List entity context sync configurations

v2 (latest)

Note: This endpoint is in preview and is subject to change. If you have any feedback, contact Datadog support.

GET https://api.ap1.datadoghq.com/api/v2/security_monitoring/configuration/integration_confighttps://api.ap2.datadoghq.com/api/v2/security_monitoring/configuration/integration_confighttps://api.datadoghq.eu/api/v2/security_monitoring/configuration/integration_confighttps://api.ddog-gov.com/api/v2/security_monitoring/configuration/integration_confighttps://api.us2.ddog-gov.com/api/v2/security_monitoring/configuration/integration_confighttps://api.datadoghq.com/api/v2/security_monitoring/configuration/integration_confighttps://api.us3.datadoghq.com/api/v2/security_monitoring/configuration/integration_confighttps://api.us5.datadoghq.com/api/v2/security_monitoring/configuration/integration_config

Overview

List the entity context sync configurations for Cloud SIEM. Each configuration connects Cloud SIEM to an external source that provides entities (for example, users from an identity provider) for use in signals and the entity explorer. This endpoint requires the integrations_read permission.

OAuth apps require the integrations_read authorization scope to access this endpoint.

Arguments

Query Strings

Name

Type

Description

filter[integration_type]

enum

Filter the entity context sync configurations by source type.
Allowed enum values: GOOGLE_WORKSPACE, OKTA, ENTRA_ID

Response

Response containing a list of entity context sync configurations.

Expand All

Field

Type

Description

data [required]

[object]

The list of integration configurations.

{
  "data": [
    {
      "attributes": {
        "created_at": "2026-05-01T12:00:00Z",
        "domain": "siem-test.com",
        "enabled": true,
        "integration_type": "GOOGLE_WORKSPACE",
        "modified_at": "2026-05-01T12:00:00Z",
        "name": "My GWS Integration",
        "settings": {
          "setting1": "value1"
        },
        "state": "valid"
      },
      "id": "11111111-2222-3333-4444-555555555555",
      "type": "integration_config"
    }
  ]
}

Not Authorized

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{
  "errors": [
    "Bad Request"
  ]
}

Too many requests

API error response.

Expand All

Field

Type

Description

errors [required]

[string]

A list of errors.

{
  "errors": [
    "Bad Request"
  ]
}

Code Example

                  # Curl command
curl -X GET "https://api.ap1.datadoghq.com"https://api.ap2.datadoghq.com"https://api.datadoghq.eu"https://api.ddog-gov.com"https://api.us2.ddog-gov.com"https://api.datadoghq.com"https://api.us3.datadoghq.com"https://api.us5.datadoghq.com/api/v2/security_monitoring/configuration/integration_config" \
-H "Accept: application/json" \
-H "DD-API-KEY: ${DD_API_KEY}" \
-H "DD-APPLICATION-KEY: ${DD_APP_KEY}"

                

List entity context sync configurations

Overview

Arguments

Query Strings

Response

Code Example

List entity context sync configurations

How can I help you today?