API Reference
REST over HTTPS. JSON responses. Authenticate with X-API-Key.
Base URL
Use your Mandatry base URL shown in the dashboard after access is granted.
export MANDATRY_BASE_URL="<BASE_URL>"
export MANDATRY_API_KEY="mandatry_live_<your_key>"Authentication
curl -H "X-API-Key: $MANDATRY_API_KEY" "$MANDATRY_BASE_URL/<endpoint>"Pagination
List endpoints support limit/offset. Default limit is 100 and max limit is 100.
Example:
GET <BASE_URL>/frameworks-api/frameworks?limit=100&offset=0Example response shape:
{
"data": [],
"pagination": { "total": 95, "limit": 100, "offset": 0, "has_more": false }
}Endpoints
Crosswalk API
Compare frameworks across jurisdictions and retrieve canonical concept mappings.
- GET /crosswalk-api?frameworks=GDPR,CCPA
- GET /crosswalk-api?jurisdictions=US-CA,EU
- POST /crosswalk-api/crosswalk/compare
- GET /crosswalk-api/crosswalk/framework
- GET /crosswalk-api/crosswalk/jurisdiction
Example 1: Compare frameworks (GET)
curl -H "X-API-Key: $MANDATRY_API_KEY" \
"$MANDATRY_BASE_URL/crosswalk-api?frameworks=GDPR,CCPA"Example 2: Advanced compare (POST)
curl -X POST -H "X-API-Key: $MANDATRY_API_KEY" -H "Content-Type: application/json" \
"$MANDATRY_BASE_URL/crosswalk-api/crosswalk/compare" \
-d '{
"framework_ids": ["uuid1","uuid2"],
"concept_ids": ["concept1","concept2"],
"jurisdiction_codes": ["US-CA","EU"]
}'Crosswalk response example:
{
"data": [
{
"concept_id": "right_to_access",
"concept_name": "Right to Access",
"concept_category": "rights",
"mappings": [
{
"framework_id": "gdpr-uuid",
"framework_name": "GDPR",
"framework_code": "gdpr",
"jurisdiction": "EU",
"article_reference": "Article 15",
"implementation_notes": "...",
"key_requirements": "..."
}
]
}
],
"meta": { "total_concepts": 15, "total_mappings": 45 }
}Frameworks API
- GET /frameworks-api/frameworks
- GET /frameworks-api/frameworks/{id}
Filters:
- •
jurisdiction(e.g., US, ZA, EU) - •
type(privacy, security, industry, international) - •
search - •
limit/offset
Example:
curl -H "X-API-Key: $MANDATRY_API_KEY" \
"$MANDATRY_BASE_URL/frameworks-api/frameworks?jurisdiction=EU&type=privacy&limit=10&offset=0"Concepts API
- GET /concepts-api/concepts
- GET /concepts-api/concepts/{id}
- GET /concepts-api/concepts/categories
Example:
curl -H "X-API-Key: $MANDATRY_API_KEY" \
"$MANDATRY_BASE_URL/concepts-api/concepts?category=principles&search=lawfulness&limit=100&offset=0"Jurisdictions API
- GET /jurisdictions-api/jurisdictions
- GET /jurisdictions-api/jurisdictions/{id}
Filters:
- •
code(US, ZA, EU) - •
type(country, state, region, international) - •
search - •
limit/offset
Example:
curl -H "X-API-Key: $MANDATRY_API_KEY" \
"$MANDATRY_BASE_URL/jurisdictions-api/jurisdictions?type=country&limit=100&offset=0"Certified Framework API
Retrieve certified, immutable framework manifests with version pinning.
- GET /certified-framework/{CODE}
- GET /certified-framework/{CODE}?version=v1.0
- GET /certified-framework-versions/{CODE}
Example:
curl -H "X-API-Key: $MANDATRY_API_KEY" \
"$MANDATRY_BASE_URL/certified-framework/GDPR?version=v1.0"Errors
401 Unauthorized
{ "error": "Missing X-API-Key header" }403 Forbidden
{ "error": "Invalid API key" }404 Not Found
{ "error": "Framework not found" }429 Too Many Requests
{
"error": "API quota exceeded",
"message": "Your organization has exceeded its monthly API quota. Please upgrade your plan or wait for the quota to reset."
}500 Internal Server Error
{
"error": "Internal server error",
"message": "Additional details...",
"timestamp": "2026-03-08T10:30:00Z"
}TypeScript SDK is available for partners. For most integrations, HTTP requests in any language are sufficient.