Drata

This documentation for the Drata integration describes the technical capabilities of this integration, including authorization, scopes/permissions, and utilized endpoints. For more information on how to integrate Drata, visit our connection instructions.

Version

This integration utilizes the Drata Public API.

Base URL

The base URL used for all Drata API endpoints:

https://public-api.drata.com

---

Authentication & Authorization

The DataGrail Drata integration connects using token authentication which requires an API Key.

Sensitive Credentials

Publicly exposing your API credentials can allow unauthorized access to Drata API endpoints by a third party. DataGrail stores your API credentials encrypted and protected.

Endpoints Utilized

DataGrail uses the following endpoints to authorize and test the connection:

Method	Endpoint	Purpose	Docs
GET	/public/connections	Validate credentials

Limits

Limits in Drata are calculated using the leaky bucket algorithm. All requests that are made after rate limits have been exceeded are throttled and an HTTP 429 Too Many Requests error is returned. Requests succeed again after enough requests have emptied out of the bucket.

• DataGrail supports requests throttling to stay within 70-80% of specified service rate limits.
• DataGrail processes API responses with HTTP 429 status to interrupt requests, waiting and retrying (using an exponential backoff strategy).

---

Capabilities

System Detection

DataGrail provides continuous system detection, delivering a real-time inventory of your data assets.

Data Interactions

DataGrail's System Detection process runs once daily and reads managed connections to detect new systems added in Drata:

Fetch properties for the managed connections:

• clientType
• connectedAt
• accountId
• clientId
• connected
• state
• user
• providerTypes

Endpoints Utilized

Method	Endpoint	Purpose	Docs
GET	/public/connections	List managed connections

---