Veza for any app with Open Authorization API

Understand who can take what action on what data for any enterprise app — even custom apps.

Your critical data is spread across an ever-increasing number of systems: cloud apps, infrastructure, data lakes & warehouses, and even on-prem apps or apps developed in-house. Veza integrates with key enterprise applications such as GitHub, Atlassian, Salesforce, GitLab, Zendesk, and more, to give you a 360-degree view of the actions users can perform on data in your critical applications.


But, it doesn’t stop there. Veza’s Open Authorization API (OAA) enables easy integration of custom applications, for a comprehensive view into authorization-based access across all critical resources (apps, data, services).

How it works

With Veza's Open Authorization API (OAA), you can translate authorization metadata from any app, even your own custom apps, into Veza's universal schema for authorization, and import it our Authorization Platform. From there, you can explore identity-to-data relationships through the Authorization Graph, monitor for misconfigurations and violations, and conduct comprehensive access reviews covering all your sensitive data, no matter where it is.

Secure Authorization for Any App - Authorization metadata diagram

Visualize authorization relationships

Bring your own app into Veza's authorization platform and enumerate app identities, groups, roles, permissions, and resources to understand how authorization entities are related.

Correlate authorization with any identity

Combine authorization metadata with identity information from your IdP (identity provider) to correlate identities and understand how privileges are obtained across systems.

Effective permissions in a single control plane

Process complex, system-specific permissions into a human-understandable language of “effective permissions”—Create, Read, Update, and Delete—even for custom apps.

Top OAA Integrations

Veza for GitHub, GitLab & Bitbucket

Control access for external collaborators—including service accounts. Find misconfigurations on production branches. Be alerted about new merge permissions on critical repositories, including infrastructure-as-code configurations.

Veza for Zendesk, Jira, and PagerDuty

Customer service apps are oft-neglected storehouses for sensitive customer data. Track what data your customer service reps and technical support staff can see and update. Remove unnecessary admin privileges and orphaned licenses and access from temporary staff.

Veza for Salesforce

Your CRM is a trove of sensitive customer data, including payment info and PII. Connect Salesforce to Veza to discover over-permissioned users. Surface contractors, former employees, or inactive Okta or Azure AD users with lingering licenses and access to customer data. Manage the real permissions of service accounts and other non-human identities to customer data.

Veza for Looker

Even without direct access to your data warehouse, employees can still view sensitive customer data through BI tools like Looker. Connect your Looker instance to Veza to review and certify access to your BI models and connections.

Veza for Coupa

Your Business Spend Management platform holds vital financial intelligence data, as well as the literal purse strings for your organization. Connect Veza to track consumer, collaborator and admin roles in Coupa and get alerted if any users accrue approval privileges outside of department policies.

Veza for your custom & internal apps

Build a complete picture of data authorization across your entire stack by integrating your customer facing SaaS apps, in-house CRM, or any other tool that houses sensitive data.

Dave Farrow, VP, Information Security, Barracuda Networks
I specifically chose Veza because of OAA - the API empowering me to introduce an application of my own into the system. They've given me a self-service option to support the data systems I need. I haven’t found anybody else in the market that’s doing this.
Dave Farrow | VP, Information Security, Barracuda Networks
View the case study

How customers use OAA

Manage & control access to GitHub, GitLab, Bitbucket, and more

Your source code is some of the most sensitive data your organization holds. Import authorization metadata from GitHub, GitLab, Bitbucket, or any other version control system into Veza to safeguard your production environment and your IP.

Secure Authorization for Any App - Okta users to GitHub Repositories screen

Protect your production environment

Enforce authorization best practices like least privilege to your source code. For example, surface local GitHub users with no IdP presence, and be alerted to any new write access to critical repositories, such as your production codebase, or infrastructure-as-code repository.

Safeguard your IP

In a world where companies are differentiated by software, track and audit who can take what action on what code. Use reports, alerts, and critical insights to uncover and mitigate code repository exposure and risks. For example, track access for external collaborators and ensure that critical branches are correctly configured.

Review and certify access

Create fast and comprehensive access workflows to review and certify who has what access to what code in your repositories. Update permissions as duties change to prevent privilege creep.

Protect sensitive customer data in Salesforce, Zendesk, Jira, Looker, and more

Sensitive customer data lives throughout your app ecosystem and a successful access and governance program needs to cover all of it. With OAA, you can integrate your support apps, customer-facing SaaS product, even custom internal systems, to create a single source of truth for authorization to customer data.

Integrate your customer service apps

Know exactly what sensitive data customer & tech support teams have access to, from Helpdesk tools like Zendesk, to tech support tools, like JIRA. Make sure reps and tech support can only access what they need.

Track internal access to your customer-facing applications

If you sell SaaS, your service reps need some level of access into customer use of your app. Know what data reps can see and change from their access into your customer-facing application.

Protect internal applications

Integrate any in-house tool that holds sensitive customer data, such as custom reservation-management systems, CRMs or fulfillment tracking.

Connector Community

Veza's Open Authorization APIs enable customers and technology partners to create new integrations as the needs of your business evolve. Utilize our API to create a complete view into permissions across your key systems - on-prem or cloud, and provide an even more comprehensive answer to “who can and should take what action on what data.” Here are just a few highlights of Veza’s Open Authorization APIs:


GitHub page - Veza OAA Community

Integrate apps, fast

OAA is built on a simple JSON schema and a REST API, so you can integrate on any platform you like. A Python library is available to accelerate the development of OAA integrations.

Simple, thorough docs

Leverage your internal team's expertise to integrate any application using sample code and extensive OAA documentation.

Community library

A library with common applications that can be utilized as-is, modified, or used as a reference to integrate other systems.

Do you have custom apps that require complete visibility and control over identity-to-data relationships?

Learn more about our Open Authorization API.