allowing clients to display progress as answers are produced in real time. Returns an empty 201 response on success. - **list_all_comp_ai_knowledge_base_documents** — List uploaded knowledge base documents in Comp AI that serve as approved source material for answers, policies, and reviews. Returns: id, attributes. No required parameters. - **list_all_comp_ai_knowledge_base_manual_answers** — List all manual answers for an organization in compai. Returns: id. - **create_a_comp_ai_knowledge_base_manual_answer** — Save or update a reusable manual answer in compai for security questionnaires that need approved, consistent response language. Returns: id. - **create_a_comp_ai_document_view** — Generate a signed view URL for a knowledge-base document in compai. Returns: url (the signed URL to view the document). Required: document_id. - **create_a_comp_ai_documents_procese** — Trigger processing of uploaded knowledge base documents in compai so they become searchable source material for AI-assisted compliance workflows. Returns a 200 acknowledgment that document processing has been triggered. Required: a JSON request body conforming to the ProcessDocumentsDto schema. - **create_a_comp_ai_run_token** — Create a public access token for a knowledge base run in compai. Returns a public access token object on success; the upstream API does not enumerate specific response body fields. Required: run_id. - **create_a_comp_ai_manual_answer_delete** — Delete a manual answer in Comp AI by its ID. Required: manual_answer_id. Returns an empty 200 response on success. - **create_a_comp_ai_manual_answers_delete_all** — Delete all manual answers for an organization in Comp AI. Returns a 200 success response when all manual answers have been deleted. - **create_a_comp_ai_soa_save_answer** — Save a SOA answer in Comp AI for an ISO 27001 Statement of Applicability document. Returns: success. - **create_a_comp_ai_soa_auto_fill** — Auto-fill an ISO 27001 Statement of Applicability draft in compai using organization context and framework mappings. Submits a JSON body conforming to the AutoFillSOADto schema to trigger the auto-fill process. Returns a 201 response on success; no response body fields are documented by the upstream API. - **create_a_comp_ai_soa_create_document** — Create a new ISO 27001 Statement of Applicability (SOA) document in Comp AI, enabling auto-fill, review, approval, and export workflows. Returns a 200 success response; the response body shape is not enumerated in the upstream documentation. - **create_a_comp_ai_soa_ensure_setup** — Ensure SOA configuration and document exist in Comp AI, enabling creation, auto-filling, review, approval, and export of ISO 27001 Statement of Applicability documents. Returns a 200 success response when the setup has been ensured. - **create_a_comp_ai_soa_get_setup** — Read the SOA (Statement of Applicability) setup in Comp AI, returning the existing configuration and document without creating either. Returns: configuration, document (either may be null if not yet set up). - **create_a_comp_ai_soa_approve** — Approve a SOA document in Comp AI to complete the ISO 27001 Statement of Applicability review workflow. Returns a 200 response on successful approval. - **create_a_comp_ai_soa_decline** — Decline a SOA document in Comp AI, marking it as rejected within an ISO 27001 Statement of Applicability workflow. Returns a 200 OK response indicating the document was declined successfully, with no structured response body. - **create_a_comp_ai_soa_submit_for_approval** — Submit an ISO 27001 Statement of Applicability (SOA) document for approval in Comp AI, triggering the review and approval workflow. Returns a 200 success acknowledgment on submission with no documented body fields. - **create_a_comp_ai_isms_ensure_setup** — Ensure ISMS foundational documents exist in Comp AI, creating any missing foundational setup records if they are not already present. Returns an empty 200 response on success. - **get_single_comp_ai_isms_document_by_id** — Get an ISMS document with its latest version in Comp AI. Returns: id. Required: id. - **comp_ai_isms_documents_approve** — Approve an ISMS document in Comp AI, marking it as approved. Returns: id. Required: id. - **create_a_comp_ai_document_control** — Map organization controls to an ISMS document in Comp AI. Required: id. Returns a 200 response confirming the controls were linked. - **delete_a_comp_ai_document_control_by_id** — Remove a control mapping from an ISMS document in Comp AI. Required: id, control_id. Returns a 200 response confirming the control was unlinked. - **create_a_comp_ai_document_generate** — Derive Context-of-the-Organization issues for a document in Comp AI. Returns the document object with content-type-specific derived issue fields. Required: id. - **create_a_comp_ai_document_context_issue** — Create a manual context issue in Comp AI for a specified document. Returns a 200 confirmation response on successful creation. Required: id. - **create_a_comp_ai_isms_context_issue** — Update a context issue in Comp AI. Accepts a JSON body with update fields for the specified context issue. Returns an empty 200 response on success. Required: id. - **delete_a_comp_ai_isms_context_issue_by_id** — Delete a context issue in Comp AI by id. Returns an empty 200 response on success. Required: id. - **create_a_comp_ai_document_submit_for_approval** — Submit an ISMS document for approval in Comp AI. Returns an empty response on success. Required: id. - **create_a_comp_ai_document_decline** — Decline an ISMS document in Comp AI. Returns an empty 200 acknowledgment response on success with no documented body. Required: id. - **list_all_comp_ai_document_drifts** — Detect drift against the approved snapshot for a document in Comp AI. Returns drift status data for the specified document including id and attributes. Required: id. - **create_a_comp_ai_document_export** — Export an ISMS document as PDF or DOCX in Comp AI. Returns a rendered document binary (the file content itself). Required: id. - **create_a_comp_ai_document_interested_party** — Create a manual interested party for a document in Comp AI. Returns the created interested party object (response fields are