Understand who can take what action on what data for any enterprise app — even custom apps.
Your critical data is spread across an ever-increasing number of systems: cloud apps, infrastructure, data lakes & warehouses, and even on-prem apps or apps developed in-house. Veza integrates with key enterprise applications such as GitHub, Atlassian, Salesforce, GitLab, Zendesk, and more, to give you a 360-degree view of the actions users can perform on data in your critical applications.
But, it doesn’t stop there. Veza’s Open Authorization API (OAA) enables easy integration of custom applications, for a comprehensive view into authorization-based access across all critical resources (apps, data, services).
How it works
With Veza's Open Authorization API (OAA), you can translate authorization metadata from any app, even your own custom apps, into Veza's universal schema for authorization, and import it our Authorization Platform. From there, you can explore identity-to-data relationships through the Authorization Graph, monitor for misconfigurations and violations, and conduct comprehensive access reviews covering all your sensitive data, no matter where it is.
Visualize authorization relationships
Bring your own app into Veza's authorization platform and enumerate app identities, groups, roles, permissions, and resources to understand how authorization entities are related.
Correlate authorization with any identity
Combine authorization metadata with identity information from your IdP (identity provider) to correlate identities and understand how privileges are obtained across systems.
Effective permissions in a single control plane
Process complex, system-specific permissions into a human-understandable language of “effective permissions”—Create, Read, Update, and Delete—even for custom apps.
Top OAA Integrations
Veza for GitHub, GitLab & Bitbucket
Control access for external collaborators—including service accounts. Find misconfigurations on production branches. Be alerted about new merge permissions on critical repositories, including infrastructure-as-code configurations.
Veza for Zendesk, Jira, and PagerDuty
Customer service apps are oft-neglected storehouses for sensitive customer data. Track what data your customer service reps and technical support staff can see and update. Remove unnecessary admin privileges and orphaned licenses and access from temporary staff.
Veza for Salesforce
Your CRM is a trove of sensitive customer data, including payment info and PII. Connect Salesforce to Veza to discover over-permissioned users. Surface contractors, former employees, or inactive Okta or Azure AD users with lingering licenses and access to customer data. Manage the real permissions of service accounts and other non-human identities to customer data.
Veza for Looker
Even without direct access to your data warehouse, employees can still view sensitive customer data through BI tools like Looker. Connect your Looker instance to Veza to review and certify access to your BI models and connections.
Veza for Coupa
Your Business Spend Management platform holds vital financial intelligence data, as well as the literal purse strings for your organization. Connect Veza to track consumer, collaborator and admin roles in Coupa and get alerted if any users accrue approval privileges outside of department policies.
Veza for your custom & internal apps
Build a complete picture of data authorization across your entire stack by integrating your customer facing SaaS apps, in-house CRM, or any other tool that houses sensitive data.
How customers use OAA
Manage & control access to GitHub, GitLab, Bitbucket, and more
Your source code is some of the most sensitive data your organization holds. Import authorization metadata from GitHub, GitLab, Bitbucket, or any other version control system into Veza to safeguard your production environment and your IP.
Protect your production environment
Enforce authorization best practices like least privilege to your source code. For example, surface local GitHub users with no IdP presence, and be alerted to any new write access to critical repositories, such as your production codebase, or infrastructure-as-code repository.
Safeguard your IP
In a world where companies are differentiated by software, track and audit who can take what action on what code. Use reports, alerts, and critical insights to uncover and mitigate code repository exposure and risks. For example, track access for external collaborators and ensure that critical branches are correctly configured.
Review and certify access
Create fast and comprehensive access workflows to review and certify who has what access to what code in your repositories. Update permissions as duties change to prevent privilege creep.
Protect sensitive customer data in Salesforce, Zendesk, Jira, Looker, and more
Sensitive customer data lives throughout your app ecosystem and a successful access and governance program needs to cover all of it. With OAA, you can integrate your support apps, customer-facing SaaS product, even custom internal systems, to create a single source of truth for authorization to customer data.
Integrate your customer service apps
Know exactly what sensitive data customer & tech support teams have access to, from Helpdesk tools like Zendesk, to tech support tools, like JIRA. Make sure reps and tech support can only access what they need.
Track internal access to your customer-facing applications
If you sell SaaS, your service reps need some level of access into customer use of your app. Know what data reps can see and change from their access into your customer-facing application.
Protect internal applications
Integrate any in-house tool that holds sensitive customer data, such as custom reservation-management systems, CRMs or fulfillment tracking.
Veza's Open Authorization APIs enable customers and technology partners to create new integrations as the needs of your business evolve. Utilize our API to create a complete view into permissions across your key systems - on-prem or cloud, and provide an even more comprehensive answer to “who can and should take what action on what data.” Here are just a few highlights of Veza’s Open Authorization APIs:
Integrate apps, fast
OAA is built on a simple JSON schema and a REST API, so you can integrate on any platform you like. A Python library is available to accelerate the development of OAA integrations.
Simple, thorough docs
Leverage your internal team's expertise to integrate any application using sample code and extensive OAA documentation.
A library with common applications that can be utilized as-is, modified, or used as a reference to integrate other systems.
Do you have custom apps that require complete visibility and control over identity-to-data relationships?
Learn more about our Open Authorization API.