• Documentation
    • Search documentation
    karat

    +

    K

    API Reference ↗
    Security & governanceThird-party applicationsFoundry third-party application & API guidance
    Feedback

    Foundry third-party application & API guidance

    Foundry’s third-party application authentication and authorization features enable non-Foundry applications and scripts to interact securely with Foundry’s APIs. The core of these features is OAuth2 support for external applications. This document provides guidance of how Palantir recommends these features to be used, as well as examples of potentially inappropriate uses.

    By authorizing third-party applications and APIs, users agree to follow the appropriate use terms as mutually agreed to in writing between Palantir and the customer. Contact your Palantir representative if you have any questions regarding your intended use or if you are unsure whether your plans are appropriate, safe, or secure.

    Appropriate uses

    • Replacing service user accounts
      • The OAuth2 Authorization Code Flow allows external applications to act on behalf of an individual Foundry user. This ensures that permissions are correct and that there is a clear audit path. Using the OAuth2 flow also ensures that the user has explicitly granted the application access to take actions on their behalf, again providing a clear audit path.
      • We strongly recommend that existing applications that use a service account to perform actions in Foundry move to the OAuth2 Authorization flow where possible.
    • Interfacing with external systems
      • Example: An application that watches for changes in an internal customer system and performs actions in the Foundry Ontology.
    • Custom applications for specific user workflows
      • Example: A mobile phone application that interacts with Foundry’s Ontology and Actions APIs to provide a streamlined UX for a critical workflow.
    • Monitoring or control of Foundry pipelines or workflows
      • Example: An application which connects to Foundry’s monitoring and data health APIs to assess the state of critical pipelines and allows its users to trigger builds where needed.

    Inappropriate uses

    The integration of third-party applications and the use of Foundry APIs presents risks to data security and should only be undertaken with a clear understanding of the technical and contractual considerations. When scoping a development project that accesses data or undertakes actions on behalf of a user, contact your system administrator to determine if your plans are appropriate, safe, and secure and in compliance with the Foundry appropriate use terms.

    The examples below outline representative scenarios where the inappropriate usage of APIs to access data or perform actions can compromise the integrity or security of data managed in Foundry.

    • Circumventing data controls
      • Example: Reading data with one user’s token and writing back with another.
      • Foundry has advanced and fine-grained user authorization features. Sharing data between user accounts in your application could circumvent these controls.
      • It is important you keep the use of individual Foundry accounts fully isolated. You must not access data with one user's tokens and allow another user to read, discover, write, or in any way interact with that data. If you wish to allow users to share data, this should be done in Foundry, not in the third-party application.
    • Performing actions without user understanding and consent.
      • Your application must not deceive your users. Your application must clearly and accurately describe what actions it is performing when using a Foundry user’s account.
      • Your application must request the minimum set of roles and permissions it needs to perform its function, and no more. It must also make it clear to your users when actions will be performed in Foundry, and what those actions will do.
      • Any unclear, unexpected, malicious or damaging application behavior is forbidden.
    • Retrieving or storing of data outside of Foundry without consideration for access control.
      • Foundry’s customers rely on Foundry to safely store critical data; your application must respect the sensitivity and value of this data and retrieve the minimum set of data that it needs to perform its function.
      • Your application should also avoid storing or caching data retrieved from Foundry if possible. One potential exception to this could be offline caching, but care should be taken and clear user consent received.
      • If Foundry data is moved into another data storage system, acknowledge that it will no longer be access controlled or audited in accordance to your organization's configurations for data protection within Foundry.