not enumerated in the upstream API documentation). Required: id. - **create_a_comp_ai_isms_interested_party** — Update an interested party in Comp AI by id. Accepts a JSON request body containing the fields to update. Returns a 200 response on success. Required: id. - **delete_a_comp_ai_isms_interested_party_by_id** — Delete an interested party in Comp AI by id. Returns an empty 204 response on success. Required: id. - **create_a_comp_ai_document_requirement** — Create a manual requirement in compai for a specific ISMS document. Returns a 200 response indicating the requirement was created successfully; no response body fields are documented by the source. Required: id. - **create_a_comp_ai_isms_requirement** — Update a requirement in Comp AI by id. Returns a 200 response on success with no documented body. Required: id. - **delete_a_comp_ai_isms_requirement_by_id** — Delete a requirement in Comp AI by id. Returns a 200 response on success with no documented body. Required: id. - **create_a_comp_ai_document_objective** — Create a manual objective in Comp AI for a specified document. The upstream source documents a 200 success response but does not enumerate response body fields. Required: id. - **create_a_comp_ai_isms_objective** — Update an objective in Comp AI by id. Returns an empty 200 response on success. Required: id. - **delete_a_comp_ai_isms_objective_by_id** — Delete an objective in Comp AI by id. Returns an empty 200 response on success. Required: id. - **create_a_comp_ai_document_narrative** — Save a singleton document narrative in Comp AI for a specific document. Returns a 200 success response confirming the narrative was saved. Required: id. - **list_all_comp_ai_isms_profiles** — Get the ISMS wizard profile, defaults, and member options in Comp AI for a given framework. Returns: profile, defaults, members. Required: frameworkId. - **create_a_comp_ai_isms_profile** — Save partial ISMS wizard answers in Comp AI. Returns the saved profile including profile, defaults, and members data. - **create_a_comp_ai_isms_generate_all** — Ensure and regenerate all ISMS documents in Comp AI. Returns a 200 response upon successful regeneration. - **list_all_comp_ai_connections_providers** — List available integration providers in Comp AI that can connect to the organization for automated evidence collection and compliance checks. Returns: id, slug. Required: activeOnly. - **get_single_comp_ai_connections_provider_by_id** — Get a single Comp AI integration provider by id. Returns: id, slug. Required: id. - **list_all_comp_ai_integrations_connections** — List integration connections in Comp AI, covering vendor systems connected for evidence collection, compliance checks, and data sync. Returns: id. - **create_a_comp_ai_integrations_connection** — Create an integration connection in Comp AI so it can collect evidence, run compliance checks, or sync data from a connected provider. Returns: id. - **get_single_comp_ai_integrations_connection_by_id** — Get an integration connection by id in Comp AI. Returns: id. Required: id. - **update_a_comp_ai_integrations_connection_by_id** — Update an integration connection by id in Comp AI. Returns: id. Required: id. - **delete_a_comp_ai_integrations_connection_by_id** — Delete an integration connection by id in Comp AI. Returns an empty 204 response on success. Required: id. - **comp_ai_integrations_connections_pause** — Pause an integration connection by id in Comp AI, temporarily halting evidence collection and compliance checks. Returns: id. Required: id. - **comp_ai_integrations_connections_resume** — Resume a paused integration connection by id in Comp AI to restart evidence collection and compliance checks. Returns: id. Required: id. - **create_a_comp_ai_connection_test** — Test an integration connection in Comp AI. Triggers a connectivity check for the specified connection and returns an empty 201 response on success. Required: id. - **create_a_comp_ai_connection_disconnect** — Disconnect an integration connection in Comp AI by id. Returns an empty 201 response on success. Required: id. - **list_all_comp_ai_connection_services** — List services enabled on a Comp AI connection. Returns the service configuration for the specified connection; the response body structure is not enumerated by the upstream API. Required: id. - **update_a_comp_ai_connection_service_by_id** — Set services enabled on a Comp AI connection, replacing the current service configuration for the specified connection. Returns the updated service state; the response body structure is not enumerated by the upstream API. Required: id. - **list_all_comp_ai_checks_providers** — List check definitions for a provider in Comp AI. Returns check definition objects with id and provider-specific attributes whose shape varies by provider. Required: provider_slug. - **get_single_comp_ai_checks_connection_by_id** — List compliance checks for a connection in Comp AI. Returns check records associated with the specified connection. Returns: id. Required: id. - **create_a_comp_ai_connection_run** — Run all compliance checks for an integration connection in Comp AI and capture results as automated evidence. Required: connection_id. Returns an empty 201 response on success. - **list_all_comp_ai_variables_providers** — List variable definitions for a specific integration provider in Comp AI. Returns provider-specific variable definition objects including id and attributes. Required: provider_slug. - **get_single_comp_ai_variables_connection_by_id** — List connection variables for a specific Comp AI connection by id. Returns: attributes (integration-specific variable data whose exact fields depend on the connection type configured in Comp AI). Required: id. - **create_a_comp_ai_variables_connection** — Update connection variables for a specific Comp AI connection by id. Accepts a JSON body with integration-specific variable data. Returns: attributes (integration-specific variable data reflecting the updated state). Required: id. - **list_all_comp_ai_connection_options** — List available options for a connection variable in Comp AI. Returns option records including id and variable-specific attributes whose shape depends on the variable's