monitorQA API

General

Status Codes

HTTP Status Codes

The MonitorQA API uses standard HTTP status codes to indicate the success or failure of API requests. Below are the common status codes you may encounter:

Success Codes

Status Code	Description	Usage
`200 OK`	Request successful	Returned for successful GET, PUT, and POST requests
`201 Created`	Resource created successfully	Returned when a new resource is created
`204 No Content`	Request successful, no content to return	Typically returned for successful DELETE requests

Client Error Codes

Status Code	Description	Common Causes
`400 Bad Request`	Invalid request format or parameters	Malformed JSON, missing required fields, invalid parameter values
`401 Unauthorized`	Authentication required or invalid	Missing or invalid `X-API-KEY` header
`403 Forbidden`	Access denied	Valid authentication but insufficient permissions for the resource
`404 Not Found`	Resource not found	Invalid endpoint URL or resource ID doesn’t exist
`409 Conflict`	Resource conflict	Used for business logic errors
`422 Unprocessable Entity`	Validation errors	Request format is correct but contains invalid data

Server Error Codes

Status Code	Description	Action
`500 Internal Server Error`	Unexpected server error	Contact support if error persists
`502 Bad Gateway`	Gateway error	Temporary issue, retry request
`503 Service Unavailable`	Service temporarily unavailable	Retry request after delay

Error Response Format

When an error occurs, the API returns a JSON response with error details:

{
  "error": {
    "message": "Description of the error",
    "code": "ERROR_CODE",
    "details": {
      "field": "Additional error context"
    }
  }
}

Deep links provide direct navigation to specific sections and items within the MonitorQA mobile application. These URLs can be used in notifications, emails, or other integrations to guide users directly to relevant content.

Supported Deep Links

The MonitorQA mobile application supports the following deep link patterns:

Link Pattern	Description	Parameters
`https://app.monitorqa.com/settings`	Open application settings	None
`https://app.monitorqa.com/audits/pending/{auditId}`	Open specific pending audit details	`auditId` - Unique audit identifier
`https://app.monitorqa.com/audits/archive`	Open completed audits list	None
`https://app.monitorqa.com/audits/archive/{auditId}`	Open specific completed audit details	`auditId` - Unique audit identifier
`https://app.monitorqa.com/actions/pending`	Open pending corrective actions list	None
`https://app.monitorqa.com/actions/pending/{actionId}`	Open specific pending corrective action details	`actionId` - Unique corrective action identifier

Usage Examples

# Open settings page
https://app.monitorqa.com/settings

# Open specific pending audit
https://app.monitorqa.com/audits/pending/123e4567-e89b-12d3-a456-426614174000

# Open specific corrective action
https://app.monitorqa.com/actions/pending/987fcdeb-51a2-43d8-b654-321098765432

Implementation Notes

All deep links require the user to be authenticated in the mobile app
Invalid or expired IDs will redirect to the appropriate list view
Deep links work on both iOS and Android versions of the MonitorQA mobile app

Webhook

Webhooks provide real-time notifications when audit and corrective action events occur in your MonitorQA account. Configure webhooks to receive instant updates and integrate seamlessly with your external systems.

Setup

To configure webhooks for your MonitorQA account, follow these steps:

Log in to your MonitorQA account
Navigate to the Settings page
Select the Integration section
Find the Webhooks or Custom Integrations option
Specify the webhook URL where MonitorQA will send notifications

Functionality

MonitorQA sends HTTP POST requests containing JSON-formatted data whenever audit or corrective action events occur within the system. This webhook mechanism ensures real-time updates and seamless integration with external systems.

Response Requirements

Requirement	Value	Description
Response Time	10 seconds maximum	Your system must respond within this timeframe to ensure smooth communication
Retry Policy	Up to 5 attempts	MonitorQA will automatically retry failed webhook deliveries
Content Type	`application/json`	All webhook payloads are sent as JSON

Network Reliability

In case of network errors or response timeouts, MonitorQA implements a robust retry mechanism to ensure message delivery reliability even in challenging network conditions.

Webhook Settings

Webhook Message Format

All webhook messages follow a consistent JSON structure with an event field that varies based on the type of event (audit, corrective action, or template).

Base Message Structure

{
  "event": "<EVENT>",
  "data": {
    // Event-specific data
  },
  "company": {
    "id": "db2b640b-a8f5-4af6-277a-08db091985f7",
    "name": "Company Name"
  }
}

Audit Events

Message Format

{
  "event": "<EVENT>",
  "data": {
    "auditId": "db2b640b-a8f5-4af6-277a-08db091985f7"
  },
  "company": {
    "id": "db2b640b-a8f5-4af6-277a-08db091985f7",
    "name": "Company Name"
  }
}

Event Types

Event	Description
`AUDIT_ASSIGNED`	Audit assigned to user
`AUDIT_COMPLETED`	Audit completed (includes audit details)
`AUDIT_DELETED`	Audit deleted
`AUDIT_EXPIRED`	Audit expired
`AUDIT_RESCHEDULED`	Audit reopened

Corrective Action Events

Message Format

{
  "event": "<EVENT>",
  "data": {
    "correctiveActionId": "db2b640b-a8f5-4af6-277a-08db091985f7",
    "correctiveAction": {
      // Corrective action details object
    }
  },
  "company": {
    "id": "db2b640b-a8f5-4af6-277a-08db091985f7",
    "name": "Company Name"
  }
}

Note: The data.correctiveAction object contains corrective action details and is null when the event is CORRECTIVE_ACTION_DELETED.

Event Types

Event	Description
`CORRECTIVE_ACTION_CREATED`	Corrective action created
`CORRECTIVE_ACTION_ASSIGNED`	Corrective action assigned to user
`CORRECTIVE_ACTION_SUBMITTED`	Corrective action submitted
`CORRECTIVE_ACTION_APPROVED`	Corrective action approved
`CORRECTIVE_ACTION_REJECTED`	Corrective action rejected
`CORRECTIVE_ACTION_DELETED`	Corrective action deleted
`CORRECTIVE_ACTION_EXPIRED`	Corrective action expired
`CORRECTIVE_ACTION_UPDATED`	Corrective action updated (status and assignees unchanged)

Template Events

Message Format

{
  "event": "<EVENT>",
  "data": {
    "id": "db2b640b-a8f5-4af6-277a-08db091985f7",
    "name": "Template name"
  },
  "company": {
    "id": "db2b640b-a8f5-4af6-277a-08db091985f7",
    "name": "Company Name"
  }
}

Event Types

Event	Description
`TEMPLATE_CREATED`	New template created by user
`TEMPLATE_DELETED`	Template deleted by user

Authentication

The MonitorQA API uses API Key authentication for secure access to all endpoints. Authentication is required for all API requests.

How to Authenticate

Include your API key in the X-API-KEY header with every request:

GET /audits HTTP/1.1
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345
Content-Type: application/json

Generating Your API Key

Log in to your MonitorQA account
Navigate to Settings → Integration
Generate a new API key or copy your existing key
Store the key securely - it provides full access to your account data

API Key Settings

Security Best Practices

Keep your API key confidential and secure
Never expose API keys in client-side code or public repositories
Regenerate your key if it becomes compromised
Use HTTPS for all API requests

Support

For authentication issues or additional questions, contact our support team.

Overview

Introduction

MonitorQA provides comprehensive integration capabilities through our REST API and webhook system, enabling seamless connectivity with various environments and applications.

API Base URL: https://api-external.monitorqa.com

API Overview

The MonitorQA API allows you to interact with our system programmatically from your own application. Our API provides comprehensive access to the following core objects:

Users - Create, update, and manage user accounts
User Groups - Organize users into groups for better access control
Audits - Create, execute, and manage audit processes
Audit Templates - Define and manage reusable audit structures
Audit Objects - Manage the items and locations being audited
Schedules - Automate audit execution with flexible scheduling
Corrective Actions - Track and manage follow-up actions
Files - Handle document and image attachments

Date and Time Handling

All API requests and responses use UTC timezone for consistency across different time zones.

Required DateTime Format: yyyy-MM-ddTHH:mm:ss.fffZ

Examples:

2023-12-31T23:59:59.999Z - End of year 2023 UTC
2024-01-01T00:00:00.000Z - Start of year 2024 UTC

Audits

Update one-time audit
PUT /audit/{id}

Update a one-time audit. The audit’s dates, name, hint, and assignee can be modified. Note that this endpoint does not allow changing the template or audit object associated with the audit, and it only works with one-time audits.

Request Headers

Header	Type	Required	Description
`X-API-KEY`	string	Yes	API authentication key

URL Parameters

Parameter	Type	Required	Description
id	uuid	Yes	The unique identifier of the audit to update

Request Body Parameters

Parameter	Type	Required	Description
`startDate`	datetime	Yes	Local start date for the audit
`endDate`	datetime	Yes	Local due date when the audit must be completed
`name`	string	Yes	Name of the audit for identification purposes
`auditorHint`	string	No	Helpful hint or instructions visible to the auditor during audit execution (max 2000 characters)
`assigneeId`	uuid	No	Unique identifier of the user who will perform the audit. If not provided, the audit will become unassigned

Example Request

PUT /audit/a1b2c3d4-e5f6-789a-bcde-f01234567890
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345
Content-Type: application/json

{
  "startDate": "2024-01-15T08:00:00.000Z",
  "endDate": "2024-01-15T18:00:00.000Z",
  "name": "Weekly Safety Inspection - Updated",
  "auditorHint": "Focus on emergency exits and fire safety equipment. Pay special attention to extinguisher dates.",
  "assigneeId": "456e7890-e89b-12d3-a456-426614174000"
}

Response

Success Response

HTTP/1.1 200 OK

For errors responses, see the response status codes documentation.

Reopen Audit
POST /audit/reopen/{id}

Reopen a completed audit to allow additional work or corrections. This endpoint enables you to restore a completed audit to an active state with new dates and optionally reassign it to different users.

Parameters

Parameter	Type	Required	Description
id	string	Yes	The unique identifier of the completed audit to reopen
startDate	string	Yes	New start date in UTC format (`yyyy-MM-ddTHH:mm:ss.fffZ`)
endDate	string	Yes	New due date in UTC format (`yyyy-MM-ddTHH:mm:ss.fffZ`)
assigneesIds	array[string]	No	Array of user IDs to assign the audit to (null = no change, empty array = remove all assignees)

Example Request

POST /audit/reopen/123e4567-e89b-12d3-a456-426614174000
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345
Content-Type: application/json

{
  "assigneesIds": [
    "456e7890-e89b-12d3-a456-426614174000",
    "789e0123-e89b-12d3-a456-426614174000"
  ],
  "startDate": "2024-02-01T08:00:00.000Z",
  "endDate": "2024-02-15T17:00:00.000Z"
}

Response

Success Response

HTTP/1.1 200 OK

Empty response body indicates successful reopening of the audit.

For errors responses, see the response status codes documentation.

Expire Audit
POST /audit/expire

Manually expire incomplete audits in the organization. This endpoint enables marking multiple audits as expired, effectively closing them without completion. This is useful for audits that are no longer relevant or cannot be completed.

Parameters

Parameter	Type	Required	Description
ids	array[string]	Yes	Array of audit IDs to be expired

Example Request

POST /audit/expire
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345
Content-Type: application/json

{
  "ids": [
    "123e4567-e89b-12d3-a456-426614174000",
    "456e7890-e89b-12d3-a456-426614174000",
    "789e0123-e89b-12d3-a456-426614174000"
  ]
}

Response

Success Response

HTTP/1.1 200 OK

Empty response body indicates successful expiration of specified audits.

For errors responses, see the response status codes documentation.

Delete Audit
DELETE /audit

Delete multiple audits from the organization. This endpoint enables permanently removing audits in bulk by providing an array of audit IDs. Use with caution as this action cannot be undone.

Parameters

Parameter	Type	Required	Description
ids	array[string]	Yes	Array of audit IDs to be deleted

Example Request

DELETE /audit
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345
Content-Type: application/json

{
  "ids": [
    "123e4567-e89b-12d3-a456-426614174000",
    "456e7890-e89b-12d3-a456-426614174000",
    "789e0123-e89b-12d3-a456-426614174000"
  ]
}

Response

Success Response

HTTP/1.1 200 OK

Empty response body indicates successful deletion of specified audits.

For errors responses, see the response status codes documentation.

Create one-time audit
POST /audit

Create a one-time audit for a specific user and audit object. This endpoint is useful for creating immediate audit tasks that need to be completed by a particular person.

Request Headers

Header	Type	Required	Description
`X-API-KEY`	string	Yes	API authentication key

Request Body Parameters

Parameter	Type	Required	Description
`startDate`	datetime	No	Local start date for the audit. If not provided, audit can be started immediately
`endDate`	datetime	Yes	Local due date when the audit must be completed
`name`	string	Yes	Name of the audit for identification purposes
`auditorHint`	string	No	Helpful hint or instructions visible to the auditor during audit execution (max 2000 characters)
`templateId`	string	Yes	Unique identifier of the audit template to use
`auditObjectId`	string	Yes	Unique identifier of the audit object to be audited
`assigneeId`	string	No	Unique identifier of the user who will perform the audit

Example Request

POST /audit
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345
Content-Type: application/json

{
  "startDate": "2024-01-15T08:00:00.000Z",
  "endDate": "2024-01-15T18:00:00.000Z",
  "name": "Weekly Safety Inspection",
  "auditorHint": "Focus on emergency exits and fire safety equipment",
  "templateId": "123e4567-e89b-12d3-a456-426614174000",
  "auditObjectId": "789e0123-e89b-12d3-a456-426614174000",
  "assigneeId": "456e7890-e89b-12d3-a456-426614174000"
}

Response

Success Response

HTTP/1.1 200 OK
Content-Type: application/json

{
  "id": "a1b2c3d4-e5f6-789a-bcde-f01234567890"
}

For errors responses, see the response status codes documentation.

Get list of pending audits
GET /audit/pending

Retrieve a paginated list of pending audits with filtering and sorting options.

Request Headers

Header	Type	Required	Description
`X-API-KEY`	string	Yes	API authentication key

Query Parameters

Parameter	Type	Required	Description
`inProgress`	boolean	No	Filter by in progress state
`templateId`	string	No	Filter by audit template ID
`auditObjectId`	string	No	Filter by audit object ID
`auditObjectGroupId`	string	No	Filter by audit object group ID
`auditScheduleId`	uuid	No	Filter by audit schedule ID
`assignedTo`	string	No	Filter by assigned user ID
`assignedToGroup`	string	No	Filter by assigned user group ID
`pageNumber`	number	No	Current page number, starts from 1
`pageSize`	number	No	Page size

Note: This method will return an empty data list if the requested page does not exist.

Example Request

GET /audit/pending?inProgress=true&auditScheduleId=d4e5f6a7-b8c9-7012-def4-567890123gbc&pageSize=50
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345

Response

Success Response

HTTP/1.1 200 OK
Content-Type: application/json

{
  "data": [
    {
      "id": "a1b2c3d4-e5f6-4789-abc1-234567890def",
      "name": "Weekly Kitchen Safety Inspection",
      "assignees": [
        {
          "id": "b2c3d4e5-f6a7-5890-bcd2-345678901efa",
          "name": "Emily Davis"
        }
      ],
      "auditObject": {
        "id": "c3d4e5f6-a7b8-6901-cde3-456789012fab",
        "name": "Main Kitchen - Building B"
      },
      "endDate": "2023-12-15T17:00:00.000Z",
      "number": "AUD-2023-1247",
      "startDate": "2023-12-15T09:00:00.000Z",
      "template": {
        "id": "d4e5f6a7-b8c9-7012-def4-567890123gbc",
        "name": "Kitchen Safety Inspection Template"
      },
      "isReopened": false,
      "isStarted": true,
      "completedActionsCount": 8,
      "pendingActionsCount": 3
    },
    {
      "id": "e5f6a7b8-c9d0-8123-efg5-678901234hcd",
      "name": "Monthly Equipment Maintenance Check",
      "assignees": [
        {
          "id": "f6a7b8c9-d0e1-9234-fgh6-789012345ide",
          "name": "Robert Wilson"
        },
        {
          "id": "a7b8c9d0-e1f2-0345-ghi7-890123456jef",
          "name": "Maria Garcia"
        }
      ],
      "auditObject": {
        "id": "b8c9d0e1-f2a3-1456-hij8-901234567kfg",
        "name": "Manufacturing Floor - Zone A"
      },
      "endDate": "2023-12-20T16:30:00.000Z",
      "number": "AUD-2023-1248",
      "startDate": "2023-12-18T08:00:00.000Z",
      "template": {
        "id": "c9d0e1f2-a3b4-2567-ijk9-012345678lgh",
        "name": "Equipment Maintenance Audit"
      },
      "isReopened": true,
      "isStarted": true,
      "completedActionsCount": 15,
      "pendingActionsCount": 7
    }
  ],
  "meta": {
    "pageNumber": 1,
    "pageSize": 50,
    "totalCount": 2
  }
}

For errors responses, see the response status codes documentation.

Get list of complete audits
GET /audit/complete

Retrieve a paginated list of completed audits with advanced filtering and sorting options.

Request Headers

Header	Type	Required	Description
`X-API-KEY`	string	Yes	API authentication key

Query Parameters

Parameter	Type	Required	Description
`scoreMin`	number	No	Filter by minimum score
`scoreMax`	number	No	Filter by maximum score
`completedBy`	string	No	Filter by user ID who completed audit
`completedByGroup`	string	No	Filter by user group ID
`templateId`	string	No	Filter by audit template ID
`auditObjectId`	string	No	Filter by audit object ID
`auditObjectGroupId`	string	No	Filter by audit object group ID
`assignedTo`	string	No	Filter by assigned user ID
`assignedToGroup`	string	No	Filter by assigned user group ID
`fromDate`	string	No	Filter by audit completion date (UTC format: `yyyy-MM-ddTHH:mm:ss.fffZ`)
`toDate`	string	No	Filter by audit completion date (UTC format: `yyyy-MM-ddTHH:mm:ss.fffZ`)
`pageNumber`	number	No	Current page number, starts from 1 (default: 1)
`pageSize`	number	No	Page size (default: 100)

Note: This method will return an empty data list if the requested page does not exist.

