> ## Documentation Index > Fetch the complete documentation index at: https://docs.chainloop.dev/llms.txt > Use this file to discover all available pages before exploring further. # Get lightweight product compliance summary > Returns per-requirement aggregated status, automation level, scope and pre-computed flags (override / needs-review) plus aggregate project counts for a product version. Excludes policy evaluation payloads, manual evidence, override details and per-project breakdowns — those load on demand via GetProductRequirementComplianceDetail. ## OpenAPI ````yaml https://api.app.chainloop.dev/openapi.yaml get /v1/compliance/product/summary openapi: 3.0.1 info: contact: email: support@chainloop.dev name: Chainloop Support url: https://chainloop.dev termsOfService: https://chainloop.dev/terms title: Chainloop Platform API version: '1.0' servers: - url: https://api.app.chainloop.dev/ security: - bearerToken: [] tags: - description: AI-powered agent operations name: AgentsService - name: ArtifactService - name: AssessmentService - description: Service for polling the status of asynchronous operations name: AsyncOperationsService - name: AttestationsService - name: PolicyService - name: ComplianceService - name: ComponentService - name: EnvironmentsService - name: EvidenceService - name: FindingService - name: LinearService - name: LogicalEnvironmentsService - name: ProductsService - name: ProjectsService - name: UserService - name: WorkflowTemplateService externalDocs: description: Chainloop Official Documentation url: https://docs.chainloop.dev paths: /v1/compliance/product/summary: get: tags: - ComplianceService summary: Get lightweight product compliance summary description: >- Returns per-requirement aggregated status, automation level, scope and pre-computed flags (override / needs-review) plus aggregate project counts for a product version. Excludes policy evaluation payloads, manual evidence, override details and per-project breakdowns — those load on demand via GetProductRequirementComplianceDetail. operationId: ComplianceService_GetProductComplianceSummary parameters: - description: The product version ID to summarize in: query name: product_version_id schema: type: string - description: >- Optional framework filter. If empty, returns all frameworks for the product version. explode: true in: query name: framework_ids schema: items: type: string type: array style: form - description: >- When true, skip the compliance cache and recompute from source. Intended for testing. in: query name: bypass_cache schema: type: boolean responses: '200': content: application/json: schema: $ref: '#/components/schemas/v1GetProductComplianceSummaryResponse' description: A successful response. '400': content: application/json: schema: $ref: '#/components/schemas/v1BadRequestResponse' description: Bad Request - The request was invalid or cannot be served. '401': content: application/json: schema: $ref: '#/components/schemas/v1UnauthorizedResponse' description: Unauthorized - Authentication is required. '403': content: application/json: schema: $ref: '#/components/schemas/v1PermissionDeniedResponse' description: Forbidden - You do not have permission to access this resource. '500': content: application/json: schema: $ref: '#/components/schemas/v1InternalServerErrorResponse' description: Internal Server Error - An unexpected error occurred on the server. default: content: application/json: schema: $ref: '#/components/schemas/rpcStatus' description: An unexpected error response. components: schemas: v1GetProductComplianceSummaryResponse: description: >- Lightweight product compliance summary: per-requirement aggregated status and pre-computed flags, without policy payloads, manual evidence, override details or per-project breakdowns. example: frameworks: - framework_name: framework_name requirements: - requirement_version_id: requirement_version_id overall_status: overall_status description: description display_name: display_name requirement_id: requirement_id project_breakdown: expired: 9 pending: 7 failing: 5 not_applicable: 1 passing: 5 total_applicable: 6 partial: 2 exempted: 3 automation_level: unspecified framework_name: framework_name has_manual_evidence_needs_review: true requirement_revision: 0 scope: UNSPECIFIED override_status: override_status name: name framework_display_name: framework_display_name not_applicable: true has_override: true has_pending_override: true - requirement_version_id: requirement_version_id overall_status: overall_status description: description display_name: display_name requirement_id: requirement_id project_breakdown: expired: 9 pending: 7 failing: 5 not_applicable: 1 passing: 5 total_applicable: 6 partial: 2 exempted: 3 automation_level: unspecified framework_name: framework_name has_manual_evidence_needs_review: true requirement_revision: 0 scope: UNSPECIFIED override_status: override_status name: name framework_display_name: framework_display_name not_applicable: true has_override: true has_pending_override: true framework_id: framework_id framework_display_name: framework_display_name metrics: pending_requirements: 5 passing_requirements: 6 compliance_percentage: 2.302136 inactive_requirements: 7 failing_requirements: 1 partial_requirements: 5 total_requirements: 0 - framework_name: framework_name requirements: - requirement_version_id: requirement_version_id overall_status: overall_status description: description display_name: display_name requirement_id: requirement_id project_breakdown: expired: 9 