API and technical integrations
The public module API for Pulsar GRC is in preparation. The current MVP uses a protected application interface and selected technical endpoints.
🚧 Coming Soon
We are not publishing a stable public API specification for audits, CAPA, risks, or documents yet. Integration scope is confirmed during implementation.
Current MVP status
- The main application works through the protected tRPC endpoint
/api/trpc. - Selected REST endpoints support technical functions such as health checks, billing, webhooks, DSAR requests, and controlled evidence ingest.
- Technical endpoints are not a public integration specification for GRC modules.
Integration access
Integration access requires an agreed scope, authorization model, and data boundary. Evidence integrations use a controlled ingest-source mechanism with a Bearer token assigned to the source and organization.
Authorization: Bearer <agreed-source-token>
Public documentation boundary
Internal application routes should not be treated as a stable public API. Stable integration documentation will be published after API contracts and security review are complete.
Need an integration?
If your organization needs a system integration, contact us - we will confirm the realistic scope and a secure connection model.