Mondoo
Docs
Manage MondooManage Access to MondooGrant Services, Scripts, and Apps Access to Mondoo

Grant Services, Scripts, and Apps Access to Mondoo - Overview

Configure service accounts, identity providers, and API tokens for automated and programmatic Mondoo access.

When something other than a person needs to talk to Mondoo (a CI pipeline, an agent, a script, an integration), it needs its own credentials. Choose the option that fits:

  • Service accounts: the most common choice. Returns a JSON credential file that cnspec, CI/CD pipelines, and integrations can use.
  • API tokens: bare bearer tokens for direct calls to the Mondoo GraphQL API.
  • Workload identity federation (WIF): keyless authentication backed by an external identity provider (AWS, Azure, Google Cloud, GitHub Actions, or any OIDC provider). No long-lived secrets to store or rotate.

Manage Access with Okta

Enable Okta SSO authentication and SCIM 2.0 user management for centralized Mondoo access control.

Manage API Tokens

Create API tokens to authenticate with Mondoo's GraphQL API for custom integrations and automation.