Veeva Vault Integration with Grip Security - Posture (SSPM)

  • Updated on Jan 1, 2026
  • Published on Jan 1, 2026
  • 2 minute(s) read
  • nT
 Prev Next

Overview

This guide explains how to connect Veeva Vault with Grip Security.

Integrating with Grip’s SSPM module enables Grip to assess critical security settings, including access control, configuration baseline, and other relevant aspects within your Veeva Vault platform environment.

To connect Veeva Vault to Grip, you will need to create an OAuth 2.0 / OpenID Connect profile and provide Grip with the following connection details:

  • OAuth OIDC Profile ID

  • Vault DNS (Vault ID URL)

  • Client ID

  • Access Token URL

Important.

If you encounter any issues connecting Veeva with Grip, please don't hesitate to contact our support team.

Create an OAuth 2.0 / OpenID Connect profile

  • Log in to the administrator account, navigate to Settings (1) » OAuth 2.0/ OpenID Connect Profiles (2)

  • Click on Create (3)

  • Enter a Label and Name for the profile (4).

  • Select 'Active' as the profile status.

  • Optional: Add a description of the profile.

Under OAuth 2.0 / OpenID Connect Configuration (5)

  • Set the Authorization Server Provider to your selected provider, or choose Other if it's not listed.

  • You can also uncheck the Perform strict Audience Restriction validation box.

  • Enter information for AS Metadata. All OpenID Connect providers have a URL ending with /.well-known/openid-configuration, which contains this metadata.

For example:

  • Okta: https://{OKTA_INSTANCE}.okta.com/.well-known/openid-configuration

  • Azure: https://login.microsoftonline.com/{TENANT}/v2.0/.well-known/openid-configuration

Use this metadata to set up AS Metadata by clicking the Upload AS Metadata button (6) and choosing the Provide Authorization Server Metadata URL option.

  • Click Save.

  • The created profile is now displayed.

  • Copy the Vault Session ID URL; you will need it when connecting to Grip.

Connect Veeva Vault to Grip SSPM

From the Grip platform, go to Posture management » Click on Add Tenant (1) » Veeva Vault (2)

In the Add VeevaVault Tenant window (3), enter the following details:

Display name

Give the configuration a name

OAuth OIDC Profile ID

OIDC profile ID generated by Veeva when creating a new OIDC profile.

To configure the OIDC profile ID, use the ID in your OIDC profile in Veeva. Your OIDC profile contains a Vault Session ID URL, for example, https://login.veevavault.com/auth/oauth/session/_00000000-aaaa-bbbb-cccc-111111111111, in which _00000000-aaaa-bbbb-cccc-111111111111 is the OIDC profile ID. Use this value for the OIDC Profile ID field.

Vault DNS (Vault ID URL)

Veeva Vault instance URL you copied in the previous step

Client ID

  • The application's registered client ID in the OAuth2 provider.

  • This is assigned by the authorization server when you register your app. (veeva-vault-{connection api_name__sys}..

    Access Token URL

    OAuth 2.0 token URL, such as https://{your-instance}/as/token.oauth2.

  • Once connected, the Tenant will be added to the Connected Tenants under Posture Management.

  • There, you can view and filter your policy statuses, assess your security posture, and address any issues.  

 

Related articles