configuration. Required: connection_id, variable_id. - **list_all_comp_ai_checks** — List checks associated with a task template in Comp AI. Returns check objects including id and attributes; the upstream API does not enumerate specific response fields in its documentation. Required: template_id. - **list_all_comp_ai_task_checks** — List checks attached to a task in Comp AI. Returns check objects associated with the specified task; the upstream API does not enumerate the response field schema for this endpoint. Required: task_id. - **create_a_comp_ai_task_run_check** — Run a compliance check for a task in Comp AI. Triggers the automated check associated with the specified task, which can be used to sync evidence, validate controls, or verify connected vendor systems. Returns an empty 201 response on success. Required: task_id. - **create_a_comp_ai_checks_disconnect** — Disconnect checks from a task in Comp AI. Required: task_id. Returns an empty 201 response on success. - **create_a_comp_ai_checks_reconnect** — Reconnect checks to a task in Comp AI. Triggers reconnection of vendor-system checks associated with the specified task. Returns an empty 201 response on success. Required: task_id. - **list_all_comp_ai_task_runs** — List check runs for a task in Comp AI. Returns: id, attributes. Required: task_id. - **create_a_comp_ai_google_workspace_employee** — Sync Google Workspace employees in Comp AI. Triggers an employee sync for the specified connection. Returns a 201 response on success with no documented body. Required: connectionId. - **create_a_comp_ai_google_workspace_status** — Get the Google Workspace sync status in Comp AI. Returns a 201 response on success with no documented response body. - **create_a_comp_ai_rippling_employee** — Sync Rippling employees into Comp AI. Triggers an employee sync for the specified connection. Returns a 201 response on success. Required: connectionId. - **create_a_comp_ai_rippling_status** — Get the Rippling sync status in Comp AI. Triggers a status check for the Rippling integration, covering employee sync, variable management, OAuth configuration, and compliance checks. Returns a 201 response on success with no documented response body. - **create_a_comp_ai_jumpcloud_employee** — Sync JumpCloud employees in Comp AI. Triggers an employee sync for the specified JumpCloud connection and returns an empty 201 response on success. Required: connectionId. - **create_a_comp_ai_jumpcloud_status** — Get JumpCloud sync status in Comp AI. Triggers a sync status check for the JumpCloud integration, returning a 201 response on success. No request body or documented response fields are defined by the upstream API. - **list_all_comp_ai_sync_employee_sync_providers** — Get the currently configured employee sync provider in Comp AI. Returns: provider. - **create_a_comp_ai_sync_employee_sync_provider** — Set the employee sync provider in Comp AI. Returns: provider. Required: provider. - **list_all_comp_ai_sync_device_sync_providers** — Get the currently configured device sync provider in Comp AI. Returns the provider configuration as an opaque object; the response fields are not enumerated in the source documentation. - **create_a_comp_ai_sync_device_sync_provider** — Set the device sync provider in Comp AI. Returns the newly configured provider as an opaque object on success; the response fields and request body fields are not enumerated in the source documentation. - **list_all_comp_ai_sync_available_providers** — List sync providers available to the org in Comp AI. Returns a list of available sync provider records for the given sync type. Required: syncType. - **create_a_comp_ai_employee** — Sync employees for a dynamic provider in Comp AI. Triggers an employee synchronisation job for the specified provider connection. Returns a 201 response on success. Required: provider_slug, connectionId. - **list_all_comp_ai_cloud_security_activities** — List recent cloud security activity in Comp AI, covering AWS, Azure, and GCP scan findings, detected enabled services, and compliance posture results. Returns activity records (response fields are not enumerated by the source). Required: connectionId. - **list_all_comp_ai_cloud_security_providers** — List supported cloud security providers in compai (AWS, Azure, and GCP). Returns provider records including id and name. No required parameters. - **list_all_comp_ai_cloud_security_findings** — List cloud security findings in compai discovered by scans, helping teams prioritize remediation before issues become audit findings. Returns a collection of finding records whose field-level details are specific to the findings schema configured upstream in compai. - **create_a_comp_ai_finding_exception** — Mark a compai cloud-security finding as an exception so it no longer appears in the active Scan Results list. Returns an empty 201 response on success. Required: finding_id. - **update_a_comp_ai_connection_scan_mode_by_id** — Switch the AWS scan mode for a connection in Comp AI, toggling between Comp AI scanners and Security Hub. Returns an empty 200 response on success. Required: connection_id. - **delete_a_comp_ai_cloud_security_exception_by_id** — Revoke a compai cloud security exception by id, reopening the associated finding. Returns an empty 200 response on success. Required: id. - **list_all_comp_ai_cloud_security_histories** — List resolution, exception, and regression history for a connection in Comp AI (covering AWS, Azure, and GCP cloud security scans). Returns history records whose field-level structure is not enumerated in the upstream documentation; consult the Comp AI docs for the full field breakdown. Required: connectionId. - **list_all_comp_ai_finding_check_definitions** — Get the 'About this check' definition for a compai finding, resolving its check description (AI-cached for AWS; provider-derived for GCP/Azure). Returns a check definition object whose response shape is not enumerated by the upstream source. Required: finding_id. - **create_a_comp_ai_cloud_security_resolve_session** — Resolve short-lived AWS credentials for a connection in Comp AI, enabling cloud security scans across AWS, Azure, and GCP. Returns an empty 201 response on success. Required: