# Coverbase API

> The Coverbase API is the programmatic surface for the Coverbase third-party risk and procurement platform. It lets you move vendor, assessment, and risk data between Coverbase and the systems your team already runs, and lets AI assistants act on your TPRM program through natural conversation.

## Docs

- [Export API Reference](https://docs.coverbase.com/export.md): Endpoint reference for retrieving report data via the Coverbase Export API.
- [Export API Concepts](https://docs.coverbase.com/export-api-concepts.md): Pull vendor, assessment, control, and evaluation data out of Coverbase via configurable report endpoints.
- [Import API Reference](https://docs.coverbase.com/import.md): Endpoint reference for submitting batches of records via the Coverbase Import API.
- [Import API Concepts](https://docs.coverbase.com/import-api.md): Push vendor, assessment, and service data into Coverbase from upstream systems of record.
- [Introduction](https://docs.coverbase.com/index.md): The programmatic surface for the Coverbase third-party risk and procurement platform.
- [Assessments API](https://docs.coverbase.com/integrations/api-reference/assessments.md): Programmatically start, retrieve, and manage assessments scoped to vendors or services.
- [Vendors API](https://docs.coverbase.com/integrations/api-reference/vendors.md): Retrieve and update vendor records and their lifecycle state.
- [Webhooks API](https://docs.coverbase.com/integrations/api-reference/webhooks.md): Register, list, update, and delete webhook subscriptions.
- [Workflows API](https://docs.coverbase.com/integrations/api-reference/workflows.md): Invoke named workflows directly and poll their execution state.
- [End-to-end workflows](https://docs.coverbase.com/integrations/end-to-end-workflows.md): Three full lifecycle walkthroughs showing every API and webhook touchpoint.
- [What to expect during onboarding](https://docs.coverbase.com/integrations/onboarding.md): How the workflow layer is configured, and what security teams typically request.
- [Integration Workflows](https://docs.coverbase.com/integrations/overview.md): How Coverbase integrates with the systems your organization already runs, end to end.
- [Triggering workflows from external systems](https://docs.coverbase.com/integrations/triggering-workflows.md): Three patterns for starting work in Coverbase from outside the UI.
- [Webhooks](https://docs.coverbase.com/integrations/webhooks.md): Register endpoints, subscribe to events, verify signatures, and handle retries.
- [Workflow engine](https://docs.coverbase.com/integrations/workflow-engine.md): How triggers, conditions, and actions compose into orchestration logic.
- [Connecting clients](https://docs.coverbase.com/mcp/connecting.md): Connect Claude, Cursor, Claude Code, and other MCP clients to the Coverbase MCP server.
- [Example prompts](https://docs.coverbase.com/mcp/example-prompts.md): Realistic prompts that exercise the core MCP server workflows.
- [Coverbase MCP Server](https://docs.coverbase.com/mcp/overview.md): Let AI assistants query and manage your TPRM program through natural conversation.
- [Security and privacy](https://docs.coverbase.com/mcp/security.md): Authentication, authorization, data handling, and what we log when you connect the MCP server.
- [Troubleshooting](https://docs.coverbase.com/mcp/troubleshooting.md): Common issues when connecting and using the Coverbase MCP server.
- [Coverbase Inspect](https://docs.coverbase.com/products/autonomous-intake.md): Agentic, browser-based vendor inspection that converts attestations into verified control evidence.
- [Autonomous Intake](https://docs.coverbase.com/products/autonomous-intake-1.md): Procurement-embedded intake that classifies requests, triggers the right risk path, and orchestrates downstream work.
- [Contract Guardian](https://docs.coverbase.com/products/contract-guardian.md): Contract analysis and redline surfacing for third-party agreements.
- [Risk Assessment Copilot](https://docs.coverbase.com/products/risk-assessment-copilot.md): AI-powered assessment engine that automates approximately 90% of vendor risk assessment workload.
- [Supplier Radar](https://docs.coverbase.com/products/supplier-radar.md): Continuous monitoring, triage, and response across your third-party ecosystem.
- [Authentication](https://docs.coverbase.com/quickstart.md): All Coverbase API requests are authenticated with a bearer token over HTTPS.

## OpenAPI Specs

- [openapi](https://docs.coverbase.com/api-reference/openapi.json)

## Optional

- [Content Library](https://www.coverbase.com/content-library)