Example Request

GET /audit/complete?scoreMin=80&pageSize=50
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345

Response

Success Response

HTTP/1.1 200 OK
Content-Type: application/json

{
  "data": [
    {
      "id": "a1b2c3d4-e5f6-789a-bcde-f01234567890",
      "name": "Quarterly Food Safety Audit",
      "assignees": [
        {
          "id": "b2c3d4e5-f6a7-890b-cdef-012345678901",
          "name": "Sarah Martinez"
        }
      ],
      "auditObject": {
        "id": "c3d4e5f6-a7b8-901c-defa-123456789012",
        "name": "Restaurant Main Kitchen"
      },
      "endDate": "2023-11-10T16:00:00.000Z",
      "number": "AUD-2023-Q4-001",
      "startDate": "2023-11-10T08:00:00.000Z",
      "template": {
        "id": "d4e5f6a7-b8c9-012d-efab-234567890123",
        "name": "Food Safety & Hygiene Checklist"
      },
      "completeDate": "2023-11-10T15:42:18.750Z",
      "completedBy": {
        "id": "b2c3d4e5-f6a7-890b-cdef-012345678901",
        "name": "Sarah Martinez"
      },
      "score": 94,
      "scoreLabel": "Excellent"
    },
    {
      "id": "e5f6a7b8-c9d0-123e-fabc-345678901234",
      "name": "Monthly Equipment Inspection",
      "assignees": [
        {
          "id": "f6a7b8c9-d0e1-234f-abcd-456789012345",
          "name": "James Wilson"
        },
        {
          "id": "a7b8c9d0-e1f2-345a-bcde-567890123456",
          "name": "Lisa Chen"
        }
      ],
      "auditObject": {
        "id": "b8c9d0e1-f2a3-456b-cdef-678901234567",
        "name": "Production Line A"
      },
      "endDate": "2023-11-08T17:30:00.000Z",
      "number": "AUD-2023-1156",
      "startDate": "2023-11-08T09:00:00.000Z",
      "template": {
        "id": "c9d0e1f2-a3b4-567c-defa-789012345678",
        "name": "Manufacturing Equipment Safety Audit"
      },
      "completeDate": "2023-11-08T16:55:30.250Z",
      "completedBy": {
        "id": "f6a7b8c9-d0e1-234f-abcd-456789012345",
        "name": "James Wilson"
      },
      "score": 82,
      "scoreLabel": "Good"
    }
  ],
  "meta": {
    "pageNumber": 1,
    "pageSize": 50,
    "totalCount": 2
  }
}

For errors responses, see the response status codes documentation.

Get details of audit
GET /audit/{auditId}

Retrieve detailed information about a specific audit, including its status, assignees, completion details, and scoring information.

Request Headers

Header	Type	Required	Description
`X-API-KEY`	string	Yes	API authentication key

Path Parameters

Parameter	Type	Required	Description
`auditId`	string	Yes	Unique identifier of the audit

Example Request

GET /audit/123e4567-e89b-12d3-a456-426614174000
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345

Response

Success Response

HTTP/1.1 200 OK
Content-Type: application/json

{
  "id": "a1b2c3d4-e5f6-789a-bcde-f01234567890",
  "auditorHint": "Check all emergency exits are clear and properly marked",
  "companyId": "b2c3d4e5-f6a7-890b-cdef-012345678901",
  "number": "AUD-2023-0892",
  "auditObject": {
    "id": "c3d4e5f6-a7b8-901c-defa-123456789012",
    "name": "Corporate Headquarters - Floor 3",
    "notes": "High traffic area with multiple conference rooms"
  },
  "startedBy": {
    "id": "d4e5f6a7-b8c9-012d-efab-234567890123",
    "name": "Jennifer Thompson"
  },
  "templateId": "e5f6a7b8-c9d0-123e-fabc-345678901234",
  "template": {
    "id": "e5f6a7b8-c9d0-123e-fabc-345678901234",
    "name": "Fire Safety and Emergency Preparedness Audit"
  },
  "assignees": [
    {
      "id": "f6a7b8c9-d0e1-234f-abcd-456789012345",
      "name": "David Lee"
    },
    {
      "id": "a7b8c9d0-e1f2-345a-bcde-567890123456",
      "name": "Amanda Rodriguez"
    }
  ],
  "isStarted": true,
  "startedAt": "2023-11-15T09:30:00.000Z",
  "isCompleted": true,
  "completeDate": "2023-11-15T14:45:22.150Z",
  "isFailed": false,
  "isExpired": false,
  "isReopened": false,
  "completedBy": {
    "id": "f6a7b8c9-d0e1-234f-abcd-456789012345",
    "name": "David Lee"
  },
  "startDate": "2023-11-15T09:00:00.000Z",
  "endDate": "2023-11-15T17:00:00.000Z",
  "score": 87,
  "scoreLabel": "Good",
  "scoreColor": "#28a745",
  "completionTime": 315
}

For errors responses, see the response status codes documentation.

Get details of complete audit
GET /audit/complete/{auditId}

Retrieve comprehensive details of a completed audit, including audit metadata, assignees, completion status, and reporting information.

Request Headers

Header	Type	Required	Description
`X-API-KEY`	string	Yes	API authentication key

Path Parameters

Parameter	Type	Required	Description
`auditId`	string	Yes	Unique identifier of the completed audit

Example Request

GET /audit/complete/{auditId}
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345

Response

Success Response

HTTP/1.1 200 OK
Content-Type: application/json

{
  "id": "a1b2c3d4-e5f6-789a-bcde-f01234567890",  
  "companyId": "b2c3d4e5-f6a7-890b-cdef-012345678901",
  "number": "AUD-2023-0475",
  "auditorHint": "Pay special attention to cold storage temperature logs and cleaning schedules",
  "auditObject": {
    "id": "c3d4e5f6-a7b8-901c-defa-123456789012",
    "name": "Warehouse Cold Storage Unit B",
    "notes": "Temperature-controlled environment for perishable goods"
  },
  "startedBy": {
    "id": "d4e5f6a7-b8c9-012d-efab-234567890123",
    "name": "Michael Johnson"
  },
  "templateId": "e5f6a7b8-c9d0-123e-fabc-345678901234",
  "template": {
    "id": "e5f6a7b8-c9d0-123e-fabc-345678901234",
    "name": "Cold Storage Compliance Audit"
  },
  "assignees": [
    {
      "id": "f6a7b8c9-d0e1-234f-abcd-456789012345",
      "name": "Rachel Kim"
    },
    {
      "id": "a7b8c9d0-e1f2-345a-bcde-567890123456",
      "name": "Carlos Rodriguez"
    }
  ],
  "isStarted": true,
  "isFailed": false,
  "startedAt": "2023-10-25T07:30:00.000Z",
  "isCompleted": true,
  "completeDate": "2023-10-25T11:45:33.875Z",
  "isExpired": false,
  "isReopened": false,
  "completedBy": {
    "id": "f6a7b8c9-d0e1-234f-abcd-456789012345",
    "name": "Rachel Kim"
  },
  "startDate": "2023-10-25T07:00:00.000Z",
  "endDate": "2023-10-25T15:00:00.000Z",
  "score": 91,
  "scoreLabel": "Excellent",
  "scoreColor": "#198754",
  "completionTime": 255,
  "reportUrl": "https://api-external.monitorqa.com/reports/audit/a1b2c3d4-e5f6-789a-bcde-f01234567890",
   "auditeeSignature": {
      "photoId": "d1b4b954-3e9f-4d93-bdeb-a4112f1ed26e",
      "createdBy": {
         "id": "00000000-0000-0000-0000-000000000000",
         "name": "Auditee name"
      }
   },
   "auditorSignature": {
      "photoId": "c54e4562-3ce2-4957-b1f0-2dd96405de29",
      "createdBy": {
         "id": "3c71b2a5-4c01-4bb0-9f08-785a2d8f7128",
         "name": "Rachel Kim"
      }
   }
}

For errors responses, see the response status codes documentation.

Get audit pdf report
GET /audit/complete/{auditId}/report-pdf

Download a PDF report of a completed audit. The report contains all audit items, responses, and optional photos in a formatted document.

Request Headers

Header	Type	Required	Description
`X-API-KEY`	string	Yes	API authentication key

Path Parameters

Parameter	Type	Required	Description
`auditId`	string	Yes	Unique identifier of the completed audit

Query Parameters

Parameter	Type	Required	Description
`reportType`	integer	No	Report format type: `0` = Regular, `1` = Summary, `2` = Full (default: `0`)
`includePhotos`	boolean	No	Whether to include photos in the report (default: `false`)

Example Request

GET /audit/complete/123e4567-e89b-12d3-a456-426614174000/report-pdf?reportType=2&includePhotos=true
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345

Response

Success Response

HTTP/1.1 200 OK
Content-Type: application/pdf

[Binary PDF file content]

Report Types:

Regular (0): Standard audit report with basic information
Summary (1): Condensed report highlighting key findings
Full (2): Comprehensive report with all details and context

For errors responses, see the response status codes documentation.

Get audit report
GET /audit/complete/{auditId}/report

Retrieve the detailed report of a completed audit, including all audit items, their statuses, and associated corrective actions.

Request Headers

Header	Type	Required	Description
`X-API-KEY`	string	Yes	API authentication key

Path Parameters

Parameter	Type	Required	Description
`auditId`	string	Yes	Unique identifier of the completed audit

Example Request

GET /audit/complete/{auditId}/report
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345

Response

Success Response

HTTP/1.1 200 OK
Content-Type: application/json

{
   "id": "1acad6ca-cab8-48a7-07f2-08da929c74ab",
   "items": [
      {
         "id": "4ff6fbf7-8e6d-46be-356c-08da929d03c7",
         "text": "Fire extinguisher present and accessible",
         "note": "Located near main entrance - needs pressure check",
         "notApplicable": false,
         "isCritical": true,
         "isPassed": false,
         "isFailed": false,
         "childrenIds": [],
         "metafields": [{
            "name": "Metafield name",
            "text": "Metafield user input"
         }],
         "actions": [
            {
               "id": "a1b2c3d4-e5f6-789a-bcde-f01234567890",
               "name": "Schedule fire extinguisher maintenance",
               "number": "CA-2023-0892",
               "description": "Contact certified technician for monthly pressure check",
               "assignees": [
                    {
                        "id": "b2c3d4e5-f6a7-890b-cdef-012345678901",
                        "name": "David Martinez"
                    }
                ],
               "comments": [],
               "createdBy": {
                  "id": "3c71b2a5-4c00-4bb0-9f08-785a2d8f7128",
                  "name": "Jennifer Thompson"
               },
               "createdAt": "2023-09-12T03:10:30.133Z",
               "dueDate": "2023-09-27T23:59:59.999Z",
               "priority": 2,
               "status": 0,
               "photos": [],
               "tags": []
            }
         ],
         "photos": [],
         "itemsCount": null,
         "points": null,
         "signature": {
            "photoId": "a49d853b-c51b-488d-adc9-3baeab3bde3e",
            "createdBy": {
               "id": "3c71b2a5-4c00-4bb0-9f08-785a2d8f7128",
               "name": "Jennifer Thompson"
            }
         },
         "failedInRowCount": 1,
         "itemType": 2,
         "data": {
            "name": null,
            "points": 0.0000,
            "text": null,
            "number": 4.0000,
            "isFailed": true
         }
      }
   ]
}

Response Fields

itemType values:

Value	Description
`0`	Root
`1`	Section
`2`	Item
`3`	ConditionalItem
`4`	Condition

actions.priority values:

Value	Description
`0`	Low
`1`	Medium
`2`	High

actions.status values:

Value	Description
`0`	Open
`1`	Approved
`2`	Rejected
`3`	Submitted

For errors responses, see the response status codes documentation.

Schedules

Get schedules list
GET /schedules

Retrieve a paginated list of active audit schedules with optional filtering and sorting capabilities.

Request Headers

Header	Type	Required	Description
`X-API-KEY`	string	Yes	API authentication key

Query Parameters

Parameter	Type	Required	Description
`auditObjectId`	string	No	Filter schedules by specific audit object ID
`auditObjectGroupId`	string	No	Filter schedules by audit object group ID
`pageNumber`	integer	No	Page number for pagination, starting from 1 (default: 1)
`pageSize`	integer	No	Number of items per page (default: 10)

Example Request

GET /schedules?pageNumber=1&pageSize=20
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345

Response

Success Response

See schedule details for details about repeatPattern and repeat options

HTTP/1.1 200 OK
Content-Type: application/json

{
  "data": [
     {
         "id": string,
         "name": string,
         "repeatPattern": 1,
         "active": boolean,
         "stopByDate": "2025-12-31T23:59:59.000Z",
         "startFromDate": "2025-01-01T00:00:00.000Z",
         "template": {
            "id": string,
            "name": string
         },
         "repeat": {
            "repeatEvery": 3
         },
         "auditObjects: [{
            "id": string,
            "name": string
         }],
         "auditObjectGroups": [{
            "id": string,
            "name": string
         }]
      }
  ],
  "meta": {
    "pageNumber": 0,
    "pageSize": 10,
    "totalCount": 1
  }
}

For errors responses, see the response status codes documentation.

Get schedule details
GET /schedules/{scheduleId}

Retrieve detailed information about a specific schedule, including its configuration, repeat patterns, and assigned objects.

Request Headers

Header	Type	Required	Description
`X-API-KEY`	string	Yes	API authentication key

Path Parameters

Parameter	Type	Required	Description
`scheduleId`	string	Yes	Unique identifier of the schedule

Example Request

GET /schedules/{scheduleId}
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345

Response

Success Response

id is schedule id.
name is schedule name.
active is schedule status - inactive schedule doesn’t generate audits.
stopByDate is schedule last active date. Schedule will be deactivated after this date and will not generate new audits.
startFromDate is schedule activation date. Schedule will be activated at this date and will generate new audits.
auditorHint is auditor hint visible during audit.
template is information about template.
assignees is information about users assigned to this schedule.
auditObjects is information about audit objects assigned to this schedule.
auditObjectGroups is information about audit object groups assigned to this schedule.
repeatPattern is schedule repeat pattern.
repeat is repeat options. Options vary depending on repeatPattern value.

Repeat Patterns

Pattern	Description
`0`	One-time audit - produces one audit with no repeat
`1`	Daily audit - repeats daily with configurable interval
`2`	Multiple weeks audit - repeats per week with configurable interval and start day
`3`	Monthly audit - repeats per month with configurable interval and start day
`4`	Weekly audit - repeats on specific days of week

Repeat options

One-time audit repeat options:

{
  "startDate": "2025-07-31T15:30:00.000Z",
  "endDate": "2025-08-31T15:30:00.000Z"
}

Daily audit repeat options:

{
  "repeatEvery": number, //value in range 1..10
}

Multiple weeks audit repeat options:

{
  "repeatEvery": number, //value in range 1..10
  "startDay": DayOfWeek, //0 - Sun ... 6 - Sat
  "duration": number //value in range 1..repeatEvery*7
}

Monthly audit repeat options:

{
  "repeatEvery": number, //value in range 1..10
  "startRule": object, // define schedule period start options
  "endRule": object // define schedule period end options
}

Note: The first audit period begins at the closest date (based on the start rule) to the schedule creation date. For monthly schedules with Type 1 (StartOfMonth), the first period’s cycle month is always the closest month after (or on) the schedule creation date - if created after the 1st, the cycle starts in the next month.

First Period Examples:

Type 0 with day: 15: Schedule created on January 20 → first audit starts on February 15 (next occurrence). Created on January 5 → first audit starts on January 15 (upcoming in same month).
Type 1 with cycleMonthStart: 1, repeatEvery: 3: Created on January 15 → first period cycle starts in February (month after creation, becomes month 1 of cycle), audit starts February 1. Created on January 1 → first period cycle starts in January (creation month, month 1 of cycle), audit starts January 1. Created on March 10 → first period cycle starts in April (month after creation, month 1 of cycle), audit starts April 1.

StartRule types:

The start rule determines when each audit period begins. There are 2 types:

Type 0 (DayOfMonth) - Start on a specific day of each scheduled month:
```
{
"type": 0,
"day": number
}
```
- The day property must be greater than 0 and in the range 1-31, specifying which day of the month to start the audit
- Each scheduled audit begins on the specified day of the month
- If the month doesn’t have that day (e.g., day 31 in February), the system automatically uses the last day of that month
- Handles leap years: Day 29 in February becomes Feb 29 in leap years and Feb 28 in non-leap years
- Example: { "type": 0, "day": 15 } - Audit starts on the 15th of each scheduled month (e.g., Jan 15, Feb 15, Mar 15)
- First period: Schedule created on Jan 20 with day: 15 → first audit starts on Feb 15. Created on Jan 5 → first audit starts on Jan 15
Type 1 (StartOfMonth) - Start at the beginning of a specific month within the repeat cycle:
```
{
"type": 1,
"cycleMonthStart": number
}
```
- The cycleMonthStart property must be greater than 0 and specifies which month within the repeatEvery cycle should start the audit (1, 2, 3…)
- The audit always starts on the 1st day of the selected month in each cycle
- Each repeat cycle contains repeatEvery months, and cycleMonthStart indicates the position within that cycle (1 = first month, 2 = second month, etc.)
- The first period’s cycle month is always the closest month after (or on) the schedule creation date. If created after the 1st of a month, the cycle starts in the next month
- Example: { "type": 1, "cycleMonthStart": 1 } with repeatEvery: 3 - Starts on the 1st day of the first month in each 3-month cycle (e.g., Jan 1, Apr 1, Jul 1, Oct 1)
- First period: Created on January 15 with cycleMonthStart: 1 and repeatEvery: 3 → first period cycle starts in February (month after creation), audit starts Feb 1. Created on January 1 → first period cycle starts in January, audit starts Jan 1. Created on March 10 → first period cycle starts in April, audit starts Apr 1

EndRule types:

The end rule determines when each audit period ends. There are 4 types. Important: In all cases, if the calculated end date would overlap with the next audit’s start date, the system automatically adjusts it to end one day before the next audit starts to prevent overlaps.