id. - **create_a_comp_ai_cloud_security_scan** — Trigger a cloud security scan in compai for a connected AWS, Azure, or GCP account to collect findings for compliance remediation. Returns an empty 201 response on success. Required: id (connectionId). - **create_a_comp_ai_cloud_security_detect_service** — Detect available cloud services for a connection in Comp AI, triggering AWS, Azure, and GCP cloud security scans to identify enabled services and link posture results to compliance work. Returns an empty 201 response on success. Required: id. - **create_a_comp_ai_cloud_security_detect_gcp_org** — Detect the GCP organization for a connection in Comp AI. Triggers organization detection for the specified connection as part of GCP cloud security scanning. Returns an empty 201 response on success. Required: id. - **create_a_comp_ai_cloud_security_select_gcp_project** — Select GCP projects for a connection in Comp AI, enabling cloud security scans and linking cloud posture results to compliance work. Returns an empty 201 response on success. Required: id (connectionId). - **create_a_comp_ai_cloud_security_setup_gcp** — Set up GCP for a connection in Comp AI, enabling cloud security scans, service detection, and cloud posture findings linked to compliance work. Returns an empty 201 response on success. Required: id. - **create_a_comp_ai_setup_gcp_resolve_step** — Resolve a GCP setup step in Comp AI to advance cloud security configuration. Required: connection_id. Returns an empty 201 response on success. - **create_a_comp_ai_cloud_security_setup_azure** — Set up Azure for a connection in Comp AI, initiating cloud security scans, detecting enabled services, reviewing findings, and linking cloud posture results to compliance work. Returns an empty 201 response on success. Required: id. - **create_a_comp_ai_cloud_security_validate_azure** — Validate Azure credentials for a connection in Comp AI. Triggers an Azure credential validation as part of cloud security scanning, covering service detection and cloud posture assessment. Returns an empty 201 response on success. Required: id. - **create_a_comp_ai_cloud_security_trigger** — Trigger a cloud security run for a connection in Comp AI, initiating AWS, Azure, and GCP scans to detect enabled services, review findings, and connect cloud posture results to compliance work. Returns an empty 201 response on success. Required: id. - **get_single_comp_ai_cloud_security_run_by_id** — Get a cloud security scan run by ID in Comp AI. Retrieves a single run record for AWS, Azure, or GCP cloud security scans. Returns: id. Required: id, connectionId. - **list_all_comp_ai_task_management_stats** — Get task item statistics for an entity in Comp AI. Returns: total, byStatus (with counts for todo, in_progress, in_review, done, and canceled tasks). Required: entityId, entityType. - **list_all_comp_ai_task_managements** — List task items for an entity in Comp AI. Returns: id, entityId, entityType, title, status, priority, assigneeId, createdAt, updatedAt. Required: entityId, entityType. Optionally filter by status, priority, or assigneeId and sort by field and order. - **create_a_comp_ai_task_management** — Create a new task item in Comp AI linked to an operational entity such as a vendor or risk. Returns: id, entityId, entityType, title, status, priority, assigneeId, createdAt, updatedAt. Required: entityId, entityType. - **update_a_comp_ai_task_management_by_id** — Update an existing task item in Comp AI by id. Returns: id, entityId, entityType, title, status, priority, assigneeId, createdAt, updatedAt. Required: id. - **delete_a_comp_ai_task_management_by_id** — Delete a task item in Comp AI by id. Returns an empty 204 response on success. Required: id. - **create_a_comp_ai_task_management_attachment** — Upload a file attachment to a task item in compai, storing it under the org-scoped S3 path for the target entity. Returns the created attachment object including id, entityType, and entityId. Required: entityType, entityId. - **delete_a_comp_ai_task_management_attachment_by_id** — Delete an attachment from a task item in compai by id. Returns an empty 204 response on success. Required: id. - **list_all_comp_ai_task_management_activities** — List activity log entries for a task item in Comp AI. Returns activity log data linked to the specified task item; the upstream API does not document individual response fields. Required: id. - **list_all_comp_ai_training_completions** — List security awareness and HIPAA training completion records in compai for workforce compliance tracking and audit evidence. Returns: id, video_id. - **comp_ai_training_completions_complete** — Mark a specific training video as completed in compai for the authenticated member; triggers a completion email if all required training is now done. Returns: id, video_id. Required: video_id. - **create_a_comp_ai_training_send_completion_email** — Send a training completion email with certificate in Comp AI, recording security awareness and HIPAA training completion status and generating a completion certificate for the recipient. Returns: sent, reason. - **create_a_comp_ai_training_generate_certificate** — Generate a training completion certificate in compai that can be shared with auditors or attached as workforce security evidence. Returns a PDF certificate file as the binary response body. A JSON request body is required. - **create_a_comp_ai_training_generate_hipaa_certificate** — Generate a HIPAA training certificate PDF in compai. Records security awareness and HIPAA training completion status and returns the resulting certificate as a binary PDF file. Returns a binary PDF file on success (not a JSON payload). - **list_all_comp_ai_org_charts** — Get the organization chart in Comp AI, used for governance, accountability, and audit readiness. Returns: id, attributes (org chart structural data and metadata). - **update_a_comp_ai_org_chart_by_id** — Create or update the interactive organization chart in Comp AI used for governance, accountability, and audit readiness. Returns the saved org chart object including id and attributes. - **delete_a_comp_ai_org_chart_by_id** — Delete the organization chart in Comp AI. Returns an empty 