Introduction

The Coverbase API lets you move vendor, assessment, and risk data between Coverbase and the systems your team already runs, and lets AI assistants act on your TPRM program through natural conversation. Coverbase exposes three integration surfaces. Each is independent: pick the surface that matches your integration pattern, or combine them.

Integration surfaces

Export API

Pull structured vendor, assessment, and control data out of Coverbase into your dashboards, BI tools, and remediation workflows.

Import API

Push vendor, assessment, and service data into Coverbase from your ERP, CMDB, legacy GRC platform, or service catalog.

MCP Server

Connect Claude, Cursor, Claude Code, or any MCP client and query your TPRM program through natural conversation.

Product capabilities

The API powers the full Coverbase platform across five product surfaces.

Risk Assessment Copilot

Programmatic assessment generation, control extraction from evidence, and delta detection across reassessments.

Supplier Radar

Continuous monitoring event streams, triage workflows, and subscription management for third-party risk signals.

Coverbase Inspect

Agentic browser-based vendor discovery and evidence capture with full chain-of-custody metadata.

Autonomous Intake

Procurement-embedded intake classification, risk path routing, and downstream workflow orchestration.

Contract Guardian

Contract clause extraction, missing-clause detection, and playbook deviation analysis for MSAs, DPAs, SOWs, and BAAs.

Getting started

Request an API key

Ask a Coverbase admin in your organization to provision an API key for your integration.

Secure your key

Store the key in a secrets manager such as AWS Secrets Manager or HashiCorp Vault. Never commit keys to source control or embed them in client-side code.

Test the connection

Hit /v1/utils/authtest with your bearer token to verify connectivity, key validity, and firewall configuration before wiring the API into production logic.

Pick a surface

Read the concepts page for the surface you plan to use, then jump to the reference.

Authentication setup

Bearer token format, the auth test endpoint, and how to handle common 401 and 403 responses.

Conventions

Base URL

https://api.coverbase.app

Format

RESTful, JSON over HTTPS, encrypted in transit.

Need help?

Product support

support@coverbase.com

Security issues

security@coverbase.com

Book a meeting

Talk to our team about your integration.

AuthenticationAll Coverbase API requests are authenticated with a bearer token over HTTPS.

⌘I

Getting started

Products

Data Import & Export

AI, Agents, MCP

Integration surfaces

Export API

Import API

MCP Server

Product capabilities

Risk Assessment Copilot

Supplier Radar

Coverbase Inspect

Autonomous Intake

Contract Guardian

Getting started

Authentication setup

Conventions

Base URL

Format

Need help?

Product support

Security issues

Book a meeting

Getting started

Products

Data Import & Export

AI, Agents, MCP

Documentation Index

​Integration surfaces

Export API

Import API

MCP Server

​Product capabilities

Risk Assessment Copilot

Supplier Radar

Coverbase Inspect

Autonomous Intake

Contract Guardian

​Getting started

Authentication setup

​Conventions

Base URL

Format

​Need help?

Product support

Security issues

Book a meeting

Integration surfaces

Product capabilities

Getting started

Conventions

Need help?