VQL API
API documentation for executing VQL queries through the Assessment Query API.
Overview
You can programmatically execute Veza Query Language (VQL) queries through Veza's Assessment Query API. This interface allows you to run VQL queries against Veza's Access Graph and retrieve results using standard REST API calls.
Example use:
POST /api/v1/assessments/vql:nodes
Requirements
To use the VQL API, you will need:
A valid API token. For details on obtaining and using API tokens, see Authentication.
Basic understanding of VQL syntax (see VQL Syntax)
VQL features enabled in your Veza instance
API Endpoints
The VQL API provides two primary endpoints for retrieving query results: Get Query Results (Count) and Get Query Results (Nodes).
Get Query Results (Count)
This endpoint retrieves result counts for a VQL query. These queries can execute faster and are optimal for metrics, reporting, and dashboard use cases where you need the total count rather than detailed node information.
Get Query Results (Nodes)
The vql:nodes
endpoint retrieves detailed results for VQL queries, showing source nodes, their properties, and access relationship information. This format is useful for security analysis, access reviews, and permission auditing.
For queries that return large result sets, use pagination to retrieve results in manageable chunks using the LIMIT
and AFTER CURSOR
keywords in your VQL query:
Make an initial request with a specified limit (e.g.,
LIMIT 50
)Check if
has_more
istrue
in the responseIf more results exist, make subsequent requests using the cursor token from the previous response with
AFTER CURSOR 'token'
Example initial request:
For subsequent requests, use the cursor token from the previous response:
Related Documentation
VQL Syntax Reference - Complete documentation of VQL query syntax
VQL Quick Start Guide - Examples and usage patterns
Assessment Query API Overview - General information about the Assessment Query API
Last updated
Was this helpful?