Subscribe to the Non-Human & AI Identity Journal

SaaS Integration

A SaaS integration is a trusted connection between cloud services that moves data or actions through authenticated APIs. From an identity perspective, each integration creates a non-human access path that needs ownership, scope control, monitoring, and revocation just like any privileged account.

Expanded Definition

SaaS integration is more than a connector or automation. In NHI terms, it is a delegated access relationship between two cloud services that authenticates with secrets, OAuth tokens, service principals, or API keys, and then performs actions on behalf of a business process. Usage in the industry is still evolving, but the security obligation is consistent: every integration introduces a non-human access path that must be owned, scoped, monitored, rotated, and revoked. NIST Cybersecurity Framework 2.0 is useful here because it reinforces the need to govern access, observe behavior, and respond when trust assumptions change, even when the actor is an application rather than a person.

The distinction that matters is between data movement and authority. A SaaS integration may only sync records, or it may create, delete, approve, and export data across systems. Those are very different risk profiles. The most common misapplication is treating an integration as a harmless admin convenience, which occurs when teams grant broad tenant-wide permissions and never assign a clear owner for review or offboarding.

Examples and Use Cases

Implementing SaaS integration rigorously often introduces operational friction, requiring organisations to weigh automation speed against tighter scope control, review cycles, and revocation discipline.

  • A CRM-to-support integration uses an API token to create tickets and read customer records. If the token is over-scoped, the integration becomes an NHI with more access than the business process requires.
  • A procurement workflow connects finance and e-signature tools to move approvals across systems. The control question is not whether the integration works, but whether the token owner, purpose, and rotation schedule are documented.
  • A security team reviews a compromised third-party connector after incidents like the Salesloft OAuth token breach and the BeyondTrust API key breach, where trust in an integration became an access path for attackers.
  • An identity platform team aligns integration onboarding with least-privilege patterns described in NIST Cybersecurity Framework 2.0, then narrows scopes before production release.
  • A reporting job pulls data from SaaS applications into a warehouse. If the job depends on long-lived secrets stored in code, it should be treated as an NHI lifecycle problem, not only an ETL issue.

In practice, the strongest programs treat each integration as an accountable workload identity with a business owner and a technical owner.

Why It Matters in NHI Security

SaaS integrations are often where identity risk hides in plain sight. They are created quickly, spread across departments, and rarely reviewed with the same discipline as human access. That matters because NHIs outnumber human identities by 25x to 50x in modern enterprises, and the resulting attack surface is usually larger than teams expect. The NHI Mgmt Group research on the Ultimate Guide to NHIs shows that only 5.7% of organisations have full visibility into their service accounts, which helps explain why integrations are frequently discovered only during incidents.

This is also where secrets hygiene, privilege design, and revocation discipline converge. A SaaS integration with a stale token can remain active long after the original business need has changed, and a broken offboarding process can leave invisible access in place for months. Aligning with the NIST Cybersecurity Framework 2.0 helps organisations standardise identification, protection, detection, and response for these paths. The lesson is reinforced by incidents such as the Snowflake breach and the Dropbox Sign breach, where trusted access and credential handling were central to the damage. Organisations typically encounter saas integration risk only after a token leak, unexpected data movement, or failed offboarding, at which point the term becomes operationally unavoidable to address.

Standards & Framework Alignment

This section maps relevant standards and security frameworks to the operational risks and controls described in this guidance.

OWASP Non-Human Identity Top 10 address the attack and risk surface, while NIST CSF 2.0 and NIST Zero Trust (SP 800-207) set the governance and control requirements practitioners need to meet.

Framework Control / Reference Relevance
OWASP Non-Human Identity Top 10 NHI-02 Covers secret handling and privilege risks in non-human integrations.
NIST CSF 2.0 PR.AC-4 Maps directly to least-privilege access for service and workload identities.
NIST Zero Trust (SP 800-207) JSON null Zero Trust requires every integration to be explicitly authenticated and continuously evaluated.

Treat each SaaS integration as an untrusted path that must be verified, limited, and monitored continuously.

#1 Authority in NHI Education, Research and Advisory, empowering organizations to tackle the critical risks posed by Non-Human Identities (NHIs), including AI Agents.

Get in Touch

Quick Links

Legal & Policies

©2025 NHIMG. All right reserved.