Supported Data Models

  • Vulnerability Findings

    • type: code
    • type: host
    • type: container
  • Resources

    • type: branch
    • type: container
    • type: host
    • type: image

Required Parameters

These parameters are mandatory for the connector to authenticate and function properly.

VariableDescription
ORCA_API_TOKENYour Orca API token (created as described in the steps below)
ORCA_REGIONRegion for the Orca Security Account

Onboarding Orca

Follow the steps below to onboard your environment to our Orca integration.

1

Access Orca API Token Creation Screen

  1. Go to Settings > Users & Permissions > API. The list of all API tokens created in Orca appears.
  2. Click Add API Token.
  3. On the General Configuration screen, copy the Organization UUID and save it.

2

Define the API token settings

  1. Fill in the Name. Enter a unique name for the API token.
  2. Description: Describe the API token.
  3. Never Expire: Mark this checkbox to create a token that is valid forever.
  4. Service Token: Mark this checkbox to indicate that the created token is a service token.

Service tokens are not linked to a specific user. The token is scoped according to the user who created it but can still be used if the user is removed from the organization.

  1. Role: Select the role that best defines the permissions required by the token.

  2. Scope: Make sure that the token has access to the required alerts and appsec projects.

  3. Click OK to create the API token.

3

Save the API token

  1. Click Add. The Integration API Token window appears.
  2. Copy the token, and then click Continue.
  3. Save the API token for future use.

You can’t access the token again after closing the window.

  1. The new API token appears in the list of tokens.