Prerequisites & Data Access
Cornerstone administrator access
Cornerstone API enabled
Cornerstone Client ID and Client Secret
Step-by-Step Setup
Step 1: Generate Client ID and Secret key
Sign in to your Cornerstone portal using an account with Admin privileges.
Navigate to Admin > Tools > Edge > API Management.
On the Manage Applications tab, select Register New Application.
Enter an Application Name (e.g. Drata Integration).
Enter the User ID of an active user in your Cornerstone portal.
In the Scopes section, select the required API scopes.
obj_users_core:readvw_rpt_training:readtraining:readtranscript:readobj_user_status_core:readobj_subject_core:readvw_rpt_lo_competencies_local:read
Click Register Application.
The page may refresh and display your client ID and client secret. Copy both values to a safe place.
Step 2: Configure User Permissions
Navigate to Admin > Tools > Core Functions > Users. Search for the user that is associated with the newly created application from the previous step.
Select the Options > Permissions.
For each of the permissions listed below, verify that the Constraint is set to one of the following:
There are no constraints available for this permission. (the permission cannot be further restricted), or
Restrict to User's Corporation (access is limited to the user’s organization)
Confirm these permissions are configured correctly:
Reporting API — Read only
Transcript API — Request
Employee API — View
Save your changes before proceeding.
Step 3: Connect Cornerstone to Drata
In Drata, go to Connections and search for Cornerstone.
On the connection screen, enter Cornerstone’s :
• Client ID
• Client Secret
• User IDConnect and complete the connection.
