Skip to main content
Learn how to use the Raptor Comply API to add new cyber assets, update asset details, and remove decommissioned equipment from your compliance inventory.
Cyber assets are the individual devices and software instances - PLCs, RTUs, HMIs, EMS servers, and more - that are classified under NERC CIP cyber systems in Raptor Comply. Unlike facilities, control centers, and cyber systems (which are currently read-only via the API), cyber assets support full CRUD. That means you can manage your entire compliance inventory programmatically: add new equipment as it’s commissioned, keep records current as configurations change, and retire assets when they’re decommissioned.

Before you begin

You’ll need the following before making any write requests:
  • API key - generated by your organization admin in Raptor Comply. See Authentication.
  • Cyber System ID - the id of the cyber system you want to associate an asset with. Retrieve this from GET /cyber-systems. Cyber system IDs follow the format cs_01....

List cyber assets

Retrieve all cyber assets in your organization with GET /cyber-assets: 
curl https://api.raptormaps.com/cyber-assets \
  -H "X-API-Key: $RAPTOR_COMPLY_API_KEY"
A successful response returns a JSON array of all cyber assets your API key has access to: 
[
  {
    "id": "ca_01ABC123",
    "name": "RTU-PLANT-01",
    "asset_type": "hardware",
    "cyber_system_id": "cs_01ABC456",
    "created_at": "2024-03-15T10:30:00Z",
    "updated_at": "2024-03-15T10:30:00Z"
  },
  {
    "id": "ca_01DEF789",
    "name": "HMI-CTRL-02",
    "asset_type": "hardware",
    "cyber_system_id": "cs_01ABC456",
    "created_at": "2024-04-01T08:00:00Z",
    "updated_at": "2024-06-12T14:22:00Z"
  }
]

Get a single cyber asset

To retrieve one specific asset, pass its id to GET /cyber-assets/{id}: 
curl https://api.raptormaps.com/cyber-assets/ca_01ABC123 \
  -H "X-API-Key: $RAPTOR_COMPLY_API_KEY"
The response returns a single JSON object for that asset. If the id does not exist in your organization, the API returns a 404 Not Found.

Create a cyber asset

Use POST /cyber-assets to add a new asset to your compliance inventory. The request body must include name, cyber_system_id, and asset_type: 
curl -X POST https://api.raptormaps.com/cyber-assets \
  -H "X-API-Key: $RAPTOR_COMPLY_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "RTU-PLANT-01",
    "cyber_system_id": "cs_01ABC456",
    "asset_type": "hardware"
  }'
On success, the API returns 201 Created with the full asset object, including the newly assigned id: 
{
  "id": "ca_01ABC123",
  "name": "RTU-PLANT-01",
  "asset_type": "hardware",
  "cyber_system_id": "cs_01ABC456",
  "created_at": "2024-07-10T09:15:00Z",
  "updated_at": "2024-07-10T09:15:00Z"
}
Save the returned id - you’ll use it to update or delete this asset later.

Update a cyber asset

Use PATCH /cyber-assets/{id} to modify an existing asset. The PATCH method is a partial update: you only need to include the fields you want to change. Any fields you omit remain unchanged. For example, to rename an asset: 
curl -X PATCH https://api.raptormaps.com/cyber-assets/ca_01ABC123 \
  -H "X-API-Key: $RAPTOR_COMPLY_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "RTU-PLANT-01-REVISED"
  }'
The response returns the updated asset object with the new field values and a refreshed updated_at timestamp.

Delete a cyber asset

Use DELETE /cyber-assets/{id} to permanently remove a decommissioned asset from your compliance inventory: 
curl -X DELETE https://api.raptormaps.com/cyber-assets/ca_01ABC123 \
  -H "X-API-Key: $RAPTOR_COMPLY_API_KEY"
A successful delete returns 204 No Content with no response body.
Deleting a cyber asset is permanent and cannot be undone. The asset and all data associated with it are immediately removed from your compliance inventory. Double-check the id you’re passing before you send the request - confirm it in Raptor Comply or by calling GET /cyber-assets/{id} first.

Walkthrough: add a new cyber asset end to end

1

Get your Cyber System ID

Call GET /cyber-systems to retrieve the list of cyber systems in your organization:
curl https://api.raptormaps.com/cyber-systems \
  -H "X-API-Key: $RAPTOR_COMPLY_API_KEY"
Find the cyber system you want to classify the new asset under and copy its id (format: cs_01...).
2

Create the cyber asset

Send a POST /cyber-assets request with the asset details and the Cyber System ID from the previous step:
curl -X POST https://api.raptormaps.com/cyber-assets \
  -H "X-API-Key: $RAPTOR_COMPLY_API_KEY" \
  -H "Content-Type: application/json" \
  -d '{
    "name": "RTU-PLANT-01",
    "cyber_system_id": "cs_01ABC456",
    "asset_type": "hardware"
  }'
3

Capture the returned ID

The 201 Created response includes the new asset’s id. Save this value in your CMDB or inventory system as an external reference to Raptor Comply.
4

Verify the asset was created

Confirm the asset exists by calling GET /cyber-assets/{id} with the ID you just received:
curl https://api.raptormaps.com/cyber-assets/ca_01ABC123 \
  -H "X-API-Key: $RAPTOR_COMPLY_API_KEY"
A 200 OK response with the asset object confirms the record is live in your compliance inventory.