# Upload Evidence API The Upload Evidence API allows you to programmatically upload evidence files to Sprinto monitors (controls and workflow checks) using a REST endpoint. Use this API to automate evidence collection from CI/CD pipelines, internal tools, or third-party systems. *** ### How it works The API accepts a `multipart/form-data` request with: * `monitor_pk` to identify the target monitor * One or more files as evidence Sprinto validates the request, uploads the files, and attaches them to the specified monitor. *** ### Endpoint
PropertyValue
URLhttps://app.sprinto.com/api/v1/uploadEvidence
MethodPOST
Content-Typemultipart/form-data
AuthenticationAPI Token (header)
*** ### Authentication Generate API tokens from **Settings > Developer API**. #### Header ``` api-token: ``` #### Guidelines * Keep tokens secure * Use HTTPS only * Ensure Admin-level permissions *** ### Request #### Headers
HeaderRequiredDescription
api-tokenYesAPI token
Content-TypeYesmultipart/form-data
*** #### Body parameters
ParameterTypeRequiredDescription
monitor_pkstringYesThe unique identifier (PK) of the monitor (control or workflow check) to which you want to upload evidence.
filesfileYesThe evidence file(s) to upload. You can upload up to 10 files in a single request by repeating this field.
{% hint style="info" %} #### Note 1. To upload multiple files, include the `files` field multiple times in the same request. Each occurrence should contain one file. 2. The `check_pk` parameter is deprecated. Use `monitor_pk`. {% endhint %} *** ### Examples {% tabs %} {% tab title="cURL" %} ```javascript curl --request POST 'https://app.sprinto.com/api/v1/uploadEvidence' \ --header 'api-token: your-api-token' \ --form 'files=@/path/to/file.pdf;type=application/pdf' \ --form 'files=@file1.pdf' \ --form 'files=@file2.pdf' \ --form 'monitor_pk=your-monitor-pk' --form 'monitor_pk=your-monitor-pk' ``` {% endtab %} {% tab title="Node.js (Axios)" %} ```js const axios = require('axios'); const FormData = require('form-data'); const fs = require('fs'); const data = new FormData(); data.append('files', fs.createReadStream('/path/to/file.pdf')); data.append('monitor_pk', 'your-monitor-pk'); axios.post('https://app.sprinto.com/api/v1/uploadEvidence', data, { headers: { 'api-token': 'your-api-token', ...data.getHeaders() } }) .then(res => console.log(res.data)) .catch(err => console.error(err)); ``` {% endtab %} {% tab title="Ruby" %} ```python import requests url = 'https://app.sprinto.com/api/v1/uploadEvidence' headers = { 'api-token': 'your-api-token' } files = { 'files': ('file.pdf', open('/path/to/file.pdf', 'rb'), 'application/pdf') } data = { 'monitor_pk': 'your-monitor-pk' } response = requests.post(url, headers=headers, files=files, data=data) print(response.json()) ``` {% endtab %} {% tab title="HTTP" %} POST /api/v1/uploadEvidence HTTP/1.1\ Host: app.sprinto.com\ api-token: your-api-token\ Content-Type: multipart/form-data; boundary=----WebKitFormBoundary7MA4YWxkTrZu0gW \------WebKitFormBoundary7MA4YWxkTrZu0gW\ Content-Disposition: form-data; name="files"; filename="file.pdf"\ Content-Type: application/pdf (data)\ \------WebKitFormBoundary7MA4YWxkTrZu0gW\ Content-Disposition: form-data; name="monitor\_pk" your-monitor-pk\ \------WebKitFormBoundary7MA4YWxkTrZu0gW {% endtab %} {% endtabs %} *** ### Response #### Success (201 Created) ```json { "success": true, "error": "" } ``` *** #### Response fields
FieldTypeDescription
successbooleanIndicates if the request succeeded
errorstring / objectError message (empty if successful)
*** ### Error handling #### 400 Bad Request * Invalid file type * Invalid parameters * Monitor not found ```json { "success": false, "error": "Monitor with pk not found." } ``` *** #### 401 Unauthorized ```json { "success": false, "error": { "message": "api-token not found" } } ``` **Causes** * Missing or invalid token * Insufficient permissions *** #### 429 Too Many Requests Returned when rate limits are exceeded. Implement retry with backoff. *** ### Supported file types
CategoryExtensions
Images.jpg, .jpeg, .png, .gif, .tiff, .bmp, .svg
Documents.pdf, .doc, .docx, .odt
Spreadsheets.xls, .xlsx, .ods
Archives.zip, .tar
Videos.mp4, .mov, .wmv
Data.json, .csv, .txt
Email.msg
#### Limits * Maximum file size: 10 MB per file * Maximum files per request: 10 *** ### Finding the monitor PK #### From dashboard Navigate to the monitor and locate the PK in the URL or details section. #### Using GraphQL ```graphql query { monitors { nodes { pk name monitorType } } } ``` *** ### Workflow check restrictions * Must be active * Must not have a reviewer assigned *** ### Troubleshooting
IssueCauseResolution
401 UnauthorizedInvalid tokenVerify API token
File type not allowedUnsupported formatUse supported file types
Monitor not foundInvalid monitor_pkValidate monitor PK
File too largeExceeds 10 MBReduce file size
Evidence not visibleProcessing delayRefresh after a few seconds
*** ### Need help? If you have questions or run into issues while using the Upload Evidence API, contact [Sprinto support](mailto:support@sprinto.com).