Create Vendor with Drata API on New Requests from HTTP / Webhook API

Pipedream makes it easy to connect APIs for Drata, HTTP / Webhook and 2,500+ other apps remarkably fast.

Trigger workflow on

New Requests from the HTTP / Webhook API

Next, do this

Create Vendor with the Drata API

No credit card required

▶

Watch us build a workflow

8 min

Watch now ➜

Trusted by 1,000,000+ developers from startups to Fortune 500 companies

Developers ♥ Pipedream

Getting Started#

This integration creates a workflow with a HTTP / Webhook trigger and Drata action. When you configure and deploy the workflow, it will run on Pipedream's servers 24x7 for free.

Select this integration
Configure the New Requests trigger
1. Optional- Configure Body Only
2. Optional- Configure Response Status Code
3. Optional- Configure Response Content-Type
4. Optional- Configure Response Body
5. Connect your HTTP / Webhook account
Configure the Create Vendor action
1. Connect your Drata account
2. Configure Name
3. Select a Category
4. Select a Risk
5. Configure Critical
6. Configure Is Sub Processor
7. Configure Is Sub Processor Active
8. Select a User ID
9. Configure URL
10. Configure Privacy URL
11. Configure Terms URL
12. Configure Services Provided
13. Configure Data Stored
14. Configure Location
15. Configure Has PII
16. Select a Password Policy
17. Configure Password Requires Min Length
18. Configure Password Requires Number
19. Configure Password Requires Symbol
20. Configure Password MFA Enabled
21. Configure Account Manager Name
22. Configure Account Manager Email
23. Configure Is Compliance Review Required
24. Optional- Configure Password Min Length
25. Optional- Configure Renewal Date
26. Optional- Select a Renewal Schedule Type
27. Optional- Configure Notes
28. Optional- Configure Confirmed
Deploy the workflow
Send a test event to validate your setup
Turn on the trigger

Details#

This integration uses pre-built, source-available components from Pipedream's GitHub repo. These components are developed by Pipedream and the community, and verified and maintained by Pipedream.

To contribute an update to an existing component or create a new component, create a PR on GitHub. If you're new to Pipedream component development, you can start with quickstarts for trigger span and action development, and then review the component API reference.

Trigger#

New Requests on HTTP / Webhook

Description:Get a URL and emit the full HTTP event on every request (including headers and query parameters). You can also configure the HTTP response code, body, and more.

Version:0.1.1

Key:http-new-requests

View on GitHub

HTTP / Webhook Overview#

Build, test, and send HTTP requests without code using your Pipedream workflows. The HTTP / Webhook action is a tool to build HTTP requests with a Postman-like graphical interface.

Point and click HTTP requests

Define the target URL, HTTP verb, headers, query parameters, and payload body without writing custom code.

$A screenshot of Pipedream's HTTP Request Configuration interface with a GET request type selected. The request URL is set to 'https://api.openai.com/v1/models'. The 'Auth' tab is highlighted, indicating that authentication is required for this request. In the headers section, there are two headers configured: 'User-Agent' is set to 'pipedream/1', and 'Authorization' is set to 'Bearer {{openai_api_key}}', showing how the OpenAI account's API key is dynamically inserted into the headers to handle authentication automatically.$

Here's an example workflow that uses the HTTP / Webhook action to send an authenticated API request to OpenAI.

Focus on integrating, not authenticating

This action can also use your connected accounts with third-party APIs. Selecting an integrated app will automatically update the request’s headers to authenticate with the app properly, and even inject your token dynamically.

Pipedream integrates with thousands of APIs, but if you can’t find a Pipedream integration simply use Environment Variables in your request headers to authenticate with.

Compatible with no code actions or Node.js and Python

The HTTP/Webhook action exports HTTP response data for use in subsequent workflow steps, enabling easy data transformation, further API calls, database storage, and more.

Response data is available for both coded (Node.js, Python) and no-code steps within your workflow.

