: Onboard a Miro App to SSPM
Focus
Focus

Onboard a Miro App to SSPM

Table of Contents

Onboard a Miro App to SSPM

Connect a Miro instance to SSPM to detect posture risks.
For SSPM to detect posture risks in your Miro instance, you must onboard your Miro instance to SSPM. Through the onboarding process, SSPM connects to a Miro API and, through the API, scans your Miro instance for misconfigured settings. If there are misconfigured settings, SSPM suggests a remediation action based on best practices.
SSPM gets access to your Miro instance through OAuth 2.0 authorization. To enable OAuth 2.0 authorization, you first create an OAuth 2.0 application in Miro before onboarding your Miro instance in SSPM. During the onboarding process, you are prompted to log in to Miro and to grant SSPM the access it requires.
To onboard your Miro instance, you complete the following actions:

Collect Information for Connecting to Your Miro Instance

To access your Miro instance, SSPM requires the following application credentials. You will create the OAuth 2.0 application and provide its credentials to SSPM during the onboarding process.
ItemDescription
Client IDSSPM will access a Miro API through an OAuth 2.0 application that you create. Miro generates the Client ID to uniquely identify this application.
Client SecretSSPM will access the Miro API through an OAuth 2.0 application that you create. Miro generates the Client Secret, which SSPM uses to authenticate to this application.
As you complete the following steps, make note of the values of the items described in the preceding table. You will need to enter these values during onboarding to enable SSPM to access your Miro instance.
  1. From SSPM, get a redirect URI. You will specify this redirect URI in the OAuth 2.0 application that you will create in Miro. To get this information, you will begin the onboarding process in SSPM, but you will not complete the process.
    1. From the Add Application page in SSPM ( Posture SecurityApplicationsAdd Application), click the Miro tile.
    2. Under posture security instances, Add Instance or, if there is already an instance configured, Add New instance.
    3. Log in with Credentials.
      A connection page for onboarding a Miro instance is displayed. The Redirect URL field displays the redirect URL value.
    4. Copy the URL and paste it into a text file.
      Do not continue to the next step unless you have copied the redirect URL. You will need to specify this URL later when you are configuring your OAuth 2.0 application.
    5. Because you will not be completing the onboarding process until after you have created your OAuth 2.0 application and gathered the necessary configuration information, return to the Apps Onboarding page.
  2. Identify the administrator account that you will use to create your OAuth 2.0 application.
    (Required Permissions) The OAuth 2.0 application must be created by a Miro administrator assigned to the Company Admin role.
  3. Create your OAuth 2.0 application.
    1. Open a web browser and go to the Miro login page at miro.com/login/.
    2. Log in to the Company Admin account that you identified earlier.
    3. Locate your profile icon and select <profile-icon> Settings.
    4. On your Profile settings page, select Your appsCreate new app.
    5. In the Create new app dialog:
      1. Specify a name and developer team for your app.
      2. Select Expire user authorization token.
      3. Create app.
      Miro displays a page for configuring your app.
    6. The configuration page for your app displays the app credentials (Client ID and Client Secret). Copy these credentials and paste them into a text file.
      Do not continue to the next step unless you have copied the Client ID and Client Secret. You must provide this information to SSPM during the onboarding process.
    7. On the configuration page for your app, locate the Redirect URI for OAuth 2.0 section. Add the redirect URI that you obtained from SSPM to your OAuth 2.0 application.
      Double check that the Expire user authorization token option is selected. You cannot change this option setting here, but should have made this selection in the Create new app dialog.
    8. On the configuration page for your app, locate the Permissions section. Select the following scopes for your app:
      • boards:read
      • organizations:teams:read
    9. Install app and get OAuth token.

Connect SSPM to Your Miro Instance

By adding a Miro app in SSPM, you enable SSPM to connect to your Miro instance.
  1. From the Add Application page ( Posture SecurityApplicationsAdd Application), click the Miro tile.
  2. Under posture security instances, Add Instance or, if there is already an instance configured, Add New instance.
  3. Log in with Credentials.
  4. Enter the application credentials (Client ID and Client Secret) and Connect.
    SSPM redirects you to the Miro login page.
  5. Log in to Miro as a Miro administrator assigned to the Company Admin role.
    Miro displays a consent form that details the access permissions that SSPM requires.
  6. Review the consent form and allow access.
    After you have granted SPPM the access it requires, SPPM will use the Company Admin permissions to scan for misconfigurations across all of your Miro teams.