Skip to main content
Wiz Authentication Guide

How to integrate Wiz for use with Tines

Updated over a week ago

Wiz is the leading cloud infrastructure security platform that enables organizations to rapidly identify and remove the most pressing risks in the cloud. Wiz uses an agentless approach—a single API connector per cloud and Kubernetes environment to scan deep within every cloud resource.

There are two ways to integrate with Wiz in Tines:

Calling the Wiz APIs from Tines

Wiz connect flow (recommended):

  1. Login to your Tines tenant

  2. Navigate to the team that will be using the API and click "Credentials"

  3. Click "+ New Credential" and select "Wiz" and follow the prompts to connect.

Manual credential creation

This method is not recommended as the Wiz connect flow creates this credential with much less complexity. However, if you need to create this credential set manually, see the following steps below:

First, create a Wiz service account

  1. Login to your Wiz account

  2. Create a service account (see the Wiz documentation)

  3. Copy the service account's "Client ID" and "Client Secret" to a text editor

Then, create a Wiz credential in Tines

  1. Click "+ New Credential" and select "HTTP request"

  2. Input the values for the Wiz credential

    1. Name: wiz

    2. Description: Optional

    3. URL:

    4. Content Type: Form

    5. Method: post

    6. Payload: Copy the below object and paste into the "Plain code" section:

      "audience": "wiz-api",
      "client_id": "insert_your_client_id_here",
      "client_secret": "<<secret>>",
      "grant_type": "client_credentials"

    7. Secret: Your Client Secret

  3. Click "Save"

  4. Click "Run request" and double-click on the access_token key to copy the path.

  5. Location of token from response: Paste the path to the token in the value pill, wiz.body.access_token

  6. Metadata:

    1. Paste in your API Endpoint URL from Tenant Info.

      "wiz_api_url": "paste in your wiz API url"
  7. TTL(seconds): 120

  8. Optional

    1. Domains: Ensure this credential can only be used when making HTTP requests to specific domains

    2. Access: What other teams can also use the API

  9. Click "Save"

Your credential should look like the following:

Lastly, test the integration

  1. Create a new Story

  2. Click on "Templates"

  3. Type "wiz issues" in the search bar and drag the "Get All Open Issues (First Call) in Wiz" template onto the storyboard

  4. Click on the template and then click "Run"

  5. If your call is successful, you will see a purple notification with the number 1

Receiving Webhooks from Wiz in Tines

First, create a Webhook action in Tines

  1. Create a new Story

  2. Drag a "Webhook" action onto the storyboard

  3. In the "Build" tab on the configuration panel, copy the "Webhook URL"

  4. Add a Tines integration to your Wiz tenant (see Wiz Documentation)

  5. Once the Tines integration is configured, create a Tines Push integration in Wiz using the Webhook URL copied earlier (see Tines Push integration)

Lastly, test the integration

  1. Manually trigger an action on an issue in Wiz for the Tines Integration created (see Run an action on an issue)

  2. Open your story in Tines.

  3. If your integration is correctly configured, you will receive a green notification with the number 1

  4. (Recommended) After confirming the integration is working, add an Automation Rule in Wiz to automatically send webhooks to Tines for Wiz Issues, Vulnerabilities, Cloud Configuration Findings, etc. when they are generated (see Add an automation rule)

Read about our connect flows here.

More on creating credentials in Tines here.

You can also find a selection of Wiz stories in the story library.

Did this answer your question?