pending: 7 failing: 5 not_applicable: 1 passing: 5 total_applicable: 6 partial: 2 exempted: 3 automation_level: unspecified framework_name: framework_name has_manual_evidence_needs_review: true requirement_revision: 0 scope: UNSPECIFIED override_status: override_status name: name framework_display_name: framework_display_name not_applicable: true has_override: true has_pending_override: true - requirement_version_id: requirement_version_id overall_status: overall_status description: description display_name: display_name requirement_id: requirement_id project_breakdown: expired: 9 pending: 7 failing: 5 not_applicable: 1 passing: 5 total_applicable: 6 partial: 2 exempted: 3 automation_level: unspecified framework_name: framework_name has_manual_evidence_needs_review: true requirement_revision: 0 scope: UNSPECIFIED override_status: override_status name: name framework_display_name: framework_display_name not_applicable: true has_override: true has_pending_override: true framework_id: framework_id framework_display_name: framework_display_name metrics: pending_requirements: 5 passing_requirements: 6 compliance_percentage: 2.302136 inactive_requirements: 7 failing_requirements: 1 partial_requirements: 5 total_requirements: 0 properties: frameworks: items: $ref: >- #/components/schemas/GetProductComplianceSummaryResponseFrameworkSummary title: Per-framework summaries type: array type: object v1BadRequestResponse: description: Response for bad request example: code: 0 details: - details - details message: message properties: code: default: 3 description: >- The error code indicating the type of error. It's fixed to 3, which is the code for INVALID_ARGUMENT. format: int32 type: integer message: description: A human-readable message providing more details about the error. type: string details: description: Additional details about the error. items: type: string type: array required: - code - message title: BadRequestResponse type: object v1UnauthorizedResponse: description: Response for unauthorized access example: code: 6 details: - details - details message: message properties: code: default: 16 description: >- The error code indicating the type of error. It's fixed to 16, which is the code for UNAUTHENTICATED. format: int32 type: integer message: description: A human-readable message providing more details about the error. type: string details: description: Additional details about the error. items: type: string type: array required: - code - message title: UnauthorizedResponse type: object v1PermissionDeniedResponse: description: Response for permission denied example: code: 1 details: - details - details message: message properties: code: default: 7 description: >- The error code indicating the type of error. It's fixed to 7, which is the code for PERMISSION_DENIED. format: int32 type: integer message: description: A human-readable message providing more details about the error. type: string details: description: Additional details about the error. items: type: string type: array required: - code - message title: PermissionDeniedResponse type: object v1InternalServerErrorResponse: description: Response for internal server error example: code: 5 details: - details - details message: message properties: code: default: 13 description: >- The error code indicating the type of error. It's fixed to 13, which is the code for INTERNAL_ERROR. format: int32 type: integer message: description: A human-readable message providing more details about the error. type: string details: description: Additional details about the error. items: type: string type: array required: - code - message title: InternalServerErrorResponse type: object rpcStatus: example: code: 5 details: - '@type': '@type' - '@type': '@type' message: message properties: code: format: int32 type: integer message: type: string details: items: $ref: '#/components/schemas/protobufAny' type: array type: object GetProductComplianceSummaryResponseFrameworkSummary: example: framework_name: framework_name requirements: - requirement_version_id: requirement_version_id overall_status: overall_status description: description display_name: display_name requirement_id: requirement_id project_breakdown: expired: 9 pending: 7 failing: 5 not_applicable: 1 passing: 5 total_applicable: 6 partial: 2 exempted: 3 automation_level: unspecified framework_name: framework_name has_manual_evidence_needs_review: true requirement_revision: 0 scope: UNSPECIFIED override_status: override_status name: name framework_display_name: framework_display_name not_applicable: true has_override: true has_pending_override: true - requirement_version_id: requirement_version_id overall_status: overall_status description: description display_name: display_name requirement_id: requirement_id project_breakdown: expired: 9 pending: 7 failing: 5 not_applicable: 1 passing: 5 total_applicable: 6 partial: 2 exempted: 3 automation_level: unspecified framework_name: framework_name has_manual_evidence_needs_review: true requirement_revision: 0 scope: UNSPECIFIED override_status: override_status name: name framework_display_name: framework_display_name not_applicable: true has_override: true has_pending_override: true framework_id: framework_id framework_display_name: framework_display_name metrics: pending_requirements: 5 passing_requirements: 6 compliance_percentage: 2.302136 inactive_requirements: 7 failing_requirements: 1 partial_requirements: 5 total_requirements: 0 properties: framework_id: title: Unique identifier of the framework type: