Edit

Share via

Saviynt

  • Article

Important

Some information in this article relates to a prereleased product which may be substantially modified before it's commercially released. Microsoft makes no warranties, express or implied, with respect to the information provided here.

Saviynt offers comprehensive insights into identity-related risks. You can use the Saviynt plugin with Microsoft Security Copilot to effectively enrich incidents and identify risky user access.

Some of the capabilities it provides include:

  • Obtaining user profile details.
  • Retrieving vendor or third-party organization details.
  • Accessing comprehensive user access details across applications.
  • Identifying dependencies of the access they possess.
  • Checking if the identity holds privileged roles.

Note

This article contains information about third-party plugins. This is provided to help complete integration scenarios. However, Microsoft does not provide troubleshooting support for third-party plugins. Contact the third-party vendor for support.

Prerequisites

Saviynt Identity Cloud API Access: Refer to Saviynt API Reference for details.

Know before you begin

Integration with Security Copilot requires a bearer token for API access authorization. You'll need to take the following steps before using the plugin.

  1. Follow the steps below to obtain the authorization token:

    1. Login to the Saviynt Tenant using your service account credentials.
    2. Navigate to Admin > Settings > Webservice Auth Configuration.
    3. Select Generate Token.
    4. Copy the value for the access_token field in a safe place.

    Note

    Alternatively, you can use Postman to generate the authorization token using the {{url}}/ECM/api/login API. Refer to Saviynt's API documentation for more details.

  2. Sign in to Microsoft Security Copilot.

  3. Access Manage Plugins by selecting the Sources button from the prompt bar.

  4. Next to Saviynt, select Set up.

  5. In the Saviynt settings pane:

    • In the InstanceURL field, enter the Saviynt tenant URL (for example, "https://saviynttenant.saviyntcloud.com")
    • In the Value field, paste your access_token, and then select Save.

Sample Saviynt prompts

After the Saviynt plugin is configured, you can use the following capabilities with Security Copilot.

Capability Example prompts
Users Get user details for <First Name> <Last Name> using the search criteria FirstName and LastName

Get user details for <username>

Get risk associated with user <username>
Organizations Get the organization details for <organization name>

Get a list of organizations that have not been certified for the last six months
Dependent Entitlements Get dependent entitlements for "<entitlement name>" for <application>
Access Details Get the access details for user <username>
Saviynt Role details List the users who have access to Sav Role <Sav Role Name>

Provide feedback

To provide feedback, contact Saviynt.

See also

Non-Microsoft plugins for Microsoft Security Copilot

Manage plugins in Microsoft Security Copilot