Documentation Index
Fetch the complete documentation index at: https://docs.serval.com/llms.txt
Use this file to discover all available pages before exploring further.
About Obsidian Security
Obsidian Security is a SaaS security and posture management platform that monitors cloud applications (Salesforce, Workday, Slack, etc.) for risky activity, generates intelligence alerts, and tracks posture against compliance standards. Connecting Obsidian Security to Serval enables automated triage of intelligence alerts, account and entity lookups, and posture-driven workflows directly from your service desk.What the Obsidian Security integration enables
| Capability | Description |
|---|---|
| Intelligence alerts | Read security intelligence (alerts) generated by Obsidian, including severity, status, related entities, and recommended remediation actions |
| Account and entity lookup | Query accounts, users, applications, and other SaaS entities tracked by Obsidian across connected services |
| Activity events | Search the activity event stream collected from connected cloud services |
| Posture and compliance | Read posture rules, settings, and compliance reporting state |
| Automation workflows | Automate alert triage, evidence collection, and posture-driven remediation |
Obsidian Security Configuration
Prerequisites
Before connecting Obsidian Security to Serval, you’ll need:- An Obsidian Security tenant
- Permissions to create API access tokens in your Obsidian Security account
- The regional API endpoint that matches your tenant (US, EU, or AU)
Identify your region
Obsidian Security operates three regional API endpoints. Your tenant lives in exactly one of them.| Region | API endpoint |
|---|---|
| US | api.obsec.io |
| EU | api.obsec.eu |
| AU | api.sy.obsec.io |
Create an API access token
Open your Obsidian Security settings
Log in to your Obsidian Security tenant and navigate to Settings → API Access Tokens.
Generate a new token
Click Create token (or Generate new token). Give it a descriptive name such as
Serval Integration.Scope the token
Grant the token read access to the data your Serval workflows will use. For the workflows shipped with this integration, that includes:
- Intelligence (alerts)
- Accounts / users / entities
- Connected services
- Events
You can scope the token more narrowly if your workflows only need a subset. Workflows that try to read data the token can’t access will fail at runtime with a permission error.
Serval Configuration
Connect Obsidian Security to Serval
- In Serval, go to Apps → Available → Obsidian Security → Connect
-
Enter the following information:
Field Description Region The regional API endpoint matching your tenant (US, EU, or AU) API Token The bearer token generated in Obsidian Security under Settings → API Access Tokens - Click Save
Verify the connection
After saving, run the integration’s healthchecks to confirm everything works end-to-end:- Validate Obsidian Security API connection — confirms the token can reach Obsidian’s GraphQL endpoint
- List connected services — confirms the token can enumerate Obsidian-connected cloud services
- List accounts — confirms entity-catalog access
- List intelligence alerts — confirms alert-stream access
Obsidian Security tokens are region-bound. A token generated in your US tenant will not authenticate against
api.obsec.eu. Make sure the region you select matches the tenant where the token was created.Need help? Contact support@serval.com for assistance with your Obsidian Security integration.