Skip to main content

Capabilities

The Seismic connector syncs the following resources:
Content licenses (Business, Premium, Partner) are derived from the SCIM userType field on each user, not from a dedicated API endpoint. License assignment is read-only — license changes typically require admin action in the Seismic console. Users with userType="NonSeismic" (e.g. system or external accounts) hold no content license and receive no license grant.

Gather Seismic credentials

To configure the Seismic connector, you need System Administrator permissions in Seismic.
1
Go to the Seismic App Registration Portal and log in with your tenant admin credentials.
2
Click + Create an App, enter an app name, then click Create app.
3
On the app details page, toggle Authentication on (it is disabled by default). Select OAuth2 - Client Credentials as the authentication flow. Seismic implements this as the Client Credentials with User Delegation flow — it is the only client-credentials variant Seismic documents.
4
In the Delegation user selected callback field, enter an HTTPS URL that can receive a one-time POST from Seismic. The connector itself does not run a callback server — this URL is triggered only once, when a tenant admin enables the app and selects the delegated user. Seismic POSTs a JSON payload containing delegationUserId to it at that moment.
Seismic requires a valid HTTPS callback URL before it will generate your Client ID and Client Secret.The script below starts a local receiver and exposes it over HTTPS with no account or deployment required. Requirements: Python 3 and SSH (both available by default on macOS and Linux; on Windows use WSL or Git Bash).Terminal 1 — start the local receiver:
callback_receiver.py
Terminal 2 — expose it over HTTPS:
localhost.run prints an HTTPS URL such as https://xxxxxxxx.lhr.life. Paste that URL into the Seismic callback field and proceed to the next step. When Seismic fires the callback, Terminal 1 prints the delegationUserId and exits.
Do not use public webhook inspection services (e.g. webhook.site, requestbin.com). The delegationUserId is a credential — combined with your client ID and secret it can be used to generate API tokens. Sending it to a service that stores and displays payloads publicly exposes it to anyone who obtains the URL.Note that localhost.run is a third-party SSH tunnel: traffic transits their servers in transit but is not stored or displayed publicly. For security-sensitive environments, use a self-hosted endpoint (e.g. an AWS Lambda function URL or Cloudflare Worker on infrastructure you control) instead.
5
Assign the following scopes to the app registration:
  • seismic.user.view — required for syncing users, groups, and group members
  • seismic.user.manage — required for provisioning (create/delete users, grant/revoke group membership and role assignments)
  • seismic.reporting — required for syncing platform roles
For sync-only deployments, assign seismic.user.view and seismic.reporting. For sync + provisioning deployments, assign all three scopes.
Adding or removing scopes after saving generates a new app version with a new Client ID. Finalize your scope selection before copying credentials.
6
Click Generate in the credentials section to create the Client Secret. Copy both the Client ID and Client Secret and store them securely. The Client Secret cannot be retrieved again after you leave this page.
7
In the Seismic web app, navigate to Admin Settings > My Apps, locate your app, and click Enable App in Seismic. A consent modal appears — select the user who will act as the delegated user, then confirm. Seismic will POST a JSON payload to the callback URL you entered earlier.Check the endpoint you set up — the incoming POST body contains delegationUserId. Copy that exact value; it becomes the connector’s Seismic Delegation User ID configuration field.
8
Identify your Seismic tenant name (the subdomain from your login URL, e.g., acme if you access acme.seismic.com). The connector uses this to build the OAuth2 token endpoint URL automatically: https://auth.seismic.com/tenants/{tenant}/connect/token.

Configure the Seismic connector

Follow these instructions to use a built-in, no-code connector hosted by C1.
1
In C1, navigate to Integrations > Connectors and click Add connector.
2
Search for Seismic and click Add.
3
Choose how to set up the new Seismic connector:
  • Add the connector to a currently unmanaged app
  • Add the connector to a managed app
  • Create a new managed app
4
Set the owner for this connector.
5
Click Next.
6
Find the Settings area of the page and click Edit.
7
Enter the required configuration:
  • Seismic Client ID: OAuth2 Client ID from the app registration
  • Seismic Client Secret: OAuth2 Client Secret from the app registration
  • Seismic Tenant: Your Seismic tenant identifier (used to build the OAuth2 token endpoint URL https://auth.seismic.com/tenants/TENANT/connect/token)
  • Seismic Delegation User ID: the delegationUserId your app received on the Delegation user selected callback when the tenant admin assigned the delegated user
8
Click Save.
9
The connector’s label changes to Syncing, followed by Connected. You can view the logs to ensure that information is syncing.
Done. Your Seismic connector is now pulling access data into C1.

All versions of this connector are available at dist.conductorone.com.