200 confirmation response on success. - **create_a_comp_ai_org_chart_upload** — Upload an image as the organization chart in Comp AI to support governance, accountability, and audit readiness. Returns the uploaded organization chart record including id and attributes. - **list_all_comp_ai_evidence_forms** — List evidence forms in compai that collect recurring submissions for security, HR, IT, finance, and compliance workflows. Returns: id, attributes. - **get_single_comp_ai_evidence_form_by_id** — Get a single evidence form by id in compai. Returns: id, attributes. Required: id. - **list_all_comp_ai_evidence_forms_statuses** — List submission statuses for all evidence forms in compai. Returns status records including id and attributes containing form-specific status details for compliance tasks and document requirements. - **list_all_comp_ai_evidence_forms_settings** — Get document relevance settings in Comp AI for evidence form submissions and compliance tasks. Returns: attributes (the settings object; the field-level structure is not enumerated in the available source — consult Comp AI documentation for the complete field breakdown). No required parameters. - **update_a_comp_ai_evidence_form_setting_by_id** — Update the document relevance setting for a specific evidence form type in Comp AI. Returns a 200 response on success. Required: form_type. - **list_all_comp_ai_evidence_forms_my_submissions** — List evidence form submissions for the current user in Comp AI. Returns submission records filtered by form type. Required: formType. - **list_all_comp_ai_my_submissions_pending_counts** — Get the pending evidence form submission count for the current user in Comp AI. Returns: count of pending submissions awaiting action. - **list_all_comp_ai_evidence_form_submissions** — Get a single evidence form submission in Comp AI by form type and submission ID. Returns: id. Required: form_type, submission_id. - **delete_a_comp_ai_evidence_form_submission_by_id** — Delete an evidence form submission in Comp AI by form type and submission ID. Returns an empty 204 response on success. Required: form_type, submission_id. - **create_a_comp_ai_evidence_form_submission** — Submit structured evidence responses and attachments in Comp AI for review against a compliance task or document requirement. Returns: id. Required: form_type. - **create_a_comp_ai_evidence_form_upload_submission** — Upload a PDF or image file to create an evidence form submission in compai, bypassing form-specific validation. Returns a 201 Created response with no documented body. Required: form_type. - **update_a_comp_ai_submission_review_by_id** — Review an evidence form submission in compai by approving or rejecting it, so that task status and audit readiness reflect the latest decision. Returns a 200 response on success. Required: form_type, submission_id. - **create_a_comp_ai_evidence_forms_upload** — Upload an evidence form file in Comp AI to support compliance tasks and document requirements. Returns a 201 response on success with no documented response body. - **list_all_comp_ai_evidence_form_export_csvs** — Export compai evidence form submissions as a CSV file for auditor requests, offline review, or internal compliance reporting. Returns a CSV-formatted file whose columns correspond to the submitted evidence form fields (structure varies by form type). Required: form_type. - **list_all_comp_ai_frameworks** — List active compliance frameworks in Comp AI, covering SOC 2, ISO 27001, HIPAA, GDPR, and custom frameworks, with implementation status and progress data. Returns: id, name, status, progress, controls, scores. - **create_a_comp_ai_framework** — Add one or more compliance frameworks to an organization in Comp AI to generate tasks, controls, evidence, and readiness tracking. Returns: id, name, status, progress, controls, scores. Required: frameworks. - **get_single_comp_ai_framework_by_id** — Get a single compliance framework instance with full detail in Comp AI, including requirements, scores, controls, and sync history. Returns: id, name, status, progress, requirements, scores, controls, syncHistory. Required: id. - **delete_a_comp_ai_framework_by_id** — Delete a compliance framework instance in Comp AI by id. Returns a 200 response on success. Required: id. - **list_all_comp_ai_frameworks_availables** — List frameworks available for activation in compai before starting a new compliance program or expanding into another standard. Returns framework objects; the source documents a 200 response but does not enumerate specific fields — returns at minimum id and name per framework record. - **list_all_comp_ai_frameworks_scores** — List framework readiness scores in compai so teams can report progress toward audit readiness across active compliance standards. Returns: id, score. - **list_all_comp_ai_frameworks_update_statuses** — List update statuses for all framework instances in compai, spanning SOC 2, ISO 27001, HIPAA, GDPR, and custom frameworks. Returns a collection of update status objects; the response field structure is not enumerated in the source documentation. - **list_all_comp_ai_framework_requirements** — Get a specific framework requirement with its related controls for a given framework instance in Comp AI. Returns: id. Required: id, requirement_key. - **create_a_comp_ai_framework_requirement** — Add a custom requirement to a framework instance in Comp AI. Returns: id. Required: id. - **create_a_comp_ai_frameworks_custom** — Create a custom framework for an organization in Comp AI to manage compliance standards such as SOC 2, ISO 27001, HIPAA, and GDPR. Accepts a JSON body conforming to the CreateCustomFrameworkDto schema. Returns a 201 Created response on success; the source does not enumerate response body fields. - **create_a_comp_ai_requirements_link** — Link (clone) existing requirements from another framework into the specified framework in Comp AI. Returns an empty 201 response on success. Required: id. - **create_a_comp_ai_controls_link** — Link existing org controls to a requirement within a compai framework (e.g. SOC 2, ISO 27001, HIPAA, GDPR, or custom). Required: id (framework id), requirement_key. Returns an empty 201 response on