Drata

Automatically send evidence for key technical SOC 2 controls to the Drata platform. Learn more in <a href="https://docs.jit.io/docs/soc2-by-drata" rel="nofollow noopener noreferrer" target="_blank">SOC2 by Drata</a>.

Note: This is a partner connection that is externally managed. You can use connections from external partners to enable workflows, but they can't access Drata's automated tests since they aren't directly supported by Drata. <a href="https://help.drata.com/en/articles/8463244-partner-connections">Learn more about partner connections</a>

Go to Drata's Settings page &gt; API Keys page.

- Expiration date: Choose a long expiration period to avoid interruptions.
- Enable the following scopes:
 - Personnel: Personnel details – Read
 
 - Controls: Control list – Read
 
 - Workspaces: List workspaces – Read
 
 - Evidence Library:
 - List Evidence – Read
 - Add Evidence – Write
 - Update Evidence – Write
 - Delete Evidence – Write

Copy the Drata API key and save it in a secure location.

1. Go to Drata's Settings page &gt; API Keys page.
2. Select Create API Key.
3. Complete the Create API Key form:
 - Expiration date: Choose a long expiration period to avoid interruptions.
 - Enable the following scopes:
 - Personnel: Personnel details – Read
 
 - Controls: Control list – Read
 
 - Workspaces: List workspaces – Read
 
 - Evidence Library:
 - List Evidence – Read
 - Add Evidence – Write
 - Update Evidence – Write
 - Delete Evidence – Write

4. Copy the Drata API key and save it in a secure location.

Go to Settings &gt; Users &amp; Permissions.

Select API Token &gt; Generate Token.

- Add a meaningful description.
- Assign the developer role.

When you generate the token, Jit provides both a Client ID and a Secret Key.

Copy both values and store them securely.

1. Go to Settings &gt; Users &amp; Permissions.
2. Select API Token &gt; Generate Token.

3. Create a new token:
 - Add a meaningful description.
 - Assign the developer role.
4. When you generate the token, Jit provides both a Client ID and a Secret Key.
5. Copy both values and store them securely.

In Jit, go to Settings &gt; Secrets.

Select Create new secret to add the following secrets:

- <code>DRATA_API_KEY</code>: Paste your Drata API key.
- <code>JIT_CLIENT_ID</code>: Paste your Jit Client ID.
- <code>JIT_CLIENT_SECRET</code>: Paste your Jit Secret Key.

1. In Jit, go to Settings &gt; Secrets.
2. Select Create new secret to add the following secrets:
 - <code>DRATA_API_KEY</code>: Paste your Drata API key.
 - <code>JIT_CLIENT_ID</code>: Paste your Jit Client ID.
 - <code>JIT_CLIENT_SECRET</code>: Paste your Jit Secret Key.

Note: Use these exact secret names (<code>DRATA_API_KEY</code>, <code>JIT_CLIENT_ID</code>, and <code>JIT_CLIENT_SECRET</code>) to ensure the integration functions correctly.

In Jit, go to Integrations and locate the Drata tile.

Select Integrate as-code to open the <code>jit-integration.yml</code> file in your central Jit repository.

For the Drata integration structure, replace the placeholder values with your specific information:

- <code>'Enter the desired Drata Workspace'</code>: 
 - If workspaces are enabled:
 - Go to Drata, then select Settings &gt; Company Info.
 - Scroll down to Workspaces section and copy the name of the workspace you want to send evidence to.
 - If workspaces are not enabled:
 - Go to Drata, then select Settings &gt; Company Info.
 - Copy the Project Name.
- <code>'Enter the email address of the Drata user who created the API key'</code>:
 - Enter the email address of the Drata user who created the API key.

Add the following Drata integration structure to the end of the file.

1. In Jit, go to Integrations and locate the Drata tile.
2. Select Integrate as-code to open the <code>jit-integration.yml</code> file in your central Jit repository.
3. For the Drata integration structure, replace the placeholder values with your specific information:
 - <code>'Enter the desired Drata Workspace'</code>: 
 - If workspaces are enabled:
 - Go to Drata, then select Settings &gt; Company Info.
 - Scroll down to Workspaces section and copy the name of the workspace you want to send evidence to.
 - If workspaces are not enabled:
 - Go to Drata, then select Settings &gt; Company Info.
 - Copy the Project Name.
 - <code>'Enter the email address of the Drata user who created the API key'</code>:
 - Enter the email address of the Drata user who created the API key.
4. Add the following Drata integration structure to the end of the file.

drata: workspace: 'Enter the desired Drata Workspace' user_email: 'Enter the email address of the Drata user who created the API key'

Jit report will be periodically sent to the Drata workspace you selected, according to your <a href="https://docs.jit.io/docs/soc2-by-drata" rel="nofollow noopener noreferrer" target="_blank">SOC2 by Drata plan</a>.

Drata has direct partnerships and discounted pricing for first time customers of Jit. Get 25% off your first year of Jit by visiting <a href="https://www.jit.io/book-a-demo" rel="nofollow noopener noreferrer" target="_blank">https://www.jit.io/book-a-demo</a>.

Check out <a href="https://drata.com/partner/find/tech-directory?collections=partner-discountoffers,partner-offers-discounts-pod" rel="nofollow noopener noreferrer" target="_blank">more partner offers and discounts</a>.

Integration steps

Step 1: Create an API token in Drata

Step 2: Create the required token in Jit

Step 3: Configure the integration in Jit

Partner Offers & Discounts