Orbiq API Overview
A complete REST API for compliance automation. Manage trust centers, documents, certifications, NDAs, and AI-powered questionnaire responses programmatically.
Core Resources
Eight resource families covering every aspect of compliance automation.
| Resource | Methods | Base Path |
|---|---|---|
| Contacts | GETPOSTPATCHDELETE | /contacts |
| Documents | GETPOSTPUTPATCHDELETE | /documents |
| Certifications | GETPOSTPATCHDELETE | /certifications |
| NDA Templates | GETPOSTPATCH | /nda-templates |
| Access Requests | GETPATCH | /access-requests |
| Ask (AI) | POST | /ask |
| Knowledge Base | GETPOSTPATCHDELETE | /knowledge-base |
| Brand | GETPATCHPUT | /brand |
Authentication
Two authentication methods to fit every integration pattern. All traffic is encrypted with TLS 1.3.
API Key Authentication
Pass your API key as a Bearer token in the Authorization header for server-to-server integrations. Generate keys from your Orbiq dashboard.
curl -X GET https://app.orbiqhq.com/api/v1/documents \
-H "Authorization: Bearer orbiq_live_sk_..."JWT Bearer Token
Authenticate with your email and password to receive a short-lived JWT token. Ideal for user-facing applications and fine-grained access control.
curl -X POST https://app.orbiqhq.com/api/v1/auth/token \
-H "Content-Type: application/json" \
-d '{"email":"...","password":"..."}'What You Can Build
Real-world integration patterns powering compliance automation at scale.
AI Security Questionnaires
Feed questions to the /ask endpoint and get AI-generated answers grounded in your knowledge base. Build agentic compliance workflows that complete questionnaires in minutes.
const response = await fetch(
"https://app.orbiqhq.com/api/v1/ask",
{
method: "POST",
headers: {
"Authorization": "Bearer orbiq_live_sk_...",
"Content-Type": "application/json",
},
body: JSON.stringify({
question: "Describe your data encryption at rest.",
}),
}
);Document Access Automation
Auto-approve access requests by domain, enforce NDA-gated sharing, and track every document view with audit logs. Build custom approval workflows with webhooks.
// Approve an access request
await fetch(
"https://app.orbiqhq.com/api/v1/access-requests/{id}",
{
method: "PATCH",
headers: {
"Authorization": "Bearer orbiq_live_sk_...",
"Content-Type": "application/json",
},
body: JSON.stringify({
status: "approved",
}),
}
);White-Label Trust Center
Embed a fully branded trust center in your product. Configure colors, logos, and overview text via the Brand API. Custom domains are set up through the dashboard.
await fetch(
"https://app.orbiqhq.com/api/v1/brand",
{
method: "PATCH",
headers: {
"Authorization": "Bearer orbiq_live_sk_...",
"Content-Type": "application/json",
},
body: JSON.stringify({
primary_color: "#0F172A",
overview_text: "Welcome to our trust center.",
}),
}
);Continuous Compliance Monitoring
Sync certifications, track expiry dates, and surface compliance gaps automatically. Get webhook alerts when a certification approaches renewal.
await fetch(
"https://app.orbiqhq.com/api/v1/certifications",
{
method: "POST",
headers: {
"Authorization": "Bearer orbiq_live_sk_...",
"Content-Type": "application/json",
},
body: JSON.stringify({
name: "SOC 2 Type II",
status: "active",
issued_at: "2025-11-01",
expires_at: "2026-11-01",
notify_before_days: 60,
}),
}
);Explore the Full API Reference
Interactive API reference with request/response examples, schema definitions, and authentication guides.