Type 0 (EndOfMonth) - End at the end of a specific month within the cycle:
```
{
"type": 0,
"cycleMonthEnd": number
}
```
- The cycleMonthEnd property must be greater than 0 and specifies which month within the cycle the audit should end (1, 2, 3…)
- cycleMonthEnd: 1 means the audit ends at the end of the same month it started
- cycleMonthEnd: 2 means the audit ends at the end of the second month in the cycle
- The end date is the last day of the specified month at end of day (23:59:59)
Type 1 (AfterDays) - End after a fixed number of days from the audit start:
```
{
"type": 1,
"days": number
}
```
- The days property must be greater than 0 and specifies how many days after the start date the audit ends
- The end date is calculated by adding days to the audit start date
- If this would overlap with the next audit, it’s automatically adjusted to end one day before the next audit starts
- Example: { "type": 1, "days": 20 } with start on Jan 15 - Audit ends on Feb 4 (Jan 15 + 20 days)
Type 2 (AfterWeeks) - End after a fixed number of weeks from the audit start:
```
{
"type": 2,
"weeks": number
}
```
- The weeks property must be greater than 0 and specifies how many weeks after the start date the audit ends
- The end date is calculated by adding weeks * 7 days to the audit start date
- If this would overlap with the next audit, it’s automatically adjusted to end one day before the next audit starts
- Example: { "type": 2, "weeks": 3 } with start on Jan 15 - Audit ends on Feb 5 (Jan 15 + 21 days)
Type 3 (BeforeNextStarts) - End one day before the next audit begins:
```
{
"type": 3
}
```
- No additional properties are needed
- The system calculates when the next audit will start based on repeatEvery and the start rule
- The current audit ends the day before that next start date, ensuring no overlap between consecutive audits
- Example: With repeatEvery: 1 and start on Jan 15 - Next audit starts Feb 15, so current audit ends Feb 14

Weekly audits repeat options:

{
  "daysOfWeek": DayOfWeek[], //0 - Sun ... 6 - Sat
  "repeatEvery":  number, //value in range 1..10
}

Example

HTTP/1.1 200 OK
Content-Type: application/json

{
   "id": string,
   "name": string,
   "active": boolean,
   "stopByDate": "2025-12-31T23:59:59.000Z",
   "startFromDate": "2025-01-01T00:00:00.000Z",
   "auditorHint": string,
   "template": {
      "id": string,
      "name": string
   },
   "assignees": [
      {
         "id": string,
         "name": string
      }
   ],
   "auditObjects": [
      {
         "id": string,
         "name": string
      }
   ],
   "auditObjectGroups": [
      {
         "id": string,
         "name": string
      }
   ],
   "repeatPattern": 1, //Daily audit
   "repeat": {      
      "repeatEvery": number
   }
}

For errors responses, see the response status codes documentation.

Create daily schedule
POST /schedules/daily

Create a daily recurring schedule that generates audits at specified intervals. This endpoint enables setting up automated audit creation for designated users, audit objects, and templates on a daily basis.

Parameters

Parameter	Type	Required	Description
templateId	string	Yes	The unique identifier of the audit template to use
auditObjectIds	array[string]	Conditional	Array of audit object IDs (required if auditObjectGroupIds not provided)
auditObjectGroupIds	array[string]	Conditional	Array of audit object group IDs (required if auditObjectIds not provided)
name	string	Yes	Display name for the schedule
auditorHint	string	No	Hint text visible to auditors during the audit (max 2000 characters)
assigneesIds	array[string]	No	Array of user IDs to assign the generated audits to
repeatEvery	integer	Yes	Interval in days between audit creation (range: 1-10)
active	boolean	No	Schedule status (defaults to `true`)
startFromDate	string	No	UTC date when schedule should start (format: `yyyy-MM-ddTHH:mm:ss.fffZ`)
stopByDate	string	No	UTC date after which schedule should stop (format: `yyyy-MM-ddTHH:mm:ss.fffZ`)

Example Request

POST /schedules/daily
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345
Content-Type: application/json

{
  "templateId": "123e4567-e89b-12d3-a456-426614174000",
  "auditObjectIds": [
    "456e7890-e89b-12d3-a456-426614174000",
    "789e0123-e89b-12d3-a456-426614174000"
  ],
  "name": "Daily Safety Inspections",
  "auditorHint": "Focus on emergency exits and safety equipment",
  "assigneesIds": [
    "abc12345-e89b-12d3-a456-426614174000",
    "def67890-e89b-12d3-a456-426614174000"
  ],
  "repeatEvery": 1,
  "active": true,
  "startFromDate": "2024-01-01T08:00:00.000Z",
  "stopByDate": "2024-12-31T23:59:59.000Z"
}

Response

Success Response

HTTP/1.1 200 OK
Content-Type: application/json

{
  "id": "901234op-qrst-567g-hijk-678901234567"
}

For errors responses, see the response status codes documentation.

Create weekly schedule
POST /schedules/weekly

Create a weekly recurring schedule that generates audits on specified days of the week. This endpoint enables setting up automated audit creation for multiple days within each week.

Parameters

Parameter	Type	Required	Description
templateId	string	Yes	The unique identifier of the audit template to use
auditObjectIds	array[string]	Conditional	Array of audit object IDs (required if auditObjectGroupIds not provided)
auditObjectGroupIds	array[string]	Conditional	Array of audit object group IDs (required if auditObjectIds not provided)
name	string	Yes	Display name for the schedule
auditorHint	string	No	Hint text visible to auditors during the audit (max 2000 characters)
assigneesIds	array[string]	No	Array of user IDs to assign the generated audits to
daysOfWeek	array[integer]	Yes	Array of weekdays (0=Sunday, 1=Monday, 2=Tuesday, 3=Wednesday, 4=Thursday, 5=Friday, 6=Saturday)
repeatEvery	integer	Yes	Interval in weeks between audit creation
active	boolean	No	Schedule status (defaults to `true`)
startFromDate	string	No	UTC date when schedule should start (format: `yyyy-MM-ddTHH:mm:ss.fffZ`)
stopByDate	string	No	UTC date after which schedule should stop (format: `yyyy-MM-ddTHH:mm:ss.fffZ`)

Example Request

POST /schedules/weekly
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345
Content-Type: application/json

{
  "templateId": "123e4567-e89b-12d3-a456-426614174000",
  "auditObjectIds": [
    "456e7890-e89b-12d3-a456-426614174000",
    "789e0123-e89b-12d3-a456-426614174000"
  ],
  "name": "Weekly Operations Check",
  "auditorHint": "Review daily operations and maintenance logs",
  "assigneesIds": [
    "abc12345-e89b-12d3-a456-426614174000",
    "def67890-e89b-12d3-a456-426614174000"
  ],
  "daysOfWeek": [1, 3, 5],
  "repeatEvery": 2,
  "active": true,
  "startFromDate": "2024-01-01T08:00:00.000Z",
  "stopByDate": "2024-12-31T23:59:59.000Z"
}

Response

Success Response

HTTP/1.1 200 OK
Content-Type: application/json

{
  "id": "345678op-qrst-567g-hijk-678901234569"
}

For errors responses, see the response status codes documentation.

Create multiple weeks schedule
POST /schedules/multiple-weeks

Create a multi-week recurring schedule that generates audits at specified weekly intervals on a particular day of the week. This endpoint enables setting up automated audit creation with flexible multi-week recurrence patterns.

Parameters

Parameter	Type	Required	Description
templateId	string	Yes	The unique identifier of the audit template to use
auditObjectIds	array[string]	Conditional	Array of audit object IDs (required if auditObjectGroupIds not provided)
auditObjectGroupIds	array[string]	Conditional	Array of audit object group IDs (required if auditObjectIds not provided)
name	string	Yes	Display name for the schedule
auditorHint	string	No	Hint text visible to auditors during the audit (max 2000 characters)
assigneesIds	array[string]	No	Array of user IDs to assign the generated audits to
repeatEvery	integer	Yes	Interval in weeks between audit creation
startDay	integer	Yes	Day of the week to start audits (0=Sunday, 1=Monday, 2=Tuesday, 3=Wednesday, 4=Thursday, 5=Friday, 6=Saturday)
duration	integer	Yes	Audit duration in days (1 to repeatEvery×7)
active	boolean	No	Schedule status (defaults to `true`)
startFromDate	string	No	UTC date when schedule should start (format: `yyyy-MM-ddTHH:mm:ss.fffZ`)
stopByDate	string	No	UTC date after which schedule should stop (format: `yyyy-MM-ddTHH:mm:ss.fffZ`)

Example Request

POST /schedules/multiple-weeks
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345
Content-Type: application/json

{
  "templateId": "123e4567-e89b-12d3-a456-426614174000",
  "auditObjectIds": [
    "456e7890-e89b-12d3-a456-426614174000",
    "789e0123-e89b-12d3-a456-426614174000"
  ],
  "name": "Bi-weekly Equipment Check",
  "auditorHint": "Check all safety equipment and machinery",
  "assigneesIds": [
    "abc12345-e89b-12d3-a456-426614174000",
    "def67890-e89b-12d3-a456-426614174000"
  ],
  "repeatEvery": 2,
  "startDay": 1,
  "duration": 3,
  "active": true,
  "startFromDate": "2024-01-01T08:00:00.000Z",
  "stopByDate": "2024-12-31T23:59:59.000Z"
}

Response

Success Response

HTTP/1.1 200 OK
Content-Type: application/json

{
  "id": "901234op-qrst-567g-hijk-678901234567"
}

For errors responses, see the response status codes documentation.

Create monthly schedule
POST /schedules/monthly

Create a monthly recurring schedule that generates audits at specified intervals on a particular day of the month. This endpoint enables setting up automated audit creation with flexible monthly recurrence patterns.

Parameters

Parameter	Type	Required	Description
templateId	string	Yes	The unique identifier of the audit template to use
auditObjectIds	array[string]	Conditional	Array of audit object IDs (required if auditObjectGroupIds not provided)
auditObjectGroupIds	array[string]	Conditional	Array of audit object group IDs (required if auditObjectIds not provided)
name	string	Yes	Display name for the schedule
auditorHint	string	No	Hint text visible to auditors during the audit (max 2000 characters)
assigneesIds	array[string]	No	Array of user IDs to assign the generated audits to
repeatEvery	integer	Yes	Interval in months between audit creation
startRule	object	Yes	Rule to determine start of scheduling period
endRule	object	Yes	Rule to determine end of scheduling period
active	boolean	No	Schedule status (defaults to `true`)
startFromDate	string	No	UTC date when schedule should start (format: `yyyy-MM-ddTHH:mm:ss.fffZ`)
stopByDate	string	No	UTC date after which schedule should stop (format: `yyyy-MM-ddTHH:mm:ss.fffZ`)

Start rule description

The start rule determines when each audit period begins. Note: The first audit period begins at the closest date (based on the start rule) to the schedule creation date. For monthly schedules with Type 1 (StartOfMonth), the first period’s cycle month is always the closest month after (or on) the schedule creation date - if created after the 1st, the cycle starts in the next month.

First Period Examples:

Type 0 with day: 15: If the schedule is created on January 20, the first audit starts on February 15 (the next occurrence of day 15). If created on January 5, the first audit starts on January 15 (the upcoming occurrence in the same month).
Type 1 with cycleMonthStart: 1, repeatEvery: 3: The first period’s cycle month is the closest month after the creation date. If created in January, the first month of the cycle is February (the month after creation). For example, created on January 15 with cycleMonthStart: 1 and repeatEvery: 3 - the first cycle starts in February (month 1), March (month 2), April (month 3), so the first audit starts on February 1 (month 1 of that cycle).

There are 2 types of start rule:

Type 0 (DayOfMonth) - Start on a specific day of each scheduled month
Type 1 (StartOfMonth) - Start at the beginning of a specific month within the repeat cycle
```
{
"type": 0,
"day": number,
}
```

{
  "type": 1,
  "cycleMonthStart": number
}

Type 0 (DayOfMonth) - Specific Day of Month

When type is 0, the audit starts on a fixed day of each scheduled month. The day property must be greater than 0 and in the range 1-31, specifying which day of the month to start the audit.

How it works:

Each scheduled audit begins on the specified day of the month
If the month doesn’t have that day (e.g., day 31 in February), the system automatically uses the last day of that month
Leap year handling: Day 29 in February becomes Feb 29 in leap years and Feb 28 in non-leap years

Examples:

{ "type": 0, "day": 15 } - Audit starts on the 15th of each scheduled month (e.g., Jan 15, Feb 15, Mar 15)
{ "type": 0, "day": 1 } - Audit starts on the 1st of each scheduled month
{ "type": 0, "day": 31 } - Audit starts on the 31st (or last day if month has fewer days). February becomes Feb 29 in leap years, Feb 28 otherwise
{ "type": 0, "day": 29 } - Handles leap years: Feb 29 in leap years, Feb 28 in non-leap years

First Period Example:

Schedule created on January 20 with { "type": 0, "day": 15 } - First audit starts on February 15 (next occurrence)
Schedule created on January 5 with { "type": 0, "day": 15 } - First audit starts on January 15 (upcoming in same month)

Type 1 (StartOfMonth) - Beginning of Month in Cycle

When type is 1, the audit starts at the beginning (1st day) of a specific month within the repeat cycle. The cycleMonthStart property must be greater than 0 and specifies which month within the repeatEvery cycle should start the audit (1, 2, 3…).

How it works:

Each repeat cycle contains repeatEvery months
cycleMonthStart indicates the position within that cycle (1 = first month, 2 = second month, etc.)
The audit always starts on the 1st day of the selected month in each cycle
The first period’s cycle month is always the closest month after (or on) the schedule creation date. If created after the 1st of a month, the cycle starts in the next month. If created on the 1st, the cycle may start in the current month.

Examples:

{ "type": 1, "cycleMonthStart": 1 } with repeatEvery: 3 - Starts on the 1st day of the first month in each 3-month cycle (e.g., Jan 1, Apr 1, Jul 1, Oct 1)
{ "type": 1, "cycleMonthStart": 2 } with repeatEvery: 3 - Starts on the 1st day of the second month in each 3-month cycle (e.g., Feb 1, May 1, Aug 1, Nov 1)
{ "type": 1, "cycleMonthStart": 1 } with repeatEvery: 1 - Starts on the 1st day of every month

First Period Example:

Schedule created on January 15 with { "type": 1, "cycleMonthStart": 1 } and repeatEvery: 3 - First period cycle starts in February (the month after creation, which becomes month 1 of the cycle), first audit starts on February 1
Schedule created on January 1 with { "type": 1, "cycleMonthStart": 1 } and repeatEvery: 3 - First period cycle starts in January (creation month, month 1 of cycle), first audit starts on January 1
Schedule created on March 10 with { "type": 1, "cycleMonthStart": 1 } and repeatEvery: 3 - First period cycle starts in April (the month after creation, month 1 of cycle), first audit starts on April 1
Schedule created on February 5 with { "type": 1, "cycleMonthStart": 2 } and repeatEvery: 3 - First period cycle starts in March (the month after creation, month 1 of cycle), first audit starts on April 1 (month 2 of that cycle)

End rule description

The end rule determines when each audit period ends. There are 4 types of end rule:

Type 0 (EndOfMonth) - End at the end of a specific month within the cycle
Type 1 (AfterDays) - End after a fixed number of days from the audit start
Type 2 (AfterWeeks) - End after a fixed number of weeks from the audit start
Type 3 (BeforeNextStarts) - End one day before the next audit begins

Important: In all cases, if the calculated end date would overlap with the next audit’s start date, the system automatically adjusts it to end one day before the next audit starts to prevent overlaps.

{
  "type": 0,
  "cycleMonthEnd": number
}

{
  "type": 1,
  "days": number
}

{
  "type": 2,
  "weeks": number
}

{
  "type": 3
}

Type 0 (EndOfMonth) - End at End of Month in Cycle

When type is 0, the audit ends at the end of a specific month within the repeat cycle. The cycleMonthEnd property must be greater than 0 and specifies which month within the cycle the audit should end (1, 2, 3…).

How it works:

cycleMonthEnd: 1 means the audit ends at the end of the same month it started
cycleMonthEnd: 2 means the audit ends at the end of the second month in the cycle
The end date is the last day of the specified month at end of day (23:59:59)

Example:

{ "type": 0, "cycleMonthEnd": 1 } with start on Jan 15 - Audit ends on Jan 31
{ "type": 0, "cycleMonthEnd": 2 } with start on Jan 15, repeatEvery: 3 - Audit ends on Feb 28/29

Type 1 (AfterDays) - End After N Days

When type is 1, the audit ends a fixed number of days after it starts. The days property must be greater than 0 and specifies how many days the audit period lasts.

How it works:

The end date is calculated by adding days to the audit start date
If this would overlap with the next audit, it’s automatically adjusted to end one day before the next audit starts

Example:

{ "type": 1, "days": 20 } with start on Jan 15 - Audit ends on Feb 4 (Jan 15 + 20 days)

Type 2 (AfterWeeks) - End After N Weeks

When type is 2, the audit ends a fixed number of weeks after it starts. The weeks property must be greater than 0 and specifies how many weeks the audit period lasts.

How it works:

The end date is calculated by adding weeks * 7 days to the audit start date
If this would overlap with the next audit, it’s automatically adjusted to end one day before the next audit starts

Example:

{ "type": 2, "weeks": 3 } with start on Jan 15 - Audit ends on Feb 5 (Jan 15 + 21 days)

Type 3 (BeforeNextStarts) - End Before Next Audit

When type is 3, the audit automatically ends one day before the next scheduled audit begins. This ensures no overlap between consecutive audits.

How it works:

No additional properties are needed
The system calculates when the next audit will start based on repeatEvery and the start rule
The current audit ends the day before that next start date

Example:

With repeatEvery: 1 and start on Jan 15 - Next audit starts Feb 15, so current audit ends Feb 14

Example Request

POST /schedules/monthly
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345
Content-Type: application/json

{
  "templateId": "123e4567-e89b-12d3-a456-426614174000",
  "auditObjectIds": [
    "456e7890-e89b-12d3-a456-426614174000",
    "789e0123-e89b-12d3-a456-426614174000"
  ],
  "name": "Monthly Compliance Review",
  "auditorHint": "Review all compliance documentation and procedures",
  "assigneesIds": [
    "abc12345-e89b-12d3-a456-426614174000",
    "def67890-e89b-12d3-a456-426614174000"
  ],
  "repeatEvery": 1,
  "startRule": {
    "type": 0,
    "day": 29,
  },
  "endRule": {
    "type": 1,
    "days": 3
  },
  "active": true,
  "startFromDate": "2024-01-01T08:00:00.000Z",
  "stopByDate": "2024-12-31T23:59:59.000Z"
}

Response

Success Response

HTTP/1.1 200 OK
Content-Type: application/json

{
  "id": "456789op-qrst-567g-hijk-678901234570"
}

For errors responses, see the response status codes documentation.

