generated: '2026-07-15' method: generated source: openapi/drata-openapi.yml description: Recommended x-agentic-access execution contracts, classified heuristically from the OpenAPI. A governance starting point for exposing this API to AI agents — review and bind audience per deployment. See research/curity/agentic-governance/. summary: operations: 21 by_action_class: connected: 14 acting: 7 by_consequence: read: 14 write: 7 human_in_the_loop_required: 0 operations: - path: /assets method: get operationId: listAssets x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /assets method: post operationId: createAsset x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /assets/{assetId} method: get operationId: getAsset x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /assets/{assetId} method: put operationId: updateAsset x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /assets/{assetId} method: delete operationId: deleteAsset x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /personnel method: get operationId: listPersonnel x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /personnel method: post operationId: createPersonnel x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /personnel/{personnelId} method: get operationId: getPersonnel x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /personnel/{personnelId} method: put operationId: updatePersonnel x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /personnel/{personnelId} method: delete operationId: deletePersonnel x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /controls method: get operationId: listControls x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /controls/{controlId} method: get operationId: getControl x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /frameworks method: get operationId: listFrameworks x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /policies method: get operationId: listPolicies x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /vendors method: get operationId: listVendors x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /vendors method: post operationId: createVendor x-agentic-access: action-class: acting consequence: write subject: required audience: null token: max-ttl: 900 escalation: human-in-the-loop: conditional triggers: - abnormal - high-value audit: required - path: /tasks method: get operationId: listTasks x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /audits method: get operationId: listAudits x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /risks method: get operationId: listRisks x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /evidence-library method: get operationId: listEvidence x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none - path: /monitoring-tests method: get operationId: listMonitoringTests x-agentic-access: action-class: connected consequence: read subject: optional token: max-ttl: 3600 audit: none