The API of Isora GRC itself is always enabled. Before an individual user can successfully invoke the API, however, Isora GRC needs to generate an authentication token for that user. If you’re an ordinary user, you’ll need to request API access from your local Isora GRC administrator. If you’re a super-user, then follow the steps below to modify a user to add API access.

Navigate to your Isora GRC URL and log into the web interface.
Go to the orgs module and click the “manage people” link.
Locate the user you wish to modify and click the button next to the name to edit the user.
Click the checkbox to “enable token api access,” then click the “save” button.

Note: the “enable signature api access” option is an experimental feature which is not supported at this time. In the future, if implemented, this option would allow a user to encrypt API calls with a signature.
After clicking the “save” button, the newly generated token is revealed in the window.

You can now copy and paste this token from the web interface and save it for use in API calls.
Be aware that if you later remove a user’s API access and add it again, a new token will be generated each time.

Next: 2.3 API structure overview

Browser not supported