## Introduction

Snyk is a Software as a Service application and cloud security platform. This guide walks you through the steps to gather the necessary information and configure a Snyk organization for the purpose of creating an integration with Synqly's Application Security connector.

## Prerequisites

Due to restrictions on access to the Snyk REST API, **a Snyk Enterprise plan is required to use Snyk as an Application Security provider**.

Before you begin, ensure that you have:

- A Snyk tenant with on the Snyk Enterprise plan
- Access to your Snyk organization with a user account that has either the Org Admin, Group Admin, or Group Member role


## Required Permissions

| Operation | Required Snyk Permissions |
|  --- | --- |
| Query Applications | `org.project.read` |
| Query Application Findings | `org.read`  `org.project.read`  `org.project.snapshot.read` |
| Query findings across all applications | `org.read`  `org.project.read`  `org.project.snapshot.read` |
| Get Application Finding Details | `org.read`  `org.project.read`  `org.project.snapshot.read` |


## Generating Credentials

**Using a Service Account is recommended**

See the [Snyk Authentication for API docs page](https://docs.snyk.io/snyk-api/authentication-for-api) for more details.

Service Account
1. Log into Snyk with a user account that has either the Org Admin, Group Admin, or Group Member role.
2. Select the organization you want to use with the Synqly integration and select **Settings**.
3. Scroll to the section titled **Organization ID**, take note of this value and store this value in a safe location
4. Select **Serice Accounts**
5. Fill in the field titled *Name* and select a role that encompasses all of the required permissions. These permissions can be found in the section above titled [Required Permissions](#required-permissions)
6. Under *Service account type* select Oauth 2.0 Client credentials.
  - Using an OAuth Service Account is recommended but a API key Service Account may be used if required
7. Select **Create service account**
8. Take note of either the Client ID and Client Secret values or the API Key value and store them in a safe location
9. You have now created a new Snyk Organization Service Account. Proceed to the next section titled [Configuring the Integration](#configuring-the-integration)


For more information on Snyk Service Accounts, see the [Snyk Service accounts docs page](https://docs.snyk.io/implementation-and-setup/enterprise-setup/service-accounts)

Personal API Token
1. Log into Snyk with your user account
2. At the bottom of the sidebar, select your user account
3. Select **Account settings**
4. Under the section titled *API Token* click to show your key and store the value shown in a safe location
5. You have now gathered your personal API token, proceed to the next section titled [Configuring the Integration](#configuring-the-integration)


For more information on Snyk personal API tokens see the [Snyk Authentication for API docs page](https://docs.snyk.io/snyk-api/authentication-for-api#how-to-obtain-your-personal-token)

## Configuring the Integration

Service Account
| Integration Parameter | Description |
|  --- | --- |
| Data Region | This is the data region in which your Snyk organization is hosted in. This value can be found in the Snyk URL and on the Snyk login page. For more information, see the [Snyk documentation](https://docs.snyk.io/snyk-data-and-governance/regional-hosting-and-data-residency#regional-urls). |
| Organization ID | This is ID of the Snyk organization to use. This value can be found in the Snyk Organizations Settings page. |
| Client ID | This is the Client ID value generated from executing the steps above. |
| Client Secret | This is the Client Secret value generated from executing the steps above. |


Personal API Token
| Integration Parameter | Description |
|  --- | --- |
| Data Region | This is the data region in which your Snyk organization is hosted in. This value can be found in the Snyk URL and on the Snyk login page. For more information, see the [Snyk documentation](https://docs.snyk.io/snyk-data-and-governance/regional-hosting-and-data-residency#regional-urls). |
| Organization ID | This is ID of the Snyk organization to use. This value can be found in the Snyk Organizations Settings page. |
| Secret | This is the API Key / API Token value generated from executing the steps above. |