> For the complete documentation index, see [llms.txt](https://docs.sprinto.com/llms.txt). Markdown versions of documentation pages are available by appending `.md` to page URLs; this page is available as [Markdown](https://docs.sprinto.com/integrations/overview/wiz-cspm-integration-cspm-ingestion.md). # Wiz CSPM Integration (CSPM Ingestion) The Wiz CSPM integration enables Sprinto to ingest cloud security posture data directly from Wiz using OAuth 2.0 client credentials. Once connected, Sprinto can: * Pull vulnerabilities and security findings from Wiz. * Create and retrieve reports using the Wiz GraphQL API. * Sync issues into Sprinto for compliance tracking. * Trigger programmable monitors for high-severity findings. This integration uses the Wiz GraphQL API and requires a service account with appropriate scopes. *** ### Available Automation Capabilities After configuration, Sprinto can: * Fetch security issues and findings. * Retrieve vulnerability data. * Create and access reports via Wiz GraphQL API. * Continuously ingest CSPM data for monitoring. *** ### Before You Begin Ensure the following prerequisites are met: * You are logged in to the Sprinto Admin Portal. * You have administrator access to your Wiz tenant. * You can create Service Accounts in Wiz. * You have access to Sprinto’s Integrations or Credentials Manager section. *** ### Step 1: Generate Wiz OAuth Client Credentials To connect Wiz with Sprinto, you must first create a Service Account in Wiz. #### Create a Service Account in Wiz 1. Log in to your Wiz portal. 2. Navigate to: * **Settings > Access Management > Service Accounts**\ (Alternatively: **User Settings > Integrations**, depending on your Wiz setup.) 3. Click **Add Service Account**. 4. Provide a name (for example: *Sprinto CSPM Integration*). 5. Assign the required scopes. #### Required Scopes At a minimum, include: * `read:issues` * `read:vulnerabilities` * `read:reports` * `create:reports` These permissions allow Sprinto to: * Fetch issues and vulnerability data. * Generate and retrieve reports via the GraphQL API. 6. Click **Add Service Account**. Immediately copy and securely store: * **Client ID** * **Client Secret** (shown only once) #### Note the Wiz API Endpoint Also note your Wiz API endpoint URL. For example:\ `https://api.us.app.wiz.io/graphql` Your endpoint may differ based on region. You can confirm this under **Tenant Info** or **User Settings** in Wiz. *** ### Step 2: Add Credentials in Sprinto After generating the credentials in Wiz: 1. Log in to Sprinto. 2. Navigate to the **Wiz CSPM integration** section (or Credentials Manager). 3. Select **OAuth2 Client Credentials** as the credential type. 4. Enter: * **Client ID** * **Client Secret** 5. If prompted, enter the **API Endpoint URL**\ (This is often pre-filled with the default regional endpoint.) 6. Save the credential. The credential status should display as **Active**. *** ### Step 3: Use the Wiz CSPM Ingestion Template Once credentials are active: 1. Navigate to **Automation / Ingestion Plans / Templates** in Sprinto. 2. Select or create the **Wiz CSPM** ingestion plan. 3. Attach the OAuth credential created earlier. The ingestion template will: * Create reports via the Wiz GraphQL API. * Pull security findings into Sprinto. * Sync vulnerabilities and issues. 4. Run or test the ingestion plan to verify successful data ingestion. *** ### Post-Connection Flow After data ingestion begins: * Security findings from Wiz will start appearing in Sprinto. * You can configure **Programmable Monitors** to: * Alert on high-severity issues. * Track compliance violations. * Monitor specific risk categories. This enables continuous cloud security monitoring directly within Sprinto. *** ### Required Permissions To successfully connect Wiz CSPM with Sprinto: #### Minimum Role Requirement * A user capable of creating Service Accounts in Wiz. #### Required Scopes * `read:issues` * `read:vulnerabilities` * `read:reports` * `create:reports` Ensure the Service Account is configured with these scopes before generating credentials. *** ### Troubleshooting #### Credential shows as inactive in Sprinto * Verify that the Client ID and Client Secret were copied correctly. * Confirm that the secret was not regenerated after initial creation. * Ensure the correct regional API endpoint is used. #### No findings appear after ingestion * Confirm the ingestion plan is attached to an active credential. * Verify the Service Account has all required scopes. * Run a manual test of the ingestion plan. #### API authentication errors * Confirm that the endpoint matches your Wiz region. * Regenerate the Client Secret if needed and reattach it in Sprinto. --- # Agent Instructions This documentation is published with GitBook. GitBook is the documentation platform designed so that both humans and AI agents can read, navigate, and reason over technical content effectively. Learn more at gitbook.com. ## Querying This Documentation If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question. Perform an HTTP GET request on the current page URL with the `ask` query parameter: ``` GET https://docs.sprinto.com/integrations/overview/wiz-cspm-integration-cspm-ingestion.md?ask= ``` The question should be specific, self-contained, and written in natural language. The response will contain a direct answer to the question and relevant excerpts and sources from the documentation. Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.