GET /api/v1/recommendations
Returns recommendations across all completed assessments for your organization, sorted by priority (highest first) and then by creation date (newest first).
Required scope: recommendations:readRequest curl "https://assess.ayliea.com/api/v1/recommendations?limit=25" \ -H "X-API-Key: ayliea_pk_YOUR_API_KEY"
Query parameters Maximum number of results to return. Must be between 1 and 100.
Number of results to skip. Must be 0 or greater.
Response { "recommendations" : [ { "id" : "d290f1ee-6c54-4b01-90e6-d701748f0851" , "title" : "Enable multi-factor authentication for all users" , "priority" : 1 , "status" : "open" , "framework_id" : "nist-csf-2" , "category" : "Access Control" }, { "id" : "a3bb189e-8bf9-3888-9912-ace4e6543002" , "title" : "Implement network segmentation between production and development" , "priority" : 2 , "status" : "in_progress" , "framework_id" : "cis-v8" , "category" : "Network Security" } ] }
Response fields Array of recommendation objects. Show Recommendation object fields
Unique identifier (UUID) for the recommendation.
Short description of the recommended action.
Priority ranking. Lower numbers indicate higher priority (1 is the highest).
Current status of the recommendation. One of: open, in_progress, completed, dismissed.
The framework this recommendation is associated with (e.g., nist-csf-2, hipaa).
The assessment category this recommendation falls under (e.g., “Access Control”, “Network Security”).
Sorting Results are sorted by:
priority ascending (highest priority first)created_at descending (newest first within the same priority)
This sort order is fixed and cannot be changed via query parameters.
Notes
Recommendations span all completed assessments — they are not filtered by framework. To filter client-side, use the framework_id field.
If no assessments have been completed, the recommendations array is empty.
Status changes made in the Ayliea web or mobile app are reflected immediately in API responses.
