Connecting Vanta & Addigy

  • Updated

Addigy exposes two REST APIs with different authentication methods, and Vanta requires read access to both to make requests to Addigy.

Pre-requisites

This document assumes that you already have an Addigy Dashboard set up and that your user has View Integrations API and Create Integrations API keys permissions assigned for your role (you can check this on the Users page).

 

Create V1 API Client Credentials

Vanta requires read access to the Get Installed Applications V1 API endpoint to get a list of applications for each device managed by Addigy, so we need to generate a V1 API Key to make requests to that endpoint.

  • To create a new API Key for the V1 API, go to the Integrations page and click the New API Token button under the Addigy API, V1 tab at the bottom of the page

 

  • You’ll be prompted to name the new API Key and then click the Save button to generate it

  • Once saved, Addigy will generate a Client ID and a Client Secret for the V1 API, which are required inputs for Vanta’s integration with Addigy

Create V2 API Token

  • Vanta also requires read access to the Post Devices V2 API endpoint to fetch the list of devices managed by Addigy, so we need to generate a V2 API Key to make requests to that endpoint.
  • Since the V2 API is still an Addigy beta feature, you must enable it in the Account Settings page by toggling the API v2 option in the Enable Beta Features section.

  • Once it’s enabled, go back to the Integrations page and click the New API Token button under the Addigy API > V2 tab at the bottom of the page to create a new API Token for the V2 API.

 

  • You’ll be prompted to name the new API Key and assign a set of permissions to it. Pick the View Devices option only and then click the Save button to generate the API Key.

  • Once saved, Addigy will generate an API Token for the V2 API, which is a required input for Vanta’s integration with Addigy.

 

  • With both API V1 Client Credentials and API V2 Token, you will be able to integrate Vanta & Addigy 

Set up Devices Filter

  • Addigy allows customers to group devices by Policies, and Vanta allows you to pick these through the following Devices Filter modal.

  • It’s displayed after linking your credentials or clicking the Manage and then Edit Policies button in your integration connection. There are two filter configurations:
    • All: Vanta will retrieve every device from your Addigy account
    • Policies: Vanta will retrieve the devices that are attached to the policies you selected in the modal
  • Once you set up the device's filter, Vanta can fetch the correct set of devices for the integration.