success. - **list_all_comp_ai_framework_update_status** — Get the update status for a framework instance in Comp AI (covering SOC 2, ISO 27001, HIPAA, GDPR, and custom frameworks). The upstream API documents a 200 response but does not enumerate the response body fields or provide an example payload. Required: id. - **list_all_comp_ai_framework_update_previews** — Preview changes from updating a framework instance in Comp AI, covering SOC 2, ISO 27001, HIPAA, GDPR, and custom framework types. Returns a preview result object; the response structure is not enumerated in the source API specification. Required: id. - **create_a_comp_ai_framework_sync** — Sync requirements, controls, and tasks for a compai framework after content changes so compliance tracking remains current. Returns a 201 response with no body on success. Required: id. - **create_a_comp_ai_framework_rollback** — Roll back a framework sync operation in Comp AI, reverting a previous sync for the specified framework instance (SOC 2, ISO 27001, HIPAA, GDPR, or custom). Returns an empty 201 response on success. Required: id. - **list_all_comp_ai_framework_sync_histories** — List sync history entries for a framework instance in Comp AI (SOC 2, ISO 27001, HIPAA, GDPR, or custom frameworks). Returns: id. Required: id. - **list_all_comp_ai_audit_logs** — List organization audit logs in compai for compliance activity, access changes, evidence updates, and customer-facing review events. Returns: id, entityType, entityId. Optionally filter results by entityType, entityId, or pathContains. - **list_all_comp_ai_controls** — List compliance controls in Comp AI with linked policies, tasks, requirements, and document types for SOC 2, ISO 27001, HIPAA, and GDPR programs. Returns: id, name, policies, tasks, requirements, documentTypes. - **create_a_comp_ai_control** — Create a custom compliance control in Comp AI and connect it to framework requirements, policies, tasks, and evidence expectations. Returns: id, name, policies, tasks, requirements, documentTypes. Required: name. - **get_single_comp_ai_control_by_id** — Get control detail with implementation progress in Comp AI, including linked policies, tasks, requirements, and document types. Returns: id, name, policies, tasks, requirements, documentTypes, progress. Required: id, frameworkInstanceId. - **delete_a_comp_ai_control_by_id** — Delete a compliance control by id in Comp AI. Returns an empty 200 response on success. Required: id. - **list_all_comp_ai_controls_options** — Get dropdown options for creating controls in Comp AI. Returns option lists for policies, tasks, frameworkRequirements, and evidenceDocumentTypes to use when configuring and mapping controls. - **create_a_comp_ai_policies_link** — Link policies to a control in compai so auditors and reviewers can trace control implementation back to approved policy evidence. Returns an empty 201 response on success. Required: id, frameworkInstanceId. - **create_a_comp_ai_tasks_link** — Link compliance tasks to a control in compai, connecting implementation work, evidence collection, and review status. Returns an empty 201 response on success. Required: id, frameworkInstanceId. - **create_a_comp_ai_document_types_link** — Link required document types to a control in Comp AI. Returns an empty 201 response on success. Required: id, frameworkInstanceId. - **delete_a_comp_ai_control_document_type_by_id** — Remove a required evidence document type from a control in Comp AI by unlinking the specified form type. Returns an empty 204 response on success. Required: id, form_type, frameworkInstanceId. - **list_all_comp_ai_security_penetration_tests** — List all penetration test runs in Comp AI, including their status, findings, and events for each run. Returns: id, status, findings, events. - **create_a_comp_ai_security_penetration_test** — Create an AI-powered penetration test run in Comp AI for an approved target. Returns the created test including its id, status, findings, and events. - **get_single_comp_ai_security_penetration_test_by_id** — Get the status and details of a penetration test run in Comp AI by id. Returns: id, status, findings, events. Required: id. - **list_all_comp_ai_security_penetration_test_progreses** — Get the progress of a specific security penetration test run in Comp AI. Returns the progress object including id. Required: id. - **list_all_comp_ai_security_penetration_test_issues** — List security penetration test issues in compai for a given penetration test run. Returns the structured finding objects discovered during the scan, growing over time during a live run; the source documentation does not enumerate the individual fields of each issue record. Required: id. - **list_all_comp_ai_security_penetration_test_events** — List the real-time agent activity log events for a compai security penetration test run. Returns events covering tool calls, observations, and other agent activity emitted during the run — useful for activity feeds and debugging. Returns: id, attributes (event-specific fields that vary by event type). Required: id. - **list_all_comp_ai_security_penetration_test_reports** — Get penetration test report output for a specific security penetration test in Comp AI. Returns the report as a raw markdown document (unstructured text, not a JSON payload). Required: id. - **list_all_comp_ai_security_penetration_test_pdfs** — Download the PDF report for a security penetration test in Comp AI. Returns a binary PDF report artifact for the specified test. Required: id. - **list_all_comp_ai_pentest_finding_contexts** — List pentest finding context notes in compai for a given target URL. Returns: id, targetUrl. Required: targetUrl. - **update_a_comp_ai_pentest_finding_context_by_id** — Add or update a context note on a pentest finding in compai, saving rationale or remediation details that inform future scans. Returns: id, targetUrl. Required: id. - **delete_a_comp_ai_pentest_finding_context_by_id** — Remove the context note from a pentest finding in compai so future scans no longer receive it during testing. Returns an empty 204 response on success. Required: id. - **list_all_comp_ai_offboarding_checklist_pendings** — List members in compai whose offboarding