Update schedule
PUT /schedules/{scheduleId}

Update an existing schedule’s configuration, including audit objects, assignments, and recurrence patterns. This endpoint allows modification of all aspects of a schedule except its template.

Parameters

Parameter	Type	Required	Description
scheduleId	string	Yes	The unique identifier of the schedule to update
auditObjectIds	array[string]	Conditional	Array of audit object IDs (required if auditObjectGroupIds not provided)
auditObjectGroupIds	array[string]	Conditional	Array of audit object group IDs (required if auditObjectIds not provided)
name	string	Yes	Display name for the schedule
auditorHint	string	No	Hint text visible to auditors during the audit (max 2000 characters)
assigneesIds	array[string]	No	Array of user IDs to assign the generated audits to
repeatPattern	integer	Yes	Schedule repeat pattern (0=One-time, 1=Daily, 2=Multiple Weeks, 3=Monthly, 4=Weekly)
repeat	object	Yes	Repeat configuration options (varies by repeatPattern)
active	boolean	No	Schedule status (defaults to `true`, ignored for one-time schedules)
startFromDate	string	No	UTC date when schedule should start (format: `yyyy-MM-ddTHH:mm:ss.fffZ`, ignored for one-time)
stopByDate	string	No	UTC date after which schedule should stop (format: `yyyy-MM-ddTHH:mm:ss.fffZ`, ignored for one-time)

Repeat Pattern Options

One-time (repeatPattern: 0)

{
  "startDate": "2024-02-01T08:00:00.000Z",
  "endDate": "2024-02-15T17:00:00.000Z"
}

Daily (repeatPattern: 1)

{
  "repeatEvery": 3
}

Multiple Weeks (repeatPattern: 2)

{
  "repeatEvery": 2,
  "startDay": 1,
  "duration": 5
}

Monthly (repeatPattern: 3)

{
  "repeatEvery": 1,
  "startRule": {
    "type": 0,
    "day": 15
  },
  "endRule": {
    "type": 1,
    "days": 20
  }
}

First Period Examples:

Type 0 with day: 15: Schedule created on January 20 → first audit starts on February 15. Created on January 5 → first audit starts on January 15.
Type 1 with cycleMonthStart: 1, repeatEvery: 3: Created on January 15 → first period cycle starts in February (month after creation, becomes month 1 of cycle), audit starts February 1. Created on January 1 → first period cycle starts in January (creation month, month 1 of cycle), audit starts January 1. Created on March 10 → first period cycle starts in April (month after creation, month 1 of cycle), audit starts April 1.

StartRule types:

The start rule determines when each audit period begins.

Type 0 (DayOfMonth) - Start on a specific day of each scheduled month:
```
{
"type": 0,
"day": 15
}
```
- The day property must be greater than 0 and in the range 1-31, specifying which day of the month to start
- If the month doesn’t have that day (e.g., day 31 in February), the system uses the last day of that month
- Handles leap years automatically (e.g., day 29 = Feb 29 in leap years, Feb 28 otherwise)
- First period example: Schedule created on Jan 20 with day: 15 → first audit starts on Feb 15
Type 1 (StartOfMonth) - Start at the beginning of a specific month within the repeat cycle:
```
{
"type": 1,
"cycleMonthStart": 1
}
```
- The cycleMonthStart property must be greater than 0 and specifies which month within the repeatEvery cycle to start (1, 2, 3…)
- The audit always starts on the 1st day of the selected month in each cycle
- Example: cycleMonthStart: 1 with repeatEvery: 3 starts on Jan 1, Apr 1, Jul 1, Oct 1
- First period example: Schedule created on Jan 15 with cycleMonthStart: 1 and repeatEvery: 3 → first audit starts on Apr 1

EndRule types:

The end rule determines when each audit period ends. In all cases, if the calculated end date would overlap with the next audit’s start date, the system automatically adjusts it to end one day before the next audit starts to prevent overlaps.

Type 0 (EndOfMonth) - End at the end of a specific month within the cycle:
```
{
"type": 0,
"cycleMonthEnd": 1
}
```
- The cycleMonthEnd property must be greater than 0 and specifies which month within the cycle to end (1, 2, 3…)
- cycleMonthEnd: 1 = end of same month as start, 2 = end of second month, etc.
Type 1 (AfterDays) - End after a fixed number of days from the audit start:
```
{
"type": 1,
"days": 20
}
```
- The days property must be greater than 0 and specifies how many days after the start date the audit ends
- Example: Start on Jan 15 with days: 20 ends on Feb 4
Type 2 (AfterWeeks) - End after a fixed number of weeks from the audit start:
```
{
"type": 2,
"weeks": 3
}
```
- The weeks property must be greater than 0 and specifies how many weeks after the start date the audit ends
- Example: Start on Jan 15 with weeks: 3 ends on Feb 5 (21 days later)
Type 3 (BeforeNextStarts) - End one day before the next audit begins:
```
{
"type": 3
}
```
- No additional properties needed
- Automatically ends one day before the next scheduled audit starts, ensuring no overlap

Complete Monthly Examples:

Example with DayOfMonth start and AfterDays end:

{
  "repeatEvery": 1,
  "startRule": {
    "type": 0,
    "day": 15
  },
  "endRule": {
    "type": 1,
    "days": 20
  }
}

Example with StartOfMonth start and EndOfMonth end:

{
  "repeatEvery": 3,
  "startRule": {
    "type": 1,
    "cycleMonthStart": 1
  },
  "endRule": {
    "type": 0,
    "cycleMonthEnd": 3
  }
}

Example with DayOfMonth start and BeforeNextStarts end:

{
  "repeatEvery": 1,
  "startRule": {
    "type": 0,
    "day": 10
  },
  "endRule": {
    "type": 3
  }
}

Weekly (repeatPattern: 4)

{
  "daysOfWeek": [1, 3, 5],
  "repeatEvery": 2,
}

Example Request

PUT /schedules/456e7890-e89b-12d3-a456-426614174000
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345
Content-Type: application/json

{
  "auditObjectIds": [
    "456e7890-e89b-12d3-a456-426614174000",
    "789e0123-e89b-12d3-a456-426614174000"
  ],
  "name": "Updated Daily Safety Check",
  "auditorHint": "Updated instructions: Focus on new safety protocols",
  "assigneesIds": [
    "abc12345-e89b-12d3-a456-426614174000",
    "def67890-e89b-12d3-a456-426614174000"
  ],
  "repeatPattern": 1,
  "repeat": {
    "repeatEvery": 2
  },
  "active": true,
  "startFromDate": "2024-02-01T08:00:00.000Z",
  "stopByDate": "2024-12-31T23:59:59.000Z"
}

Response

Success Response

HTTP/1.1 200 OK

Empty response body indicates successful schedule update.

For errors responses, see the response status codes documentation.

Delete schedules
DELETE /schedules

Delete multiple schedules in a single request. All unstarted audits for the selected schedules will be deleted.

Request Headers

Header	Type	Required	Description
`X-API-KEY`	string	Yes	API authentication key
`Content-Type`	string	Yes	Must be `application/json`

Request Body Parameters

Parameter	Type	Required	Description
`ids`	array[string]	Yes	Array of schedule IDs to delete

Example Request

DELETE /schedules
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345
Content-Type: application/json

{
  "ids": [
    "123e4567-e89b-12d3-a456-426614174000",
    "987f6543-a21b-43c5-d654-321987654321"
  ]
}

Response

Success Response

HTTP/1.1 200 OK

For errors responses, see the response status codes documentation.

Audit Templates

Copy template to another company
POST /audit/templates/copy

Copy a published audit template from the current authorized company to another company where the authenticated user has access. The template will be copied as a published template and associated with a score system in the target company.

Prerequisites:

The source template must exist in the current authorized company (the company associated with the API key used for authentication)
The authenticated user must have template management permissions in the current authorized company
The authenticated user must have an account in the target company
The authenticated user must have template management permissions in the target company
If copyScoreSystem is false, the target company must have at least one score system

Request Headers

Header	Type	Required	Description
`X-API-KEY`	string	Yes	API authentication key
`Content-Type`	string	Yes	Must be `application/json`

Request Body Parameters

Parameter	Type	Required	Description
`templateId`	uuid	Yes	The unique identifier of the source template to copy from the current authorized company
`targetCompanyId`	uuid	Yes	The unique identifier of the target company where the template will be copied. Use the Get accessible companies endpoint to retrieve a list of companies accessible to the authenticated user
`copyScoreSystem`	boolean	Yes	If `true`, the score system from the source template will be copied to the target company along with all its elements, and the copied template will use this new score system. If `false`, the copied template will be linked to the default score system in the target company

Example Request (Copy with Default Score System)

POST /audit/templates/copy
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345
Content-Type: application/json

{
  "templateId": "567890ab-cdef-1234-5678-90abcdef1234",
  "targetCompanyId": "123e4567-e89b-12d3-a456-426614174000",
  "copyScoreSystem": false
}

Example Request (Copy with Source Score System)

POST /audit/templates/copy
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345
Content-Type: application/json

{
  "templateId": "567890ab-cdef-1234-5678-90abcdef1234",
  "targetCompanyId": "123e4567-e89b-12d3-a456-426614174000",
  "copyScoreSystem": true
}

Response

Success Response

HTTP/1.1 200 OK
Content-Type: application/json

{
  "templateId": "98765432-1234-5678-90ab-cdef12345678"
}

Response Fields

Field	Type	Description
`templateId`	uuid	The unique identifier of the newly copied template in the target company

The response contains the unique identifier of the copied template. The template is now available in the target company and can be used for creating audits.

Note: All files associated with the template (such as images) are also copied to the target company. When copyScoreSystem is true, a new score system is created in the target company with all its elements (labels, colors, thresholds) copied from the source template’s score system.

Error Responses

Template Not Found (409)

HTTP/1.1 409 Conflict
Content-Type: application/json

{
  "message": "template/not-found"
}

Template Not Accessible (409)

HTTP/1.1 409 Conflict
Content-Type: application/json

{
  "message": "template/not-accessible"
}

Occurs when the source template does not exist in the current authorized company (the company associated with the API key used for authentication).

Company Not Accessible (409)

HTTP/1.1 409 Conflict
Content-Type: application/json

{
  "message": "company/not-accessible"
}

Occurs when the authenticated user does not have an account in the target company.

Permissions Error (409)

HTTP/1.1 409 Conflict
Content-Type: application/json

{
  "message": "permissions/can-manage-templates"
}

Occurs when the authenticated user does not have template management permissions in the current authorized company or target company.

No Default Score System (409)

HTTP/1.1 409 Conflict
Content-Type: application/json

{
  "message": "score-system/no-default-score-system"
}

Occurs when copyScoreSystem is false and the target company does not have at least one score system.

For errors responses, see the response status codes documentation.

Get audit templates list
GET /audit/templates

Retrieve a simple list of all audit templates with their ID and name pairs. This endpoint provides a lightweight response ideal for populating dropdown menus and template selection interfaces.

Example Request

GET /audit/templates
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345

Response

Success Response

HTTP/1.1 200 OK
Content-Type: application/json

[
  {
    "id": "567890ab-cdef-1234-5678-90abcdef1234",
    "name": "Safety Inspection Template"
  },
  {
    "id": "678901bc-defa-2345-6789-01bcdef12345",
    "name": "Equipment Maintenance Check"
  },
  {
    "id": "789012cd-efab-3456-789a-12cdef123456",
    "name": "Compliance Audit Form"
  }
]

For errors responses, see the response status codes documentation.

Get audit templates detailed list
GET /audit/templates/detailed

Retrieve a detailed, paginated list of audit templates available in your MonitorQA system. This endpoint provides comprehensive template information with filtering and search capabilities.

Query Parameters

Parameter	Type	Required	Description
templateType	integer	No	Filter templates by type
search	string	No	Filter templates by name (partial match)
pageNumber	integer	No	Page number for pagination (starts from 1)
pageSize	integer	No	Number of items per page

Example Request

GET /audit/templates/detailed?search=safety&pageNumber=1&pageSize=10
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345

Response

Success Response

HTTP/1.1 200 OK
Content-Type: application/json

{
  "data": [
    {
      "id": "567890ab-cdef-1234-5678-90abcdef1234",
      "name": "Safety Inspection Template",
      "templateType": 0
    },
    {
      "id": "678901bc-defa-2345-6789-01bcdef12345",
      "name": "Equipment Safety Check",
      "templateType": 1
    }
  ],
  "meta": {
    "pageNumber": 1,
    "pageSize": 10,
    "totalCount": 25
  }
}

For errors responses, see the response status codes documentation.

Audit objects

Create a new audit object
POST /audit/objects

Create a new audit object with specified properties including name, notes, and geographic location.

Request Headers

Header	Type	Required	Description
`X-API-KEY`	string	Yes	API authentication key
`Content-Type`	string	Yes	Must be `application/json`

Request Body Parameters

Parameter	Type	Required	Description
`name`	string	Yes	Audit object name
`notes`	string	No	Notes visible to auditor during audit (max 800 characters)
`geoAddress`	object	No	Geographic address information (all fields required when provided)
`geoAddress.lat`	string	No	Latitude coordinate
`geoAddress.lng`	string	No	Longitude coordinate
`geoAddress.name`	string	No	Location name
`geoAddress.address`	string	No	Street address

Example Request

POST /audit/objects
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345
Content-Type: application/json

{

  "name": "Warehouse Section A",
  "notes": "Storage area for temperature-sensitive materials",
  "geoAddress": {
    "lat": "40.7128",
    "lng": "-74.0060",
    "name": "Warehouse Building",
    "address": "456 Industrial Blvd, New York, NY 10002"
  }
}

Response

Success Response

HTTP/1.1 200 OK
Content-Type: application/json

{
  "id": "a1b2c3d4-e5f6-789a-bcde-f01234567890"   
}

For errors responses, see the response status codes documentation.

Update an audit object
PUT /audit/objects/{id}

Update an existing audit object with new information including name, notes, and geographic location.

Request Headers

Header	Type	Required	Description
`X-API-KEY`	string	Yes	API authentication key
`Content-Type`	string	Yes	Must be `application/json`

Path Parameters

Parameter	Type	Required	Description
`id`	string	Yes	Unique identifier of the audit object

Request Body Parameters

Parameter	Type	Required	Description
`name`	string	Yes	Audit object name
`notes`	string	No	Notes visible to auditor during audit (max 800 characters)
`geoAddress`	object	No	Geographic address information (all fields required when provided)
`geoAddress.lat`	string	No	Latitude coordinate
`geoAddress.lng`	string	No	Longitude coordinate
`geoAddress.name`	string	No	Location name
`geoAddress.address`	string	No	Street address

Example Request

PUT /audit/objects/{id}
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345
Content-Type: application/json

{

  "name": "Main Production Facility",
  "notes": "Located on the second floor, requires safety equipment",
  "geoAddress": {
    "lat": "40.7128",
    "lng": "-74.0060",
    "name": "Main Building",
    "address": "123 Business Park Dr, New York, NY 10001"
  }
}

Response

Success Response

HTTP/1.1 200 OK

For errors responses, see the response status codes documentation.

Get list of audit objects
GET /audit/objects

Retrieve a list of all audit objects belonging to your company. This endpoint provides a simple collection of audit objects with their basic identification information, ideal for populating selection lists.

Example Request

GET /audit/objects
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345

Response

Success Response

HTTP/1.1 200 OK
Content-Type: application/json

[
  {
    "id": "789abcde-f123-4567-8901-234567890123",
    "name": "Manufacturing Line A"
  },
  {
    "id": "234567890-abcd-efgh-ijkl-mnopqrstuvwx",
    "name": "Warehouse Section B"
  },
  {
    "id": "345678901-bcde-fghi-jklm-nopqrstuvwxy",
    "name": "Quality Control Lab"
  }
]

For errors responses, see the response status codes documentation.

Get an audit object details
GET /audit/object/{id}

Retrieve detailed information about a specific audit object, including its participants, attributes, and location data. This endpoint provides comprehensive audit object details needed for audit planning and execution.

Parameters

Parameter	Type	Required	Description
id	string	Yes	The unique identifier of the audit object

Example Request

GET /audit/object/123e4567-e89b-12d3-a456-426614174000
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345

Response

Success Response

HTTP/1.1 200 OK
Content-Type: application/json

{
  "id": "789abcde-f123-4567-8901-234567890123",
  "name": "Manufacturing Line A",
  "notes": "Primary production line for automotive parts",
  "participantUserGroups": [
    {
      "id": "123456gh-ijkl-789a-bcde-f12345678901",
      "name": "Production Supervisors"
    }
  ],
  "participantUsers": [
    {
      "id": "123e4567-e89b-12d3-a456-426614174000",
      "name": "John Smith"
    }
  ],
  "auditObjectGroupIds": [
    "234567hi-jklm-890a-bcde-f12345678902"
  ],
  "attributes": [
    {
      "attributeId": "890123de-fghi-4567-890a-bcdef1234567",
      "attributeName": "Department",
      "optionId": "678901bc-defa-2345-6789-01bcdef12345",
      "optionName": "Production"
    }
  ],
  "geoAddress": {
    "lat": "40.7128",
    "lng": "-74.0060",
    "name": "Factory Floor A",
    "address": "123 Industrial Ave, Manufacturing City, MC 12345"
  }
}

For errors responses, see the response status codes documentation.

Delete audit objects
DELETE /audit/objects

Delete multiple audit objects in a single request.

Request Headers

Header	Type	Required	Description
`X-API-KEY`	string	Yes	API authentication key
`Content-Type`	string	Yes	Must be `application/json`

Request Body Parameters

Parameter	Type	Required	Description
`ids`	array[string]	Yes	Array of audit object IDs to delete

Example Request

DELETE /audit/objects
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345
Content-Type: application/json

{
  "ids": [
    "123e4567-e89b-12d3-a456-426614174000",
    "987f6543-a21b-43c5-d654-321987654321"
  ]
}

Response

Success Response

HTTP/1.1 200 OK

For errors responses, see the response status codes documentation.

Assign Attributes to Audit Object
POST /audit/objects/{id}/attributes

Assign multiple attributes to a specific audit object. This endpoint enables categorizing and tagging audit objects with custom attributes for better organization and filtering. Duplicate assignments are ignored, and invalid options will not be assigned.

