Skip to content

Akeyless Vault

SailPoint Entro integrates natively with Akeyless Vault to provide continuous, read-only visibility into your organization's secrets infrastructure. This integration allows security and DevOps teams to detect misconfigurations, monitor access patterns, and identify potential exposures without retrieving or modifying secret values.


Management → Accounts & Integrations → Add New Account (top right) → Akeyless


Capabilities

  • Continuous discovery of secrets and metadata across Akeyless Vault environments

  • Monitoring of roles and access permissions for overprivileged or misconfigured identities

  • Detection of long-lived or unused secrets and anomalous secret activity

  • Cross-platform visibility through correlation with other SailPoint Entro integrations

  • Read-only, zero-touch data collection ensuring vault integrity


Supported Authentication Methods

  • Universal Identity – recommended for modern deployments

  • API Key – for restricted or legacy Akeyless environments


Security Principles

  • SailPoint Entro connects to Akeyless using read-only API calls only
  • No secret values are ever retrieved or modified
  • All data access is performed through encrypted HTTPS/TLS 1.2+ connections
  • Tokens and keys are encrypted with AES-256 within the SailPoint Entro Worker (Connector)

Architecture Diagram

Entro Security Cloud
   ↕ (HTTPS/TLS 1.2+)
Akeyless Vault (Read-Only API Access)
   ├── Secrets Metadata
   ├── Access Roles
   └── Audit Policies

Data Processed

SailPoint Entro retrieves only metadata such as:

  • Secret identifiers, creation timestamps, and usage metadata

  • Role associations, policy definitions, and permission scope details

No secret content or decrypted data is ever transmitted or stored.


Compliance and Privacy

All Akeyless integrations comply with SailPoint Entro’s internal and external standards:

  • SOC 2 Type II
  • ISO 27001
  • GDPR
  • Read-only, least-privilege access enforced