Skip to main content
For AI agents: a documentation index is available at https://docs.coverbase.com/llms.txt — this page is also available in markdown by appending .md to the URL.
The Coverbase API lets you move vendor, assessment, and risk data between Coverbase and the systems your team already runs, and lets AI assistants act on your TPRM program through natural conversation. Coverbase exposes three integration surfaces. Each is independent: pick the surface that matches your integration pattern, or combine them.

Integration surfaces

Export API

Pull structured vendor, assessment, and control data out of Coverbase into your dashboards, BI tools, and remediation workflows.

Import API

Push vendor, assessment, and service data into Coverbase from your ERP, CMDB, legacy GRC platform, or service catalog.

MCP Server

Connect Claude, Cursor, Claude Code, or any MCP client and query your TPRM program through natural conversation.

Product capabilities

The API powers the full Coverbase platform across its product surfaces.

Autonomous Intake

Procurement-embedded intake classification, risk path routing, and downstream workflow orchestration.

Assessment Copilot

Programmatic assessment generation, control extraction from evidence, and delta detection across reassessments.

Contract Guardian

Contract clause extraction, missing-clause detection, and playbook deviation analysis for MSAs, DPAs, SOWs, and BAAs.

Supplier Radar

Continuous monitoring event streams, triage workflows, and subscription management for third-party risk signals.

Findings Manager

Intelligence layer over findings across every assessment — remediation tracking and systemic risk pattern detection.

Obligations Tracker

Track obligations owed when engaging third parties: CUECs, legal terms, SOW duties, and technical controls.

RFP Platform

RFP platform for regulated industries with risk, compliance, security, and legal evaluation embedded into selection.

Agentic Inspect

Agentic discovery and monitoring of SaaS applications — access patterns, SLA performance, and behavioral anomalies.

Getting started

1

Request an API key

Ask a Coverbase admin in your organization to provision an API key for your integration.
2

Secure your key

Store the key in a secrets manager such as AWS Secrets Manager or HashiCorp Vault. Never commit keys to source control or embed them in client-side code.
3

Test the connection

Hit /v1/utils/authtest with your bearer token to verify connectivity, key validity, and firewall configuration before wiring the API into production logic.
4

Pick a surface

Read the concepts page for the surface you plan to use, then jump to the reference.

Conventions

Base URL

https://api.coverbase.app

Format

RESTful, JSON over HTTPS, encrypted in transit.

Need help?

Product support

support@coverbase.ai

Security issues

security@coverbase.ai

Book a meeting

Talk to our team about your integration.