Trigger Code#

import http from "../../http.app.mjs";

// Core HTTP component
export default {
  key: "http-new-requests",
  name: "New Requests",
  description: "Get a URL and emit the full HTTP event on every request (including headers and query parameters). You can also configure the HTTP response code, body, and more.",
  version: "0.1.1",
  type: "source",
  props: {
    httpInterface: {
      type: "$.interface.http",
      customResponse: true,
    },
    emitBodyOnly: {
      type: "boolean",
      label: "Body Only",
      description: "This source emits an event representing the full HTTP request by default. Select `true` to emit the body only.",
      optional: true,
      default: false,
    },
    resStatusCode: {
      type: "string",
      label: "Response Status Code",
      description: "The status code to return in the HTTP response",
      optional: true,
      default: "200",
    },
    resContentType: {
      type: "string",
      label: "Response Content-Type",
      description: "The `Content-Type` of the body returned in the HTTP response",
      optional: true,
      default: "application/json",
    },
    resBody: {
      type: "string",
      label: "Response Body",
      description: "The body to return in the HTTP response",
      optional: true,
      default: "{ \"success\": true }",
    },
    http,
  },
  async run(event) {
    const summary = `${event.method} ${event.path}`;

    this.httpInterface.respond({
      status: this.resStatusCode,
      body: this.resBody,
      headers: {
        "content-type": this.resContentType,
      },
    });

    if (this.emitBodyOnly) {
      this.$emit(event.body, {
        summary,
      });
    } else {
      this.$emit(event, {
        summary,
      });
    }
  },
};

Trigger Configuration#

This component may be configured based on the props defined in the component code. Pipedream automatically prompts for input values in the UI and CLI.

Label	Prop	Type	Description
N/A	`httpInterface`	`$.interface.http`	This component uses `$.interface.http` to generate a unique URL when the component is first instantiated. Each request to the URL will trigger the `run()` method of the component.
Body Only	`emitBodyOnly`	`boolean`	This source emits an event representing the full HTTP request by default. Select `true` to emit the body only.
Response Status Code	`resStatusCode`	`string`	The status code to return in the HTTP response
Response Content-Type	`resContentType`	`string`	The `Content-Type` of the body returned in the HTTP response
Response Body	`resBody`	`string`	The body to return in the HTTP response
HTTP / Webhook	`http`	`app`	This component uses the HTTP / Webhook app.

Trigger Authentication#

The HTTP / Webhook API does not require authentication.

About HTTP / Webhook#

Get a unique URL where you can send HTTP or webhook requests

Action#

Create Vendor on Drata

Description:Create a new Vendor. [See the documentation](https://developers.drata.com/docs/openapi/reference/operation/VendorsPublicController_createVendor/).

Version:0.0.3

Key:drata-create-vendor

View on GitHub

Drata Overview#

Drata is a compliance automation platform. Drata’s platform is built by compliance and security experts so you don’t have to be one. With 75+ native integrations, you can easily connect your tech stack and automate evidence collection and testing.

Pipedream customers get 25% off Drata, with implementation fees waived. Visit https://drata.com/partner/pipedream for more information.

Action Code#

import drata from "../../drata.app.mjs";

const docsLink = "https://developers.drata.com/docs/openapi/reference/operation/VendorsPublicController_createVendor/";

