Overview

Torii integrates with your OneTrust account and syncs the users' names, emails, statuses, licenses statuses, and roles.

Prerequisites 

OneTrust account admin user is required 

Scopes

Torii's OneTrust integration requires the Organization and SCIM scopes to function correctly. When enabling these general scopes, the following specific scopes are enabled:

• Organization:
  • PUT /external/organizations/{externalId}
  • POST /external/organizations
  • GET /external/organizations
  • DELETE /external/organizations/{externalId}
• SCIM:
  • PUT /Users/{id}
  • PUT /Groups/{groupId}
  • POST /Users
  • PATCH /Users/{id}
  • PATCH /Groups/{groupId}
  • GET /Users/{id}
  • GET /Users
  • GET /ServiceProviderConfig
  • GET /Schemas/{schemaName}
  • GET /ResourceTypes/{resourceName}
  • GET /ResourceTypes
  • GET /Groups/{groupId}
  • GET /Groups
  • DELETE /Users/{id}

Additionally, go get usage data, we will also require access to the User general scopes, which enables the following specific scopes:

• User:
  • PUT /user-groups/{userGroupId}
  • POST /user-groups/{userGroupId}/members
  • POST /user-groups
  • GET /user-groups/{userGroupId}/members
  • GET /user-groups
  • GET /login-history
  • GET /api/audit/v1/users/{userId}/activities
  • DELETE /usergroups/{userGroupId}/members
  • DELETE /user-group/{userGroupId}

Connecting the integration

Step 1 - Generate an API key

1. Log in the the OneTrust application
2. Go to Global Settings -> Access Management -> Client Credentials -> API Keys
3. Generate an API key
4. The API Key you generated will act as the access token to allow Torii access to your OneTrust account's data.
5. You can find additional data on creating API keys here

Step 2 - Enable the required scopes

1. Torii's OneTrust integration requires you enable the Organization and SCIM scopes to function correctly.
2. In addition, to get usage data from OneTrust, you will need to enable the User scope as well.
3. You can find additional data on these scopes here and here
   

Step 3 - Connect the OneTrust Integration

1. Go to the Integrations page and click the OneTrust tile
2. Click Connect
3. Enter your OneTrust Domain: like https://[DOMAIN].onetrust.com OR https://[DOMAIN].my.onetrust.com
4. Enter the API Key
5. Click Connect
   
   
6. Once the integration is connected and synced, it will display a green checkbox.
   

Application Capabilities

You can constantly be updated with application information from our Integrations Page >> Integration Capabilities button  >> Integration Capabilities table.