Manage integrations

Admin guide

Integrations are the upstream services your apps reach through the data broker. As an IT admin you control which services exist, which credentials they use, and which apps may call them. This page walks the day-to-day workflow.

The conceptual model and the three integration kinds are in Integrations and Data brokering.

Register an integration

1. Open the Integrations page. Click New integration.
2. Pick the kind. Service account, user-passthrough, or cache & realtime. The form changes shape based on the kind.
3. Name the integration. This name becomes the first path segment apps use against the proxy URL. It’s lowercase, alphanumeric with dashes — e.g. slack-internal, snowflake-prod, hubspot-marketing.
4. Configure auth. For service-account integrations, paste a token, complete an OAuth install, or supply client credentials. For user-passthrough, supply the token-exchange endpoint and audience. For cache & realtime, the platform provisions automatically.
5. Save. The credential lands in Key Vault. The integration appears as available-but-ungranted.

Grant to apps

Registering an integration does not give any app access to it. Granting happens per-app, per-integration.

1. Open the app’s detail page. The Integrations tab lists granted integrations and integrations the app has requested.
2. Approve or grant. If the agent requested an integration during its build, it appears as a pending request. Approve to grant. You can also grant proactively from the same screen.
3. Set the scope. Some integrations support per-app scope limits — for example, granting Slack to only allow posting to #alerts. Scope limits are configured here.
4. Save. The grant is audited and effective immediately. The app’s next call to the integration succeeds.

Rotate credentials

Rotation is a single dashboard action. Greenlight stores the new version in Key Vault and switches the broker over on the next call. The old version is kept for the org’s configured grace window and then purged.

If the upstream system’s rotation is automatic (rotating client-credentials tokens, for example), Greenlight follows the upstream’s lifecycle without manual intervention. The dashboard shows last-rotated and next-expected-rotation for every credential.

Revoke

Revoking an integration is the inverse of granting. From the integration detail page, click Revoke, choose whether to revoke globally or per-app, and confirm. The change is audited. Apps that had it granted see their next call return a structured error; agents handle this by surfacing the failure to the user.

There is no soft-delete with a wait period. Revoke is immediate.

Review agent integration requests

Agents discover that an app needs an integration during their build and call greenlight.requestPermissions. The request appears in the dashboard with the agent’s rationale, the bound user, the app context, and a one-click approve/deny.

This is the primary path agents take when they realize they need access to something. Approve, deny, or approve-with-scope-limits in the same interaction.

Tip

Every integration grant, revoke, rotation, and scope change writes an audit event. The audit log is the source of truth for “when did app X get access to integration Y”, which is the question every compliance review eventually asks.

Next

Integrations overview The three kinds and the decision criteria.

Data brokering The proxy and audit layer behind every call.

Build your own integration The flow for registering a custom HTTP upstream.