export default {
  key: "drata-create-vendor",
  name: "Create Vendor",
  description: `Create a new Vendor. [See the documentation](${docsLink}).`,
  version: "0.0.3",
  type: "action",
  props: {
    drata,
    name: {
      type: "string",
      label: "Name",
      description: "The name of the vendor",
    },
    category: {
      type: "string",
      label: "Category",
      description: "The type of vendor",
      options: [
        "ENGINEERING",
        "PRODUCT",
        "MARKETING",
        "CS",
        "SALES",
        "FINANCE",
        "HR",
        "ADMINISTRATIVE",
        "SECURITY",
      ],
    },
    risk: {
      type: "string",
      label: "Risk",
      description: "The level of risk for customer data",
      options: [
        "NONE",
        "LOW",
        "MODERATE",
        "HIGH",
      ],
    },
    critical: {
      type: "boolean",
      label: "Critical",
      description: "Is this vendor is considered critical",
    },
    isSubProcessor: {
      type: "boolean",
      label: "Is Sub Processor",
      description: "Is this vendor is considered sub-processor",
    },
    isSubProcessorActive: {
      type: "boolean",
      label: "Is Sub Processor Active",
      description: "Is the subprocessor active",
    },
    userId: {
      propDefinition: [
        drata,
        "personnelId",
      ],
      label: "User ID",
      description: "The user ID of the person responsible for the compliance of this vendor",
    },
    url: {
      type: "string",
      label: "URL",
      description: "The URL of the vendor",
    },
    privacyUrl: {
      type: "string",
      label: "Privacy URL",
      description: "Vendor Privacy Policy URL",
    },
    termsUrl: {
      type: "string",
      label: "Terms URL",
      description: "Vendor Terms of Use URL",
    },
    servicesProvided: {
      type: "string",
      label: "Services Provided",
      description: "Describe vendor services",
    },
    dataStored: {
      type: "string",
      label: "Data Stored",
      description: "What type of data the vendor stores",
    },
    location: {
      type: "string",
      label: "Location",
      description: "The vendor location",
    },
    hasPii: {
      type: "boolean",
      label: "Has PII",
      description: "Does this vendor store any type of PII",
    },
    passwordPolicy: {
      type: "string",
      label: "Password Policy",
      description: "The vendor password policy",
      options: [
        "USERNAME_PASSWORD",
        "SSO",
        "LDAP",
      ],
    },
    passwordRequiresMinLength: {
      type: "boolean",
      label: "Password Requires Min Length",
      description: "Is there a minimum length for user passwords",
    },
    passwordRequiresNumber: {
      type: "boolean",
      label: "Password Requires Number",
      description: "Does a password require numbers",
    },
    passwordRequiresSymbol: {
      type: "boolean",
      label: "Password Requires Symbol",
      description: "Does a password require non-alpha-numeric characters",
    },
    passwordMfaEnabled: {
      type: "boolean",
      label: "Password MFA Enabled",
      description: "Is mult-factor authentication enabled for this vendor",
    },
    accountManagerName: {
      type: "string",
      label: "Account Manager Name",
      description: "The name of the corresponding account manager for this vendor",
    },
    accountManagerEmail: {
      type: "string",
      label: "Account Manager Email",
      description: "The email of the corresponding account manager for this vendor",
    },
    isComplianceReviewRequired: {
      type: "boolean",
      label: "Is Compliance Review Required",
      description: "Is vendor compliance report review required?",
    },
    passwordMinLength: {
      type: "integer",
      label: "Password Min Length",
      description: "Minimum character length for a password",
      optional: true,
    },
    renewalDate: {
      type: "string",
      label: "Renewal Date",
      description: "Vendor renewal ISO 8601 datetime. E.g. 2021-01-01T00:00:00.000Z",
      optional: true,
    },
    renewalScheduleType: {
      type: "string",
      label: "Renewal Schedule Type",
      description: "Vendor renewal schedule type",
      optional: true,
      options: [
        "ONE_MONTH",
        "TWO_MONTHS",
        "THREE_MONTHS",
        "SIX_MONTHS",
        "ONE_YEAR",
        "CUSTOM",
      ],
    },
    notes: {
      type: "string",
      label: "Notes",
      description: "Additional notes for vendor",
      optional: true,
    },
    confirmed: {
      type: "boolean",
      label: "Confirmed",
      description: "Is all vendor data confirmed?",
      optional: true,
    },
  },
  async run({ $ }) {
    const response = await this.drata.createVendor({
      $,
      data: {
        name: this.name,
        category: this.category,
        risk: this.risk,
        critical: this.critical,
        isSubProcessor: this.isSubProcessor,
        isSubProcessorActive: this.isSubProcessorActive,
        userId: this.userId,
        url: this.url,
        privacyUrl: this.privacyUrl,
        termsUrl: this.termsUrl,
        servicesProvided: this.servicesProvided,
        dataStored: this.dataStored,
        location: this.location,
        hasPii: this.hasPii,
        passwordPolicy: this.passwordPolicy,
        passwordRequiresMinLength: this.passwordRequiresMinLength,
        passwordRequiresNumber: this.passwordRequiresNumber,
        passwordRequiresSymbol: this.passwordRequiresSymbol,
        passwordMfaEnabled: this.passwordMfaEnabled,
        accountManagerName: this.accountManagerName,
        accountManagerEmail: this.accountManagerEmail,
        isComplianceReviewRequired: this.isComplianceReviewRequired,
        passwordMinLength: this.passwordMinLength,
        renewalDate: this.renewalDate,
        renewalScheduleType: this.renewalScheduleType,
        confirmed: this.confirmed,
      },
    });
    $.export("$summary", "Succesfully created vendor");
    return response;
  },
};

