# Lattice

SureCloud connects to Lattice to retrieve employee training completion records, review cycle status, and user data. This allows SureCloud to verify that security awareness and compliance training assigned through Lattice has been completed by employees within required timeframes, and to collect performance and review cycle evidence for people operations controls.

## Authentication and setup

Lattice authenticates API requests using an API token. SureCloud uses a read-only API token generated within your Lattice account.

{% stepper %}
{% step %}
**Generate an API token in Lattice**

Log in to your Lattice instance with an Administrator account. Navigate to **Settings → Integrations → API** and click **Generate Token**. Give it a name such as `SureCloud CCM`. Copy the token — it may only be displayed once.
{% endstep %}

{% step %}
**Enter the token in SureCloud**

Navigate to **SureCloud → Integrations → Lattice → Connect**. Paste the API token and click **Save**.
{% endstep %}

{% step %}
**Test the connection**

Click **Test Connection**. SureCloud will call the Lattice API to verify the token is valid and data is accessible. A green status confirms the connection is live.
{% endstep %}
{% endstepper %}

{% hint style="warning" %}
Store the API token securely. SureCloud encrypts it at rest, but treat it as a sensitive credential. Rotate it every 90 days in **Lattice → Settings → Integrations → API** and update it in **SureCloud → Integrations → Lattice → Edit Connection**.
{% endhint %}

## Endpoints

Lattice exposes its data via a GraphQL API at `https://api.latticehq.com/graphql`. SureCloud uses the following queries:

| API Call                               | Use Case                                                     |
| -------------------------------------- | ------------------------------------------------------------ |
| `POST /graphql` — `users` query        | Enumerate all employees and their profile status             |
| `POST /graphql` — `reviewCycles` query | Retrieve review cycle definitions and their current status   |
| `POST /graphql` — `reviews` query      | Retrieve individual review completion status per employee    |
| `POST /graphql` — `goals` query        | Retrieve goal status and completion for performance evidence |

## Pagination

Lattice GraphQL queries use cursor-based pagination. SureCloud uses the `pageInfo.endCursor` value from each response as the `after` argument in the next query, continuing until `pageInfo.hasNextPage` is `false`.

```json
POST /graphql
{
  "query": "query users($after: String) { users(first: 100, after: $after) { edges { node { id name } } pageInfo { hasNextPage endCursor } } }",
  "variables": { "after": "<value_from_previous_response>" }
}
```

## Required permissions

The Lattice API token requires read access to employee profiles, review cycles, and goals. Standard API tokens generated by an Administrator account have the necessary read permissions. No write or admin-level permissions are required.

## Polling frequency

| Data Type                           | Interval       |
| ----------------------------------- | -------------- |
| Employee records and status         | Every 24 hours |
| Review cycle status and completions | Every 24 hours |
| Goal status                         | Every 24 hours |

## Troubleshooting

<details>

<summary>Connection test returns 401 Unauthorized</summary>

The API token is invalid or has been revoked. Navigate to **Lattice → Settings → Integrations → API**, regenerate the token, and update it in **SureCloud → Integrations → Lattice → Edit Connection**.

</details>

<details>

<summary>Review cycle data is missing or incomplete</summary>

Review cycles must be active or recently closed for their data to appear via the API. Archived or very old review cycles may not be returned. If a specific cycle is missing, confirm it is visible in the Lattice admin console and that it falls within the supported data retention window of your Lattice tier.

</details>

<details>

<summary>Employee count does not match Lattice's user directory</summary>

Deactivated or offboarded users may be excluded from some query results depending on the filter applied. SureCloud requests all user statuses. If specific users are missing, confirm their status in **Lattice → People** and check whether they have been fully archived rather than just deactivated.

</details>


---

# Agent Instructions: Querying This Documentation

If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.

Perform an HTTP GET request on the current page URL with the `ask` query parameter:

```
GET https://surecloud.gitbook.io/surecloud-docs/integrations/ccm-and-evidence-collection-integrations/lattice.md?ask=<question>
```

The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.

Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.