checklist is still incomplete. Returns each member record along with their outstanding checklist items so you can track and finish departing-employee offboarding. Returns: id, attributes. - **list_all_comp_ai_offboarding_checklist_templates** — List offboarding checklist template items in compai, returning the ordered set of tasks every departing member must complete. Returns: id, label, description, settings. - **create_a_comp_ai_offboarding_checklist_template** — Add a new item to the offboarding checklist template in compai so it appears on every future member's offboarding checklist. Returns the created item including id, label, description, and settings. Required: label. - **update_a_comp_ai_offboarding_checklist_template_by_id** — Update an existing offboarding checklist template item by id in compai, modifying its label, description, or settings. Returns the updated item including id, label, description, and settings. Required: id. - **delete_a_comp_ai_offboarding_checklist_template_by_id** — Delete an offboarding checklist template item by id in compai so it no longer appears on members' offboarding checklists. Returns the deleted item including id, label, and description. Required: id. - **get_single_comp_ai_offboarding_checklist_member_by_id** — Get a compai member's offboarding checklist by member id. Returns: items (array of checklist items, each with a completed status indicating whether that step has been finished) to track the member's overall offboarding progress. Required: id. - **list_all_comp_ai_offboarding_checklist_export_alls** — Export all offboarding checklist evidence from compai as a zip archive covering every member in the organization, for audits, handovers, or record-keeping. Returns a binary zip file whose contents are not a JSON-enumerable payload. - **list_all_comp_ai_exports** — Export offboarding checklist evidence for a specific member in compai as a downloadable zip archive. Returns a binary zip file containing the collected offboarding evidence suitable for audit, handover, or record-keeping purposes. Required: member_id. - **comp_ai_items_complete** — Mark an offboarding checklist item as complete for a member in compai, recording that the step has been finished as part of their offboarding. Returns an empty 201 response on success. Required: member_id, template_item_id. - **comp_ai_items_delete_complete** — Reopen a previously completed offboarding checklist item for a member in compai, reverting it to incomplete in case the step was marked done by mistake. Returns an empty 200 response on success. Required: member_id, template_item_id. - **create_a_comp_ai_evidence** — Upload evidence for a compai offboarding checklist item, attaching a supporting file to a member's completed offboarding step to document it was carried out. Returns an empty 201 response on success. Required: member_id, template_item_id. - **list_all_comp_ai_access_revocations** — List vendor access revocations for a departing member in compai, showing whether each vendor's access has been removed during offboarding. Returns: member_id, vendor_id, is_revoked, evidence, notes. Required: member_id. - **create_a_comp_ai_access_revocation** — Mark a vendor's access as revoked for a departing member in compai, optionally attaching evidence and notes as part of offboarding access removal. Returns: member_id, vendor_id, is_revoked, evidence, notes. Required: member_id, vendor_id. - **delete_a_comp_ai_access_revocation_by_id** — Undo a vendor access revocation for a member in compai, marking the vendor's access as not revoked in case it was confirmed by mistake during offboarding. Returns an empty response on success. Required: member_id, vendor_id. - **create_a_comp_ai_access_revocations_confirm_all** — Confirm all vendor access revocations for a departing member in compai, marking every vendor access record as revoked in a single step to complete offboarding access removal. Returns an empty 201 response on success. Required: member_id. - **list_all_comp_ai_task_attachment_downloads** — Generate a signed download URL for a task attachment in Comp AI. Returns: url. Required: task_id, attachment_id. - **create_a_comp_ai_trust_portal_document_upload** — Upload a supporting document to compai's trust portal so it can be processed as approved source material for questionnaire answers and policy workflows. Returns: documentId. - **create_a_comp_ai_knowledge_base_document_upload** — Upload a knowledge base document to Comp AI so it can be processed as approved source material for questionnaire answers and policy workflows. Returns an empty 204 response on success. - **create_a_comp_ai_trust_portal_document_download** — Get a signed download URL for a trust portal document in Comp AI. Returns: url (the signed URL for downloading the document). Required: document_id. - **create_a_comp_ai_knowledge_base_document_download** — Initiate a download for a Comp AI knowledge base document by document_id. The response content is document-specific and varies by file type; the exact payload shape cannot be enumerated from the available source. Required: document_id. - **create_a_comp_ai_trust_portal_document_delete** — Delete a trust portal document in Comp AI by document ID. Returns an empty 204 response on success. Required: document_id. - **create_a_comp_ai_knowledge_base_document_delete** — Delete a knowledge base document in Comp AI by document ID. Returns an empty 204 response on success. Required: document_id. - **create_a_comp_ai_connection_check_run** — Run a single compliance check on a connection in Comp AI. Triggers execution of the specified check against the given integration connection. Required: connection_id, check_id. - **create_a_comp_ai_framework_requirements_link** — Link (clone) existing requirements from another framework into the specified framework in Comp AI, keeping compliance tracking current across SOC 2, ISO 27001, HIPAA, GDPR, and custom framework instances. Returns an empty 204 response on success. Required: id. - **create_a_comp_ai_control_requirements_link** — Link existing requirements to a control in Comp AI, associating them for compliance mapping across frameworks, policies, and tasks. Returns an empty 204 response on success. Required: id. - **list_all_comp_ai_evidence_form_csv_exports** — Export compai evidence form submissions as a CSV file for auditor requests, offline review, or internal compliance reporting. Returns a CSV export whose column structure depends on the specified form type. Required: form_type. ## How it works 1. **Link your customer's Comp AI account.