Action Configuration#

This component may be configured based on the props defined in the component code. Pipedream automatically prompts for input values in the UI.

Label	Prop	Type	Description
Drata	`drata`	`app`	This component uses the Drata app.
Name	`name`	`string`	The name of the vendor
Category	`category`	`string`	Select a value from the drop down menu:`ENGINEERINGPRODUCTMARKETINGCSSALESFINANCEHRADMINISTRATIVESECURITY`
Risk	`risk`	`string`	Select a value from the drop down menu:`NONELOWMODERATEHIGH`
Critical	`critical`	`boolean`	Is this vendor is considered critical
Is Sub Processor	`isSubProcessor`	`boolean`	Is this vendor is considered sub-processor
Is Sub Processor Active	`isSubProcessorActive`	`boolean`	Is the subprocessor active
User ID	`userId`	`integer`	Select a value from the drop down menu.
URL	`url`	`string`	The URL of the vendor
Privacy URL	`privacyUrl`	`string`	Vendor Privacy Policy URL
Terms URL	`termsUrl`	`string`	Vendor Terms of Use URL
Services Provided	`servicesProvided`	`string`	Describe vendor services
Data Stored	`dataStored`	`string`	What type of data the vendor stores
Location	`location`	`string`	The vendor location
Has PII	`hasPii`	`boolean`	Does this vendor store any type of PII
Password Policy	`passwordPolicy`	`string`	Select a value from the drop down menu:`USERNAME_PASSWORDSSOLDAP`
Password Requires Min Length	`passwordRequiresMinLength`	`boolean`	Is there a minimum length for user passwords
Password Requires Number	`passwordRequiresNumber`	`boolean`	Does a password require numbers
Password Requires Symbol	`passwordRequiresSymbol`	`boolean`	Does a password require non-alpha-numeric characters
Password MFA Enabled	`passwordMfaEnabled`	`boolean`	Is mult-factor authentication enabled for this vendor
Account Manager Name	`accountManagerName`	`string`	The name of the corresponding account manager for this vendor
Account Manager Email	`accountManagerEmail`	`string`	The email of the corresponding account manager for this vendor
Is Compliance Review Required	`isComplianceReviewRequired`	`boolean`	Is vendor compliance report review required?
Password Min Length	`passwordMinLength`	`integer`	Minimum character length for a password
Renewal Date	`renewalDate`	`string`	Vendor renewal ISO 8601 datetime. E.g. 2021-01-01T00:00:00.000Z
Renewal Schedule Type	`renewalScheduleType`	`string`	Select a value from the drop down menu:`ONE_MONTHTWO_MONTHSTHREE_MONTHSSIX_MONTHSONE_YEARCUSTOM`
Notes	`notes`	`string`	Additional notes for vendor
Confirmed	`confirmed`	`boolean`	Is all vendor data confirmed?

Action Authentication#

Drata uses API keys for authentication. When you connect your Drata account, Pipedream securely stores the keys so you can easily authenticate to Drata APIs in both code and no-code steps.

Make sure you're logged into the Drata UI, then see these docs to create a Drata API key. Enter it below.

About Drata#

Drata automates your compliance journey from start to audit-ready and beyond and provides support from the security and compliance experts who built it.

More Ways to Connect Drata + HTTP / Webhook#

Other Popular Integrations#

Create Asset with Drata API on New Requests from HTTP / Webhook API

HTTP / Webhook + Drata