Parameters

Parameter	Type	Required	Description
id	string	Yes	The unique identifier of the audit object
attributes	array[object]	Yes	Array of attribute-option pairs to assign
attributes[].attributeId	string	Yes	The ID of the attribute
attributes[].optionId	string	Yes	The ID of the specific option within the attribute

Example Request

POST /audit/objects/{id}/attributes
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345
Content-Type: application/json

{
  "attributes": [
    {
      "attributeId": "890123de-fghi-4567-890a-bcdef1234567",
      "optionId": "678901bc-defa-2345-6789-01bcdef12345"
    },
    {
      "attributeId": "901234ef-ghij-5678-90ab-cdef12345678",
      "optionId": "789012cd-efab-3456-789a-12cdef123456"
    },
    {
      "attributeId": "012345fg-hijk-6789-01bc-def123456789",
      "optionId": "123456gh-ijkl-789a-bcde-f12345678901"
    }
  ]
}

Response

Success Response

HTTP/1.1 200 OK

Empty response body indicates successful assignment of attributes to the audit object.

For errors responses, see the response status codes documentation.

Delete Attributes Assignments from Audit Object
DELETE /audit/objects/{id}/attributes

Remove specific attribute assignments from an audit object. This endpoint enables unassigning particular attribute-option combinations while leaving other assignments intact. Invalid attribute or option IDs are silently ignored.

Parameters

Parameter	Type	Required	Description
id	string	Yes	The unique identifier of the audit object
attributes	array[object]	Yes	Array of attribute-option pairs to remove
attributes[].attributeId	string	Yes	The ID of the attribute
attributes[].optionId	string	Yes	The ID of the specific option within the attribute

Example Request

DELETE /audit/objects/{id}/attributes
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345
Content-Type: application/json

{
  "attributes": [
    {
      "attributeId": "890123de-fghi-4567-890a-bcdef1234567",
      "optionId": "678901bc-defa-2345-6789-01bcdef12345"
    },
    {
      "attributeId": "901234ef-ghij-5678-90ab-cdef12345678",
      "optionId": "789012cd-efab-3456-789a-12cdef123456"
    }
  ]
}

Response

Success Response

HTTP/1.1 200 OK

Empty response body indicates successful removal of specified attribute assignments from the audit object.

For errors responses, see the response status codes documentation.

User groups

Get list of user groups
GET /user-groups

Retrieve a list of all user groups within the company. This endpoint provides the basic identification information for user groups, which can be used for audit assignments and access management.

Example Request

GET /user-groups
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345

Response

Success Response

HTTP/1.1 200 OK
Content-Type: application/json

[
  {
    "id": "123456gh-ijkl-789a-bcde-f12345678901",
    "name": "Safety Inspectors"
  },
  {
    "id": "234567hi-jklm-890a-bcde-f12345678902",
    "name": "Quality Assurance Team"
  },
  {
    "id": "345678ij-klmn-901a-bcde-f12345678903",
    "name": "Maintenance Supervisors"
  }
]

For errors responses, see the response status codes documentation.

Users

Get list of users
GET /users

Retrieve a list of all users within the company account. This endpoint provides essential user information including ID, name, and email address for user management and audit assignments.

Example Request

GET /users
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345

Response

Success Response

HTTP/1.1 200 OK
Content-Type: application/json

[
  {
    "id": "123e4567-e89b-12d3-a456-426614174000",
    "name": "John Smith",
    "email": "john.smith@company.com"
  },
  {
    "id": "987fcdeb-51d2-43e8-b456-426614174001",
    "name": "Sarah Johnson",
    "email": "sarah.johnson@company.com"
  },
  {
    "id": "456e7890-e89b-12d3-a456-426614174002",
    "name": "Mike Wilson",
    "email": "mike.wilson@company.com"
  }
]

For errors responses, see the response status codes documentation.

Get user details
GET /users/{id}

Retrieve detailed information about a specific user by their unique identifier. This endpoint provides comprehensive user information including role, permissions, and account details.

Request Headers

Header	Type	Required	Description
`X-API-KEY`	string	Yes	API authentication key

Path Parameters

Parameter	Type	Required	Description
`id`	uuid	Yes	The unique identifier of the user

Example Request

GET /users/123e4567-e89b-12d3-a456-426614174000
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345

Response

Success Response

HTTP/1.1 200 OK
Content-Type: application/json

{
  "id": "123e4567-e89b-12d3-a456-426614174000",
  "name": "John Smith",
  "email": "john.smith@company.com",
  "role": {
    "id": "456e7890-e89b-12d3-a456-426614174001",
    "name": "Senior Auditor",
    "roleType": 1
  }
}

Response Fields

Field	Type	Description
`id`	uuid	The unique identifier of the user
`name`	string	The user’s full name
`email`	string	The user’s email address
`role`	object	The user’s role information
`role.id`	uuid	The unique identifier of the role
`role.name`	string	The role name
`role.roleType`	number	The role type. Values: `0` (Admin), `1` (Auditor), `2` (Auditee), `3` (Observer)

For errors responses, see the response status codes documentation.

Create user
POST /users

Create a new user within the company. The user will receive an invitation email to set up their account and access the MonitorQA platform.

Request Headers

Header	Type	Required	Description
`X-API-KEY`	string	Yes	API authentication key

Request Body Parameters

Parameter	Type	Required	Description
`email`	string	Yes	User’s email address (must be unique within the company)
`fullName`	string	Yes	User’s full name for display purposes
`roleId`	string	Yes	Unique identifier of the role to assign to the user
`phone`	string	No	User’s phone number (maximum 50 characters)

Example Request

POST /users
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345
Content-Type: application/json

{
  "fullName": "John Smith", 
  "email": "john.smith@company.com",
  "roleId": "123e4567-e89b-12d3-a456-426614174000",
  "phone": "+1-555-123-4567"
}

Response

Success Response

HTTP/1.1 200 OK
Content-Type: application/json

{
  "id": "a1b2c3d4-e5f6-789a-bcde-f01234567890"   
}

For errors responses, see the response status codes documentation.

Update user
PUT /users/{id}

Update an existing user’s information within the company account. This endpoint enables modifying a user’s name, role, and phone number while preserving other account details.

Parameters

Parameter	Type	Required	Description
id	string	Yes	The unique identifier of the user to update
fullName	string	Yes	The user’s full name
roleId	string	No	The ID of the role to assign to the user (if not specified, role remains unchanged)
phone	string	No	The user’s phone number (max 50 characters)

Example Request

PUT /users/123e4567-e89b-12d3-a456-426614174000
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345
Content-Type: application/json

{
  "fullName": "John David Smith",
  "roleId": "456e7890-e89b-12d3-a456-426614174000",
  "phone": "+1-555-0123"
}

Response

Success Response

HTTP/1.1 200 OK

Empty response body indicates successful user update.

For errors responses, see the response status codes documentation.

Delete users
DELETE /users

Delete multiple users from the company account. This endpoint enables removing users in bulk by providing an array of user IDs. Use caution as this action cannot be undone.

Parameters

Parameter	Type	Required	Description
ids	array[string]	Yes	Array of user IDs to be deleted

Example Request

DELETE /users
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345
Content-Type: application/json

{
  "ids": [
    "123e4567-e89b-12d3-a456-426614174000",
    "456e7890-e89b-12d3-a456-426614174000",
    "789e0123-e89b-12d3-a456-426614174000"
  ]
}

Response

Success Response

HTTP/1.1 200 OK

Empty response body indicates successful deletion of specified users.

For errors responses, see the response status codes documentation.

Company

Get company information
GET /company

Retrieve basic information about the company account. This endpoint provides essential company details including the unique company identifier, display name, file identifiers for uploaded logo and icon images, usage purpose, and custom audit object name.

Example Request

GET /company
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345

Response

Success Response

HTTP/1.1 200 OK
Content-Type: application/json

{
  "id": "456789jk-lmno-012b-cdef-123456789012",
  "name": "Acme Manufacturing Corp",
  "logoFileId": "123e4567-e89b-12d3-a456-426614174000",
  "iconFileId": "789e4567-e89b-12d3-a456-426614174001",
  "usagePurpose": 0,
  "customAuditObjectName": null
}

Example Response (Other Usage Purpose)

HTTP/1.1 200 OK
Content-Type: application/json

{
  "id": "456789jk-lmno-012b-cdef-123456789012",
  "name": "Custom Company Inc",
  "logoFileId": null,
  "iconFileId": null,
  "usagePurpose": 6,
  "customAuditObjectName": "Facility"
}

Response Fields

Field	Type	Description
`id`	uuid	The unique identifier of the company
`name`	string	The company name
`logoFileId`	uuid	Optional. The unique identifier of the company logo file, if a logo has been uploaded
`iconFileId`	uuid	Optional. The unique identifier of the company icon file, if an icon has been uploaded
`usagePurpose`	number	Optional. The primary usage purpose for the company. Valid values: `0` (Locations), `1` (Stores), `2` (Sites), `3` (Machines), `4` (Plants), `5` (Vehicles), `6` (Other), `7` (Processes)
`customAuditObjectName`	string	Optional. Custom name for the audit object type when `usagePurpose` is `6` (Other)

For errors responses, see the response status codes documentation.

Delete company
DELETE /company

⚠️ DANGER ZONE ⚠️

Permanently delete the entire company account from the MonitorQA system. This is an irreversible action that will completely remove all data associated with the organization.

⚠️ WARNING: This action cannot be undone!

Deleting the company account will:

Cancel your active subscription immediately
Remove all company users and revoke their access
Delete all audits, schedules, and historical data
Remove all audit objects, templates, and configurations
Delete all corrective actions and related records
Stop all future billing charges

Example Request

DELETE /company
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345

Response

Success Response

HTTP/1.1 200 OK

Empty response body indicates successful account deletion. The API key will be immediately invalidated after this operation.

For errors responses, see the response status codes documentation.

Create company
POST /company

Create a new company account. This endpoint sets up a new organization with an initial company administrator. The authenticated user becomes the company administrator for the newly created company. The company administrator’s email address is automatically set to the email address associated with the authenticated user’s API key.

Important: In order to work with the created company, the user must authenticate with the returned API key. The response includes an apiKey field that contains a unique API key for the newly created company. All subsequent API requests for the newly created company must use this apiKey value as the X-API-KEY header. The API key is automatically generated and can be used immediately after company creation. Without using the returned API key, API requests will not have access to the newly created company’s resources.

Note: To retrieve a list of available IANA time zones, use the Get timezones endpoint.

Request Headers

Header	Type	Required	Description
`X-API-KEY`	string	Yes	API authentication key
`Content-Type`	string	Yes	Must be `application/json`

Request Body Parameters

Parameter	Type	Required	Description
`companyName`	string	Yes	The company name. Must be a valid company name format.
`companyAdmin`	object	Yes	Company administrator information
`companyAdmin.fullName`	string	Yes	Full name of the company administrator. Must be a valid user name format.
`companyAdmin.phone`	string	No	Phone number of the company administrator
`usagePurpose`	number	Yes	The primary usage purpose for the company. Valid values: `0` (Locations), `1` (Stores), `2` (Sites), `3` (Machines), `4` (Plants), `5` (Vehicles), `6` (Other), `7` (Processes)
`usagePurposeObjectName`	string	Conditional	Required when `usagePurpose` is `6` (Other). Custom name for the audit object type
`ianaTimeZone`	string	No	IANA time zone identifier (e.g., “America/New_York”, “Europe/London”)

Usage Purpose Values

Value	Description
`0`	Locations
`1`	Stores
`2`	Sites
`3`	Machines
`4`	Plants
`5`	Vehicles
`6`	Other
`7`	Processes

Example Request (Minimum Required Fields)

POST /company
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345
Content-Type: application/json

{
  "companyName": "Example Company",
  "companyAdmin": {
    "fullName": "Admin Name"
  },
  "usagePurpose": 0
}

Example Request (All Fields)

POST /company
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345
Content-Type: application/json

{
  "companyName": "Example Company",
  "companyAdmin": {
    "fullName": "Admin Name",
    "phone": "+1-555-123-4567"
  },
  "usagePurpose": 0,
  "ianaTimeZone": "America/New_York"
}

Example Request (Other Usage Purpose)

POST /company
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345
Content-Type: application/json

{
  "companyName": "Example Company",
  "companyAdmin": {
    "fullName": "Admin Name",
    "phone": "+1-555-123-4567"
  },
  "usagePurpose": 6,
  "usagePurposeObjectName": "Facility",
  "ianaTimeZone": "America/Los_Angeles"
}

Response

Success Response

HTTP/1.1 200 OK
Content-Type: application/json

{
  "companyId": "456789jk-lmno-012b-cdef-123456789012",
  "apiKey": "12345678-1234-1234-1234-123456789012"
}

Response Fields

Field	Type	Description
`companyId`	uuid	The unique identifier of the newly created company
`apiKey`	string	The API key for the newly created company. This key can be used to authenticate requests for the new company

The response contains the unique identifier and API key of the newly created company. The API key is automatically generated and can be used immediately to authenticate requests for the new company.

For errors responses, see the response status codes documentation.

Upload company logo
POST /company/logo

Upload a logo image for the company. Supported image formats: PNG, JPEG (content types: image/png, image/jpeg, image/jpg).

Request Headers

Header	Type	Required	Description
`X-API-KEY`	string	Yes	API authentication key
`Content-Type`	string	Yes	Must be `multipart/form-data`

Request Body

The request must be a multipart form-data upload containing a single image file.

Note: Only the first file in the request body will be processed. Any additional files will be ignored.

Parameter	Type	Required	Description
File	file	Yes	The logo image file to upload. Must include a `Content-Type` header set to one of: `image/png`, `image/jpeg`, or `image/jpg`

Example Request

POST /company/logo
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary7MA4YWxkTrZu0gW

------WebKitFormBoundary7MA4YWxkTrZu0gW
Content-Disposition: form-data; name="file"; filename="logo.png"
Content-Type: image/png

[Binary file content]
------WebKitFormBoundary7MA4YWxkTrZu0gW--

Response

Success Response

HTTP/1.1 200 OK

Empty response body indicates successful logo upload.

Error Responses

The API will return 400 Bad Request in the following cases:

Content-Type header is missing from the request
File Content-Type is missing or not one of the allowed image types
The request couldn’t be processed

For other error responses, see the response status codes documentation.

Get accessible companies
GET /company/accessible

Retrieve a list of all companies accessible to the authenticated user. This endpoint returns all companies where the user has an account. This is useful for users who have access to multiple companies and need to switch between them or select a target company for template copying operations.

Request Headers

Header	Type	Required	Description
`X-API-KEY`	string	Yes	API authentication key

Example Request

GET /company/accessible
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345

Response

Success Response

HTTP/1.1 200 OK
Content-Type: application/json

[
  {
    "id": "123e4567-e89b-12d3-a456-426614174000",
    "name": "Acme Manufacturing Corp"
  },
  {
    "id": "234e5678-e89b-12d3-a456-426614174004",
    "name": "Quality Control Inc"
  }
]

Response Fields

Field	Type	Description
`id`	uuid	The unique identifier of the company
`name`	string	The company name

For errors responses, see the response status codes documentation.

Delete company logo
DELETE /company/logo

Remove the company logo. This action permanently deletes the logo from the company profile.

Request Headers

Header	Type	Required	Description
`X-API-KEY`	string	Yes	API authentication key

Example Request

DELETE /company/logo
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345

Response

Success Response

HTTP/1.1 200 OK

Empty response body indicates successful logo deletion.

For errors responses, see the response status codes documentation.

Upload company icon
POST /company/icon

Upload an icon image for the company. Supported image formats: PNG, JPEG (content types: image/png, image/jpeg, image/jpg).

Request Headers

Header	Type	Required	Description
`X-API-KEY`	string	Yes	API authentication key
`Content-Type`	string	Yes	Must be `multipart/form-data`

Request Body

The request must be a multipart form-data upload containing a single image file.

Note: Only the first file in the request body will be processed. Any additional files will be ignored.

Parameter	Type	Required	Description
File	file	Yes	The icon image file to upload. Must include a `Content-Type` header set to one of: `image/png`, `image/jpeg`, or `image/jpg`

Example Request

POST /company/icon
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345
Content-Type: multipart/form-data; boundary=----WebKitFormBoundary7MA4YWxkTrZu0gW

------WebKitFormBoundary7MA4YWxkTrZu0gW
Content-Disposition: form-data; name="file"; filename="icon.png"
Content-Type: image/png

[Binary file content]
------WebKitFormBoundary7MA4YWxkTrZu0gW--

Response

Success Response

HTTP/1.1 200 OK

Empty response body indicates successful icon upload.

Error Responses

The API will return 400 Bad Request in the following cases:

Content-Type header is missing from the request
File Content-Type is missing or not one of the allowed image types
The request couldn’t be processed

For other error responses, see the response status codes documentation.

Delete company icon
DELETE /company/icon

Remove the company icon. This action permanently deletes the icon from the company profile.

Request Headers

Header	Type	Required	Description
`X-API-KEY`	string	Yes	API authentication key

Example Request

DELETE /company/icon
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345

Response

Success Response

HTTP/1.1 200 OK

Empty response body indicates successful icon deletion.

For errors responses, see the response status codes documentation.

Update company
PUT /company

Update company information including name, usage purpose, and time zone settings. This endpoint allows modification of company profile details.

Note: To retrieve a list of available IANA time zones, use the Get timezones endpoint.

Request Headers

Header	Type	Required	Description
`X-API-KEY`	string	Yes	API authentication key
`Content-Type`	string	Yes	Must be `application/json`

Request Body Parameters

Parameter	Type	Required	Description
`companyName`	string	Yes	The company name. Must be a valid company name format.
`usagePurpose`	number	Yes	The primary usage purpose for the company. Must be a valid enum value. Valid values: `0` (Locations), `1` (Stores), `2` (Sites), `3` (Machines), `4` (Plants), `5` (Vehicles), `6` (Other), `7` (Processes)
`usagePurposeObjectName`	string	Conditional	Required when `usagePurpose` is `6` (Other). Custom name for the audit object type
`ianaTimeZone`	string	Yes	IANA time zone identifier (e.g., “America/New_York”, “Europe/London”)

Usage Purpose Values

Value	Description
`0`	Locations
`1`	Stores
`2`	Sites
`3`	Machines
`4`	Plants
`5`	Vehicles
`6`	Other
`7`	Processes

Example Request

PUT /company
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345
Content-Type: application/json

{
  "companyName": "Example Company",
  "usagePurpose": 0,
  "ianaTimeZone": "America/New_York"
}

Example Request (Other Usage Purpose)

PUT /company
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345
Content-Type: application/json

{
  "companyName": "Example Company",
  "usagePurpose": 6,
  "usagePurposeObjectName": "Facility",
  "ianaTimeZone": "America/Los_Angeles"
}

Response

Success Response

HTTP/1.1 200 OK

Empty response body indicates successful company update.

