Snyk AppRisk

Overview

The Snyk AppRisk integration validates connectivity between the Praetorian Guard Platform (PGP) and your Snyk AppRisk environment. It confirms that PGP can authenticate against the Snyk REST API using a provided API token and Group ID.

Important: This integration currently validates connectivity only. It does not import assets, risks, projects, or any other data from Snyk AppRisk into PGP. Its sole purpose is to verify that your credentials and Group ID are valid.

What the Integration Does

When you connect the integration, PGP performs the following steps:

  1. Credential validation — PGP verifies that the API token and Group ID are present and non-empty.

  2. API connectivity test — PGP makes a single authenticated request to GET https://api.snyk.io/rest/groups/{groupID}/issues?version=2024-10-15&limit=10 and checks for an HTTP 200 response.

If the API returns a successful response, the integration is marked as connected. If the request fails or returns a non-200 status code, the integration reports a credential validation error.

No data is imported. Unlike other Snyk integrations (such as Snyk Code), this integration does not enumerate organizations, projects, or issues. It is a connectivity validator only.

Prerequisites

  • A Snyk account with access to Snyk AppRisk

  • A Snyk API token (service account or personal token)

  • Your Snyk Group ID

Creating an API Token

  1. Log in to the Snyk Web UI

  2. Click your account avatar in the bottom-left corner and select Account Settings

  3. Under the General tab, locate the Auth Token section

  4. Click Generate Token (or copy your existing token)

  5. Copy the token — it is displayed only once

For service accounts, create the token via Settings > Service Accounts in your Snyk organization.

Finding Your Group ID

  1. In the Snyk Web UI, navigate to your Group Settings

  2. The Group ID is displayed in the General section, or visible in the URL: https://app.snyk.io/group/{groupID}/...

Setup

  1. In PGP, navigate to Integrations and locate Snyk AppRisk.

  2. Click Integrate.

  3. Enter the following fields and click Connect.

Field

Required

Description

Group ID

Yes

Your Snyk Group ID (UUID format). PGP uses this to target the validation request.

API Token

Yes

A Snyk API token or service account token with access to the target group.

PGP validates credentials by making a test call to GET /rest/groups/{groupID}/issues?version=2024-10-15&limit=10. A successful response confirms connectivity.

Troubleshooting

Issue

Cause

Fix

Validation fails on connect

API token is invalid, expired, or lacks Group-level access

Generate a new token and ensure the account has access to the specified Group

401/403 errors

Insufficient permissions for the Group

Ensure the token owner has at least Group Viewer permissions

Network or timeout errors

Connectivity issue reaching api.snyk.io

Verify network access to https://api.snyk.io from your environment

Security and Data Handling

  • Read-only access — PGP never creates, modifies, or deletes any data in Snyk

  • No data import — This integration validates connectivity only; no assets, risks, or issues are imported

  • Credential handling — Your Snyk API token is stored as an encrypted credential within PGP and is never exposed in logs or the UI after initial entry

  • Authentication — Token-based authentication over HTTPS for every request

Integration type: Connectivity validation. Data direction: None (validation only). Authentication: Token-based.

Need help? Contact our support team for assistance.