** Use Truto's frontend SDK; we handle every OAuth and API key flow so you don't need to create the OAuth app. 2. **Authentication is automatic.** Truto refreshes tokens, stores credentials securely, and injects them into every API request. 3. **Call Truto's API to reach Comp AI.** The Proxy API is a 1-to-1 mapping of the Comp AI API. 4. **Get a unified response format.** Every response uses a single shape, with cursor-based pagination and data in the `result` field. ## Use cases - **Automate Security Questionnaire Responses in Proposal Tools** — Proposal and RFP platforms can route incoming vendor security questionnaires to Comp AI's AI auto-answer engine, eliminating hours of manual work for sales engineers. Your users upload a questionnaire and get back approved, evidence-backed answers ready to paste into their proposals. - **Unblock Sales Cycles with Trust Portal Automation in CRMs** — CRMs and sales enablement tools can trigger Trust Access requests, NDA collection, and time-boxed access to SOC 2 reports the moment a deal hits security review. Reps stop opening IT tickets and deals move faster, with every access grant logged for audit. - **Close the Loop on Offboarding for HRIS and ITAM Platforms** — When an HR or IT platform marks an employee as terminated, the integration can complete Comp AI offboarding checklists and log vendor access revocations automatically. Your users get SOC 2-ready offboarding evidence without screenshotting across a dozen tools. - **Surface Compliance and Cloud Security Findings in DevOps Dashboards** — Engineering and DevSecOps dashboards can pull Comp AI's cloud security findings, pentest issues, and task status into a single view. Engineers fix vulnerabilities in their existing workflow and the integration updates Comp AI tasks and triggers re-scans on resolution. - **Aggregate Framework Readiness in GRC and Executive Dashboards** — Risk and GRC platforms can pull real-time framework scores, control status, audit logs, and finding counts from Comp AI into unified executive views. Your users see SOC 2, ISO 27001, HIPAA, and GDPR posture alongside other risk signals without logging into Comp AI. ## What you can build - **AI Questionnaire Auto-Answer Pipeline** — Upload a raw questionnaire (PDF/CSV/XLSX), trigger parsing and AI auto-answer using your user's Comp AI knowledge base, and export completed answers back into your product. - **Trust Portal Access Request Workflow** — Create Trust Access requests, preview and resend NDAs, approve or deny requests, and revoke or reclaim grants directly from your app's deal or customer record. - **Automated Offboarding Evidence Collection** — On termination events from your platform, complete Comp AI offboarding checklist items, create access revocation records, and attach evidence to satisfy compliance controls. - **Cloud Security Finding to Ticket Sync** — Pull AWS, GCP, and Azure misconfiguration findings from Comp AI, map them to issues or tickets in your product, and mark linked tasks complete or trigger re-scans when resolved. - **Employee and Device Lifecycle Sync** — Bulk create employees, invite people, sync device posture and fleet compliance status, and resend portal invites — keeping Comp AI in lockstep with your HRIS or IT platform. - **Framework Readiness and Audit Log Embed** — Surface real-time framework scores, control status, findings, and audit log entries from Comp AI inside your GRC or executive dashboard, with deep links back to source records. ## FAQs ### How does authentication work for the Comp AI integration? Comp AI uses organization-scoped API keys. Your end users generate an API key from their Comp AI organization and provide it during connection setup. Truto handles secure storage and injection of credentials on every request, so you never touch the secret. ### Which Comp AI workflows can I trigger via the API? You can drive most core workflows: questionnaire upload and auto-answer, Trust Portal access requests and NDA handling, evidence form submissions, task creation and approval, offboarding checklist completion, access revocations, cloud security scans, framework sync, and policy lifecycle actions like publish and submit-for-approval. ### Can I sync employees and devices from an HRIS or MDM? Yes. Comp AI exposes people endpoints (create, bulk create, invite, update, reactivate), device endpoints (create, list, unlink), and dedicated employee sync providers for Google Workspace, Rippling, and JumpCloud, so you can keep workforce and fleet state in sync. ### How fresh is data pulled from Comp AI? Data is fetched on-demand via REST, so reads reflect the current state at request time. Long-running operations like questionnaire parsing, cloud security scans, and pentest runs are asynchronous — you trigger them via one endpoint and poll a status or results endpoint until completion. ### Does Comp AI support multi-org or multi-tenant connections? Yes. Each connection is scoped to a single Comp AI organization, and you can list organizations the authenticated key has access to. If your end user manages multiple Comp AI orgs, they can establish a separate Truto connection per organization. ### Can I upload files like evidence, policies, or questionnaires? Yes. Comp AI supports presigned upload flows for attachments, evidence form submissions, policy PDFs, org charts, trust portal documents, and knowledge base documents. You request a presigned URL, upload the file, then confirm — Truto normalizes this multi-step flow for you. ### Are webhooks available, or do I need to poll? The Comp AI integration is primarily REST-based with polling for asynchronous job status (questionnaires, scans, pentests). For event-driven workflows, you can schedule periodic syncs through Truto or poll status endpoints like automation runs, task runs, and cloud security run status.