For errors responses, see the response status codes documentation.

Corrective Actions

Get pending corrective actions list
GET /corrective-actions/pending

Retrieve a paginated list of pending corrective actions within the organization. This endpoint enables filtering results by various criteria and provides comprehensive details about each corrective action requiring attention.

Note: To retrieve a list of available IANA time zones, use the Get timezones endpoint.

Query Parameters

Parameter	Type	Required	Description
auditId	string	No	Filter by specific audit ID
templateId	string	No	Filter by audit template ID
auditObjectId	string	No	Filter by audit object ID
assignedToId	string	No	Filter by assigned user ID
assignedToGroupId	string	No	Filter by assigned user group ID
pageNumber	integer	No	Page number for pagination (starts from 1)
pageSize	integer	No	Number of items per page

Note: This method will return an empty data list if the requested page does not exist.

Example Request

GET /corrective-actions/pending?pageNumber=1&pageSize=10&assignedToId=123e4567-e89b-12d3-a456-426614174000
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345

Response

Status Codes

0 - Open
1 - Approved
2 - Rejected
3 - Submitted
4 - Expired

Priority Levels

0 - Low
1 - Medium
2 - High

Success Response

HTTP/1.1 200 OK
Content-Type: application/json

{
  "data": [
    {
      "id": "567890kl-mnop-123c-defg-234567890123",
      "assignedUsers": [
        {
          "id": "987fcdeb-51d2-43e8-b456-426614174001",
          "name": "John Smith"
        }
      ],
      "audit": {
        "id": "789012mn-opqr-345e-fghi-456789012345",
        "name": "Safety Inspection",
        "ianaTimeZone": "America/New_York",
        "number": "AUD-2024-001"
      },
      "createdBy": {
        "id": "456e7890-e89b-12d3-a456-426614174002",
        "name": "Jane Manager"
      },
      "auditObject": {
        "id": "234567890-abcd-efgh-ijkl-mnopqrstuvwx",
        "name": "Main Production Floor"
      },
      "status": 0,
      "priority": 1,
      "createdAtUtc": "2024-01-15T10:30:00.000Z",
      "dueDateUtc": "2024-02-01T17:00:00.000Z",
      "name": "Fix Safety Guard",
      "number": "CA-2024-001"
    }
  ],
  "meta": {
    "pageNumber": 1,
    "pageSize": 10,
    "totalCount": 1
  }
}

For errors responses, see the response status codes documentation.

Get corrective action details
GET /corrective-actions/{id}

Retrieve detailed information about a specific corrective action, including its status, assignees, files, and related audit information.

Note: To retrieve a list of available IANA time zones, use the Get timezones endpoint.

Request Headers

Header	Type	Required	Description
`X-API-KEY`	string	Yes	API authentication key

Path Parameters

Parameter	Type	Required	Description
`id`	string	Yes	Unique identifier of the corrective action

Example Request

GET /corrective-actions/123e4567-e89b-12d3-a456-426614174000
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345

Response

Status Values

Value	Status	Description
`0`	Open	Corrective action is open and pending work
`1`	Approved	Corrective action has been approved
`2`	Rejected	Corrective action has been rejected
`3`	Submitted	Corrective action has been submitted for review
`4`	Expired	Corrective action has expired without completion

Priority Values

Value	Priority	Description
`0`	Low	Low priority corrective action
`1`	Medium	Medium priority corrective action
`2`	High	High priority corrective action

Success Response

HTTP/1.1 200 OK
Content-Type: application/json

{
   "answer": {
      "name": "Fire extinguisher inspection",
      "points": 5,
      "text": "Fire extinguisher is missing from designated location",
      "number": 3,
      "isFailed": true
   },
   "approvedAtUtc": "2023-11-15T14:30:22.123Z",
   "approvedBy": {
        "id": "a8f3d2c1-b4e5-4f6g-9h8i-1j2k3l4m5n6o", 
        "name": "Sarah Johnson"
      },
   "assignedUsers": [
      {
         "id": "b9e4c3d2-c5f6-5g7h-0i9j-2k3l4m5n6o7p",
         "name": "Mike Rodriguez"
      }
   ],
   "audit": {
      "id": "c0f5d4e3-d6g7-6h8i-1j0k-3l4m5n6o7p8q",
      "name": "Monthly Safety Inspection - Building A",
      "ianaTimeZone": "America/New_York"
   },
   "auditItemId": "d1g6e5f4-e7h8-7i9j-2k1l-4m5n6o7p8q9r",
   "auditObject": {
      "id": "e2h7f6g5-f8i9-8j0k-3l2m-5n6o7p8q9r0s",
      "name": "Building A - First Floor"
   },
   "createdAtUtc": "2023-10-31T11:05:37.688Z",
   "createdBy": {
      "id": "f3i8g7h6-g9j0-9k1l-4m3n-6o7p8q9r0s1t",
      "name": "John Smith"
   },
   "description": "Replace missing fire extinguisher in hallway near conference room 101",
   "dueDateUtc": "2023-11-01T06:59:59.000Z",
   "expiredAtUtc": "2023-11-03T06:59:59.000Z",
   "expiredBy": {
      "id": "g4j9h8i7-h0k1-0l2m-5n4o-7p8q9r0s1t2u",
      "name": "Lisa Chen"
   },
   "id": "h5k0i9j8-i1l2-1m3n-6o5p-8q9r0s1t2u3v",
   "information": {
      "text": "Fire extinguisher has been ordered and will be installed by facilities team",
      "photosIds": [
         "i6l1j0k9-j2m3-2n4o-7p6q-9r0s1t2u3v4w"
      ],
      "files": [
         {
            "id": "j7m2k1l0-k3n4-3o5p-8q7r-0s1t2u3v4w5x",
            "name": "fire_extinguisher_order_receipt.pdf",
            "contentType": "application/pdf",
            "updatedAt": "2023-11-02T09:15:33.456Z"
         }
      ]
   },
   "name": "Fire Extinguisher Replacement",
   "number": "CA-2023-001",
   "priority": 2,
   "question": "Is the fire extinguisher present and accessible?",
   "status": 3,
   "tags": [
      {
         "id": "k8n3l2m1-l4o5-4p6q-9r8s-1t2u3v4w5x6y",
         "name": "Fire Safety"
      }
   ],
   "files": [
      {
         "id": "l9o4m3n2-m5p6-5q7r-0s9t-2u3v4w5x6y7z",
         "name": "corrective_action_photos.jpg",
         "contentType": "image/jpeg",
         "updatedAt": "2023-10-31T11:05:37.688Z"
      }
   ]
}

For errors responses, see the response status codes documentation.

Update corrective action details
PUT /corrective-actions/{id}

Update the details of an existing corrective action. This endpoint enables modifying corrective action properties including assignments, due dates, status, and priority levels.

Parameters

Parameter	Type	Required	Description
id	string	Yes	The unique identifier of the corrective action to update
assignedUsersIds	array[string]	No	Array of user IDs to assign the corrective action to
description	string	No	Detailed description of the corrective action
name	string	Yes	Name/title of the corrective action
dueDateUtc	string	Yes	Due date in UTC format (`yyyy-MM-ddTHH:mm:ss.fffZ`)
status	integer	Yes	Status code (0=Open, 1=Approved, 2=Rejected, 3=Submitted, 4=Expired)
priority	integer	Yes	Priority level (0=Low, 1=Medium, 2=High)

Example Request

PUT /corrective-actions/{id}
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345
Content-Type: application/json

{
  "assignedUsersIds": ["123e4567-e89b-12d3-a456-426614174000", "987fcdeb-51d2-43e8-b456-426614174001"],
  "description": "Replace damaged safety equipment and conduct training",
  "name": "Safety Equipment Replacement",
  "dueDateUtc": "2024-02-15T17:00:00.000Z",
  "status": 3,
  "priority": 2
}

Response

Status Codes

0 - Open
1 - Approved
2 - Rejected
3 - Submitted
4 - Expired

Priority Levels

0 - Low
1 - Medium
2 - High

Success Response

HTTP/1.1 200 OK

Empty response body indicates successful corrective action update.

For errors responses, see the response status codes documentation.

Delete corrective action
DELETE /corrective-actions/{id}

Delete a specific corrective action by its unique identifier. This endpoint permanently removes the corrective action from the system.

Request Headers

Header	Type	Required	Description
`X-API-KEY`	string	Yes	API authentication key

Path Parameters

Parameter	Type	Required	Description
`id`	uuid	Yes	The unique identifier of the corrective action to delete

Example Request

DELETE /corrective-actions/123e4567-e89b-12d3-a456-426614174000
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345

Response

Success Response

HTTP/1.1 200 OK

Empty response body indicates successful deletion of the corrective action.

For errors responses, see the response status codes documentation.

Get expired corrective actions list
GET /corrective-actions/expired

Retrieve a paginated list of expired corrective actions within your organization. This endpoint provides access to corrective actions that have passed their due dates without completion, helping track overdue items.

Note: To retrieve a list of available IANA time zones, use the Get timezones endpoint.

Query Parameters

Parameter	Type	Required	Description
auditId	string	No	Filter by specific audit ID
templateId	string	No	Filter by audit template ID
auditObjectId	string	No	Filter by audit object ID
assignedToId	string	No	Filter by assigned user ID
assignedToGroupId	string	No	Filter by assigned user group ID
fromDate	string	No	Filter by due date from (UTC format: `yyyy-MM-ddTHH:mm:ss.fffZ`)
toDate	string	No	Filter by due date to (UTC format: `yyyy-MM-ddTHH:mm:ss.fffZ`)
pageNumber	integer	No	Page number for pagination (starts from 1)
pageSize	integer	No	Number of items per page

Note: This method will return an empty data list if the requested page does not exist.

Example Request

GET /corrective-actions/expired?pageNumber=1&pageSize=10
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345

Response

Status Codes

0 - Open
1 - Approved
2 - Rejected
3 - Submitted
4 - Expired

Priority Levels

0 - Low
1 - Medium
2 - High

Success Response

HTTP/1.1 200 OK
Content-Type: application/json

{
  "data": [
    {
      "id": "567890kl-mnop-123c-defg-234567890123",
      "name": "Update Safety Signage",
      "number": "CA-2024-003",
      "assignedUsers": [
        {
          "id": "123e4567-e89b-12d3-a456-426614174000",
          "name": "Bob Maintenance"
        }
      ],
      "audit": {
        "id": "789012mn-opqr-345e-fghi-456789012345",
        "name": "Facility Safety Audit",
        "ianaTimeZone": "America/New_York",
        "number": "AUD-2024-003"
      },
      "createdBy": {
        "id": "456e7890-e89b-12d3-a456-426614174002",
        "name": "Alice Inspector"
      },
      "auditObject": {
        "id": "234567890-abcd-efgh-ijkl-mnopqrstuvwx",
        "name": "Building B Entrance"
      },
      "status": 4,
      "priority": 1,
      "createdAtUtc": "2024-01-05T08:00:00.000Z",
      "dueDateUtc": "2024-01-20T17:00:00.000Z",
      "expiredBy": {
        "id": "000000000-0000-0000-0000-000000000000",
        "name": "System Auto-Expire"
      },
      "expiredAtUtc": "2024-01-21T00:00:00.000Z"
    }
  ],
  "meta": {
    "pageNumber": 1,
    "pageSize": 10,
    "totalCount": 1
  }
}

For errors responses, see the response status codes documentation.

Get completed corrective actions list
GET /corrective-actions/completed

Retrieve a paginated list of completed corrective actions within your organization. This endpoint provides access to all approved corrective actions with detailed information about their completion status and approval details.

Note: To retrieve a list of available IANA time zones, use the Get timezones endpoint.

Query Parameters

Parameter	Type	Required	Description
auditId	string	No	Filter by specific audit ID
templateId	string	No	Filter by audit template ID
auditObjectId	string	No	Filter by audit object ID
assignedToId	string	No	Filter by assigned user ID
approvedById	string	No	Filter by approver user ID
assignedToGroupId	string	No	Filter by assigned user group ID
fromDate	string	No	Filter by due date from (UTC format: `yyyy-MM-ddTHH:mm:ss.fffZ`)
toDate	string	No	Filter by due date to (UTC format: `yyyy-MM-ddTHH:mm:ss.fffZ`)
pageNumber	integer	No	Page number for pagination (starts from 1)
pageSize	integer	No	Number of items per page

Note: This method will return an empty data list if the requested page does not exist.

Example Request

GET /corrective-actions/completed?pageNumber=1&pageSize=10&approvedById=123e4567-e89b-12d3-a456-426614174000
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345

Response

Status Codes

0 - Open
1 - Approved
2 - Rejected
3 - Submitted
4 - Expired

Priority Levels

0 - Low
1 - Medium
2 - High

Success Response

HTTP/1.1 200 OK
Content-Type: application/json

{
  "data": [
    {
      "id": "678901lm-nopq-234d-efgh-345678901234",
      "name": "Replace Safety Equipment",
      "number": "CA-2024-002",
      "assignedUsers": [
        {
          "id": "456e7890-e89b-12d3-a456-426614174002",
          "name": "Mike Wilson"
        }
      ],
      "audit": {
        "id": "890123no-pqrs-456f-ghij-567890123456",
        "name": "Monthly Safety Check",
        "ianaTimeZone": "America/New_York",
        "number": "AUD-2024-002"
      },
      "createdBy": {
        "id": "987fcdeb-51d2-43e8-b456-426614174001",
        "name": "Sarah Supervisor"
      },
      "auditObject": {
        "id": "345678901-bcde-fghi-jklm-nopqrstuvwxy",
        "name": "Warehouse Section A"
      },
      "status": 1,
      "priority": 0,
      "createdAtUtc": "2024-01-10T09:00:00.000Z",
      "dueDateUtc": "2024-01-25T17:00:00.000Z",
      "approvedBy": {
        "id": "123e4567-e89b-12d3-a456-426614174000",
        "name": "Jane Manager"
      },
      "approvedAtUtc": "2024-01-24T14:30:00.000Z"
    }
  ],
  "meta": {
    "pageNumber": 1,
    "pageSize": 10,
    "totalCount": 1
  }
}

For errors responses, see the response status codes documentation.

Audit object attributes

Get Audit Object Attributes List
GET /audit/objects/attributes/all

Retrieve a complete list of all audit object attributes available in your organization. This endpoint provides comprehensive attribute data including all available options for each attribute.

Example Request

GET /audit/objects/attributes/all
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345

Response

Success Response

HTTP/1.1 200 OK
Content-Type: application/json

[
  {
    "options": [
      {
        "isDefault": true,
        "name": "Manufacturing",
        "id": "678901bc-defa-2345-6789-01bcdef12345"
      },
      {
        "isDefault": false,
        "name": "Warehouse",
        "id": "789012cd-efab-3456-789a-12cdef123456"
      }
    ],
    "name": "Department",
    "id": "890123de-fghi-4567-890a-bcdef1234567"
  },
  {
    "options": [
      {
        "isDefault": false,
        "name": "High",
        "id": "901234ef-ghij-5678-90ab-cdef12345678"
      },
      {
        "isDefault": true,
        "name": "Medium",
        "id": "012345fg-hijk-6789-01bc-def123456789"
      },
      {
        "isDefault": false,
        "name": "Low",
        "id": "123456gh-ijkl-789a-bcde-f12345678901"
      }
    ],
    "name": "Risk Level",
    "id": "234567hi-jklm-890a-bcde-f12345678902"
  }
]

For errors responses, see the response status codes documentation.

Get Audit Object Attribute Details
GET /audit/objects/attributes/{id}

Retrieve detailed information about a specific audit object attribute, including all its available options and settings. This endpoint provides comprehensive attribute configuration data.

Parameters

Parameter	Type	Required	Description
id	string	Yes	The unique identifier of the audit object attribute

Example Request

GET /audit/objects/attributes/890123de-fghi-4567-890a-bcdef1234567
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345

Response

Success Response

HTTP/1.1 200 OK
Content-Type: application/json

{
  "options": [
    {
      "isDefault": true,
      "name": "High Priority",
      "id": "678901bc-defa-2345-6789-01bcdef12345"
    },
    {
      "isDefault": false,
      "name": "Medium Priority",
      "id": "789012cd-efab-3456-789a-12cdef123456"
    },
    {
      "isDefault": false,
      "name": "Low Priority",
      "id": "901234ef-ghij-5678-90ab-cdef12345678"
    }
  ],
  "name": "Priority Level",
  "id": "890123de-fghi-4567-890a-bcdef1234567"
}

For errors responses, see the response status codes documentation.

Create Audit Object Attribute
POST /audit/objects/attributes

Create a new audit object attribute with multiple options. This endpoint enables defining custom attributes that can be assigned to audit objects for better categorization and filtering. At least one option must be provided, and the first option marked as default will be the default value.

Parameters

Parameter	Type	Required	Description
name	string	Yes	The name of the attribute
options	array[object]	Yes	Array of available options (minimum 1 required)
options[].name	string	Yes	The name of the option
options[].isDefault	boolean	No	Whether this option is the default selection

Example Request

POST /audit/objects/attributes
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345
Content-Type: application/json

{
  "name": "Equipment Type",
  "options": [
    {
      "isDefault": true,
      "name": "Heavy Machinery"
    },
    {
      "isDefault": false,
      "name": "Safety Equipment"
    },
    {
      "isDefault": false,
      "name": "Measuring Instruments"
    }
  ]
}

Response

Success Response

HTTP/1.1 200 OK
Content-Type: application/json

{
  "id": "345678ij-klmn-901a-bcde-f12345678903"
}

For errors responses, see the response status codes documentation.

Update Audit Object Attribute
PUT /audit/objects/attributes/{id}

Update an existing audit object attribute and its options. This endpoint enables modifying attribute names, adding new options, updating existing options, or removing options. Options with IDs will be updated, options without IDs will be created, and options not included in the request will be deleted.

