If none of the out-of-the-box Evidence Sources meet your needs, Custom Endpoint gives you a flexible way to pull evidence from any API-accessible system — including in-house tools, homegrown services, and systems that require advanced authentication.
This feature now supports multiple HTTP request types, request bodies, and customizable headers, enabling deeper compatibility with modern APIs (OAuth, versioned APIs, async report generation, MFA-protected resources, etc.).
Custom Endpoint setup has two parts:
Create the Evidence Source Endpoint
-
Create an Evidence Automation that uses that endpoint
Setting Up Custom Endpoint as an Evidence Source
Step 1: Navigate to Evidence Sources under Compliance Menu
Ensure you have Edit access to the Evidence Sources module entitlement.
Step 2: Find and Configure the Custom Endpoint Option
Scroll to the "Other" section to find the Custom Endpoint option. Click the gear icon to configure more evidence sources.
Step 3: Add a Custom Endpoint URL
Click on Add Custom Endpoint URL. You'll be prompted to name your Custom Endpoint and provide the URL. Note: you can create many custom endpoint, so make sure this name is identifiable by you.
1. Endpoint URL (Required)
Enter the API endpoint you want to call. URL must be unique and valid.
For example, we are pulling back the Build Audit Log from Risk Cloud as evidence. Enter the following as the endpoint:
https://{subdomain}.logicgate.com/api/v1/audit/build/export/CSV?applicationId={appId}&startDate={yyyy-mm-dd}
2. HTTP Request Type (New)
Custom Endpoints now support multiple request types: GET (default), POST, PATCH. Choose the method required by the target API.
3. Request Body (New!)
When POST or PATCH is selected, a Request Body text area appears.
Use this for: Async report generation, filtered log retrieval, complex data queries
4. Headers & Authentication (New!)
Check “URL requires headers” to add authentication or configuration headers. You can now add: Authorization Header
Enter header name (e.g.,
Authorization)Enter header value (e.g., Bearer
<token>or Basic<token>)On edit, the Authorization Header value will appear masked (***), but will still be sent when unchanged.
For example, to pull back the Build Audit Log from Risk Cloud as evidence, provide the API token from your profile for authentication
Additional Headers
You can add multiple header name/value pairs for: OAuth, API versioning, Content-Type overrides, Custom security requirements.
Click + Add Header to add multiple entries. Blank fields will not be saved.
5. Enable or Disable a Custom Endpoint (New!)
You can manually disable an endpoint at any time. Disabling the endpoint also disables all associated Evidence Automations. Endpoints that fail repeatedly will be automatically disabled until configuration is fixed. Disabled endpoints appear greyed out.
Creating Automation to Pull Evidence
Step 1: Navigate to Record
First, go to a record where you've enabled AEC in Workflow.
Step 2: Create a New Automation
Click on Create New Automation button
Step 3: Select the Evidence Source
Give your automation a name so it can be uniquely identified. Then, in the Where is this evidence coming from section, select the Custom Endpoint you just created.
Step 4: Complete the Automation Setup
Continue with the Automation Setup and then click Save. See Create and Configure AEC Automation for more details.
Step 5 (Optional): Test the Automation
Click on the gear icon for your newly created evidence automation and select Run Now to trigger an ad-hoc run to test if Evidence Automation is ran successfully. Troubleshoot based on error messages.
Otherwise, wait until the evidence automation is scheduled.
Step 6: Check the Evidence Record
Click on the Evidence Record that's been created to view the file that's been pulled. You can find this in the Collection History or via another Linked Workflow Section on your record.
There you have it! Your evidence is now available.
Other Notes
Evidence will be pulled in the format specified in the response of the endpoint. For example, if evidence is retrieved as a CSV, it will be in that format, or JSON if that's the response format.