Mark staff member account Not-In-Scope

Use the Sprinto Developer API to mark a staff member as not-in-scope and exclude them from audit and compliance checks.

This cookbook explains how to mark a staff member account as not-in-scope using the Sprinto Developer API.

When staff accounts are added to Sprinto through HRMS or email provider integrations, they are included in the audit scope by default. Marking a staff member as not-in-scope excludes them from compliance activities such as policy acknowledgements, training assignments, and automated checks.

This operation is performed using a GraphQL mutation.

Before you begin

Ensure that you have:

A valid API key
Access to the Sprinto API Playground (if using the playground)
The email address of the staff member to mark as not-in-scope

If the provided email address is invalid or does not belong to an active staff member, the API returns an error.

API status

The Sprinto Developer API is currently in beta.

Endpoints and schema fields may change as new functionality is introduced.

Mutation: `markStaffAsNotInScope`

This mutation marks a staff member as not-in-scope using their email address. You can optionally provide a reason for auditing or tracking purposes.

Input arguments

Argument

Type

Required

Description

email

String

Yes

Email address of the staff member to mark as not-in-scope

reason

String

Optional reason for marking the staff member as not-in-scope

Example mutation

mutation MarkStaffAsNotInScope($email: String!, $reason: String) {
  markStaffAsNotInScope(email: $email, reason: $reason) {
    user {
      fullName
    }
  }
}

Try yourself: United States: Europe: India

How the mutation works

The request starts with the Mutation root type.
The markStaffAsNotInScope mutation identifies the staff member using the email argument.
The optional reason argument records why the staff member is excluded from scope.
On success, the API returns the updated user object.

Response fields

You can request the following fields from the returned user object:

Field

Type

Description

firstName

String

First name of the staff member

lastName

String

Last name of the staff member

fullName

String

Full name of the staff member

email

String

Email address of the staff member

Response codes and errors

The following response codes may be returned for this mutation:

Status code

Status

Message

Reason

200

Success

The account is marked as not-in-scope.

The staff member was successfully updated.

200

Error

Invalid email address or a non-staff account.

The email does not belong to a valid staff account or is marked as non-staff.

200

Error

The email was assigned to an offboarded staff member.

Offboarded staff members cannot be marked as not-in-scope.

401

Unauthorized

Invalid or expired API token.

The API key is invalid or disabled.

429

Too many requests

Too many requests. Please try again later.

The API rate limit has been exceeded.

Next steps

After marking a staff member as not-in-scope, you can:

Review in-scope and not-in-scope staff using paginated queries
Re-include staff members by marking them in-scope
Automate staff scoping as part of onboarding and offboarding workflows

PreviousMark staff member account In-scope NextAdd background verification report for staff member

Last updated 15 days ago

hashtagBefore you begin

hashtagAPI status

hashtagMutation: markStaffAsNotInScope

hashtagInput arguments

hashtagExample mutation

hashtagHow the mutation works

hashtagResponse fields

hashtagResponse codes and errors

hashtagNext steps

Before you begin

API status

Mutation: `markStaffAsNotInScope`

Input arguments

Example mutation

How the mutation works

Response fields

Response codes and errors

Next steps