Regulatory Compliance API Manual (Excerpt)
API Documentation Sample
Title: Regulatory Compliance API Manual (Excerpt)
Department: Engineering / Compliance
Target Audience: Developers, Integration Partners
Document Owner: API Documentation Lead
Last Reviewed: [Date]
1. Overview
The Compliance API allows third-party systems to access regulatory documentation, submit audit logs, and verify data retention requirements for compliance with standards such as ISO 9001, GDPR, and SOC 2.
2. Base URL
- Base URL: https://api.example.com/v1/compliance
3. Authentication
- Type: Bearer Token (JWT)
- Header:
Authorization: Bearer <token>
4. Endpoints
4.1 Get Compliance Summary
GET /summary
Description: Retrieves a summary of compliance status across modules.
Response Example:
{
"status": "compliant",
"last_audit_date": "2025-08-30",
"active_flags": ["gdpr", "iso9001"]
}
4.2 Submit Audit Log
POST /audit
Body Parameters:
{
"event_type": "access_granted",
"user_id": "USR_789",
"timestamp": "2025-10-25T14:23:00Z",
"details": "User accessed export module."
}
Response: 201 Created
4.3 Get Data Retention Policy
GET /data-retention
Response:
{
"retention_period_days": 365,
"auto_delete": true,
"regions": ["EU", "US"]
}
5. Error Handling
- 401 Unauthorised: Invalid or missing token
- 400 Bad Request: Incorrect parameter types
- 500 Server Error: Contact support
6. Versioning
- Current Version:
v1 - Deprecated: None
End of Sample