Parameters

Parameter	Type	Required	Description
id	string	Yes	The unique identifier of the audit object attribute to update
name	string	Yes	The updated name of the attribute
options	array[object]	Yes	Array of options (minimum 1 required)
options[].name	string	Yes	The name of the option
options[].isDefault	boolean	No	Whether this option is the default selection
options[].id	string	No	The ID of existing option to update (omit for new options)

Example Request

PUT /audit/objects/attributes/{id}
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345
Content-Type: application/json

{
  "name": "Updated Equipment Type",
  "options": [
    {
      "isDefault": true,
      "name": "Heavy Machinery",
      "id": "678901bc-defa-2345-6789-01bcdef12345"
    },
    {
      "isDefault": false,
      "name": "Safety Equipment",
      "id": "789012cd-efab-3456-789a-12cdef123456"
    },
    {
      "isDefault": false,
      "name": "Electronic Equipment"
    }
  ]
}

Response

Success Response

HTTP/1.1 200 OK

Empty response body indicates successful attribute update.

Note: Options not included in the request will be permanently deleted, along with any audit object assignments using those options.

For errors responses, see the response status codes documentation.

Delete Audit Object Attribute
DELETE /audit/objects/attributes

Delete multiple audit object attributes permanently. This endpoint removes attributes and all associated audit object assignments. Use with caution as this action cannot be undone.

Parameters

Parameter	Type	Required	Description
ids	array[string]	Yes	Array of audit object attribute IDs to be deleted

Example Request

DELETE /audit/objects/attributes
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345
Content-Type: application/json

{
  "ids": [
    "890123de-fghi-4567-890a-bcdef1234567",
    "901234ef-ghij-5678-90ab-cdef12345678",
    "012345fg-hijk-6789-01bc-def123456789"
  ]
}

Response

Success Response

HTTP/1.1 200 OK

Empty response body indicates successful deletion of specified attributes and their assignments.

For errors responses, see the response status codes documentation.

Webhook Log

Get webhooks log
GET /webhooks/status

Retrieve a paginated history of executed webhooks, including their status, response codes, and any error messages. This endpoint helps monitor webhook delivery and troubleshoot integration issues.

Query Parameters

Parameter	Type	Required	Description
pageNumber	integer	No	Page number for pagination (starts from 1)
pageSize	integer	No	Number of items per page

Example Request

GET /webhooks/status?pageNumber=1&pageSize=20
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345

Response

Webhook Command Types

0 - Audit
1 - Corrective Action
2 - Audit Template

Success Response

HTTP/1.1 200 OK
Content-Type: application/json

{
  "data": [
    {
      "createdAtUtc": "2024-06-06T10:34:26.493Z",
      "errorMessage": "Connection timeout",
      "webhookCommandType": 0,
      "httpStatusCode": 404,
      "webhookUrl": "https://your-webhook-endpoint.com/audit",
      "webhookEvent": "AUDIT_ASSIGNED"
    },
    {
      "createdAtUtc": "2024-06-06T09:15:12.156Z",
      "errorMessage": null,
      "webhookCommandType": 1,
      "httpStatusCode": 200,
      "webhookUrl": "https://your-webhook-endpoint.com/corrective-action",
      "webhookEvent": "CORRECTIVE_ACTION_CREATED"
    }
  ],
  "meta": {
    "pageNumber": 1,
    "pageSize": 20,
    "totalCount": 150
  }
}

For errors responses, see the response status codes documentation.

Roles

Role Permissions Reference

This reference document provides detailed descriptions of all available permissions for each role type in the MonitorQA system. Permissions use Google IAM-style string constants (e.g., audits.do, audits.manage). Use this reference when configuring role permissions through the Create Role and Update Role endpoints.

Admin Role Permissions (roleType: 0)

Admin roles have access to all system permissions, providing complete control over the MonitorQA platform.

Permission String	Description
`audits.do`	Ability to perform and complete audits as an auditor
`audits.assign`	Authority to assign audits to other users and manage audit assignments
`audits.manage`	Full management capabilities for audits including creation, modification, and deletion
`audits.schedule`	Permission to create and manage audit schedules and recurring audit plans
`audits.createInstant`	Ability to create immediate, unscheduled audits for urgent situations
`audits.viewResults`	Access to view completed audit results, findings, and outcomes
`correctiveActions.manage`	Full management of corrective actions including creation, assignment, and tracking
`correctiveActions.approve`	Authority to approve or reject proposed corrective actions
`correctiveActions.assign`	Permission to assign corrective actions to responsible parties
`correctiveActions.do`	Ability to execute and complete assigned corrective actions
`correctiveActions.view`	Access to view corrective action details, status, and progress
`auditObjects.manage`	Full management of audit objects (locations, equipment, processes being audited)
`auditTemplates.manage`	Authority to create, modify, and delete audit templates and question sets
`users.manage`	Complete user management including creation, modification, role assignment, and deactivation
`tags.manage`	Management of tags used for categorizing and organizing audits and objects
`roles.manage`	Authority to create, modify, and delete user roles and their permissions
`scoreSystems.manage`	Management of scoring systems and criteria used in audit evaluations
`billing.manage`	Access to billing information, subscription management, and payment settings
`generalSetup.manage`	Authority to modify system-wide settings and general configuration
`auditObjects.accessNonParticipant`	Ability to access and audit objects even when not directly assigned as a participant
`issueTypes.manage`	Management of issue types and categories used in audit findings
`issues.delete`	Authority to permanently delete issues identified during audits
`issues.edit`	Permission to modify existing issues, their details, and categorization
`issues.changeStatus`	Ability to update the status of issues (open, in progress, resolved, etc.)
`issues.view`	Access to view issues identified during audits and their current status
`reports.viewSummary`	Access to high-level summary reports and dashboard analytics
`reports.viewAuditPerformance`	Detailed reports on audit performance metrics and completion rates
`reports.viewAuditorPerformance`	Performance analytics for individual auditors and their effectiveness
`reports.viewAuditObjectPerformance`	Performance reports for specific audit objects and their compliance history
`reports.viewItemAnalysis`	Detailed analysis reports on specific audit items and question performance
`dataExports.accessCustom`	Permission to export custom data sets and create specialized reports

Auditor Role Permissions (roleType: 1)

Auditor roles are designed for users who primarily conduct audits and manage audit-related activities.

Permission String	Description
`audits.do`	Ability to perform and complete audits as an auditor
`audits.assign`	Authority to assign audits to other users and manage audit assignments
`audits.createInstant`	Ability to create immediate, unscheduled audits for urgent situations
`audits.viewResults`	Access to view completed audit results, findings, and outcomes
`correctiveActions.approve`	Authority to approve or reject proposed corrective actions
`correctiveActions.assign`	Permission to assign corrective actions to responsible parties
`correctiveActions.do`	Ability to execute and complete assigned corrective actions
`correctiveActions.view`	Access to view corrective action details, status, and progress
`auditObjects.accessNonParticipant`	Ability to access and audit objects even when not directly assigned as a participant
`issues.edit`	Permission to modify existing issues, their details, and categorization
`issues.changeStatus`	Ability to update the status of issues (open, in progress, resolved, etc.)
`issues.view`	Access to view issues identified during audits and their current status
`reports.viewSummary`	Access to high-level summary reports and dashboard analytics
`reports.viewAuditPerformance`	Detailed reports on audit performance metrics and completion rates
`reports.viewAuditorPerformance`	Performance analytics for individual auditors and their effectiveness
`reports.viewAuditObjectPerformance`	Performance reports for specific audit objects and their compliance history
`reports.viewItemAnalysis`	Detailed analysis reports on specific audit items and question performance

Auditee Role Permissions (roleType: 2)

Auditee roles are for users who are subject to audits and responsible for responding to findings and implementing corrective actions.

Permission String	Description
`audits.viewResults`	Access to view completed audit results, findings, and outcomes relevant to their area
`correctiveActions.do`	Ability to execute and complete assigned corrective actions
`correctiveActions.view`	Access to view corrective action details, status, and progress for their assigned actions
`auditObjects.accessNonParticipant`	Limited ability to access audit objects outside their direct responsibility when relevant

Observer Role Permissions (roleType: 3)

Observer roles provide read-only access to audit information and reports, suitable for stakeholders who need visibility without operational involvement.

Permission String	Description
`audits.viewResults`	Access to view completed audit results, findings, and outcomes
`correctiveActions.view`	Access to view corrective action details, status, and progress
`auditObjects.accessNonParticipant`	Ability to view audit objects and their information for monitoring purposes
`issues.view`	Access to view issues identified during audits and their current status
`reports.viewSummary`	Access to high-level summary reports and dashboard analytics
`reports.viewAuditPerformance`	Detailed reports on audit performance metrics and completion rates
`reports.viewAuditorPerformance`	Performance analytics for individual auditors and their effectiveness
`reports.viewAuditObjectPerformance`	Performance reports for specific audit objects and their compliance history
`reports.viewItemAnalysis`	Detailed analysis reports on specific audit items and question performance

Usage Notes

Permission Format: Permissions use Google IAM-style string constants with dot notation (e.g., audits.do, users.manage)
Permission Hierarchy: Admin roles include all permissions available to other role types, plus additional management capabilities
Role-Specific Permissions: Each role type has its own set of available permissions. Use only permissions valid for the specific role type
Conditional Access: Some permissions may have additional business logic restrictions based on user assignments and object relationships
Scalability: Observer roles are ideal for executives and stakeholders who need visibility without operational permissions

Get Roles list
GET /roles

Retrieve a list of all available roles within your company. This endpoint provides role information including IDs, names, and role types, which is essential for user management and permission assignment.

Example Request

GET /roles
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345

Response

Role Types

0 - Admin
1 - Auditor
2 - Auditee
3 - Observer

Success Response

HTTP/1.1 200 OK
Content-Type: application/json

[
  {
    "id": "123456gh-ijkl-789a-bcde-f12345678901",
    "name": "System Administrator",
    "roleType": 0
  },
  {
    "id": "234567hi-jklm-890a-bcde-f12345678902",
    "name": "Senior Auditor",
    "roleType": 1
  },
  {
    "id": "345678ij-klmn-901a-bcde-f12345678903",
    "name": "Department Manager",
    "roleType": 2
  },
  {
    "id": "456789jk-lmno-012b-cdef-123456789012",
    "name": "Quality Observer",
    "roleType": 3
  }
]

For errors responses, see the response status codes documentation.

Get Role Details
GET /roles/{id}

Retrieve detailed information about a specific role within a company. This endpoint provides complete role information including ID, name, description, role type, and all enabled permissions.

Parameters

Parameter	Type	Required	Description
id	Guid	Yes	The unique identifier of the role (path parameter)

Example Request

GET /roles/123456ab-cdef-789a-bcde-f12345678901
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345

Response

Success Response

HTTP/1.1 200 OK
Content-Type: application/json

{
  "id": "123456ab-cdef-789a-bcde-f12345678901",
  "name": "System Administrator",
  "description": "Full system administrator with all permissions",
  "roleType": 0,
  "permissions": ["audits.do", "audits.viewResults", "auditObjects.accessNonParticipant", "reports.viewSummary", "dataExports.accessCustom"]
}

Response Fields

Field	Type	Description
id	Guid	The unique identifier of the role
name	string	The name of the role
description	string	The description of the role
roleType	int	The type of role. Values: `0` (Admin), `1` (Auditor), `2` (Auditee), `3` (Observer)
permissions	array	Array of enabled permission string constants. The permission strings correspond to the role type (see Role Permissions Reference)

Role Types

0 - Admin
1 - Auditor
2 - Auditee
3 - Observer

Permission Strings

The permissions array contains string constants (Google IAM-style) that correspond to permissions for the role type:

Admin roles: Use admin permission strings (e.g., audits.do, users.manage)
Auditor roles: Use auditor permission strings (e.g., audits.do, audits.viewResults)
Auditee roles: Use auditee permission strings (e.g., audits.viewResults, correctiveActions.do)
Observer roles: Use observer permission strings (e.g., audits.viewResults, reports.viewSummary)

For detailed descriptions of each permission, see the Role Permissions Reference.

Example Response - Admin Role

HTTP/1.1 200 OK
Content-Type: application/json

{
  "id": "123456ab-cdef-789a-bcde-f12345678901",
  "name": "System Administrator",
  "description": "Full system administrator with all permissions",
  "roleType": 0,
  "permissions": ["audits.do", "audits.assign", "audits.manage", "audits.viewResults", "users.manage", "roles.manage", "reports.viewSummary"]
}

Example Response - Auditor Role

HTTP/1.1 200 OK
Content-Type: application/json

{
  "id": "234567hi-jklm-890a-bcde-f12345678902",
  "name": "Senior Quality Auditor",
  "description": "Senior auditor with expanded permissions",
  "roleType": 1,
  "permissions": ["audits.do", "audits.viewResults", "issues.view", "reports.viewSummary"]
}

Example Response - Auditee Role

HTTP/1.1 200 OK
Content-Type: application/json

{
  "id": "345678ij-klmn-901a-bcde-f12345678903",
  "name": "Department Auditee",
  "description": "Department representative for audit responses",
  "roleType": 2,
  "permissions": ["audits.viewResults", "correctiveActions.do", "correctiveActions.view"]
}

Example Response - Observer Role

HTTP/1.1 200 OK
Content-Type: application/json

{
  "id": "456789jk-lmno-012b-cdef-123456789012",
  "name": "Quality Observer",
  "description": "Read-only access to audit results and reports",
  "roleType": 3,
  "permissions": ["audits.viewResults", "correctiveActions.view", "issues.view", "reports.viewSummary"]
}

Error Responses

Role Not Found (404)

HTTP/1.1 404 Not Found

Returned when the specified role ID does not exist or does not belong to the company.

For errors responses, see the response status codes documentation.

Create Role
POST /roles

Create a new role within a company. This endpoint enables defining custom roles with specific permissions for any role type (Admin, Auditor, Auditee, or Observer).

Parameters

Parameter	Type	Required	Description
roleType	int	Yes	The type of role. Values: `0` (Admin), `1` (Auditor), `2` (Auditee), `3` (Observer)
name	string	Yes	The name of the role
description	string	No	A description of the role
permissions	array	No	Array of permission strings. All permissions in the array will be enabled. If not provided, the role will be created without permissions
permissions[]	string	Yes	The permission string constant (e.g., `audits.do`, `users.manage`). Must be valid for the specified role type. See Role Permissions Reference for detailed descriptions

Role Types

0 - Admin
1 - Auditor
2 - Auditee
3 - Observer

Example Request - Admin Role

POST /roles
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345
Content-Type: application/json

{
  "roleType": 0,
  "name": "System Administrator",
  "description": "Full system administrator with all permissions",
  "permissions": ["audits.do", "audits.viewResults", "users.manage", "roles.manage"]
}

Example Request - Auditor Role

POST /roles
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345
Content-Type: application/json

{
  "roleType": 1,
  "name": "Senior Quality Auditor",
  "description": "Senior auditor with expanded permissions for quality management",
  "permissions": ["audits.do", "audits.viewResults", "issues.view"]
}

Example Request - Auditee Role

POST /roles
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345
Content-Type: application/json

{
  "roleType": 2,
  "name": "Department Auditee",
  "description": "Department representative for audit responses and corrective actions",
  "permissions": ["audits.viewResults", "correctiveActions.do", "correctiveActions.view"]
}

Example Request - Observer Role

POST /roles
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345
Content-Type: application/json

{
  "roleType": 3,
  "name": "Quality Observer",
  "description": "Read-only access to audit results and reports",
  "permissions": ["audits.viewResults", "correctiveActions.view", "issues.view", "reports.viewSummary"]
}

Example Request - Role Without Permissions

POST /roles
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345
Content-Type: application/json

{
  "roleType": 0,
  "name": "Basic Admin Role",
  "description": "Admin role without specific permissions"
}

Response

Success Response

HTTP/1.1 200 OK
Content-Type: application/json

{
  "id": "123456ab-cdef-789a-bcde-f12345678901"
}

For errors responses, see the response status codes documentation.

Validation Rules

The following validation rules are enforced when creating roles:

Role Type: Required and must be a valid role type (0-3)
Role Name: Required and cannot be empty
Permissions: Optional. If provided, permission strings must be valid permission constants for the specified role type. See Role Permissions Reference for the complete list of available permissions for each role type

Note: Requests that violate these rules will return a 400 Bad Request with detailed validation error messages.

Permission Guidelines

Each role type has its own set of available permissions:

Admin roles (roleType: 0): 31 permissions available, including full system control, user management, billing, and all operational permissions
Auditor roles (roleType: 1): 17 permissions available, focused on audit execution, issue management, corrective action oversight, and performance reporting
Auditee roles (roleType: 2): 4 permissions available, for viewing audit results, executing corrective actions, and limited object access
Observer roles (roleType: 3): 9 permissions available, providing read-only access to audits, issues, corrective actions, and all reports

For detailed descriptions of each permission, see the Role Permissions Reference.

Update Role
PUT /roles/{id}

Update an existing role within a company. This endpoint enables updating the name, description, and permissions of any role type (Admin, Auditor, Auditee, or Observer).

Parameters

Parameter	Type	Required	Description
id	Guid	Yes	The unique identifier of the role to update (path parameter)
roleType	int	Yes	The type of role. Values: `0` (Admin), `1` (Auditor), `2` (Auditee), `3` (Observer)
name	string	Yes	The name of the role
description	string	No	A description of the role
permissions	array	No	Array of permission strings. All permissions in the array will be enabled. If not provided, all existing permissions will be removed from the role
permissions[]	string	Yes	The permission string constant (e.g., `audits.do`, `users.manage`). Must be valid for the specified role type. See Role Permissions Reference for detailed descriptions

Role Types

0 - Admin
1 - Auditor
2 - Auditee
3 - Observer

Example Request - Admin Role

PUT /roles/123456ab-cdef-789a-bcde-f12345678901
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345
Content-Type: application/json

{
  "roleType": 0,
  "name": "System Administrator",
  "description": "Full system administrator with all permissions",
  "permissions": ["audits.do", "audits.viewResults", "users.manage", "roles.manage"]
}

Example Request - Auditor Role

PUT /roles/234567hi-jklm-890a-bcde-f12345678902
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345
Content-Type: application/json

{
  "roleType": 1,
  "name": "Senior Quality Auditor",
  "description": "Senior auditor with expanded permissions for quality management",
  "permissions": ["audits.do", "audits.viewResults", "issues.view"]
}

Example Request - Auditee Role

PUT /roles/345678ij-klmn-901a-bcde-f12345678903
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345
Content-Type: application/json

{
  "roleType": 2,
  "name": "Department Auditee",
  "description": "Department representative for audit responses and corrective actions",
  "permissions": ["audits.viewResults", "correctiveActions.do", "correctiveActions.view"]
}

Example Request - Observer Role

PUT /roles/456789jk-lmno-012b-cdef-123456789012
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345
Content-Type: application/json

{
  "roleType": 3,
  "name": "Quality Observer",
  "description": "Read-only access to audit results and reports",
  "permissions": ["audits.viewResults", "correctiveActions.view", "issues.view", "reports.viewSummary"]
}

Example Request - Remove All Permissions

To remove all permissions from a role, omit the permissions field:

PUT /roles/123456ab-cdef-789a-bcde-f12345678901
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345
Content-Type: application/json

{
  "roleType": 0,
  "name": "System Administrator",
  "description": "Updated description"
}

Response

Success Response

HTTP/1.1 200 OK

For errors responses, see the response status codes documentation.