string framework_name: title: Technical name of the framework type: string framework_display_name: title: Human-readable display name of the framework type: string metrics: $ref: >- #/components/schemas/GetProductFrameworkComplianceResponseComplianceMetrics requirements: items: $ref: >- #/components/schemas/GetProductComplianceSummaryResponseRequirementSummary title: Per-requirement summaries type: array type: object protobufAny: additionalProperties: type: object example: '@type': '@type' properties: '@type': type: string type: object GetProductFrameworkComplianceResponseComplianceMetrics: example: pending_requirements: 5 passing_requirements: 6 compliance_percentage: 2.302136 inactive_requirements: 7 failing_requirements: 1 partial_requirements: 5 total_requirements: 0 properties: total_requirements: format: int32 title: Total number of requirements (excluding not-applicable ones) type: integer passing_requirements: format: int32 title: >- Number of requirements with PASSED status across all applicable projects type: integer failing_requirements: format: int32 title: Number of requirements with FAILED status type: integer partial_requirements: format: int32 title: Number of requirements with PARTIAL status type: integer pending_requirements: format: int32 title: Number of requirements with PENDING status type: integer compliance_percentage: format: float title: Pre-calculated compliance percentage (0-100) type: number inactive_requirements: format: int32 title: Number of inactive requirements excluded from compliance calculation type: integer type: object GetProductComplianceSummaryResponseRequirementSummary: example: requirement_version_id: requirement_version_id overall_status: overall_status description: description display_name: display_name requirement_id: requirement_id project_breakdown: expired: 9 pending: 7 failing: 5 not_applicable: 1 passing: 5 total_applicable: 6 partial: 2 exempted: 3 automation_level: unspecified framework_name: framework_name has_manual_evidence_needs_review: true requirement_revision: 0 scope: UNSPECIFIED override_status: override_status name: name framework_display_name: framework_display_name not_applicable: true has_override: true has_pending_override: true properties: requirement_id: title: Unique identifier of the requirement type: string requirement_version_id: title: Unique identifier of the specific requirement version type: string requirement_revision: format: int32 title: Revision number of the requirement type: integer name: title: Technical name of the requirement type: string display_name: title: Human-readable display name of the requirement type: string description: title: Detailed description of what this requirement checks type: string overall_status: title: >- Aggregated status across all applicable projects (uses 'worst case wins' logic) type: string automation_level: $ref: '#/components/schemas/v1RequirementAutomationLevel' scope: $ref: '#/components/schemas/v1RequirementScope' not_applicable: title: If set, the requirement is not applicable to any project type: boolean has_override: title: >- Whether an active override exists for this requirement (product- or project-level) type: boolean has_pending_override: title: Whether any override is in review (override status = "pending") type: boolean has_manual_evidence_needs_review: title: Whether any manual evidence submission is pending review type: boolean override_status: title: Override status ("success" or "fail") when has_override is set type: string project_breakdown: $ref: >- #/components/schemas/GetProductComplianceSummaryResponseProjectStatusBreakdown framework_name: title: Technical name of the framework type: string framework_display_name: title: Human-readable display name of the framework type: string type: object v1RequirementAutomationLevel: default: unspecified enum: - unspecified - automated - partial - manual title: |- RequirementAutomationLevel indicates how a requirement is evaluated buf:lint:ignore ENUM_VALUE_PREFIX buf:lint:ignore ENUM_ZERO_VALUE_SUFFIX buf:lint:ignore ENUM_VALUE_UPPER_SNAKE_CASE type: string v1RequirementScope: default: UNSPECIFIED description: |- - UNSPECIFIED: Default value - requirement is evaluated at project level - PROJECT: Requirement is evaluated at project level (existing behavior) - PRODUCT: Requirement is evaluated at product level only enum: - UNSPECIFIED - PROJECT - PRODUCT title: RequirementScope defines at which level a requirement is evaluated type: string GetProductComplianceSummaryResponseProjectStatusBreakdown: description: Aggregate per-status project counts for a requirement. example: expired: 9 pending: 7 failing: 5 not_applicable: 1 passing: 5 total_applicable: 6 partial: 2 exempted: 3 properties: total_applicable: format: int32 title: Number of projects where the requirement applies type: integer not_applicable: format: int32 title: Number of projects where the requirement is not applicable type: integer passing: format: int32 title: Projects with passing status type: integer failing: format: int32 title: Projects with failing status type: integer partial: format: int32 title: Projects with partial status type: integer pending: format: int32 title: Projects with pending status type: integer expired: format: int32 title: Projects with expired tests type: integer exempted: format: int32 title: Projects covered by an exception type: integer type: object securitySchemes: bearerToken: description: Bearer token for authentication type: http scheme: bearer bearerFormat: JWT ````