DOCS

Integrations

Connect SURADAR with identity providers, SIEM platforms, CI/CD pipelines, and infrastructure tools.

SURADAR integrates with your existing security and developer toolchain. This guide covers identity providers, SIEM streaming, CI/CD, and infrastructure-as-code.

Identity Providers

Federate agent identities with your organization’s IdP so that agent credentials map to your existing trust model.

Okta

Create an OIDC machine-to-machine application in Okta, then add the provider in the SURADAR dashboard under Settings > Identity Providers. Map Okta groups to SURADAR roles for automated agent provisioning.

Microsoft Entra ID

Register an application in the Azure portal, configure the redirect URI from the SURADAR dashboard, and provide the tenant ID and client credentials. Entra groups map to SURADAR agent roles.

Auth0

Create a machine-to-machine application in Auth0 and authorize it for the SURADAR API. Add the Auth0 domain and client credentials in the SURADAR dashboard.

AWS IAM

SURADAR accepts IAM role ARNs as agent identities for agents running on AWS. Configure the IAM trust policy to allow SURADAR’s role assumption, then register the role ARN in the dashboard. This enables agents on EC2, ECS, Lambda, or EKS to authenticate without managing separate credentials.

SPIFFE

For workload-native identity, SURADAR supports SPIFFE IDs. Register your SPIRE trust domain in the dashboard. Agents presenting valid SVIDs are automatically recognized and mapped to their SURADAR registry entry.

SIEM Streaming

Stream audit events from SURADAR to your security monitoring platform in real time.

Splunk

  1. In the SURADAR dashboard, go to Settings > SIEM > Add Destination
  2. Select Splunk and provide your HEC endpoint URL and token
  3. Choose which event types to stream (all, denied actions only, or custom filter)

Datadog

  1. Select Datadog as the destination
  2. Provide your Datadog API key and site region
  3. Events appear under a dedicated suradar.* namespace in Datadog Logs

Microsoft Sentinel

  1. Select Sentinel as the destination
  2. Provide your Log Analytics workspace ID and shared key
  3. SURADAR events are ingested into a custom SURADAR_CL table

CI/CD

GitHub Actions

Use the SURADAR GitHub Action to enforce agent policies during deployment:

- name: SURADAR Policy Check
  uses: glyphzero/suradar-action@v1
  with:
    api-key: ${{ secrets.SURADAR_API_KEY }}
    org-id: ${{ secrets.SURADAR_ORG_ID }}
    policy: production-deploy

The action verifies that the deploying agent is enrolled, authorized, and compliant with all active policies before the deployment proceeds. Failed checks block the pipeline.

Terraform Provider

Manage SURADAR resources as infrastructure-as-code:

terraform {
  required_providers {
    suradar = {
      source  = "glyphzero/suradar"
      version = "~> 1.0"
    }
  }
}

provider "suradar" {
  api_key = var.suradar_api_key
  org_id  = var.suradar_org_id
}

resource "suradar_agent" "order_processor" {
  name        = "order-processor"
  description = "Processes incoming purchase orders"
}

resource "suradar_policy" "rate_limit" {
  name  = "production-rate-limit"
  scope = "org"

  rule {
    type                    = "rate_limit"
    max_requests_per_minute = 1000
  }
}

Next Steps

← Previous API Reference