Validation Rules

The following validation rules are enforced when updating roles:

Role Type: Required and must be a valid role type (0-3)
Role Name: Required and cannot be empty
Permissions: Optional. If not provided, all existing permissions will be removed from the role. If provided, permission strings must be valid permission constants for the specified role type. See Role Permissions Reference for the complete list of available permissions for each role type

Note: Requests that violate these rules will return a 400 Bad Request with detailed validation error messages.

Permission Guidelines

Each role type has its own set of available permissions:

Admin roles (roleType: 0): 31 permissions available, including full system control, user management, billing, and all operational permissions
Auditor roles (roleType: 1): 17 permissions available, focused on audit execution, issue management, corrective action oversight, and performance reporting
Auditee roles (roleType: 2): 4 permissions available, for viewing audit results, executing corrective actions, and limited object access
Observer roles (roleType: 3): 9 permissions available, providing read-only access to audits, issues, corrective actions, and all reports

For detailed descriptions of each permission, see the Role Permissions Reference.

Important Notes

Permission Removal: If the permissions field is omitted or set to null, all existing permissions for the role will be removed
Permission Replacement: When permissions are provided, they completely replace the existing permissions. The role will have exactly the permissions specified in the array
Role Type Consistency: The roleType in the request body must match the actual role type of the role being updated

Delete Roles
DELETE /roles

Delete one or multiple roles from your company. This endpoint accepts an array of role IDs to delete multiple roles in a single request.

Parameters

Parameter	Type	Required	Description
ids	uuid[]	Yes	Array of role IDs to delete

Example Request

DELETE /roles
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345
Content-Type: application/json

{
  "ids": [
    "123456ab-cdef-789a-bcde-f12345678901",
    "234567bc-defg-890b-cdef-123456789012",
    "345678cd-efgh-901c-def1-234567890123"
  ]
}

Single Role Deletion

DELETE /roles
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345
Content-Type: application/json

{
  "ids": [
    "123456ab-cdef-789a-bcde-f12345678901"
  ]
}

Response

Success Response

HTTP/1.1 200 OK
Content-Type: application/json

For errors responses, see the response status codes documentation.

Files

Get File
GET /files/{id}

Retrieve a file by its unique identifier. Files can include images, documents, and other attachments uploaded during audits or corrective actions.

Request Headers

Header	Type	Required	Description
`X-API-KEY`	string	Yes	API authentication key

Path Parameters

Parameter	Type	Required	Description
`id`	string	Yes	Unique identifier of the file

Query Parameters

Parameter	Type	Required	Description
`withWatermark`	boolean	No	Whether to apply watermark to image files (default: `false`). Returns original file if watermarking is disabled in template settings

Example Request

GET /files/123e4567-e89b-12d3-a456-426614174000?withWatermark=true
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345

Response

Success Response

HTTP/1.1 200 OK
Content-Type: [varies by file type]

[File content - binary or text based on file type]

For errors responses, see the response status codes documentation.

Time zones

Get timezones
GET /timezones

Retrieve a list of all available IANA time zones. The time zones are ordered by their UTC offset at the current time, with the most negative offsets (earliest time zones) appearing first.

Request Headers

Header	Type	Required	Description
`X-API-KEY`	string	Yes	API authentication key

Example Request

GET /timezones
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345

Response

Success Response

HTTP/1.1 200 OK
Content-Type: application/json

[
  {
    "ianaName": "Pacific/Midway",
    "text": "Pacific/Midway"
  },
  {
    "ianaName": "America/Adak",
    "text": "America/Adak"
  },
  {
    "ianaName": "America/Anchorage",
    "text": "America/Anchorage"
  },
  {
    "ianaName": "America/Los_Angeles",
    "text": "America/Los Angeles"
  },
  {
    "ianaName": "America/New_York",
    "text": "America/New York"
  },
  {
    "ianaName": "Europe/London",
    "text": "Europe/London"
  }
]

Response Fields

Field	Type	Description
`ianaName`	string	The IANA time zone identifier (e.g., “America/New_York”)
`text`	string	Human-readable time zone name with underscores replaced by spaces

The time zones are ordered by UTC offset (most negative to most positive) at the time of the request.

For errors responses, see the response status codes documentation.

Score systems

Get score systems
GET /score-systems

Retrieve a paginated list of score systems for the company. Score systems define how audit scores are calculated and displayed with labels and color coding.

Request Headers

Header	Type	Required	Description
`X-API-KEY`	string	Yes	API authentication key

Query Parameters

Parameter	Type	Required	Description
`pageNumber`	number	No	Page number (default: 1)
`pageSize`	number	No	Number of items per page (default: 10)
`search`	string	No	Search term to filter score systems by name

Example Request

GET /score-systems?pageNumber=1&pageSize=10
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345

Response

Success Response

HTTP/1.1 200 OK
Content-Type: application/json

{
  "data": [
    {
      "id": "123e4567-e89b-12d3-a456-426614174000",
      "name": "Standard Scoring",
      "description": "Standard scoring system for audits",
      "passedThreshold": 70,
      "scoreSystemType": 0,
      "isSample": false,
      "labels": [
        {
          "id": "789e4567-e89b-12d3-a456-426614174001",
          "label": "Poor",
          "min": 0,
          "max": 50,
          "color": "#FF0000"
        },
        {
          "id": "789e4567-e89b-12d3-a456-426614174002",
          "label": "Good",
          "min": 51,
          "max": 80,
          "color": "#FFFF00"
        },
        {
          "id": "789e4567-e89b-12d3-a456-426614174003",
          "label": "Excellent",
          "min": 81,
          "max": 100,
          "color": "#00FF00"
        }
      ]
    }
  ],
  "meta": {
    "pageSize": 10,
    "pageNumber": 1,
    "totalCount": 1
  }
}

Response Fields

Field	Type	Description
`data`	array	Array of score system objects
`data[].id`	uuid	Unique identifier of the score system
`data[].name`	string	Score system name
`data[].description`	string	Optional description of the score system
`data[].passedThreshold`	number	Optional threshold value for passing
`data[].scoreSystemType`	number	Score system type: `0` (ProportionToMaxScorePoints) or `1` (CountNotApplicableAsPositive)
`data[].isSample`	boolean	Whether this is a sample score system
`data[].labels`	array	Array of score labels
`data[].labels[].id`	uuid	Unique identifier of the label
`data[].labels[].label`	string	Label text
`data[].labels[].min`	number	Minimum score value for this label
`data[].labels[].max`	number	Maximum score value for this label
`data[].labels[].color`	string	Color code for this label
`meta`	object	Pagination metadata
`meta.pageSize`	number	Number of items per page
`meta.pageNumber`	number	Current page number
`meta.totalCount`	number	Total number of items available

For errors responses, see the response status codes documentation.

Get score system details
GET /score-systems/{id}

Retrieve detailed information about a specific score system including all its labels and configuration.

Request Headers

Header	Type	Required	Description
`X-API-KEY`	string	Yes	API authentication key

Path Parameters

Parameter	Type	Required	Description
`id`	uuid	Yes	Unique identifier of the score system

Example Request

GET /score-systems/123e4567-e89b-12d3-a456-426614174000
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345

Response

Success Response

HTTP/1.1 200 OK
Content-Type: application/json

{
  "id": "123e4567-e89b-12d3-a456-426614174000",
  "name": "Standard Scoring",
  "description": "Standard scoring system for audits",
  "passedThreshold": 70,
  "scoreSystemType": 0,
  "isSample": false,
  "labels": [
    {
      "id": "789e4567-e89b-12d3-a456-426614174001",
      "label": "Poor",
      "min": 0,
      "max": 50,
      "color": "#FF0000"
    },
    {
      "id": "789e4567-e89b-12d3-a456-426614174002",
      "label": "Good",
      "min": 51,
      "max": 80,
      "color": "#FFFF00"
    },
    {
      "id": "789e4567-e89b-12d3-a456-426614174003",
      "label": "Excellent",
      "min": 81,
      "max": 100,
      "color": "#00FF00"
    }
  ]
}

Response Fields

Field	Type	Description
`id`	uuid	Unique identifier of the score system
`name`	string	Score system name
`description`	string	Optional description of the score system
`passedThreshold`	number	Optional threshold value for passing
`scoreSystemType`	number	Score system type: `0` (ProportionToMaxScorePoints) or `1` (CountNotApplicableAsPositive)
`isSample`	boolean	Whether this is a sample score system
`labels`	array	Array of score labels
`labels[].id`	uuid	Unique identifier of the label
`labels[].label`	string	Label text
`labels[].min`	number	Minimum score value for this label
`labels[].max`	number	Maximum score value for this label
`labels[].color`	string	Color code for this label

For errors responses, see the response status codes documentation.

Create score system
POST /score-systems

Create a new score system with labels and configuration. Score systems define how audit scores are calculated and displayed.

Request Headers

Header	Type	Required	Description
`X-API-KEY`	string	Yes	API authentication key
`Content-Type`	string	Yes	Must be `application/json`

Request Body Parameters

Parameter	Type	Required	Description
`name`	string	Yes	Score system name
`description`	string	No	Description of the score system
`passedThreshold`	number	Yes	Threshold value for passing
`scoreSystemType`	number	Yes	Score system type: `0` (ProportionToMaxScorePoints) or `1` (CountNotApplicableAsPositive). Cannot be changed after creation
`labels`	array	Yes	Array of score labels (at least one required)
`labels[].min`	number	Yes	Minimum score value for this label
`labels[].max`	number	Yes	Maximum score value for this label (must be >= min)
`labels[].label`	string	Yes	Label text
`labels[].color`	string	Yes	Color code for this label

Label Validation Rules

Labels must meet the following requirements:

Full Range Coverage: Labels must cover the entire interval from 0 to 100
- The first label must start at 0 (min: 0)
- The last label must end at 100 (max: 100)
No Overlaps: Label ranges cannot overlap (e.g., [0-50] and [40-80] is invalid)
No Gaps: Label ranges must be continuous with no gaps. The next label’s min must equal the previous label’s max (e.g., [0-50] and [60-100] is invalid; should be [0-50] and [50-100])

Valid Example: [{min: 0, max: 50}, {min: 50, max: 80}, {min: 80, max: 100}] ✓

Invalid Examples:

[{min: 10, max: 50}, {min: 50, max: 100}] ✗ (doesn’t start at 0)
[{min: 0, max: 50}, {min: 50, max: 90}] ✗ (doesn’t end at 100)
[{min: 0, max: 50}, {min: 40, max: 100}] ✗ (overlap - 40 < 50)
[{min: 0, max: 50}, {min: 60, max: 100}] ✗ (gap - next min (60) should equal previous max (50))

Score System Types

Value	Description
`0`	ProportionToMaxScorePoints - Calculates score as proportion of maximum possible points
`1`	CountNotApplicableAsPositive - Counts not applicable items as positive in score calculation

Example Request

POST /score-systems
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345
Content-Type: application/json

{
  "name": "Standard Scoring",
  "description": "Standard scoring system for audits",
  "passedThreshold": 70,
  "scoreSystemType": 0,
  "labels": [
    {
      "min": 0,
      "max": 50,
      "label": "Poor",
      "color": "#FF0000"
    },
    {
      "min": 50,
      "max": 80,
      "label": "Good",
      "color": "#FFFF00"
    },
    {
      "min": 80,
      "max": 100,
      "label": "Excellent",
      "color": "#00FF00"
    }
  ]
}

Response

Success Response

HTTP/1.1 200 OK
Content-Type: application/json

{
  "id": "123e4567-e89b-12d3-a456-426614174000"
}

Response Fields

Field	Type	Description
`id`	uuid	Unique identifier of the created score system

For errors responses, see the response status codes documentation.

Update score system
PUT /score-systems/{id}

Update an existing score system with new configuration and labels. Note: scoreSystemType cannot be changed after creation.

Request Headers

Header	Type	Required	Description
`X-API-KEY`	string	Yes	API authentication key
`Content-Type`	string	Yes	Must be `application/json`

Path Parameters

Parameter	Type	Required	Description
`id`	uuid	Yes	Unique identifier of the score system

Request Body Parameters

Parameter	Type	Required	Description
`name`	string	Yes	Score system name
`description`	string	No	Description of the score system
`passedThreshold`	number	Yes	Threshold value for passing
`labels`	array	Yes	Array of score labels (at least one required)
`labels[].min`	number	Yes	Minimum score value for this label
`labels[].max`	number	Yes	Maximum score value for this label (must be >= min)
`labels[].label`	string	Yes	Label text
`labels[].color`	string	Yes	Color code for this label

Label Validation Rules

Labels must meet the following requirements:

Full Range Coverage: Labels must cover the entire interval from 0 to 100
- The first label must start at 0 (min: 0)
- The last label must end at 100 (max: 100)
No Overlaps: Label ranges cannot overlap (e.g., [0-50] and [40-80] is invalid)
No Gaps: Label ranges must be continuous with no gaps. The next label’s min must equal the previous label’s max (e.g., [0-50] and [60-100] is invalid; should be [0-50] and [50-100])

Valid Example: [{min: 0, max: 60}, {min: 60, max: 100}] ✓

Invalid Examples:

[{min: 10, max: 50}, {min: 50, max: 100}] ✗ (doesn’t start at 0)
[{min: 0, max: 50}, {min: 50, max: 90}] ✗ (doesn’t end at 100)
[{min: 0, max: 50}, {min: 40, max: 100}] ✗ (overlap - 40 < 50)
[{min: 0, max: 50}, {min: 60, max: 100}] ✗ (gap - next min (60) should equal previous max (50))

Example Request

PUT /score-systems/123e4567-e89b-12d3-a456-426614174000
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345
Content-Type: application/json

{
  "name": "Updated Scoring System",
  "description": "Updated description",
  "passedThreshold": 75,
  "labels": [
    {
      "min": 0,
      "max": 60,
      "label": "Fail",
      "color": "#FF0000"
    },
    {
      "min": 60,
      "max": 100,
      "label": "Pass",
      "color": "#00FF00"
    }
  ]
}

Response

Success Response

HTTP/1.1 200 OK

Empty response body indicates successful update.

For errors responses, see the response status codes documentation.

Delete score systems
DELETE /score-systems

Delete one or more score systems. Score systems that are associated with templates cannot be deleted and will return an error.

Request Headers

Header	Type	Required	Description
`X-API-KEY`	string	Yes	API authentication key
`Content-Type`	string	Yes	Must be `application/json`

Request Body Parameters

Parameter	Type	Required	Description
`ids`	array[uuid]	Yes	Array of score system IDs to delete

Example Request

DELETE /score-systems
Host: api-external.monitorqa.com
X-API-KEY: abcdef12345
Content-Type: application/json

{
  "ids": [
    "123e4567-e89b-12d3-a456-426614174000",
    "987f6543-a21b-43c5-d654-321987654321"
  ]
}

Response

Success Response

HTTP/1.1 200 OK

Empty response body indicates successful deletion.

Error Response (Score System Has Templates)

HTTP/1.1 409 Conflict
Content-Type: application/json

{
  "message": "score-system/has-templates:123e4567-e89b-12d3-a456-426614174000"
}

If a score system is associated with templates, it cannot be deleted and the error response will include the IDs of score systems that have templates.

For errors responses, see the response status codes documentation.

General

Status Codes

HTTP Status Codes

Success Codes

Client Error Codes

Server Error Codes

Error Response Format

Deep Links

Overview

Supported Deep Links

Usage Examples

Implementation Notes

Webhook

Setup

Functionality

Response Requirements

Network Reliability

Webhook Message Format

Base Message Structure

Audit Events

Message Format

Event Types

Corrective Action Events

Message Format

Event Types

Template Events

Message Format

Event Types

Authentication

Authentication

How to Authenticate

Generating Your API Key

Security Best Practices

Support

Overview

Introduction

API Overview

Date and Time Handling

Audits

Update one-time audit PUT /audit/{id}

Request Headers

URL Parameters

Request Body Parameters

Example Request

Response

Reopen Audit POST /audit/reopen/{id}

Parameters

Example Request

Response

Expire Audit POST /audit/expire

Parameters

Example Request

Response

Delete Audit DELETE /audit

Parameters

Example Request

Response

Create one-time audit POST /audit

Request Headers

Request Body Parameters

Example Request

Response

Get list of pending audits GET /audit/pending

Request Headers

Query Parameters

Example Request

Response

Get list of complete audits GET /audit/complete

Request Headers

Query Parameters

Example Request

Response

Get details of audit GET /audit/{auditId}

Request Headers

Path Parameters

Example Request

Response

Get details of complete audit GET /audit/complete/{auditId}

Request Headers

Path Parameters

Update one-time audit
PUT /audit/{id}

Reopen Audit
POST /audit/reopen/{id}

Expire Audit
POST /audit/expire

Delete Audit
DELETE /audit

Create one-time audit
POST /audit

Get list of pending audits
GET /audit/pending

Get list of complete audits
GET /audit/complete

Get details of audit
GET /audit/{auditId}

Get details of complete audit
GET /audit/complete/{auditId}

Get audit pdf report
GET /audit/complete/{auditId}/report-pdf

Get audit report
GET /audit/complete/{auditId}/report

Get schedules list
GET /schedules

Get schedule details
GET /schedules/{scheduleId}

Create daily schedule
POST /schedules/daily

Create weekly schedule
POST /schedules/weekly

Create multiple weeks schedule
POST /schedules/multiple-weeks

Create monthly schedule
POST /schedules/monthly

Update schedule
PUT /schedules/{scheduleId}