Concert should be able to integrate with Cybersaint with concert workflows pulling data from CyberSaint and pushing it into Concert

Have attached the API spec file. All public API calls require the following headers. API key and secret can be generated by admins within CyberStrong. 

Also FYI: The team is developing new asset-group apis which are required to pull the data concert will need. I will keep you all updated on the progress and send over the updated OpenAPI definition when we have it. 

usefulness : The following stakeholders would benefit from integrating Concert with CyberSaint:

• Security and Risk Management Teams: By pulling data from CyberSaint and pushing it into Concert, security teams can leverage Concert's capabilities to analyze and visualize risk data, making it easier to identify and prioritize potential security threats.
• Compliance and Governance Teams: This integration enables compliance teams to access and manage risk data from CyberSaint within Concert, streamlining their compliance and governance processes.
• IT and Operations Teams: IT and operations teams can utilize Concert's analytics and visualization capabilities to gain insights from CyberSaint data, improving their ability to detect and respond to security incidents.

How should it work:

1. API Interaction: Concert must expose two APIs (one for assessment data and one for risk data), and Pliant must be able to pull data from CyberSaint and push it to Concert.
2. API Authentication: A per-customer API key authentication model must be implemented, with a decision made on whether customers will manually generate API keys or if there will be an automated provisioning process.
3. OSCAL Conversion: A decision must be made on who will handle OSCAL conversion (CyberSaint or Pliant), and any necessary transformations from JSON to OSCAL must be implemented.
4. Data Pull Frequency: The frequency and scheduling of data pulls from CyberSaint must be determined and implemented.