Skip to main content

Retrieve an existing Compliance Standard

This guide shows how to retrieve a specific compliance standard (along with its Requirements and Sections).

First of all, obtain an authorization token by Logging In alt text

  • The token is only valid for 10 minutes, so refresh it alt text as needed if you believe your workflow might take longer than that.

  • The base url in this guide is a generic Replace it with yours accordingly.

Start by getting a list of Compliance Standards alt text which returns all system-supported and custom compliance standards:

curl --request GET \
--url \
--header 'x-redlock-auth: YOUR_TOKEN'

Let's say, you're interested in SOC2 Compliance Standard:

// Previous compliance standard
"id": "51a30956-9e70-4112-8551-ad69b36381b1",
"description": "SOC2 Compliance Standard",
"createdBy": "Prisma Cloud System Admin",
"createdOn": 1545842667113,
"lastModifiedBy": "Prisma Cloud System Admin",
"lastModifiedOn": 1545842667113,
"systemDefault": true,
"policiesAssignedCount": 126,
"name": "SOC 2",
"cloudType": [
// Next Compliance Standard

Pick a compliance standard from the returned array(in this case SOC2 Compliance Standard), grab its id(in this case 51a30956-9e70-4112-8551-ad69b36381b1) and pass it as a complianceId path parameter to List Compliance Requirements alt text:

curl --request GET \
--url \
--header 'x-redlock-auth: YOUR_TOKEN'

This will return a list of all compliance requirements for the SOC 2 Compliance Standard.

The id field in the response can be used to get a list of all requirement sections for the SOC 2 Compliance Standard. Just pass it as a path parameter to List Compliance Requirement Sections alt text:

curl --request GET \
--url \
--header 'x-redlock-auth: YOUR_TOKEN'

Finally, use List Policies alt text to get all available policies for the SOC 2 Compliance Standard by setting policy.complianceStandard query string parameter with the Compliance Standard Name you've acquired earlier (in this case url-encoded value for SOC 2 is SOC%202):

curl --request GET \
--url '' \
--header 'x-redlock-auth: YOUR_TOKEN'

You should get back the associated policies. The same workflow could be applied to every compliance standard to retrieve all the associated requirements and sections.