How integrations work
Integrations are the connection point from Indent to other systems. You can set up multiple configurations of a single integration, for example to manage groups across different Okta tenants.
Indent relies on integrations that implement Provider interfaces to interact with remote systems. For example, check out how to set up an Okta integration: Okta + Indent.
There are currently two types of integrations:
Types of integration
Native integrations
Native integrations are run inside of the Indent Platform, like Messaging, that the Indent Engineering Team is responsible for. This allows Indent to handle approval-gathering easily even when orchestrating sensitive changes. Over time, more integrations will have the option of running natively; for all sensitive operations, customers will always have the option to self-host.
Recommended
Webhook integrations
Webhook integrations are run inside of customer environments, in order to protect sensitive API credentials or securely access internal systems. Webhooks are particularly useful for granting/revoking access through an identity provider, pulling resources to manage from an internal database or sending Indent activity data to a SIEM.
Learn how to create a webhook →
Recommended
Integration categories
There are four primary categories of integrations:
- Messaging — communicate with people where they are
- Identity — use the systems of record for identity management
- Service Desk — maintain existing compliance expectations
- Cloud — provision access securely across the IT stack
Messaging
Messaging integrations power the main communication elements of Indent, whether it's a user being kept in the loop or a reviewer getting auto-reminders.
The core function is to send a message to a recipient through a notification channel.
Some messaging integrations are more advanced, like Slack, where end-users can request from the app or reviewers can save time with interactive review messages. Certain integrations won't be able to support this advanced interactivity like Email, so notifications are designed with the most limited functionality in mind.
Identity
Identity systems have become the central record of who has access to what in a company.
This might be a collaboration suite like G Workspace or Microsoft 365, an HR system like BambooHR or Workday, and often a unified provider like Okta.
They can come with essential security features like single sign-on, two-factor authentication, lifecycle management or access gateways to secure the everyday chore of logging into apps. Indent connects relational context from HR identity sytems with historical data from IAM systems to simplify reviewing identity-based and group-based permissions.
Service Desk
Most users are already used to going to the IT service desk to get the access they need. Whether it's #help-it
or emailing [email protected]
, it can be still hard to figure out how to properly submit a well-formatted request.
Indent can generate tickets for IT service providers like Jira or ServiceNow that already have reviewer approval and follow compliance requirements; cutting down the time service desk agents need to spend cat-herding reviewers.
Cloud
Cloud providers are the access hub in most IT environments. Engineers require urgent infrastructure access for an active incident, support teams need to access customer for a ticket, and security reviews who has access to what across the stack.
When customers set up Indent, they can connect any cloud provider's resources through standard APIs for managing access. Optionally, admins can deploy some integrations as webhooks in their own cloud infrastructure, which allows customers to keep certain sensitive credentials or tokens behind their firewall.
Security model
Deployment modes
When installing the webhook-based integrations, there are three options for deployment:
- Fully Managed (Recommended) — Operated by Indent like traditional SaaS.
- Semi-Managed — Operated by Indent, but allows customers to keep integrations and credentials on their own infrastructure.
- Customer Managed — Indent will provide updates and support, but customers can manage and build their own integrations.
For the fully and semi-managed options, Indent will provide a GitHub repository for storing the necessary cloud and provider credentials to perform integration functionality.