--- title: Harness API Integration on Truto slug: harness category: CI/CD canonical: "https://truto.one/integrations/detail/harness/" --- # Harness API Integration on Truto **Category:** CI/CD **Status:** Generally available ## Unified APIs ### Unified User Directory API - **Me** — - **Roles** — The Role object represents a role of a User. - **Users** — The User object represents a User. ## How it works 1. **Link your customer's Harness account.** Use Truto's frontend SDK; we handle every OAuth and API key flow so you don't need to create the OAuth app. 2. **Authentication is automatic.** Truto refreshes tokens, stores credentials securely, and injects them into every API request. 3. **Call Truto's API to reach Harness.** The Proxy API is a 1-to-1 mapping of the Harness API. 4. **Get a unified response format.** Every response uses a single shape, with cursor-based pagination and data in the `result` field. ## Use cases - **Correlate deployments with production incidents** — Incident management and observability SaaS products can query Harness to retrieve recent pipeline executions and deployment events, letting their users instantly determine whether a bad deploy caused an outage and trigger rollbacks directly from the incident timeline. - **Calculate DORA metrics from deployment data** — Developer productivity platforms can ingest pipeline execution history from Harness to compute Deployment Frequency, Lead Time for Changes, and Change Failure Rate — giving engineering leaders a unified velocity dashboard without manual data exports. - **Gate production releases on external security scan results** — Application security SaaS tools can push vulnerability findings into Harness STO and programmatically approve or reject pipeline stages, ensuring risky code never reaches production without the security team's sign-off. - **Sync user and role data for access governance** — Identity governance and compliance platforms can pull users and roles from Harness via Truto's Unified User Directory API to audit who has deployment permissions, detect over-privileged accounts, and enforce least-privilege policies across the DevOps toolchain. - **Automate feature flag targeting from product events** — Product analytics and onboarding SaaS tools can manage Harness Feature Flag target groups programmatically — enrolling users in beta cohorts or rolling out features based on billing tier, experiment assignment, or CRM signals. ## What you can build - **Deployment-aware incident timeline** — Automatically enrich incident tickets with the most recent Harness pipeline executions and environment details so responders can pinpoint deployment-triggered regressions in seconds. - **Unified DORA metrics dashboard** — Aggregate pipeline execution statuses and timestamps from Harness alongside data from other CI/CD tools to present a single pane of engineering performance metrics. - **Cross-platform user and role audit report** — Pull Harness users and roles through Truto's Unified User Directory API alongside other DevOps tools to generate a consolidated access review for SOC 2 or ISO 27001 compliance. - **Security-gated release automation** — Ingest third-party DAST/SAST scan results into Harness STO and automatically block or approve pipeline stages based on vulnerability severity thresholds. - **Event-driven feature flag enrollment** — Trigger Harness Feature Flag target group updates from CRM, billing, or product analytics events so new beta users get access without manual configuration. - **One-click deployment rollback from external tools** — Expose a rollback action inside your SaaS product that programmatically triggers a Harness rollback pipeline when anomalous metrics or user-reported issues are detected. ## FAQs ### What Unified APIs does Truto support for Harness today? Truto currently supports the Unified User Directory API for Harness, covering Me, Users, and Roles resources. This lets you read user profiles and role assignments through a standardized schema. Additional tools and unified API coverage can be built on request. ### How does authentication work for the Harness integration? Harness uses API key authentication via the x-api-key header. Your end users generate a personal or service account API key in their Harness account settings, and Truto securely stores and manages the credential so you never handle raw keys yourself. ### Can Truto handle Harness's multi-level resource hierarchy (account, org, project)? Yes. Harness scopes most resources under an Account, Organization, and Project hierarchy. Truto manages the required scope identifiers as part of the connection configuration, so API calls are automatically scoped to the correct level. ### What if I need pipeline execution data or feature flag management that isn't in the Unified API yet? Truto builds new tools and proxy endpoints on request. You can work with the Truto team to add coverage for pipeline executions, deployment logs, STO ingestion, feature flag management, or any other Harness API resource your product requires. ### Are there rate limit considerations for the Harness API? Harness enforces rate limits that vary by plan tier and API endpoint. Truto handles retry logic and backoff automatically, so transient rate limit responses don't surface as errors in your application. ### Can my end users connect Harness Self-Managed (on-prem) instances, or only Harness SaaS? Truto supports custom base URLs, so end users running Harness Self-Managed Edition can point their connection to their own instance URL. Both SaaS and self-managed deployments are supported.